Disclosure of Invention
In view of the above, it is desirable to provide an authentication system, an authentication method, a tag chip, a computer device, and a storage medium for a tag chip that can improve security of RFID tag authentication.
An authentication system of a tag chip, comprising: a tag chip and a reader;
the tag chip is used for acquiring authentication data to be encrypted from a radio frequency front-end circuit, acquiring a secret key and security configuration information which are sent by the reader-writer based on an EPC protocol and generated based on a national encryption algorithm, generating a preset random number based on the secret key and the security configuration information, and encrypting the authentication data according to the national encryption algorithm and the preset random number;
the reader-writer is used for acquiring encrypted authentication data sent by the tag chip and carrying out bidirectional authentication on the tag chip based on the EPC protocol and the authentication data.
In one of the embodiments of the present invention,
the reader-writer is further configured to send a state switching instruction to the tag chip before authentication, so as to switch the tag chip from an idle state to a singulation state.
In one of the embodiments of the present invention,
the reader-writer is further configured to read a tag identification code of the tag chip based on an EPC protocol, and disperse the tag identification code according to a key of the reader-writer and the cryptographic algorithm to obtain a key of the tag chip.
In one of the embodiments of the present invention,
the radio frequency front-end circuit is used for generating a clock signal, generating a reset signal and/or modulating or demodulating a baseband signal.
In one of the embodiments of the present invention,
the reader is further configured to send a locking instruction to the tag chip based on the EPC protocol after the key and the security configuration information are written into the tag chip based on the EPC protocol, so as to lock the key and the security configuration information of the tag chip.
In one of the embodiments of the present invention,
and the reader-writer is further configured to send a data processing instruction to the tag chip based on the EPC protocol if the bidirectional authentication passes, so as to process data of a protected area in the tag chip.
An authentication method of a tag chip, applied to the tag chip, the method comprising:
acquiring authentication data to be encrypted from a radio frequency front-end circuit;
acquiring a secret key and security configuration information generated based on a cryptographic algorithm and sent by a reader-writer based on an EPC protocol;
and generating a preset random number based on the secret key and the security configuration information, encrypting the authentication data according to the cryptographic algorithm and the preset random number, and sending the authentication data to a corresponding reader-writer, wherein the reader-writer is used for performing bidirectional authentication on the tag chip based on an EPC protocol and the encrypted authentication data.
A tag chip, comprising: the system comprises a radio frequency front-end circuit module, an EPC protocol processing module, a memory module, a security control module and a cryptographic algorithm module;
the radio frequency front-end circuit module is used for converting radio frequency signals sent by the reader-writer into authentication data to be encrypted;
the EPC protocol processing module is used for acquiring authentication data to be encrypted from the radio frequency front-end circuit;
the memory module is used for storing a secret key and security configuration information which are sent by the reader-writer based on an EPC protocol and generated based on a cryptographic algorithm;
the security control module is used for acquiring the secret key and the security configuration information stored by the memory module and transmitting the secret key and the security configuration information to the cryptographic algorithm module;
the national encryption algorithm module is used for generating a preset random number based on the secret key and the security configuration information, encrypting the authentication data according to the national encryption algorithm and the preset random number, sending the authentication data to the reader-writer through the EPC protocol processing module, and the reader-writer is used for carrying out bidirectional authentication on the tag chip based on the EPC protocol and the encrypted authentication data.
A computer device comprising a memory storing a computer program and a processor implementing the steps of the method described above when the processor executes the computer program.
A computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the method described above.
The authentication system, the authentication method, the tag chip, the computer equipment and the storage medium of the tag chip are characterized in that authentication data to be encrypted are obtained through the tag chip, a preset random number is generated according to a secret key and security configuration information which are sent by a reader-writer based on an EPC protocol and are generated based on a cryptographic algorithm, the authentication data are encrypted according to the cryptographic algorithm and the random number, the encrypted authentication data sent by the tag chip can be obtained through the reader-writer, and bidirectional authentication and authentication are performed on the tag chip based on the EPC protocol and the encrypted authentication data. Compared with the traditional authentication mode through passwords, the scheme reads and encrypts authentication data through the tag chip by utilizing an EPC protocol and a national encryption algorithm, acquires the encrypted authentication data through the reader-writer and performs bidirectional authentication, so that safety authentication between the tag chip and the reader-writer can be realized, and the safety of RFID tag authentication is improved.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
In one embodiment, as shown in fig. 1, there is provided an authentication system of a tag chip, which may be implemented by providing two devices, and in particular, the system may include: tag chip 102 and reader/writer 104. The tag chip 102 and the reader 104 may be located at different positions in the authentication system of the tag chip, the number of tag chips 102 may be set according to practical situations, and functions of the tag chip 102 and the reader 104 may not be limited to the functions described in the specification, that is, the tag chip 102 and the reader 104 may be used to implement other functions. The authentication system of the tag chip may include the following specific contents:
the tag chip 102 is used for acquiring authentication data to be encrypted from the radio frequency front-end circuit, acquiring a secret key and security configuration information which are sent by the reader-writer based on an EPC protocol and generated based on a national encryption algorithm, generating a preset random number based on the secret key and the security configuration information, and encrypting the authentication data according to the national encryption algorithm and the preset random number;
the tag chip 102 may be an EPC protocol tag chip conforming to the national secret standard, and the instructions supported by the tag chip 102 are mandatory or optional instructions of the EPC protocol, which may implement data communication based on RFID technology. The rf front-end circuit may be the part between the antenna and the if or baseband circuit in a communication system, in which section signals may be transmitted in rf form, for a wireless receiver, the rf front-end typically includes: the device comprises an amplifier, a filter, a frequency converter and a plurality of radio frequency connection and matching circuits; the radio frequency front-end circuit may also include antenna switches, diplexers, low noise amplifiers, and the like. The radio frequency front-end circuit can comprise a transmitting path and a receiving path, the devices of the transmitting path can comprise a power amplifier, a filter and the like, the devices of the receiving path can comprise a low-noise amplifier, a filter and the like, and the indexes of gain, sensitivity, radio frequency receiving bandwidth and the like are included, so that the purpose of ensuring that useful radio frequency signals can be picked up from space completely without distortion and transmitted to the circuits of frequency conversion, intermediate frequency amplification and the like of the subsequent stage is achieved. Specifically, the radio frequency front-end circuit may be responsible for conversion of radio frequency signal energy, generation of clock and reset signals, modulation and demodulation of baseband signals, a receiving path in the radio frequency signal may be used for receiving related data information sent by the reader-writer 104, and a transmitting path in the radio frequency signal may be used for sending related data information to the reader-writer 104, so as to implement data transmission and information exchange between the tag chip 102 and the reader-writer 104, and communication between the tag chip 102 and the reader-writer 104 may include the authentication data. The authentication data acquired by the tag chip 102 may be data to be encrypted, where the authentication data may be authentication data to be encrypted generated by the tag chip 102, where the authentication data may be related data for bidirectional authentication with the reader/writer 104 after being encrypted, where the authentication data may include the preset random number, so as to increase security of the authentication data.
In addition, in one embodiment, the radio frequency front end circuit may be further configured to generate a clock signal, generate a reset signal, and modulate or demodulate a baseband signal. Wherein the clock signal may be a signal for ensuring synchronous operation of components in the tag chip 102; the reset signal may be when the program runs or jumps during the operation of the tag chip 102, and the process of sending the reset signal to a specific interface of the tag chip 102 to enable the operation of the software to be restored to the operation of a specific program segment may be called resetting; the baseband signal modulation may be a process of converting a very low frequency spectrum component unsuitable for direct transmission in a channel into a high frequency signal having a frequency band suitable for channel transmission, and the demodulation may be a process of recovering an original baseband signal from a parametric variation of the modulated signal. Through the embodiment, the tag chip 102 can perform functions of clock, reset, modulation, demodulation, and the like through the radio frequency front-end circuit, so that the information transmission efficiency of the tag chip 102 in the authentication process can be improved.
The EPC protocol can be an ISO/IEC 18000-6C protocol, namely an ultrahigh frequency band communication protocol, and has the advantages of mature and complete protocol, complete functions, international universality and the like compared with other ultrahigh frequency band communication protocols, and the early version of the EPC protocol mainly emphasizes the identification function of an RFID tag and only has the password protection function in the aspect of data protection. With the widespread use of RFID technology, data security has been increasingly emphasized, and the latest version of EPC protocol has also increased security functions based on cryptographic algorithms as an option. The tag chip 102 and the reader 104 may implement the authentication and data transmission process through a variety of EPC-based protocol instructions. The national cipher algorithm can be a national commercial cipher standard, and in order to ensure the security of commercial ciphers, a series of cipher standards including SM1, SM2, SM3, SM4, SM7, SM9, and Zuichong cipher algorithms are established by a national commercial cipher management office. Wherein the ciphers of SM1, SM4, SM7, and ancestor are symmetric algorithms; SM2, SM9 are asymmetric algorithms; SM3 is a hash algorithm. The key may be a key that is sent by the reader/writer 104 based on EPC protocol and generated according to the cryptographic algorithm, and the key may be used to implement bidirectional authentication between the tag chip 102 and the reader/writer 104, and the security configuration information may be security configuration information that is sent by the reader/writer 104 based on the EPC protocol.
The tag chip 102 may obtain authentication data to be encrypted from the radio frequency front end circuit, and obtain a key and security configuration information sent by the reader 104 based on EPC protocol, where the key may be a key generated by the reader 104 based on the above-mentioned cryptographic algorithm, the tag chip 102 may generate a preset random number based on the key and security configuration information, and then may encrypt the above-mentioned authentication data by using the cryptographic algorithm and the above-mentioned random number, to obtain encrypted authentication data, where the encrypted authentication data may include the above-mentioned preset random number, and send to the reader 104.
The reader/writer 104 is configured to obtain encrypted authentication data sent by the tag chip 102, and perform bidirectional authentication on the tag chip 102 based on EPC protocol and authentication data.
The reader/writer 104 may be a device capable of reading and writing data from/to the tag chip 102, and performs mutual authentication with the tag chip 102 before reading and writing data from/to the tag chip 102. The authentication data may be encrypted authentication data sent by the tag chip 102, where the encrypted authentication data may be data that is sent by the tag chip 102 to the reader/writer 104 through a radio frequency front end circuit and may be used for bidirectional authentication between the reader/writer 104 and the tag chip 102, and specifically, the reader/writer 104 may perform bidirectional authentication on the tag chip 102 based on the received encrypted authentication data by using a preset authentication instruction in EPC protocol.
According to the embodiment, the tag chip obtains the authentication data to be encrypted, then generates the preset random number according to the key and the security configuration information which are sent by the reader-writer based on the EPC protocol and generated based on the cryptographic algorithm, encrypts the authentication data according to the cryptographic algorithm and the random number, and can also obtain the encrypted authentication data sent by the tag chip through the reader-writer, and performs bidirectional authentication on the tag chip based on the EPC protocol and the encrypted authentication data. Compared with the traditional authentication mode through passwords, the scheme reads and encrypts authentication data through the tag chip by utilizing an EPC protocol and a national encryption algorithm, acquires the encrypted authentication data through the reader-writer and performs bidirectional authentication, so that safety authentication between the tag chip and the reader-writer can be realized, and the safety of RFID tag authentication is improved.
In one embodiment, the reader/writer 104 is further configured to send a state switching instruction to the tag chip 102 to switch the tag chip 102 from the idle state to the singulated state prior to authentication.
In this embodiment, the tag chip 102 may include two different states, i.e., an idle state and a single state, where the idle state may be a state when the tag chip 102 does not need to perform bidirectional authentication with the reader-writer 104 or data transmission; the singulation state may be a state in which the tag chip 102 is located when the tag chip 102 needs to perform bidirectional authentication or data transmission with the reader/writer 104. Specifically, the reader/writer 104 may switch the tag chip 102 from the idle state to the singulated state through a multi-tag anti-collision algorithm, which is mainly classified into three types: aloha-based algorithms, also known as randomness algorithms; tree-based algorithms, also known as deterministic algorithms; hybrid algorithms, an algorithm that combines Aloha-based algorithms with tree-based algorithms. In the antenna action range of the reader 104 of the RFID application system, there are often multiple tags at the same time, when the reader sends out a query command, the multiple tag chips 102 are often caused to respond simultaneously, and these response messages collide on a shared wireless channel, so that the response signals are difficult to be recognized by the reader 104, and thus the multiple tag chips 102 collide, and in order to complete the recognition of all the tag chips 102, the reader 104 should distinguish the collided tags and then communicate with them one by one, and the algorithm used by the reader 104 to complete these tasks may be referred to as a multiple tag collision avoidance algorithm.
Through the embodiment, the reader-writer 104 can convert the tag chip 102 from the idle state to the singulation state during authentication, so that recognition collision among a plurality of tag chips 102 can be avoided, and authentication efficiency of the tag chip 102 and the reader-writer 104 is improved.
In one embodiment, the reader/writer 104 is further configured to read the tag identification code of the tag chip 102 based on EPC protocol, and disperse the tag identification code according to the key of the reader/writer 104 and the cryptographic algorithm to obtain the key of the tag chip 102.
In this embodiment, the tag identification code may be an identification code for identifying the identity of the tag chip 102, and may also be referred to as a TID code. The key may be the key of the reader/writer 104 itself, and the key of the reader/writer 104 may be used to generate the key of the tag chip 102. Specifically, the EPC protocol may include a plurality of instructions, and when the tag chip 102 is in a singulated state, the reader 104 may Read the TID code of the tag chip 102 using a Read instruction specified by the EPC protocol, and may apply its own secret key, and obtain the secret key of the tag chip 102 in a scattered manner by the cryptographic algorithm, for example, the cryptographic SM4 algorithm. The SM4 algorithm can be a grouping algorithm for wireless local area network products, the grouping length of the algorithm is 128 bits, the key length is 128 bits, the encryption algorithm and the key expansion algorithm both adopt a 32-round nonlinear iteration structure, the decryption algorithm is identical to the encryption algorithm, the use sequence of round keys is reverse, and the decryption round keys are the reverse sequence of the encryption round keys. The algorithm adopts a nonlinear iteration structure, each iteration is given by a round function, the round function is formed by compounding nonlinear transformation and linear transformation, the nonlinear transformation is given by an S box, rki is a round key, and the synthetic permutation T forms the round function.
Through the embodiment, the reader 104 can generate the key required by the tag chip 102 through the EPC protocol and the cryptographic algorithm, so that the key meets the requirements of the cryptographic algorithm, and the authentication security between the tag chip 102 and the reader 104 is improved.
In one embodiment, the reader/writer 104 is further configured to send a lock instruction to the tag chip 102 based on the EPC protocol to lock the key and the security configuration information of the tag chip after writing the key and the security configuration information to the tag chip 102 based on the EPC protocol.
In this embodiment, the reader/writer 104 may write the key of the tag chip 102 and the security configuration information into the tag chip 102 based on the related instruction in the EPC protocol, and may also lock these information into the tag chip 102. Specifically, as shown in fig. 2, fig. 2 is a schematic flow chart of a step of obtaining a key by the reader in one embodiment. The reader/writer 104 may switch the tag chip from the idle state to the singulation state by using the multi-tag anti-collision algorithm, then may Read the TID code in the tag chip 102 by using a Read instruction specified by EPC protocol, and may obtain the key of the tag chip 102 by dispersing the key of the reader/writer 104 and the national secret SM4 algorithm, the reader/writer 104 may Write the key of the tag chip 102 into the memory unit of the tag chip by using a Write instruction specified by EPC protocol, may Write the security configuration information into the memory unit of the tag chip 102 by using a Write instruction specified by EPC protocol, and finally, the reader/writer 104 may Lock the key and the security configuration information stored in the tag chip 102 by using a Lock instruction specified by EPC protocol.
Through the embodiment, the reader 104 can lock and store the secret key and the security configuration information conforming to the national encryption algorithm into the tag chip 102 through the instruction of the EPC protocol, thereby improving the security of the authentication between the tag chip 102 and the reader 104.
In one embodiment, the reader/writer 104 is further configured to send a data processing instruction to the tag chip based on EPC protocol to process the data of the protected area in the tag chip 102 if the bidirectional authentication is passed.
In this embodiment, the authentication by the mutual authentication may be that when the reader/writer 104 passes the authentication of the encrypted authentication data acquired from the tag chip 102, the tag chip 102 and the reader/writer 104 may be considered to pass the mutual authentication, and when the reader/writer 104 and the tag chip 102 pass the mutual authentication, the reader/writer 104 may process the data of the protected area in the tag chip 102 based on the EPC protocol. Specifically, as shown in fig. 3, fig. 3 is a schematic flow chart of the reader authentication step in one embodiment. The reader-writer 104 may switch the tag chip 102 from the idle state to the singulation state through the multi-tag anti-collision algorithm, then use the Read instruction specified by the EPC protocol to Read the TID code in the tag chip, that is, the tag identification code, and apply the key of the reader-writer 104 itself, and disperse to obtain the key of the tag chip 102 according to the national secret SM4 algorithm, then the reader-writer 104 may use the key and use the authentication instruction specified by the EPC protocol to perform bidirectional authentication with the tag chip 102 in conformity with the national secret specification, after the bidirectional authentication is passed, the reader-writer 104 may obtain the Read-Write authority of the tag chip 102, and may use the Read and Write instructions specified by the EPC protocol to perform the Read-Write operation on the protected data area in the tag chip 102.
Through the embodiment, the reader-writer 104 can perform read-write operation on the data in the tag chip 102 after passing the bidirectional authentication based on the cryptographic algorithm, thereby improving the data security of the tag chip 102.
The authentication method of the tag chip can be applied to a system shown in fig. 1.
In one embodiment, as shown in fig. 4, a method for authenticating a tag chip is provided, and the method is applied to the tag chip in fig. 1, and is described by taking as an example, the method includes the following steps:
step S202, obtaining authentication data to be encrypted from a radio frequency front-end circuit.
The radio frequency front end circuit may be a part between an antenna and an intermediate frequency or baseband circuit in a communication system, in which a signal may be transmitted in a radio frequency form, and for a radio receiver, the radio frequency front end generally includes: the device comprises an amplifier, a filter, a frequency converter and a plurality of radio frequency connection and matching circuits; the radio frequency front-end circuit may also include antenna switches, diplexers, low noise amplifiers, and the like. The radio frequency front-end circuit can comprise a transmitting path and a receiving path, the devices of the transmitting path can comprise a power amplifier, a filter and the like, the devices of the receiving path can comprise a low-noise amplifier, a filter and the like, and the indexes of gain, sensitivity, radio frequency receiving bandwidth and the like are included, so that the purpose of ensuring that useful radio frequency signals can be picked up from space completely without distortion and transmitted to the circuits of frequency conversion, intermediate frequency amplification and the like of the subsequent stage is achieved. Specifically, the radio frequency front-end circuit may be responsible for conversion of radio frequency signal energy, generation of clock and reset signals, modulation and demodulation of baseband signals, a receiving path in the radio frequency signal may be used for receiving related data information sent by the reader-writer 104, and a transmitting path in the radio frequency signal may be used for sending related data information to the reader-writer 104, so as to implement data transmission and information exchange between the tag chip 102 and the reader-writer 104, and communication between the tag chip 102 and the reader-writer 104 may include the authentication data. The authentication data acquired by the tag chip 102 may be authentication data to be encrypted.
In step S204, the key and the security configuration information generated based on the cryptographic algorithm and transmitted by the reader/writer 104 based on the EPC protocol are acquired.
The EPC protocol can be an ISO/IEC 18000-6C protocol, namely an ultrahigh frequency band communication protocol, and has the advantages of mature and perfect protocol, complete functions, international universality and the like compared with other ultrahigh frequency band communication protocols, and the early version of the EPC protocol mainly emphasizes the identification function of an RFID tag and only has the password protection function in the aspect of data protection. With the widespread use of RFID technology, data security has been increasingly emphasized, and the latest version of EPC protocol has also increased security functions based on cryptographic algorithms as an option. The tag chip 102 and the reader 104 may implement the authentication and data transmission process through a variety of EPC-based protocol instructions. The national cipher algorithm can be a national commercial cipher standard, and in order to ensure the security of commercial ciphers, a series of cipher standards including SM1, SM2, SM3, SM4, SM7, SM9, and Zuichong cipher algorithms are established by a national commercial cipher management office. Wherein the ciphers of SM1, SM4, SM7, and ancestor are symmetric algorithms; SM2, SM9 are asymmetric algorithms; SM3 is a hash algorithm. The key may be a key that is sent by the reader/writer 104 based on EPC protocol and generated according to the cryptographic algorithm, and the key may be used to implement bidirectional authentication between the tag chip 102 and the reader/writer 104, and the security configuration information may be security configuration information that is sent by the reader/writer 104 based on the EPC protocol. The reader/writer 104 may Write the key and the security configuration information to the tag chip 102 by a Write instruction of EPC protocol.
Step S206, generating a preset random number based on the secret key and the security configuration information, encrypting the authentication data according to the national encryption algorithm and the preset random number, and sending the encrypted authentication data to the corresponding reader-writer 104, wherein the reader-writer 104 is used for performing bidirectional authentication on the tag chip based on the EPC protocol and the encrypted authentication data.
The tag chip 102 may obtain authentication data to be encrypted from the radio frequency front end circuit, and obtain a key and security configuration information sent by the reader 104 based on EPC protocol, where the key may be a key generated by the reader 104 based on the above-mentioned cryptographic algorithm, the tag chip 102 may generate a preset random number based on the key and security configuration information, and then may encrypt the above-mentioned authentication data by using the cryptographic algorithm and the above-mentioned random number, to obtain encrypted authentication data, where the encrypted authentication data may include the above-mentioned preset random number, and send to the reader 104. The reader/writer 104 may be a device capable of reading and writing data from/to the tag chip 102, and performs mutual authentication with the tag chip 102 before reading and writing data from/to the tag chip 102. The reader 104 may perform bidirectional authentication on the tag chip 102 based on the received encrypted authentication data by using a preset authentication instruction in EPC protocol.
In the authentication method of the tag chip, authentication data to be encrypted is obtained through the tag chip, then a preset random number is generated according to a secret key and security configuration information which are sent by a reader-writer based on an EPC protocol and are generated based on a cryptographic algorithm, the authentication data are encrypted according to the cryptographic algorithm and the random number, the encrypted authentication data sent by the tag chip can be obtained through the reader-writer, and bidirectional authentication is performed on the tag chip based on the EPC protocol and the encrypted authentication data. Compared with the traditional authentication mode through passwords, the scheme reads and encrypts authentication data through the tag chip by utilizing an EPC protocol and a national encryption algorithm, acquires the encrypted authentication data through the reader-writer and performs bidirectional authentication, so that safety authentication between the tag chip and the reader-writer can be realized, and the safety of RFID tag authentication is improved.
It should be understood that, although the steps in the flowcharts of fig. 2-4 are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least a portion of the steps of fig. 2-4 may include multiple steps or stages that are not necessarily performed at the same time, but may be performed at different times, nor does the order in which the steps or stages are performed necessarily occur sequentially, but may be performed alternately or alternately with at least a portion of the steps or stages in other steps or other steps.
In one embodiment, as shown in fig. 5, there is provided a tag chip including: a radio frequency front end circuit module 502, an EPC protocol processing module 504, a memory module 506, a security control module 508, and a cryptographic algorithm module 510, wherein:
the rf front-end circuit module 502 is configured to convert an rf signal sent by the reader-writer into authentication data to be encrypted.
The EPC protocol processing module 504 is configured to obtain authentication data to be encrypted from the radio frequency front end circuit.
A memory module 506, configured to store a key and security configuration information generated based on a cryptographic algorithm and sent by the reader/writer 104 based on EPC protocol.
The security control module 508 is configured to obtain the key and the security configuration information stored by the memory module 506 and transmit the key and the security configuration information to the cryptographic algorithm module 510.
The cryptographic algorithm module 510 is configured to generate a preset random number based on the key and the security configuration information, encrypt the authentication data according to the cryptographic algorithm and the preset random number, and send the encrypted authentication data to the reader-writer 104 through the EPC protocol processing module, where the reader-writer 104 is configured to perform bidirectional authentication on the tag chip 102 based on the EPC protocol and the encrypted authentication data.
In one embodiment, the rf front-end circuit module 502 may be further configured to generate a clock signal, and/or generate a reset signal, and/or modulate or demodulate a baseband signal.
In one embodiment, the EPC protocol processing module 504 may also be configured to parse, process, and return data from EPC protocol commands of the reader/writer 104.
In one embodiment, the security control module 508 is specifically configured to read the key in the memory module 506 and transmit the key to the cryptographic algorithm module 510, generate a random number, convert the original instruction data generated by the EPC protocol processing module into plaintext or ciphertext input of the cryptographic algorithm module 510, and convert ciphertext or plaintext output of the cryptographic algorithm module 510 into return data required by the EPC protocol processing module 504.
In one embodiment, the cryptographic algorithm module 510 is further configured to use the key to perform a plaintext and ciphertext interconversion.
For specific limitations of the tag chip, reference may be made to the above limitations of the authentication method for the tag chip, and no further description is given here. Each of the modules in the tag chip described above may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or independent of the processor in the tag chip, or may be stored in software in the memory of the tag chip, so that the processor may call and execute the operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a processor of a tag chip, and the internal structure of which may be as shown in fig. 6. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is for storing authentication data. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program, when executed by a processor, implements a method of authenticating a tag chip.
It will be appreciated by those skilled in the art that the structure shown in fig. 6 is merely a block diagram of some of the structures associated with the present application and is not limiting of the computer device to which the present application may be applied, and that a particular computer device may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided that includes a memory in which a computer program is stored and a processor that implements the tag chip authentication method described above when the computer program is executed.
In one embodiment, a computer readable storage medium is provided, on which a computer program is stored, which when executed by a processor implements the above-described method of authenticating a tag chip.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, or the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples merely represent a few embodiments of the present application, which are described in more detail and are not to be construed as limiting the scope of the invention. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application is to be determined by the claims appended hereto.