CN106487796A - Identity card reads the safe ciphering unit in equipment and its application process - Google Patents

Identity card reads the safe ciphering unit in equipment and its application process Download PDF

Info

Publication number
CN106487796A
CN106487796A CN201610935187.3A CN201610935187A CN106487796A CN 106487796 A CN106487796 A CN 106487796A CN 201610935187 A CN201610935187 A CN 201610935187A CN 106487796 A CN106487796 A CN 106487796A
Authority
CN
China
Prior art keywords
data
sce
identity card
sam
equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610935187.3A
Other languages
Chinese (zh)
Inventor
王耀
朱红岩
殷月
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Is Odd Shield Data Safe Technology Ltd
Chen Century (beijing) Technology Co Ltd
Original Assignee
Beijing Is Odd Shield Data Safe Technology Ltd
Chen Century (beijing) Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Is Odd Shield Data Safe Technology Ltd, Chen Century (beijing) Technology Co Ltd filed Critical Beijing Is Odd Shield Data Safe Technology Ltd
Priority to CN201610935187.3A priority Critical patent/CN106487796A/en
Publication of CN106487796A publication Critical patent/CN106487796A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Abstract

Identity card reads the safe ciphering unit in equipment and its application process, it is characterized in that described safe ciphering unit (Secure Crypto Element, SCE) it is used for identity card to read in equipment, identity card machine sensible information (abbreviation ID_Data) encryption 467 2013 standard SAM_A of GA exported using asymmetric arithmetic or signature, it is ensured that ID_Data is not tampered in client or network channel or is multiplexed;Encryption method includes:SCE uses system public key encryption ID_Data, generates identity card machine sensible information ciphertext (abbreviation En_ID_Data) and uploads background system, and background system obtains ID_Data using system private key deciphering En_ID_Data;Endorsement method includes:SCE generates ID_Data_DS using SCE private key pair ID_Data signature, uploads background system together with ID_Data, and background system uses SCE public key verifications ID_Data_DS.

Description

Identity card reads the safe ciphering unit in equipment and its application process
Technical field:
The invention belongs to electronic information technology and application, and in particular to hard in a kind of reading equipment for identity card The technology of the safe ciphering unit of part, device and its application process.
Background technology:
Nearly more than ten years, China's No.2 residence card made using RF identification (RFID) chip technology has obtained general All over distribution and extensively application.Reading and examination for the identity card machine sensible information in radio frequency chip, general requirement is using special Identity card read equipment complete;And read in equipment in special identity card, it is desirable to realize recognizing using special security module Card and deciphering function.This security module is referred to as " checking safety control module " (Secure in 467 2004 standard of GA Access and control Module for Validation, SAM_V) module, lexical or textual analysis be " be embedded in checking equipment in, The part having to information control reading, safety verification, output function in resident identification card certificate ";Revise in GA 467 2013 SAM_V is renamed as SAM_A (Secure Access Module for Authentication, SAM_A) in standard.
SAM_A external interface mainly has service terminal interface (UART serial ports or USB interface) and radio-frequency module interface (parallel port Or the serial line interface of similar I2C), service terminal interface connects host computer or microprocessor (MCU), and radio-frequency module interface connects radio frequency mould Block.The interface mode of the SAM_A that 467 2013 standard of GA is given is that one end connects service terminal by service terminal interface, separately One end connects radio-frequency module by radio-frequency module interface.However, common identity card reads equipment, in order to adapt to dissimilar and Radio frequency chip, also for the convenience for increasing operation radio-frequency module, generally uses MCU and connects SAM_A service terminal interface respectively With radio-frequency module interface, the other interface connection radio frequency chip of MCU is reused, now the radio-frequency module interface of SAM_A becomes one Plant virtual radio frequency interface.
Conventional identity card reads the process of equipment reading identity card machine sensible information:Service terminal or host computer pass through business Terminal interface sends " reading machine-readable Word message and photographic intelligence " order (0x300x01) to SAM_A, or " reads machine-readable word letter Breath, photographic intelligence and finger print information " order (0x300x10), SAM_A export the operation of identity card Card Reader by radio-frequency module interface Order, including select file, reads binary system, internal authentication, takes random number and external authentication order, and radio-frequency module operates identity card Command response is returned to SAM_A after executing mentioned order by radio frequency chip.After correct execution mentioned order is finished, SAM_A passes through Service terminal interface returns the identity card machine sensible information after deciphering.
For convenience of description, described identity card machine sensible information is referred to as ID_Data by the present invention, contains identity card machine-readable Text message and photographic information, the identity card that issues in recent years also have finger print information, host computer or background system software parsing ID_ The machine-readable word of identity card, photograph and finger print information is obtained after Data.
Above identity card reads the process of equipment reading identity card machine sensible information, from the point of view of data safety angle, is more suitable for The application scenario of identity card machine sensible information is locally read in service terminal, is read unsuitable for network system backstage and checking identity The application demand of card machine sensible information.For example in mobile communication corporate networks real name system, much uncontrolled third party sells on a commission basis There is, using client reading identity card machine sensible information, the potential safety hazard that client software palms off identity card machine sensible information in point.
Specifically, understand as the data structure that ID_Data has determination is available for analysis, for specific identity card be again Changeless, without dynamic encryption or signature etc data security protecting measure, client software are pieced together, distort and are palmed off ID_Data uploads background system, and background system remains to normal parsing, without reliable technological means checking ID_Data information The data true and false.And, real ID_Data data are transmitted on network channel there is also the potential safety hazard that is illegally intercepted and captured.
In short, the identity card for being currently based on SAM_A reads equipment, is only based on SAM_A manager (public security department) Local Card Reader safety certification means, in addition, be directed to network system user, such as bank or carrier network The safety measure of system, is less compliant in network system client and reads equipment reading identity card machine sensible information using identity card, The application on network system backstage, particularly client uncontrolled application scenario is uploaded to again.
Content of the invention:
In consideration of it, the present invention proposes to use a kind of safe ciphering unit (Secure Encrypt Element, SCE), embedding Enter and read in equipment in identity card, the identity card machine sensible information 467 2013 standard SAM_A of GA exported using asymmetric arithmetic ID_Data encryption is signed, and the signature of generation identity card machine sensible information ciphertext (abbreviation En_ID_Data) or ID_Data is (referred to as ID_Data_DS), decipher for net background system or verify.
SCE is connected using the main control MCU in one or more interface and identity card reading equipment, SAM_A or other devices Connect, its major function is included but is not limited to:
(1) the business order from main control MCU is received;
(2) parsing, execution and acknowledgement command;
(3) create, generate, store, read and write or use the file related to cryptographic algorithm or application;
(4) forward MCU order if necessary or voluntarily send commands to SAM_A;
(5) the identity card machine sensible information ID_Data from MCU or SAM_A is received, is selected using corresponding according to command parameter Key ID_Data is encrypted or signature algorithm, generate identity card machine sensible information ciphertext En_ID_Data or sig ID _ Data_DS, returns to main control MCU.
SCE function listed above can be realized in an independent safety chip, it is also possible to used as a safe core The part of functions unit of piece or security module.The different possibility of consideration and adaptability, we provide following three kinds optionally SCE embodiment:
The first scheme is outside the main control MCU that identity card reads in equipment, and SCE safety chip is separately configured.SCE's A kind of interface mode is only to be connected with MCU, receives the ID_Data from MCU, returns En_ID_Data or ID_Data_DS and gives MCU;Another kind of interface mode of SCE is to be connected with SAM_A and MCU between SAM_A and MCU respectively, receives the industry from MCU Business order, processes Added Business order, forwards the order of SAM_A business to SAM_A, receives the ID_Data from SAM_A, generate En_ID_Data or ID_Data_DS return to MCU.This embodiment of SCE is easily embedded in the identity card of current routine and reads Read in equipment, second interface mode particularly therein, current routine identity card need not be changed substantially and read the soft of equipment Hardware design, it is only necessary to increase a small amount of business order newly, you can realize encryption or the signature function to ID_Data.Described in this programme Main control MCU uses routine MCU, it is not necessary to realize SCE function in MCU, this programme can also use safe main control MCU reality Existing identity card reads the basic function of equipment.
Second scheme is the safe main control MCU for using safety chip to read equipment as identity card, is realizing identity card While read function, SCE function is realized.By taking data ciphering method as an example, safe main control MCU in accordance with 467 2013 standard of GA, " reading machine-readable Word message and photographic information order " (0x300x01) is sent to SAM_A by service terminal interface or " is read machine-readable Word message, photographic information and finger print information order " (0x300x10), receives the ID_ that SAM_A service terminal interface is returned Data, SCE are encrypted to ID_Data using system public key, are exported ciphertext En_ID_Data of ID_Data, or are used SCE private key Identity card machine sensible information is signed and generates ID_Data_DS.The encryption of Card Reader data or signature process both can be in safe master controls MCU starts after receiving client Card Reader order, it is also possible to be automatically performed card seeking, card selection and Card Reader in advance by safe main control MCU, En_ID_Data or ID_Data_DS is directly returned after receiving Client command to client.This embodiment requires identity card Reading equipment manufacturer uses safe main control MCU to replace routine MCU as main control chip, needs to make again identity card reading equipment Design of hardware and software, different identity card read equipment manufacturer if do not followed unified technical specification, client and background system Softwarecompatible has certain difficulty.
The third scheme is realized inside SAM_A, realizes SCE function using the existing safe software and hardware of SAM_A module, Or SCE function is realized in SAM_A inside modules increase safety chip.The newly-increased business life related to data encryption or signature Order, by ciphertext En_ID_Data or the ID_Data of the service terminal interface output identity card machine sensible information ID_Data of SAM_A And its sig ID _ Data_DS.Meanwhile, can continue the service terminal interface command output ID_Data's of compatible current SAM_A Function.This implementation security and convenience good, most convenient identity card read equipment manufacturer use, but need revise GA 467 2013 standards work out new standard, are related to that face is many, and difficulty is big.
The first scheme and second scheme although can effectively prevent client software from forging ID_Data, but can not The ID_Data for effectively preventing the personation SAM_A offer of " illegal " hardware from forging is to the En_ID_ of SCE generation " illegal " of " legal " Data or ID_Data_DS.For this purpose, we can design SCE has locking and unlocking function, net background system once finds Suspicious client, can add the mark category information about " locking ", " unblock " and " normal " in dynamic public key cryptography is issued, Locking, unblock or normal operating are executed according to relevant information after SCE deciphering.
For data ciphering method, SCE needs to be encrypted ID_Data using background system public key, obtains En_ID_ Data uploads background system, is decrypted acquisition ID_Data by background system using system private key pair En_ID_Data;For number According to the method for signature, SCE is signed using SCE private key pair ID_Data, obtains ID_Data_DS, by ID_Data and ID_Data Background system is uploaded together, and background system obtains ID_Data using SCE public key verifications ID_Data_DS.
No matter using data ciphering method or data signature method, both can be using fixing close in the certain period of time Key pair, can generate key pair in each reading identity card machine sensible information ID_Data again temporarily, wherein be used for data encryption and To being produced by background system, background system needs to safely issue system public key to SCE the key of deciphering;For data signature and testing To being produced by SCE, SCE needs safety to upload SCE public key to background system to the key of card.
In order to ensure that public key that recipient receives, from real sender, can set up certificate class practical writing in SCE Part (is referred to X.509 standard certificate), is issued or updated by background system SCE application file, and background system can read SCE Application file, obtains its public key after its signature and validity is verified.SCE uploads public key to background system, or background system Public key is issued to SCE, can be encrypted to sending out the public key for sending using the public key of other side, own private key is used by recipient After deciphering, the public key of other side is obtained.
Using data ciphering method benefit be encrypted public key from background system, client can not be palmed off, and have the disadvantage visitor En_ID_Data data can not be deciphered and be parsed in family end, it may be necessary to issue ID_Data again to client after background system deciphering; The use of the benefit of data signature method is that ID_Data_DS is verified by background system, client can be lacked directly using ID_Data Point is the need to ensure that digital signature is strictly that SCE does.
The two methods for ID_Data being encrypted using SCE or signing are cut both ways, if stressing to consider background system Security control ability, it is proposed that the method for preferably using data encryption, using the method for data signature, certain SCE is permissible for secondary choosing While supporting data encryption data two kinds of data security methods of signature, one is selected to make as needed by net background system With.
It is proposed that the close SM2 asymmetric arithmetic of asymmetric arithmetic used in SCE, such as state, naturally it is also possible to using which His asymmetric arithmetic, such as RSA or ECC algorithm;Symmetric key algorithm can also be used in theory, but for key safety management For the sake of convenient, and ID_Data data length itself is less, and asymmetric encryption efficiency is enough, it is not recommended that using symmetric key algorithm.
Between SCE and background system in addition to the related security information of interactive key, background system can be issued at random Or multidate information is further ensured that En_ID_ to SCE by being encrypted again or signing after SCE and ID_Data information combination Data or ID_Data_DS has not reusable ageing.
SCE is realized encrypting ID_Data by newly-increased order or signature, original SAM_A service terminal interface command Can be continuing with, and existing application product and application system compatibility.
Current identity card reads the limitation that equipment only can guarantee that local authentication Card Reader data safety based on SAM_A, passes through Using SCE open network system data security control means to network system user (such as mobile operator), network is met System background is authenticated the Data Security Control of Card Reader to uncontrolled client;Support the integrated SCE of upgrading SAM_A standard Function and one, first do initialization distribution by public security department, by doing personalized distribution after system user to SCE to SCE;In order to save Resource-saving and improve efficiency, in the future the SAM_A module of integrated SCE function, it is proposed that business function is all passed through its service terminal and is connect Cause for gossip is existing, cancels its radio-frequency module interface for being unprofitable to improve data safety.
With the SCE that the variforms such as chip, module, COB circuit board are present, can read in equipment in various identity cards makes With both having included desk-top desk device, also included that handheld device, self contained facility and its other general or full identity cards were read and set Standby.
Description of the drawings:
The several embodiments of Fig. 1, SCE
Fig. 2, the SCE exemplary scenario block diagram that is realized with CCM3310S chip
Fig. 3, the application flow citing of identity card machine sensible information encryption
Specific embodiment:
Below in conjunction with the accompanying drawings for SCE be embodied as and its application process elaborates.Fig. 1 is several realities of SCE The schematic diagram of scheme is applied, the figure stresses to consider feature and its interface annexation with MCU and SAM_A of SCE.In scheme 1a With scheme 1b, SCE is an independent hardware safe unit, in scheme 2 and scheme 3, SCE be safe main control MCU piece and A part of security function unit of SAM_A.
In scheme 1a of Fig. 1, SCE can be to be communicated using multiple interfaces mode and MCU, and such as SPI, I2C, UART etc. go here and there Line interface.This interface mode of SCE determines which is operated in passive mode, receives the operational order from conventional main control MCU, should Command execution results are answered, including the identity card machine sensible information ID_Data from MCU is received, is encrypted or returned to after signing by SCE MCU.
In scheme 1b of Fig. 1, SCE is connected with MCU and SAM_A communication interface respectively.One business end of consideration SAM_A End interface is UART, and in order to have more preferable software and hardware compatibility with existing identity card reading machine, SCE can use two UART interface connects the UART interface of conventional main control MCU and SAM_A respectively.So MCU can be the same to original operation SAM_A Operation SCE, and the business order from MCU directly can be transmitted to SCE by SCE, the response that equally SAM_A is beamed back go back to MCU.For SAM_A business order, increase SCE does not feel assorted for the software and hardware function that original identity card reads equipment Difference, including can by continue according to local authentication in the way of reading identity card machine sensible information.Of course, MCU and SAM_A it Between to increase the purpose of SCE be to support the Added Business order of MCU, realize the encryption of relevant identity card machine sensible information or signature be related Function.It is particular in that, SCE, for the service terminal interface of SAM_A, is order active sender, receives in SCE After the newly-increased order of MCU encryption Card Reader etc, SCE is by sending its original " the machine-readable Word message of reading and photograph letter to SAM_A Breath order " (0x300x01) or " reading machine-readable Word message, photographic information and finger print information order " (0x300x10), start SAM_ The Card Reader verification process of A, Card Reader receive, after terminating, the identity card machine sensible information ID_Data that SAM_A is returned, through encrypting or signing After return again to MCU.
The scheme 2 of Fig. 1 realizes the function of SCE while being and realize identity card card-reading function using safe main control MCU.In recent years Resource and the function for carrying out safety chip is stronger and stronger, it is easy to realizes identity card and reads multiple interface communication functions in equipment, For example connect radio frequency chip using SPI interface, connect SAM_A using UART interface and quasi- I2C interface (or parallel port), using USB Interface connects computer client.Equally it is easy to realize the safe encryption function of SCE in safe main control MCU, many including supporting Plant symmetrically or non-symmetrically algorithm, and the file storage related to algorithm and read-write capability.The benefit of this scheme is to save The hardware cost that SCE is separately configured is saved, and communication efficiency can be improved to a certain extent,
Scheme 1 and scheme 2 can effectively prevent client software from forging ID_Data, but effectively can not prevent " non- The ID_Data that the personation SAM_A offer of method " hardware is forged is to the En_ID_Data or ID_ of SCE generation " illegal " of " legal " Data_DS.For this purpose, we design SCE has locking and unlocking function, net background system once finds suspicious client, can To issue the mark category information added in dynamic public key cryptography about " locking ", " unblock " and " normal ", basis after SCE deciphering Relevant information executes locking, unblock or normal operating.
Function of the scheme 3 of Fig. 1 by the function of SCE with SAM_A becomes one, no matter in terms of security and convenience It is all optimal implementation.The existing service terminal interface that can connect client host (computer) of current SAM_A, has again Radio-frequency module interface, its ideal were that to connect radio frequency chip be exactly that a complete identity card reads equipment originally.Unfortunately due to Radio frequency chip interface and the diversity of communications protocol, and lack necessary ancillary control function, add can only use limited Business command operation radio frequency chip so that all in addition use MCU as main control chip in practical application, SAM_A is fallen low into simple Security module role.Its function simply can be summarised as:(1) legitimacy (internal authentication) of authenticating identity card;(2) The legitimacy (external authentication) of authentication idses SAM_A, opens the reading authority of identity card chip file after certification;(3) Identity card chip file is carried out to the computing of similar deciphering, export identity card machine sensible information ID_Data
Certainly, above certification and decrypting process are the use of the dispersion factor dispersion of identity-based card management file and obtain Temporary symmetric key, is completed based on symmetric key algorithm.However, SAM_A is using the static identity card of symmetric key algorithm output Machine sensible information ID_Data, it is clear that far can not meet the security request data of network system.However, SAM_A function and spy Property be specified in public security professional standard GA 467 2013, being directed to multi-party technology and economic interests, revision and upgrade Certainly there is very big difficulty.
Here, we still free thought in the near future, the SAM_A (may rename) after upgrading can support to be similar to The asymmetric encryption of SCE or the function of signature, prevent scheme 1 in hardware view and scheme 2 may be input into puppet on hardware circuit Make the possibility of ID_Data.Further, it is desirable to its showy and not substantial and unhelpful with safety radio frequency mould need not be retained after SAM_A upgrading Block interface, gives MCU process radio-frequency module, completes all security-related function using single face.
It is the SCE exemplary scenario block diagram that is realized with CCM3310S chip shown in Fig. 2, is thin for one of Fig. 1 scheme 1b The embodiment of change.Wherein CCM3310S chip is a safety chip with the close qualification of state of Tianjin Guo Xin company, and it supports Including the asymmetric arithmetic including SM2, RSA, ECC, also the symmetry algorithm such as DES/3DES, AES, SM1, SSF33 is supported, also support The digest algorithms such as SM3, MD5.It also has multiple external interface resources, the custom interface such as including SPI, I2C, UART, USB.
Two UART interface (one of them is switched using I2C interface internal) of CCM3310S chip used in Fig. 2, Connect the UART interface of MCU and SAM_A respectively.By row's pin of welding and row are female back-to-back on a circuit board so as to can Read in equipment with being easily embedded in conventional identity card, the basis for reading equipment hardware circuit is demonstrate,proved in not change of status On, only need to increase a small amount of MCU business order, you can realize being encrypted the identity card machine sensible information ID_Data of SAM_A output Or signature.At the same time it can also completely compatible original identity card read function.
It is the application flow citing of identity card machine sensible information encryption shown in Fig. 3, specifically describes identity card and read equipment (master SAM_A, SCE and MCU to be included), between client host (such as computer or smart mobile phone) and far-end network background system A kind of typical operation flow.Interface scheme is referred to using Fig. 1 scheme 1b, and SCE is between SAM_A and MCU.Practical application system System operation flow is certain to little bit different, but as long as its essence to the encryption of identity card machine sensible information is identical, just still belongs to this The rights protection scope of invention.
We are divided into 4 processes whole application flow, and wherein process 0 is set-up procedure, read for client host Identity card reads the certificate file in equipment (SCE), frequently need not read certificate in practical application, can be in client host Connection identity card is read when reading equipment, naturally it is also possible to be stored in client host, is changed when identity card reads equipment and is read Take.
Process 1 is that client host reads the safe Card Reader of equipment Card Reader feedforward network background system transmission in operation identity card Request, does not require that every time request all uploads SCE certificate, and typically logging in online situation, continuous Card Reader can be without repeating upload SCE certificate, it is only necessary to upload the request of simple and safe Card Reader.This procedure request net background system sending system public key, in order to Ensure that the public key that issues arbitrarily is not used, it is possible to use the SCE public key included in SCE certificate is under after system public key encryption Send out.
Process 2 is that system public key cryptography is handed down to SCE by client host, deciphers acquisition system by SCE using SCE private key In plain text, SCE starts SAM_A Card Reader to public key, and after MCU operation radio-frequency module completes whole Card Reader processes, SAM_A exports ID_ Data obtains En_ID_Data to SCE, SCE using system public key encryption ID_Data and is sent to client host.
Process 3 is that En_ID_Data is uploaded to network system backstage by client host, and network system backstage uses system ID_Data is obtained after private key deciphering En_ID_Data.The shorthand information that identity card can be issued as needed (for example covers part ID card No.) give client host.
Suggestion network system backstage answers client request all to generate system key pair temporarily every time, after interim reservation, use I.e. discardable.Network system backstage can also issue other random or other multidate informations, it is desirable to SCE by these multidate informations with Ciphertext is uploaded to net background system after combining encryption by ID_Data, can compare dynamic letter after background system deciphering Breath, has En_ID_Data preferably ageing.
Except application process ID_Data being encrypted using system public key, SCE is also supported using SCE private key pair ID_ Data carries out the application process of data signature.Its application flow is similar with shown in Fig. 3, will not be described here.Using SCE data label The benefit of name is that client host can be in local parsing ID_Data, it is not necessary to return after the deciphering of net background system.Have the disadvantage Need the method by secondary public key encryption, it is ensured that the really SCE of the SCE public key that SCE is uploaded is produced, rather than client is false Emit.Otherwise client software may generate key pair, and personation SCE public key is uploaded to net background system, using personation private key Digital signature is done to palming off ID_Data.
In actual application system, through SCE and net background system secure interactive cipher key related information, it is right to realize ID_Data is encrypted or the application process signed and method can do necessary adjustment as needed.For example, client host can To send the order (such as 0x300x01) of the reading identity card machine sensible information of SAM_A standard by MCU to SCE, SCE forwards life The identity card machine sensible information ID_Data for receiving SAM_A response to SAM_A is made to be uploaded to client for local solution to MCU, MCU Analysis and display ID card information;While ID_Data is encrypted and (or) signed by SCE, En_ID_Data and (or) ID_ is generated Data_DS, client host can issue reading identity card machine sensible information ciphertext order by MCU to SCE, read En_ID_ Data and (or) ID_Data_DS are uploaded to net background system to client host, then by client host.Sum it up, only Still to belong to for the process of the encryption of identity card machine sensible information or signature with method without substantial improvements compared with the present invention Interest field in the present invention.

Claims (10)

1. identity card reads the safe ciphering unit in equipment and its application process, described safe ciphering unit (Secure Crypto Element, SCE) be single safety chip or a safety chip or module partial function unit, SCE use Read in equipment in identity card, using one or more communication interfaces and identity card read MCU, SAM_A in equipment or other Device is connected, and receives identity card machine sensible information (the abbreviation ID_ of 467 2013 standard SAM_A service terminal interface of GA output Data), ID_Data is encrypted using asymmetric cryptographic algorithm or signs, response output identity card machine sensible information ciphertext (letter Claim En_ID_Data) or ID_Data and its digital signature (abbreviation ID_Data_DS), decipher for background system or verify, it is to avoid Network system identity card reads the potential safety hazard that equipment client is forged or is multiplexed ID_Data.
2. identity card according to claim 1 reads the safe ciphering unit in equipment and its application process, it is characterized in that SCE is read the main control MCU in equipment with identity card and is connected, receive the ID_ from MCU as an independent safety chip Data information, returns En_ID_Data or ID_Data_DS to MCU;SCE can also between SAM_A and MCU respectively with SAM_A Connect with MCU, the business order from MCU is received, Added Business order is processed, the original business order of transparent transmission SAM_A, reception come From the ID_Data of SAM_A, generate En_ID_Data or ID_Data and ID_Data_DS and return to MCU.
3. identity card according to claim 1 reads the safe ciphering unit in equipment and its application process, it is characterized in that SCE reads the part of functions unit of the safe main control MCU of equipment as identity card, and safe main control MCU is marked in accordance with GA 467 2013 Standard, sends " reading machine-readable Word message and photographic information order " by service terminal interface to SAM_A or " reads machine-readable word letter Breath, photographic information and finger print information order ", the ID_Data encryption returned by SAM_A service terminal interface obtain En_ID_ Data, or ID_Data_DS, output En_ID_Data or ID_Data and ID_Data_DS information are obtained to ID_Data signature.
4. identity card according to claim 1 reads the safe ciphering unit in equipment and its application process, it is characterized in that Read in equipment in identity card and safe main control MCU is not required the use of, can be using conventional main control MCU, by revising GA 467 2013 Standard causes SCE to become the part of functions unit of SAM_A, realizes SCE function using the existing secure hardware of SAM_A;Or In addition increase safety chip in SAM_A inside modules and SCE function realized, main control MCU sends existing business order to SAM_A, The compatible output ID_Data of SAM_A, using SAM_A Added Business order, SAM_A can then export En_ID_Data or ID_ Data and ID_Data_DS information.
5. identity card according to claim 1 reads the safe ciphering unit in equipment and its application process, its feature bag SCE is included using asymmetric cryptographic algorithm (the close SM2 algorithm of such as state), defeated to 467 2013 standard SAM_A service terminal interface of GA The ID_Data for going out carries out data encryption, and process includes:Background system generates asymmetric arithmetic key pair, public including background system Key and background system private key, sending system public key is to SCE, SCE using system public key to ID_Data encryption generation in a suitable manner Identity card machine sensible information ciphertext (abbreviation En_ID_Data) uploads background system, and background system deciphers En_ID_ using system private key Data obtains ID_Data.
6. identity card according to claim 1 reads the safe ciphering unit in equipment and its application process, its feature bag SCE is included using asymmetric cryptographic algorithm (the close SM2 algorithm of such as state), defeated to 467 2013 standard SAM_A service terminal interface of GA The ID_Data for going out carries out data signature, and process includes:SCE generates asymmetric arithmetic key pair, private including SCE public key and SCE Key, is uploaded SCE public key in a suitable manner to background system, is signed using SCE private key pair ID_Data and generate ID_Data_DS, with ID_Data uploads background system together, and background system is using obtaining ID_Data after SCE public key verifications ID_Data_DS.
7. the identity card according to claim 5 or 6 reads the safe ciphering unit in equipment and its application process, its feature Also include:Though the public key interacted between SCE and background system can be with plaintext transmission, in order to avoid client software palms off SCE The system public key that public key or retention background system are issued, it is proposed that sender is using ciphertext after the public key encryption own public key of recipient Recipient is transferred to, recipient obtains sender's public key using own private key in plain text after deciphering;For encrypting to ID_Data or signing Name key to can continuously using, periodically or non-periodically change, but in order to avoid client be multiplexed En_ID_Data or ID_ Data_DS, it is proposed that Card Reader all generates key pair temporarily by background system or SCE every time, public key cryptography is sent to other side, is used for SCE is encrypted to ID_Data or background system is verified to ID_Data_DS;Background system can also issue random or dynamic to SCE Information, by being encrypted again or signing after SCE and ID_Data information combination, is further ensured that En_ID_Data or ID_Data_ DS has not reusable ageing;In order to prevent client use " illegal " hardware personation SAM_A provide forgery ID_Data to SCE deciphering or sign, background system can add in the dynamic public key cryptography for be handed down to SCE about " locking ", " unblock " and The status indicator category information of " normal ", by the SCE function locking of suspicious client.
8. identity card according to claim 7 reads the safe ciphering unit in equipment and its application process, and its feature is also Including:In SCE, suggestion uses asymmetric arithmetic, the close SM2 asymmetric arithmetic of such as state, naturally it is also possible to asymmetric using other Algorithm, such as RSA or ECC algorithm;Symmetric key algorithm can also be used in theory, or consulted using asymmetric arithmetic interim Symmetric key, for the sake of key management conveniently, and ID_Data data length is less, and asymmetric encryption efficiency is enough, it is not recommended that Using symmetric key algorithm;SCE is encrypted to summary after can making an abstract to ID_Data again or is signed, but due to ID_Data number According to length less, directly ID_Data can be encrypted or sign;SCE can support to demonstrate,prove with CA used in IC-card or USB Key Book class function, by, in CA center issued certificate write SCE certificate file, during network application, background system can read, Checking and renewal SCE certificate.
9. the identity card according to the claims reads the safe ciphering unit in equipment and its application process, its feature It is to limit to for the data safety for overcoming current identity card reading equipment only to can guarantee that local authentication Card Reader based on SAM_A, by SCE Data Security Control opening to network system user (such as mobile operator), meet network system backstage to uncontrolled Client be authenticated the Data Security Control of Card Reader;The SCE integrated with SAM_A can be first done just by public security management department Beginningization is issued, then does personalized distribution by network system user;For save resources and raising efficiency, integrated SCE function SAM_A module, it is proposed that its whole safety service function is passed through its service terminal interactive interfacing, cancels and is unprofitable to improve data peace Full radio-frequency module interface.
10. the safe ciphering unit in the identity card equipment according to the claims and its application process, is characterized in that SCE can be the product form such as chip, module, COB circuit board, used in multiple identity cards read equipment, both include desk-top Desk device, also includes handheld device, self contained facility and other universal or special equipment.
CN201610935187.3A 2016-11-01 2016-11-01 Identity card reads the safe ciphering unit in equipment and its application process Pending CN106487796A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610935187.3A CN106487796A (en) 2016-11-01 2016-11-01 Identity card reads the safe ciphering unit in equipment and its application process

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610935187.3A CN106487796A (en) 2016-11-01 2016-11-01 Identity card reads the safe ciphering unit in equipment and its application process

Publications (1)

Publication Number Publication Date
CN106487796A true CN106487796A (en) 2017-03-08

Family

ID=58271370

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610935187.3A Pending CN106487796A (en) 2016-11-01 2016-11-01 Identity card reads the safe ciphering unit in equipment and its application process

Country Status (1)

Country Link
CN (1) CN106487796A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106980807A (en) * 2017-03-30 2017-07-25 李燎原 A kind of identity card safety applications system
CN108200094A (en) * 2018-02-09 2018-06-22 大庆英辰创新科技有限公司 A kind of secure communication device, method and system of gas meter, flow meter

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101004782A (en) * 2006-01-17 2007-07-25 公安部第一研究所 Intelligent interface of identity card reader
CN201100893Y (en) * 2007-03-28 2008-08-13 阿里巴巴公司 Handling machine
CN101656748A (en) * 2009-09-07 2010-02-24 上海亚卡商贸有限公司 Second-generation ID card online inquiry system and method based on secure network
KR20100099895A (en) * 2009-03-04 2010-09-15 삼성테크윈 주식회사 Method for encryption communication in radio frequency identification
CN101923654A (en) * 2009-06-09 2010-12-22 上海坤锐电子科技有限公司 Ultrahigh frequency reader-writer suitable for remote security control by different users
WO2011161160A3 (en) * 2010-06-23 2012-05-03 Kambiz Sharif Device and method for the secure recording and consulting of contextualised data
CN105117745A (en) * 2015-04-28 2015-12-02 李明 Information processing apparatus and system

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101004782A (en) * 2006-01-17 2007-07-25 公安部第一研究所 Intelligent interface of identity card reader
CN201100893Y (en) * 2007-03-28 2008-08-13 阿里巴巴公司 Handling machine
KR20100099895A (en) * 2009-03-04 2010-09-15 삼성테크윈 주식회사 Method for encryption communication in radio frequency identification
CN101923654A (en) * 2009-06-09 2010-12-22 上海坤锐电子科技有限公司 Ultrahigh frequency reader-writer suitable for remote security control by different users
CN101656748A (en) * 2009-09-07 2010-02-24 上海亚卡商贸有限公司 Second-generation ID card online inquiry system and method based on secure network
WO2011161160A3 (en) * 2010-06-23 2012-05-03 Kambiz Sharif Device and method for the secure recording and consulting of contextualised data
CN105117745A (en) * 2015-04-28 2015-12-02 李明 Information processing apparatus and system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106980807A (en) * 2017-03-30 2017-07-25 李燎原 A kind of identity card safety applications system
CN106980807B (en) * 2017-03-30 2021-12-21 李燎原 Identity card safety application system
CN108200094A (en) * 2018-02-09 2018-06-22 大庆英辰创新科技有限公司 A kind of secure communication device, method and system of gas meter, flow meter
CN108200094B (en) * 2018-02-09 2023-12-05 上海英辰信息技术有限公司 Safety communication device, method and system of gas meter

Similar Documents

Publication Publication Date Title
US10516538B2 (en) System and method for digitally signing documents using biometric data in a blockchain or PKI
CN103546289B (en) USB (universal serial bus) Key based secure data transmission method and system
CN100533459C (en) Data safety reading method and safety storage apparatus thereof
CN106953732B (en) Key management system and method for chip card
CN101483654A (en) Method and system for implementing authentication and data safe transmission
CN106067205B (en) A kind of gate inhibition's method for authenticating and device
CN104424446A (en) Safety verification and transmission method and system
KR102009863B1 (en) System for entrance security and method using the same
CN106060073B (en) Channel key machinery of consultation
CN111970114B (en) File encryption method, system, server and storage medium
CN106789024A (en) A kind of remote de-locking method, device and system
CN109889669A (en) A kind of unlocked by mobile telephone method and system based on secure cryptographic algorithm
CN109903052A (en) A kind of block chain endorsement method and mobile device
CN106372516B (en) A kind of encryption Hub device realized based on M-PHY interface
CN113761488A (en) Content network copyright tracing encryption system and encryption method
CN104735020A (en) Method, device and system for acquiring sensitive data
CN106295372B (en) A kind of encryption Hub device realized based on EMMC interface
CN101415185A (en) Mobile terminal, method and system for keeping secret of platform-striding information
CN106487796A (en) Identity card reads the safe ciphering unit in equipment and its application process
CN103916237B (en) Method and system for managing user encrypted-key retrieval
US10764260B2 (en) Distributed processing of a product on the basis of centrally encrypted stored data
US11463251B2 (en) Method for secure management of secrets in a hierarchical multi-tenant environment
CN206907059U (en) China second-generation identity card reads encryption system
CN103514540B (en) A kind of excellent shield service implementation method and system
US20110081016A1 (en) Secure data communication using elliptic curve cryptology

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170308

RJ01 Rejection of invention patent application after publication