diff --git a/CHANGELOG.md b/CHANGELOG.md
index ff84af618..4cb3137d1 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,7 @@ All notable changes to this project will be documented in this file.
 This project uses the changelog in accordance with [keepchangelog](http://keepachangelog.com/). Please use this to write notable changes, which is not the same as git commit log...
 
 ## [unreleased][unreleased]
+- Added `mfkey32nested`: recovering partial nested authentication with known nT (@doegox)
 - Added support for dumping FM11RF08S data at once (@doegox)
 - Added support for collecting all FM11RF08S nT/{nT}/par_err at once (@doegox)
 - Fixed `hf mfu wrbl` - compatibility write only writes 4 bytes. Now handled correctly (@iceman1001)
diff --git a/tools/mfc/card_reader/Makefile b/tools/mfc/card_reader/Makefile
index b0ac20879..5442d6804 100644
--- a/tools/mfc/card_reader/Makefile
+++ b/tools/mfc/card_reader/Makefile
@@ -9,7 +9,7 @@ ifneq ($(SKIPPTHREAD),1)
 MYLDLIBS += -lpthread
 endif
 
-BINS = mfkey32 mfkey32v2 mfkey64 mf_nonce_brute mf_trace_brute
+BINS = mfkey32 mfkey32v2 mfkey32nested mfkey64 mf_nonce_brute mf_trace_brute
 INSTALLTOOLS = $(BINS)
 
 include $(ROOTPATH)/Makefile.host
@@ -28,6 +28,7 @@ endif
 
 mfkey32 : $(OBJDIR)/mfkey32.o $(MYOBJS)
 mfkey32v2 : $(OBJDIR)/mfkey32v2.o $(MYOBJS)
+mfkey32nested : $(OBJDIR)/mfkey32nested.o $(MYOBJS)
 mfkey64 : $(OBJDIR)/mfkey64.o $(MYOBJS)
 mf_nonce_brute : $(OBJDIR)/mf_nonce_brute.o $(MYOBJS)
 mf_trace_brute : $(OBJDIR)/mf_trace_brute.o $(MYOBJS)
diff --git a/tools/mfc/card_reader/mfkey32nested.c b/tools/mfc/card_reader/mfkey32nested.c
new file mode 100644
index 000000000..dfc197d06
--- /dev/null
+++ b/tools/mfc/card_reader/mfkey32nested.c
@@ -0,0 +1,69 @@
+//  Doegox, 2024, cf https://eprint.iacr.org/2024/1275 for more info
+
+#include <inttypes.h>
+#include <stdbool.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include "crapto1/crapto1.h"
+#include "util_posix.h"
+
+int main(int argc, char *argv[]) {
+    struct Crypto1State *s, *t;
+    uint64_t key;     // recovered key
+    uint32_t uid;     // serial number
+    uint32_t nt;      // tag nonce
+    uint32_t nt_enc;  // encrypted tag nonce
+    uint32_t nr_enc;  // encrypted reader nonce
+    uint32_t ar;      // reader response
+    uint32_t ar_enc;  // encrypted reader response
+    uint32_t ks0;     // keystream used to encrypt tag nonce
+    uint32_t ks2;     // keystream used to encrypt reader response
+
+    printf("MIFARE Classic key recovery - known nT scenario\n");
+    printf("Recover key from one reader authentication answer only\n");
+
+    if (argc != 6) {
+        printf("syntax: %s <uid> <nt> <{nt}> <{nr}> <{ar}>\n\n", argv[0]);
+        return 1;
+    }
+
+    sscanf(argv[1], "%x", &uid);
+    sscanf(argv[2], "%x", &nt);
+    sscanf(argv[3], "%x", &nt_enc);
+    sscanf(argv[4], "%x", &nr_enc);
+    sscanf(argv[5], "%x", &ar_enc);
+
+    printf("Recovering key for:\n");
+    printf("    uid: %08x\n", uid);
+    printf("     nt: %08x\n", nt);
+    printf("   {nt}: %08x\n", nt_enc);
+    printf("   {nr}: %08x\n", nr_enc);
+    printf("   {ar}: %08x\n", ar_enc);
+
+    printf("\nLFSR successor of the tag challenge:\n");
+    ar = prng_successor(nt, 64);
+    printf("     ar: %08x\n", ar);
+
+    printf("\nKeystream used to generate {nt}:\n");
+    ks0 = nt_enc ^ nt;
+    printf("    ks0: %08x\n", ks0);
+    printf("\nKeystream used to generate {ar}:\n");
+    ks2 = ar_enc ^ ar;
+    printf("    ks2: %08x\n", ks2);
+
+    s = lfsr_recovery32(ks0, uid ^ nt);
+
+    for (t = s; t->odd | t->even; ++t) {
+        crypto1_word(t, nr_enc, 1);
+        if (ks2 == crypto1_word(t, 0, 0)) {
+            lfsr_rollback_word(t, 0, 0);
+            lfsr_rollback_word(t, nr_enc, 1);
+            lfsr_rollback_word(t, uid ^ nt, 0);
+            crypto1_get_lfsr(t, &key);
+            printf("\nFound Key: [%012" PRIx64 "]\n\n", key);
+            break;
+        }
+    }
+    free(s);
+    return 0;
+}
diff --git a/tools/mfc/card_reader/mfkey_examples.md b/tools/mfc/card_reader/mfkey_examples.md
index 559285456..46816f248 100644
--- a/tools/mfc/card_reader/mfkey_examples.md
+++ b/tools/mfc/card_reader/mfkey_examples.md
@@ -103,3 +103,36 @@ Decrypted communication:
 
 Found Key: [091e639cb715]
 ```
+### Recovering partial nested authentication
+A new functionality from @doegox
+
+In some situations, we may replay a {nT} in a nested authentication, of which we know the plain nT but not the key.
+
+Example:
+```
+Tag |ab! b3! 0b! D1                        |     | AUTH: nt (enc)
+Rdr |46  03  39  66  AD  c1! 81  62!       |     | AUTH: nr ar (enc)
+```
+
+```
+./mfkey32v2nested 5C467F63 4bbf8a12 abb30bd1 46033966 adc18162
+MIFARE Classic key recovery - known nT scenario
+Recover key from one reader authentication answer only
+Recovering key for:
+    uid: 5c467f63
+     nt: 4bbf8a12
+   {nt}: abb30bd1
+   {nr}: 46033966
+   {ar}: adc18162
+
+LFSR successor of the tag challenge:
+     ar: 77cc87f8
+
+Keystream used to generate {nt}:
+    ks0: e00c81c3
+
+Keystream used to generate {ar}:
+    ks2: da0d069a
+
+Found Key: [059e2905bfcc]
+```
diff --git a/tools/pm3_tests.sh b/tools/pm3_tests.sh
index eabf8b5e4..7b6c6d667 100755
--- a/tools/pm3_tests.sh
+++ b/tools/pm3_tests.sh
@@ -290,11 +290,13 @@ while true; do
       if ! CheckFileExist "fpgacompress exists"            "$FPGACPMPRESSBIN"; then break; fi
     fi
     if $TESTALL || $TESTMFKEY; then
-      echo -e "\n${C_BLUE}Testing mfkey:${C_NC} ${MFKEY32V2BIN:=./tools/mfc/card_reader/mfkey32v2} ${MFKEY64BIN:=./tools/mfc/card_reader/mfkey64}"
+      echo -e "\n${C_BLUE}Testing mfkey:${C_NC} ${MFKEY32V2BIN:=./tools/mfc/card_reader/mfkey32v2} ${MFKEY32NESTEDBIN:=./tools/mfc/card_reader/mfkey32nested} ${MFKEY64BIN:=./tools/mfc/card_reader/mfkey64}"
       if ! CheckFileExist "mfkey32v2 exists"               "$MFKEY32V2BIN"; then break; fi
+      if ! CheckFileExist "mfkey32nested exists"           "$MFKEY32NESTEDBIN"; then break; fi
       if ! CheckFileExist "mfkey64 exists"                 "$MFKEY64BIN"; then break; fi
       # Need a decent example for mfkey32...
       if ! CheckExecute "mfkey32v2 test"                   "$MFKEY32V2BIN 12345678 1AD8DF2B 1D316024 620EF048 30D6CB07 C52077E2 837AC61A" "Found Key: \[a0a1a2a3a4a5\]"; then break; fi
+      if ! CheckExecute "mfkey32nested test"               "$MFKEY32NESTEDBIN 5C467F63 4bbf8a12 abb30bd1 46033966 adc18162" "Found Key: \[059e2905bfcc\]"; then break; fi
       if ! CheckExecute "mfkey64 test"                     "$MFKEY64BIN 9c599b32 82a4166c a1e458ce 6eea41e0 5cadf439" "Found Key: \[ffffffffffff\]"; then break; fi
       if ! CheckExecute "mfkey64 long trace test"          "$MFKEY64BIN 14579f69 ce844261 f8049ccb 0525c84f 9431cc40 7093df99 9972428ce2e8523f456b99c831e769dced09 8ca6827b ab797fd369e8b93a86776b40dae3ef686efd c3c381ba 49e2c9def4868d1777670e584c27230286f4 fbdcd7c1 4abd964b07d3563aa066ed0a2eac7f6312bf 9f9149ea" "Found Key: \[091e639cb715\]"; then break; fi
     fi