Under Section 1201 of the DMCA, it is illegal to circumvent "technological protection measures" (TPM) that control access to a copyrighted work. Nintendo has successfully argued in the past (notably against rom site creators) that encryption keys qualify as TPMs.
Is it illegal to possess the key? Probably not. Keys are numbers. You cannot copyright a number. Is it illegal to use the key to write a blank card? Likely yes, in the US and Japan. You are circumventing the authentication measure to create an unauthorized derivative work (the digital data of the amiibo).
Nintendo has never sued an individual for using TagMo or the encryption key. However, they have:
Nintendo attempted to mitigate the breach by introducing new "fixed" key sets in subsequent firmware updates. Theoretically, this would have rendered the old keys obsolete. However, backward compatibility with the existing installed base of Amiibo figures (which were signed with the old, "unfixed" keys) meant that the consoles could not strictly disable support for the original keys.
Today, the amiibo encryption key is an open secret. It’s in GitHub repos, forum posts, and NFC tool documentation. Nintendo hasn’t tried to hide it for years.
The real story isn’t the key itself—it’s what the key represents. A reminder that any client-side encryption is, eventually, client-side decryption. Whether it’s game saves, DVD CSS, or amiibo figures, if the user controls the hardware, the secret won’t stay secret forever.
And sometimes, that’s okay.
Have you ever used a Power Tag or TagMo? Let me know in the comments—just don’t ask me where to download the key. 😉
Understanding Amiibo Encryption Keys: The Core of NFC Customisation
An amiibo encryption key is a digital code required to unlock and read the data stored within Nintendo's amiibo figurines and cards. Without these keys, the raw data (stored as .bin files) remains unreadable by third-party applications, preventing users from creating backups, emulating characters, or writing data to blank NFC tags. How Amiibo Encryption Works
Amiibo use Near Field Communication (NFC) via NTAG215 chips. While the standard user memory on these chips is often freely readable, Nintendo adds a proprietary layer of encryption and digital signing to protect the game data and prevent unauthorized cloning. Technically, the system relies on two master binary keys:
Tag Master Key (locked-secret): Used to sign "fixed" information, such as the unique ID (UID) of the chip and the specific amiibo type.
Data Master Key (unfixed-info): Used to sign and encrypt "unfixed" information that changes, such as the owner’s name, nickname, and specific game save data (e.g., levels in Super Smash Bros.).
These keys use a combination of HMAC-SHA256 for digital signatures and AES128 for data encryption. Why You Need Encryption Keys
For most casual users, the encryption happens invisibly when they tap a figure to their console. However, for enthusiasts using third-party tools, the keys are essential for several reasons: Wifiibo/README.md at master - GitHub
In the context of Nintendo's interactive figurines, "amiibo encryption keys" refer to the proprietary cryptographic files required to decrypt and write data to NFC tags or spoofing devices. Because amiibo data is encrypted, these keys act as the "unlock" mechanism for third-party software to interact with the figures' internal data. Overview of Amiibo Encryption Keys
Purpose: These keys allow apps and devices to read, modify, and write .bin files (raw amiibo data). Without them, third-party tools cannot decode the character identity or saved progress stored on an amiibo [5, 16].
Key Files: Historically, there are two primary files required: key_retail.bin (often the combined form). amiibo encryption key
Previously separated into unfixed-info.bin and locked-secret.bin.
Legal Status: These keys are proprietary Nintendo property. Distributing them is generally considered a copyright violation, which is why most reputable apps (like AmiiBot or TagMo) require users to provide their own files rather than including them [5]. Common Use Cases
Amiibo Spoofing: Users use these keys to write amiibo data onto blank NTAG215 NFC tags, creating "backup" cards for games like The Legend of Zelda or Animal Crossing [10].
Save Data Management: Keys enable software to back up or restore corrupted data on physical figurines [11].
Emulation: They are often required for emulators to recognize and "scan" virtual amiibo files into a game. Security and Technical Details
NFC Technology: Amiibo utilize Near Field Communication (NFC) to communicate with consoles like the Switch, Wii U, and 3DS [7, 8].
File Size: A standard amiibo .bin file is typically 540 bytes, representing a raw copy of the NFC chip's contents [16].
Encryption Method: Nintendo uses a proprietary algorithm to ensure that only authorized devices can meaningfully read or alter the data on the figure’s chip. AI responses may include mistakes. Learn more
To use or create custom Amiibo, you must have the Amiibo encryption keys
. These are proprietary cryptographic files required by apps like Amiibo Editor to decrypt official data and write it to blank NFC tags. Essential Key Files
Most software requires two specific files, though they are often found combined as a single file: locked-secret.bin : Used to decrypt the rewritable data on an Amiibo. unfixed-info.bin : Contains static information about the character. key_retail.bin
: A combined version of the above two files, which is the standard format for modern Amiibo tools. Why are they hard to find?
Because these keys are the intellectual property of Nintendo, they are not included
in legitimate app downloads for legal reasons. Sharing or hosting these files can lead to copyright infringement claims. jamchamb.net How to use them If you are setting up an app like , follow these general steps: James Chambers - jamchamb's blog
This write-up explores the role of encryption keys in the amiibo ecosystem, focusing on how they enable the reading and writing of data to NFC tags. The Role of Encryption Keys
Amiibo figures use proprietary encryption to protect the data stored on their internal NTAG215 chips. To interact with this data using third-party tools, two specific "key" files are generally required: Retail Key ( key_retail.bin
This file contains the cryptographic signatures used by Nintendo to sign amiibo data. Unfixed/Locked Secret Keys: Under Section 1201 of the DMCA, it is
These are the components used to encrypt and decrypt the user-specific data (like stats or nicknames) stored on the chip. How They Are Used
Encryption keys act as a "handshake" between the amiibo data and the software used to manage it. Decrypting Data: Tools like
use these keys to translate the raw hex data from an amiibo into a readable format. Writing to Tags:
When creating custom amiibo cards, the keys allow the software to correctly sign the amiibo BIN files
so they are recognized as authentic by a Nintendo Switch or 3DS. Data Structures Read-Only Data:
Static information like the character ID is hardcoded and signed by Nintendo. Read/Write Data:
This section stores game-specific progress, such as Super Smash Bros. fighter levels or nicknames registered in System Settings Legal and Technical Considerations
While the keys themselves are small snippets of code, they are copyrighted material owned by Nintendo. Most reputable software will require you to provide your own key files rather than including them in the download. Once an amiibo is written to an NFC tag
, the tag's unique ID is locked to that data, making most physical cards permanent and non-rewritable. Do you need a step-by-step guide
on how to install these keys into a specific app like TagMo?
If I store game data on an amiibo, does that mean I can't ... - Nintendo
The amiibo encryption system is a security layer designed by Nintendo to protect the proprietary data stored on the NFC chips within amiibo figures and cards. This system ensures that only authorized devices can read or modify the sensitive "Amiibo Data" section, which typically includes character IDs and game-specific progress. 1. Key Components of the Encryption System
Amiibo security relies on a set of binary key files that allow software to interact with the encrypted data on an NTAG215 chip. key_retail.bin
: This is the primary retail encryption key required by most amiibo-writing applications. unfixed-info.bin
: This file contains the constant data used for the initial decryption of the amiibo's unique ID and basic information. locked-secret.bin
: This component is used to generate the specific keys needed to access the protected "secret" areas of the tag. 2. The Decryption and Re-encryption Process
When creating a custom amiibo or backup, the system follows a specific cryptographic workflow: UID Retrieval Have you ever used a Power Tag or TagMo
: The application reads the Unique Identifier (UID) from the physical NTAG215 tag. Data Decryption : Using the unfixed-info.bin locked-secret.bin
keys, the software decrypts the core data (specifically pages 40 to 130 of the tag's memory). HMAC Hashing
: New HMAC hashes are calculated based on the target tag's unique UID to ensure the data is "bound" to that specific chip. Encryption
: The data is re-encrypted using a key derived from the target UID before being written back to the tag. 3. Usage in Applications
To use these keys for creating custom tags, users typically follow these steps in apps like : Import the key files into the app's settings. Import Amiibo File : Load the specific character data file (often also a
: Use the app to write the encrypted data onto a blank NTAG215 card or coin. 4. Technical Constraints
Tag keys won't load nor write. Keep getting errors. #166 - GitHub
Understanding Amiibo Encryption Keys: A Beginner’s Guide If you’ve ever looked into backing up your Amiibo collection or creating your own custom NFC tags, you’ve likely run into a wall known as encryption keys. Most apps and tutorials will tell you that they "cannot provide these files for legal reasons," leaving you to wonder what they are and why you need them. What are Amiibo Encryption Keys?
Amiibo figurines use NTAG215 chips to store data. To prevent people from easily counterfeiting them, Nintendo uses a layer of encryption and digital signing.
The "encryption key" is actually a set of master keys used to decrypt and re-encrypt the data on these chips. Without these keys, an app like TagMo or AmiiBoss can see the raw data on a chip, but it won’t understand what it means or how to write a valid new Amiibo to a blank tag. The Two Critical Files
When you search for these keys, you will almost always find them in two specific forms:
unfixed-info.bin: This key is used to sign and encrypt "unfixed" or changeable data, such as your character’s nickname, owner information, and in-game leveling stats.
locked-secret.bin: This is the "tag master key." it is used to sign the "fixed" information that makes an Amiibo a specific character (like Link or Mario). Once this is written to a chip, it cannot be changed.
In many modern apps, these two files are often merged into a single 160-byte file called key_retail.bin. How They Work (Simplified)
Each physical Amiibo has a unique ID (UID) hard-coded into its hardware. Nintendo's encryption process uses this unique ID to "lock" the data to that specific figurine.
Decryption: When you load a .bin file into an app, the keys allow the software to "unlock" the data so you can see which character it is.
Re-encryption: When you write that data to a new blank tag, the software uses the keys and the new tag’s unique ID to "re-lock" the data correctly. Without the keys, the new tag would have the wrong "signature," and your Nintendo Switch would reject it as corrupted. Where Do You Get Them?
Because these keys are proprietary Nintendo property, developers cannot include them in their apps without risking legal action.