Let's compare our 13.56mHz antennas!

rleroy · 2009-07-14 15:32:00

Hi everybody,

Since I began to do some ISO-14443b work, I noticed that my antenna is very sensitive to the location of where it's placed, and that it needs a fair amount of mV to successfully snoop a communication.

I decided to start this topic so people can share their antennas setup and the antenna tuning with the rest of the people. Then, maybe I will benefits from the setup of somebody else, or maybe somebody else will benefit from my setup!

To begin, here is the shape of my 13.56mHz antenna (the hands are quite hairy, they are not mine btw :-):

And here is the tuning that I was able to achieve (old version of 'tune', I know ... ;-)):

> tune
# LF antenna @   0 mA /     0 mV [1273 ohms] 125Khz
# LF antenna @   0 mA /     0 mV [1187 ohms] 134Khz
# HF antenna @  54 mA / 12697 mV [235 ohms] 13.56Mhz

samy · 2009-07-14 19:14:48

My, what a big antenna you have!

Sweet tuning, I get about half of that voltage, though I haven't played with HF cards yet. I have a Mifare Plus glaring at me, I can hear it saying "just try me"

rleroy · 2009-07-14 19:24:12

Indeed, it is very big! Well, the length of the antenna is not that important, so I could make it shorter, and probably will in the near future. As I've noticed from my tests, what's important is the coil's size and shape...

ryan · 2009-07-15 21:51:16

I tried to replicate what you did (using a hirose cable just like yours) and I can't seem to get it anywhere close to what you're getting. I can get about 12.5v max. Are you sure the total length of wire has nothing to do with it? Do the wires coming off of the coil have to be exactly the same length?

-ryan

rleroy · 2009-07-15 22:04:27

If you receive 12.5v steady, it's very good, and its very near my 12.6v, and it would probably not make any difference if you try to sniff a 13.56mhz communication ...

0.1v does not make a real difference... But if you don't receive a 12.5v steady with your setup, now you may have a design problem or something and we may look into it

ryan · 2009-07-15 22:09:05

Woops. Sorry. I mixed up the mA value with the voltage value because of the different format of our tune commands. I was under the impression you were getting 54v. I thought I was pretty inept at antenna building for a sec there.

rleroy · 2009-07-15 22:48:42

That would be sweet A 54v antenna, I could read across the sea a 13.56mhz communication

jonor · 2009-09-17 21:59:00

This example antenna http://code.google.com/p/proxmark3/wiki/Antennas is good for sniffing ISO14443A/B ?

Baquinjam Palas · 2009-11-11 21:20:07

A nice and very easy to build antenna:

>> Started prox, built Jul 13 2009 01:21:29
>> Connected to device
> tune
# LF antenna @ 0 mA / 0 mV [1273 ohms] 125Khz
# LF antenna @ 0 mA / 0 mV [1187 ohms] 134Khz
# HF antenna @ 57 mA / 13567 mV [235 ohms] 13.56Mhz

I hope that it be useful for someone.

Regards.

rleroy · 2009-12-02 22:00:36

Baquinjam Palas, that is some fantastic tune values that you are getting there! I rarely made it past the 13000mv...

Compared to 125khz, I will always be fascinated about how the antenna design can be casually built, and still offer great performance.

What kind of wire did you take? Is it hooked up on the tests points or via hirose?

Maybe it will be easier to sniff 13.56mhz with that ...

henryk · 2009-12-02 22:50:06

What strangely small antennas you all seem to have ...

# HF antenna: 14.40 V @    13.56 MHz

I mostly followed the instructions from http://code.google.com/p/proxmark3/wiki/Antennas, except that I didn't have the hirose-to-usb cable, but instead used the wires from an old USB cable (hence the different colors, my red is their black and my white is their green) and bought a separate hirose connector and attached it. In the image, at approx 10 o'clock you can see the point where I soldered my wires together.

rleroy · 2009-12-03 03:09:13

I originally tried to make the antenna big like yours henryk, but I never received good values from the tune command. So I shrinked it until it was small like in the pictures.

That is interesting because you just proved me that Roel's original antenna design is good.

Consequently, the RF field is probably much larger and will be easier to sniff ISO14443[A,B].

Baquinjam Palas · 2009-12-03 12:58:59

I use cable with only one fine wire and three turns; hoocked to test points.

Dimensions:

length: 5,5 cm.
width: 2,5 cm and 1,2 cm.

Regards.

danymag · 2010-01-02 22:53:44

I just got my proxmark and had my try with a HF antenna. At first I soldered some wires to the test points and tried attaching the antenna at the end of the wires but nothing got me past 8V. I still have the LF connected that way by the way.

With the Hirose cable I starded with the instructions at http://code.google.com/p/proxmark3/wiki/Antennas but that was only 4V so finally got to this:
HF Antenna

# HF antenna: 12.05 V @    13.56 MHz

When putting an unknown card (possibly Calypso) on top of the antenna, I get a drop of ~4.3V which I suspect is good:

# HF antenna:  7.70 V @    13.56 MHzz

rleroy · 2010-01-03 04:25:06

Hello everybody,

I've been playing with 13.56MHz antennas for quite a bit of time now. These antennas are built on Roel's design available at the following URL:

http://code.google.com/p/proxmark3/wiki … se_antenna .

What I've found is that many people followed the ideas found in the PDF, but very few actually obtained the voltage mentionned inside Roel's instructions, which is around 13V. Some people are getting values below 4v with this antenna:
- me (rleroy);
- danymag;
- eletari.

But some people are getting values of 13V and more:
- henryk (14.4V);
- roel.

I think that this difference might be caused by the difference in the C35/C36 capacitors value that make the RLC circuit. From what I can read inside the post at the following URL http://www.proxmark.org/forum/topic/133 … 35-value/, there might be some misunderstanding regarding the right capacitor to use.

What are your ideas on that?

Last edited by rleroy (2010-01-03 04:25:44)

henryk · 2010-01-03 14:38:34

Yes, there is definitely something going on with the board. 26C3 gave me the opportunity to try my 13.56MHz antenna with a different board (the ones sold in the basement) and there I'm 'only' getting 12V with my antenna.

bushing · 2010-01-03 17:43:40

henryk wrote:

Yes, there is definitely something going on with the board. 26C3 gave me the opportunity to try my 13.56MHz antenna with a different board (the ones sold in the basement) and there I'm 'only' getting 12V with my antenna.

For the record, I've mostly used a hand-wound 13.56MHz antenna for my tests, and for that I got in the 13v range.

Before we found the right cables, I tried making an antenna out of the only Hirose cable I could find -- one shorter than Roel suggested (60cm). I eventually got it to work, but only got like 5-7v out of it, and the loop was fairly small, diameter of 3-4cm. Can you measure your antenna and give us the dimensions of the loop and the distance between the loop and the connector?

BTW, C35 on the 26C3 units is 47pF.

rleroy · 2010-01-03 18:24:06

Very interesting guys.

I can now deduce the following based on your experience:

26C3 board:
C35 capacitor value: 47pF
Antenna model: Roel's design
Voltage: 12V

henryk's board:
C35 capacitor value: ???
Antenna model: Roel's design
Voltage: 14.4V

rleroy board:
C35 capacitor value: 100pF
Antenna model: Roel's design
Voltage: 2-4V

danymag board:
C35 capacitor value: 100pF
Antenna model: Roel's design
Voltage: 4V

Multiple PM3 boards have different values for C35 ... Maybe it's part of the problem ... And maybe in the future we can nail down which is the best capacitor to use, and what kind of antenna works best with what kind of capacitor currently installed on the board ...

henryk, what is the value of your C35 capacitor ?

Thanks,

Last edited by rleroy (2010-01-04 14:52:57)

henryk · 2010-01-03 21:58:06

I have no idea. It's not marked or anything. Here's a picture: http://www.ploetzli.ch/forumtst/proxmark_capacitors.jpg (warning: big).

d18c7db · 2010-01-03 22:34:29

Yeah it's not easy to get the value of a SMD cap once you've soldered it to the board. They're not marked and you can't measure their capacitance as the rest of the connected circuit messes with the reading.

The original schematics have a 47pf capacitor so not sure why some people have made boards with 100pf. In any case there is no such thing as a "best capacitor" in rleroy's words . The cap (C) and the coil (L) form an LC circuit and these values together determine the resonant fequency.

So while you could pick any C value that works best for your particular L in your experimental setup, there is a good reason to standardise on on particular C value, say 47pf for example and make antennas (L) tuned for that C. This way antennas are interchangeable and they will work with any board that has the same C value.

bushing · 2010-01-03 22:45:35

I almost made some prototype antennas from this design, but I can't figure out why there are three pins on the connector -- can someone enlighten me? http://www.proxmark.org/files/index.php … NT1356.zip

Is there any reason we can't make a PCB antenna that supports both frequencies? That seems like the easiest solution, and the LF antenna PCB design seems to work well enough.

d18c7db · 2010-01-03 23:05:52

That antenna is tailored for a PN53x chip. That particular chip has an output stage that has two drivers and a common point hence the three pins. Think of it as two loop antennas sharing a common ground. o-uuu-o-uuu-o where the o are the pins and u are coils

rleroy · 2010-01-04 02:20:09

henryk wrote:

I have no idea. It's not marked or anything. Here's a picture: http://www.ploetzli.ch/forumtst/proxmark_capacitors.jpg (warning: big).

henryk, did you bought your proxmark on www.proxmark3.com or did you do it yourself?

d18c7db wrote:

Yeah it's not easy to get the value of a SMD cap once you've soldered it to the board. They're not marked and you can't measure their capacitance as the rest of the connected circuit messes with the reading.

d18c7db, I totally agree I initially tried to locate where C35 was, I found it, and I noticed that it was not possible to get the value just by looking at it. However, since my proxmark3 comes from proxcat (http://www.proxmark3.com), I know that my proxmark was built with a 100pF capacitor because I asked him. As a consequence, everybody who owns a proxmark3 from proxmark3.com should consider this fact when building their antenna.

d18c7db wrote:

The original schematics have a 47pf capacitor so not sure why some people have made boards with 100pf.

I don't know neither!

d18c7db wrote:

In any case there is no such thing as a "best capacitor" in rleroy's words. The cap (C) and the coil (L) form an LC circuit and these values together determine the resonant fequency.
So while you could pick any C value that works best for your particular L in your experimental setup, there is a good reason to standardise on on particular C value, say 47pf for example and make antennas (L) tuned for that C. This way antennas are interchangeable and they will work with any board that has the same C value.

You are right.

What I'm trying to say is that Roel's antenna is better than the one I achieved at the beginning of this post (the one with 3cm diameter) because Roel's antenna is way bigger. The fact that it's bigger is better for sniffing (I think) because if you put the "tag" inside the big ring, it will be easier to sniff, because the field is really strong inside the circle.

Although people can either use the 3cm diameter antenna or Roel's antenna for emulating a tag, I "think" there is an advantage to gain when using Roel's antenna (at least when sniffing ISO14443b).

danymag · 2010-01-04 05:24:46

rleroy wrote:

However, since my proxmark3 comes from proxcat (http://www.proxmark3.com), I know that my proxmark was built with a 100pF capacitor because I asked him.

OK, so then mine is also with a 100pF capacitor (board also from proxcat). That's why Roel's design didn't work for me.

From now on, people should state what the C35 value is or where they got the board from when posting antenna designs.

rleroy · 2010-01-04 14:54:11

danymag wrote:

From now on, people should state what the C35 value is or where they got the board from when posting antenna designs.

I agree that people should take into consideration the value of their C35 capacitor when referring to 13.56MHz antennas.

bushing · 2010-01-06 23:46:39

rleroy wrote:

d18c7db wrote:
The original schematics have a 47pf capacitor so not sure why some people have made boards with 100pf.
I don't know neither!

I think one of the BOMs floating around had a 100pF part, and so that could explain why it was placed.

For anyone with a board with a 47pF capacitor who wants to try to see if their tuning improves with a higher capacitance, you could get another 47pF cap and solder it into the blank footprint for C36 -- that'd bring you up to 94pF (approx.)

d18c7db wrote:

That antenna is tailored for a PN53x chip. That particular chip has an output stage that has two drivers and a common point hence the three pins. Think of it as two loop antennas sharing a common ground. o-uuu-o-uuu-o where the o are the pins and u are coils

Yeah, I got that part eh ... let me split this off into a separate thread.

rleroy · 2010-01-08 05:50:07

d18c7db wrote:

The original schematics have a 47pf capacitor so not sure why some people have made boards with 100pf. In any case there is no such thing as a "best capacitor" in rleroy's words smile. The cap (C) and the coil (L) form an LC circuit and these values together determine the resonant fequency.

bushing wrote:

For anyone with a board with a 47pF capacitor who wants to try to see if their tuning improves with a higher capacitance, you could get another 47pF cap and solder it into the blank footprint for C36 -- that'd bring you up to 94pF (approx.)

I'm all mixed up again. I thought that d18c7db said that the capacitance value didn't really matter because a capacitor combined with the proper antenna will provide the same power as another capacitance with its proper antenna???

Last edited by rleroy (2010-01-08 05:50:25)

bushing · 2010-01-08 06:19:10

rleroy wrote:

I'm all mixed up again. I thought that d18c7db said that the capacitance value didn't really matter because a capacitor combined with the proper antenna will provide the same power as another capacitance with its proper antenna???

Right. By applying some math (which I don't really understand), you can take the design of an antenna, and determine the correct value of the capacitor on the PM3 to match the design of your antenna and give optimum performance (= highest value reported by the 'tune' command). So, if you want to try to improve the performance of your antenna, you can either modify the antenna while keeping the tuning capacitor constant, or keep the shape/size of the antenna constant while you change the capacitance on the PCB. (Or, more likely, you try some of both ... there's probably some optimum value of each, but you'll go insane trying to find it.)

The design of the PCB has C35 and C36 in parallel just for this reason -- so you can easily solder a capacitor to the empty C36 to increase the value of the capacitance on the PCB. It could be argued that having a lower value (like 47pF) for C35 is better than 100pF, if for no other reason than it's much easier to increase the capacitance (by soldering more caps in parallel) than it is to decrease it (which would require desoldering the existing parts). Does that make sense? It's a lot of words to say that it's easier to start low and increase the capacitor value if you decide you need to.

rleroy · 2010-01-08 07:45:25

OK, that's why I thought It's logical to start with a small capacitor, you are right. And maybe C36 can be a variable capacitor so it's easier to tune ...

I've put some documents regarding building 13.56MHz antennas for RFID applications in the upload directory of the site. I think it's a good thing to share them with everyone, they are public anyway ... They might be more useful to other people than to me

Proxmark3 community

Announcement

#1 2009-07-14 15:32:00

Let's compare our 13.56mHz antennas!

#2 2009-07-14 19:14:48

Re: Let's compare our 13.56mHz antennas!

#3 2009-07-14 19:24:12

Re: Let's compare our 13.56mHz antennas!

#4 2009-07-15 21:51:16

Re: Let's compare our 13.56mHz antennas!

#5 2009-07-15 22:04:27

Re: Let's compare our 13.56mHz antennas!

#6 2009-07-15 22:09:05

Re: Let's compare our 13.56mHz antennas!

#7 2009-07-15 22:48:42

Re: Let's compare our 13.56mHz antennas!

#8 2009-09-17 21:59:00

Re: Let's compare our 13.56mHz antennas!

#9 2009-11-11 21:20:07

Re: Let's compare our 13.56mHz antennas!

#10 2009-12-02 22:00:36

Re: Let's compare our 13.56mHz antennas!

#11 2009-12-02 22:50:06

Re: Let's compare our 13.56mHz antennas!

#12 2009-12-03 03:09:13

Re: Let's compare our 13.56mHz antennas!

#13 2009-12-03 12:58:59

Re: Let's compare our 13.56mHz antennas!

#14 2010-01-02 22:53:44

Re: Let's compare our 13.56mHz antennas!

#15 2010-01-03 04:25:06

Re: Let's compare our 13.56mHz antennas!

#16 2010-01-03 14:38:34

Re: Let's compare our 13.56mHz antennas!

#17 2010-01-03 17:43:40

Re: Let's compare our 13.56mHz antennas!

#18 2010-01-03 18:24:06

Re: Let's compare our 13.56mHz antennas!

#19 2010-01-03 21:58:06

Re: Let's compare our 13.56mHz antennas!

#20 2010-01-03 22:34:29

Re: Let's compare our 13.56mHz antennas!

#21 2010-01-03 22:45:35

Re: Let's compare our 13.56mHz antennas!

#22 2010-01-03 23:05:52

Re: Let's compare our 13.56mHz antennas!

#23 2010-01-04 02:20:09

Re: Let's compare our 13.56mHz antennas!

#24 2010-01-04 05:24:46

Re: Let's compare our 13.56mHz antennas!

#25 2010-01-04 14:54:11

Re: Let's compare our 13.56mHz antennas!

#26 2010-01-06 23:46:39

Re: Let's compare our 13.56mHz antennas!

#27 2010-01-08 05:50:07

Re: Let's compare our 13.56mHz antennas!

#28 2010-01-08 06:19:10

Re: Let's compare our 13.56mHz antennas!

#29 2010-01-08 07:45:25

Re: Let's compare our 13.56mHz antennas!

Board footer