If you’ve ever tapped an amiibo figure to your Nintendo Switch, you’ve witnessed a small miracle of wireless cryptography. That tiny plastic statue doesn’t just hold data—it holds secrets. For years, the most closely guarded of those secrets was the amiibo encryption key.
Here’s the story of how Nintendo locked down its toys, how the key was eventually found, and why it still matters today.
Nintendo has never sued an individual for using TagMo or the encryption key. However, they have:
Today, the amiibo encryption key is an open secret. It’s in GitHub repos, forum posts, and NFC tool documentation. Nintendo hasn’t tried to hide it for years.
The real story isn’t the key itself—it’s what the key represents. A reminder that any client-side encryption is, eventually, client-side decryption. Whether it’s game saves, DVD CSS, or amiibo figures, if the user controls the hardware, the secret won’t stay secret forever.
And sometimes, that’s okay.
Have you ever used a Power Tag or TagMo? Let me know in the comments—just don’t ask me where to download the key. 😉
Amiibo encryption keys are essential files used to decrypt and write Nintendo’s proprietary amiibo data onto blank NFC tags. Because Nintendo uses a layer of encryption and digital signing to prevent unauthorized cloning, these keys act as the "password" for software to interact with the raw data. Key Files and Their Functions
Most amiibo-writing applications require specific cryptographic master keys to function. These are typically found in two formats:
key_retail.bin: This is the most common single file. It is a 160-byte file that concatenates the two primary secret keys needed for the process.
locked-secret.bin & unfixed-info.bin: Some older apps or specific tools require these as two separate files. amiibo encryption key
Locked-secret: Handles the fixed "figure data," such as which character the amiibo is (e.g., Mario vs. Link).
Unfixed-info: Handles the rewritable save data, like nicknames or learned battle behaviors. Why They Are Necessary Wifiibo/README.md at master - GitHub
The Secret Key: Understanding Amiibo Encryption and the key_retail.bin
Amiibo figures are more than just shelf candy; they are complex pieces of Near Field Communication (NFC) technology that store data ranging from unique character IDs to custom in-game stats. However, if you've ever tried to back up your collection or use a DIY solution, you've likely hit a brick wall: encryption.
At the heart of every Amiibo interaction is a proprietary security layer designed to prevent unauthorized tampering. Here is a deep dive into the world of Amiibo encryption and the elusive files that unlock it. Why Are Amiibo Encrypted?
Nintendo uses encryption to ensure that the data stored on an Amiibo’s NTAG215 chip is authentic. This prevents players from easily modifying their "level 50" Smash Bros. fighter's stats through a simple text editor.
When a console scans an Amiibo, it uses a specific set of keys to: Decrypt the data to read its contents.
Re-encrypt and sign the data if the game needs to save new information back to the figure. The Role of key_retail.bin
To interact with Amiibo data on non-Nintendo devices (like an Android phone or a PC), software needs the exact mathematical keys Nintendo uses. In the homebrew community, these are typically found in a single 160-byte file known as key_retail.bin.
This master file is actually a combination of two smaller components often found in older documentation: unfixed-info.bin: Used for identifying the type of Amiibo. Breaking the Lock: A Deep Dive into the
locked-secret.bin: Contains the critical keys needed to write new data to a tag. How the Community Uses These Keys
Because these encryption keys are Nintendo's proprietary intellectual property, they are not bundled with legal software. Instead, users must "provide their own" files to enable functionality in popular apps:
TagMo (Android): The gold standard for managing Amiibo backups. Without importing the retail keys, the app cannot sign data, making it impossible to create functional clones.
AmiiiBot / Placiibo (iOS): These apps require the user to import the key_retail.bin through a file picker to "unlocked" the ability to write to blank NTAG215 chips.
Flipper Zero: Modern multi-tools like the Flipper Zero use these keys to convert standard .bin dumps into a format the device can emulate. A Note on Digital Safety
When searching for these files, accuracy is key. A common pitfall is downloading a file that is too large; a genuine key_retail.bin should be exactly 160 bytes. Larger files (such as 42kb versions) are often incorrect or corrupted and will fail to work with most writing software.
Want to learn more about NFC tech? Check out our guide on choosing the right NTAG215 chips for your DIY projects. DIY Amiibos - Cruise Chaser BLASSTY
The amiibo encryption key refers to a pair of master retail keys used to secure and sign the data stored on Nintendo's NFC-enabled figures. These keys are essential for tools that read, modify, or create custom amiibo tags, as they allow software to decrypt the character information and encrypt new data into a format the game console can recognize. Overview of Key Files
Amiibo data is split into two distinct parts, each requiring its own specific key for access:
Locked Secret (tag key): This 80-byte key is used for fixed information that identifies the figure, such as its unique ID (UID) and the specific amiibo model. Sent DMCA takedowns to GitHub repositories hosting the
Unfixed Infos (data key): This 80-byte key handles variable data, including the amiibo's nickname, owner information, and in-game progress or "leveling" stats.
In many applications, these two keys are combined into a single master file often named "key_retail.bin". Why Encryption Keys are Used
Because amiibo use standard NTAG215 chips, their raw data could easily be cloned if not for Nintendo's security layers.
Digital Signing: Keys allow the console to verify that the data on the tag hasn't been tampered with. If the signature doesn't match the data, the console will reject the tag.
Hardware Binding: The encryption signature is partially based on the tag's unique 7-byte serial number (UID), which is hardcoded into the chip during manufacturing. This prevents simple bit-for-bit copying from one tag to another without recalculating the encryption.
Write Protection: Password protection (derived from the UID) is used to lock certain memory sectors, preventing users from changing a Kirby amiibo into a Mario amiibo once it has been written. Usage in Custom Amiibo
Nintendo’s amiibo security relies on a 3DS-era cryptography system using AES-128. There are actually two critical keys:
Both were hardcoded into every 3DS, Wii U, and Switch system update. That was the vulnerability: the key had to be stored somewhere in memory or on disk.
This report examines the technical architecture behind Amiibo figures, specifically focusing on the encryption and authentication mechanisms used to secure the data stored within the figurines. The security model relies on elliptic curve cryptography to prevent counterfeiting and unauthorized modification of figure data.
Here is where the article must serve a critical warning. The amiibo encryption key exists in a strange legal purgatory.