In addition to encrypting the data so it cannot be read, Nintendo uses a Keyed-Hash Message Authentication Code (HMAC) based on the SHA-256 algorithm. When a game saves data back to the Amiibo (like updating a character's stats), it generates an HMAC signature using the encryption key.
To prevent this cloning, Nintendo implements . The Amiibo encryption key consists of two distinct parts:
: This contains the encrypted data, including saved game information like stats, levels, or nicknames. amiibo encryption key
Many rare Amiibos, such as the Qbby figure from BoxBoy! or certain Monster Hunter exclusives, are incredibly expensive on the secondary market. The keys allow the community to digitally preserve the data of these rare figures, ensuring access to in-game content is not locked behind exorbitant real-world prices.
This is a crucial distinction: by using homebrew to dump the keys from their own hardware, users are not distributing copyrighted material, but rather generating it from a console they own. This practice treads a fine legal and ethical line, which will be discussed in the final section. In addition to encrypting the data so it
Researchers discovered that the system uses a pair of key files, often referred to in homebrew circles as: unfixed-info.bin locked-secret.bin
Used to derive keys for signing the internal, hard-coded ID of the NFC chip. How Encryption Works The Amiibo encryption key consists of two distinct
: A combined version of the above two files, which is the standard format for modern Amiibo tools. Why are they hard to find?
This section stores game-specific progress, such as Super Smash Bros. fighter levels or nicknames registered in System Settings Legal and Technical Considerations
The raw cryptographic keys are proprietary intellectual property owned by Nintendo. Distributing the keys directly, hosting them on open GitHub repositories, or packaging them inside apps on the Google Play Store is a direct violation of copyright laws. This is why tools like TagMo require users to source their own key_retail.bin files.
Using Android or iOS apps like TagMo or Placiibo, users can load the Amiibo encryption keys into the software. Once the software possesses the keys, it can sign raw Amiibo data files ( .bin files) and write them onto blank, inexpensive NTAG215 cards or coins, creating fully functional Amiibo clones. 2. Hardware Emulators (AmiiboLink / Pixl / Flask)