JP2005258968A - Validity verification method of data written in ic card, and program for ic card - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a validity verification method of data, in which an IC card issuance system verifies the validity of the data written in an IC card. <P>SOLUTION: The IC card transmits an authentication code "_C", calculated based on all the pieces of data written in a memory to a request from the IC card issuing system (S130). The IC card issuing system calculates an authentication code "_P", using the same operational expression as the IC card, based on all the pieces of written data transmitted to the IC card (S140). The IC card issuing system verifies the validity of the data written in the IC card by comparing the authentication code "_C" with the authentication code "_P" (S150). <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention relates to an IC card in which a semiconductor integrated circuit (hereinafter referred to as an IC chip) is embedded in a credit card-sized plastic card and a program mounted on the IC card. It relates to the technology to be verified.

  An IC card is a card that embeds an IC chip in a credit card-sized plastic card and records data in the memory of the IC chip. In recent years, IC cards have been widely applied to cash cards, credit cards, electronic money, and the like.

  Initial data (in some cases, a program) is written into the memory of the IC chip during the IC card issuance process. If incorrect data or illegal data is written in the memory, troubles occur during operation. To prevent incorrect data or illegal data from being written, it is sent to the IC card during IC card issuance processing. In many cases, an authentication code called MAC (Message Authentication Code) is added to write data.

The MAC is a value that is calculated from a function fx () with data to be written to the IC card as an argument and uniquely corresponds to the data to be written. A cryptographic function or a hash function is used as the function fx (). When the IC card receives the write data with the MAC added, the IC card uses the received write data as an argument to calculate the MAC inside the IC card using the same function fx () as that used to generate the MAC, and The MAC added to the write data is compared with the MAC calculated inside the IC card. If the MAC values match, it is determined that the received write data can be trusted, and the IC card writes the received write data to the memory. Patent Document 1 relating to another application discloses a method in which data can be more securely written to an IC card by adding two different MACs to one write data.
Japanese National Patent Publication No. 11-506560

  The data size of data written to the IC card issuing process is usually several kilobytes to several tens of kilobytes, although it varies depending on the type of application. Since there is a limit to the data size that can be received by the IC card at one time, the IC card cannot receive data having a large data size as described above. When writing data with a data size ranging from several kilobytes to several tens of kilobytes, it is divided into data with a data size smaller than the data size (hereinafter referred to as data blocks), and a plurality of data blocks are transmitted to the IC card. As a result, data having a large data size is written into the memory of the IC card.

  However, in the above-described conventional technology, the IC card can verify the received write data using the MAC, but the side that transmits the write data to the IC card checks the validity of the data written to the IC card. There was a problem that could not be verified.

  For example, when data having a large data size is divided into a plurality of data blocks and transmitted to an IC card, a MAC is added each time the data block is transmitted, and the IC card receives the received data if the MAC is correct. Write the block to memory. For this reason, even if one data block is missing (meaning that the IC card does not receive) among a plurality of data blocks transmitted to the IC card, the side that transmits the write data to the IC card is There was a problem that it was not possible to confirm the lack of.

  In view of the above problems, the present invention enables an external device that transmits write data to an IC card such as an IC card issuing system to verify the validity of the data written to the IC card and An object of the present invention is to provide an IC card write data verification method capable of detecting data tampering.

  In order to solve the above-mentioned problem, a first problem solving means is a method for verifying the validity of data written in an IC card, and an authentication code request command for requesting an authentication code of write data transmitted from an external device Transmitting from the external device to the IC card, calculating a first authentication code based on the data written in the memory by the IC card, and transmitting the first authentication code to the external device; Comprising a step of calculating a second authentication code based on write data transmitted from the external device to the IC card, and a step of comparing the first authentication code and the second authentication code by the external device. This is a method for verifying the validity of data written on a characteristic IC card.

  According to the first problem solving means, the first authentication code based on the data written in the IC card by the external device is acquired from the IC card, and the second authentication code based on the write data transmitted to the IC card; By comparing, the external device can verify the validity of the data written in the IC card. For example, if the data block is lost, the first authentication code and the second authentication code do not match. You can know that it is not.

  Further, the second problem solving means is the data validity verification method according to the first problem solving means, wherein the authentication code request command is a final command for writing data to the IC card. This is a method for verifying the validity of the data written in the. According to the second problem solving means, by making the authentication code request command the final command for writing data, the external device sends a special command to the IC card in order to obtain the first authentication code. There is no need to send.

  Further, a third problem solving means is an IC card program mounted on an IC card, the step of receiving an authentication code request command transmitted from an external device, and an authentication code based on the data written in the memory. An IC card program comprising at least a procedure for sequentially executing a step of calculating and a step of transmitting the authentication code to the external device. By mounting the IC card program of the third problem solving means on the IC card, the first problem solving means and the second problem solving means can be realized.

  The fourth problem solving means is the IC card program according to the third problem solving means, wherein the authentication code request command is a final command for writing data to the IC card. By implementing the IC card program of the fourth problem solving means, the second problem solving means can be realized.

  As described above, if the method for verifying the validity of the data written in the IC card of the present invention and the IC card program are used, the external device can obtain the first authentication code acquired from the IC card and the external device. The validity of the data written in the IC card can be verified from the second authentication code to be calculated. The ability of the external device to verify the validity of the data written to the IC card can not only detect the aforementioned missing data block, but also detect falsification of the write data transmitted to the IC card.

[First embodiment of the present invention]
An embodiment in which the present invention is applied to a process of issuing an application mounted on an IC card, that is, a process of writing initial data used by an application to a memory included in an IC chip will be described in detail below with reference to the drawings. To do. First, each of the issuing system and application will be described, then the procedure of the method of verifying the validity of the data written to the IC card during the issuing process will be described, and the IC card program required for the method of verifying validity will be described. The operation procedure will be described.

<Description of issuing system and application>
FIG. 1 is a schematic diagram of an IC card issuing system 100. The IC card issuing system 100 is an external device that performs data communication with the IC card 200 and writes data to a rewritable memory of the IC card 200. The IC card issuing system 100 includes a storage device 110 that stores data to be written to the IC card 200, and an APDU generation device that generates an APDU (APDU: Application Protocol Data Unit) to be transmitted to the IC card 200 from the data to be written to the IC card 200. 120 and at least a reader / writer 130 that performs data communication with the IC card 200 to read / write data.

  FIG. 2 is a configuration diagram of the IC chip 210 embedded in the IC card 200. The IC chip 210 includes a central processing unit 211 (CPU: Central Processing Unit, hereinafter referred to as CPU) having a calculation function and a function for controlling devices included in the IC chip 210, and a read-only memory 212 (RO: Read Only Memory). EEPROM 213 (EEPROM: abbreviation of Electrically Erasable Programmable Read-Only Memory), volatile memory as random access memory 214 (RAM: Random Access Memory, hereinafter referred to as RAM), and reader At least an I / O circuit 215 for data communication with the writer 130 is provided. The present invention does not limit the specifications of the IC chip 210 at all, and the IC chip 210 having specifications suitable for the application of the IC card 200 can be selected. For example, the capacities of the ROM 212 and the EEPROM 213 are not limited, and the rewritable memory may be a memory other than the EEPROM such as a ferroelectric memory or a flash memory. The IC chip 210 may include other devices (not shown) such as a circuit for generating a random number and a cryptographic operation circuit.

  FIG. 3 is a diagram showing the structure of a data write command APDU generated by the APDU generation device 120 and a response APDU corresponding to the command. Here, the data write command is a command that the IC card issuing system 100 transmits to the IC card 200 in order to write predetermined data in the EEPROM. The response APDU is a response that the IC card 200 returns to the IC card issuing system after the IC card 200 receives and processes the data write command.

  FIG. 3A is an explanatory diagram of the data write command APDU 300. The data write APDU 300 includes a command code 301, a command parameter 302, and a data field 303. The CPU 211 identifies the processing content (data writing processing in the present embodiment) from the command code 301, and determines detailed execution conditions from the command parameter 302. Data written to the EEPROM 213 is stored in the data field 303.

  FIG. 3B is an explanatory diagram of the response APDU 310. The response APDU 310 includes response data 311 and a response code 312. The response data 311 is data that the IC card 200 transmits to the IC card issuing system 100. If there is no data to be transmitted, the response data 311 may be omitted. The response code 312 is a code indicating success / failure of the data writing process, and the IC card issuing system 100 can recognize from the response code 312 that the data transmitted by the data writing command APDU has been normally written.

  FIG. 4 is a diagram for explaining an application 400 mounted on the IC card. The application 400 includes an application code 410 describing an instruction for the CPU 211 and application data 420 used by the application code 410.

  The application code 410 includes at least a code for executing a process of writing data into the EEPROM 213, and the IC card program of the present invention is also included in the application code 410. The application code 410 is normally mounted on a rewritable memory in the case of a multi-application IC card, and is mounted on a ROM in the case of a dedicated IC card (Native IC card). Since the method of verifying the validity of the data written in the IC card according to the present invention is realized by a program mounted on the IC card, the type of the memory on which the application code 310 is mounted is not limited as long as the program can be executed.

  The application data 420 is data used by the application code 410 and is different for each IC card. In both the multi-application IC card and the dedicated IC card, the application data 420 is recorded in a rewritable memory (EEPROM 213 in this embodiment). The data size of the application data 420 varies depending on the type of the application 400, but ranges from several kilobytes to several tens of kilobytes.

  When the application 400 receives the data write command APDU from the external device (IC card issuing system 100), the application code 410 interprets the command code included in the received data write command APDU, and performs processing (data) corresponding to the command code. Write process). Since the I / O circuit 215 included in the IC chip 210 cannot receive data of several kilobytes at a time (for example, an electronic certificate), when writing large data to the EEPROM 213 during the issuance process The IC card issuing system 100 divides data having a large data size into data (data blocks) that can be received by the I / O circuit 215 at a time, and transmits the data to the IC card 200 in a plurality of data write commands APDU.

  When issuing using the IC card issuing system provided by the IC card manufacturer or IC card issuing company, it is unlikely that the command APDU transmitted to the IC card will be lost, but the IC card is issued via the Internet. In this case, the command APDU transmitted to the IC card may be lost. Here, “missing command APDU” means that the IC chip does not receive at least one command APDU of command APDUs transmitted in plural. If data is written to the IC card with the command APDU missing, the IC card malfunctions during operation.

  Therefore, the present invention has an object of enabling the IC card issuing system to detect an abnormality such as a missing command APDU described above by verifying the validity of data written to the IC card by the IC card issuing system 100. .

<Detailed description of application issuance procedure>
From here, the issue verification process of the application 400, that is, the process of writing the application data 420 to the EEPROM 213 is taken as an example, and the method of verifying the validity of the data written in the IC card of the present invention will be described in detail with reference to the drawings. FIG. 5 is a diagram showing an operation procedure of a method for verifying the validity of data written to an IC card, and FIG. 6 is a supplementary explanation of the operation procedure of the method for verifying the validity of data written to an IC card. FIG.

  FIG. 6A is a diagram showing a state before an application issuance process. As shown in FIG. 6A, application data 421 is stored in the storage device 110 included in the IC card issuing system 100, and the application data 421 is divided into five data blocks 422 from data block 1 to data block 5. Each data block 422 is transmitted to the IC card 200. In the EEPROM 213 included in the IC chip 210, an application data area 423, which is an area where application data 421 is written, is set, and no data is written in the application data area 423.

  The first step (S100) of the data validity verification method of the present invention is a step in which the APDU generation device 120 generates a data write command APDU. One data block 422 is stored in the data field of one data write command APDU and transmitted to the IC card 200. When the data block to be transmitted to the IC card 200 is the last block, a data write command APDU indicating that the data block to be transmitted is the last data block is transmitted. For example, in FIG. 3, when the data block to be transmitted is not the final data block, the command parameter 302 is set to “00h” (h means hexadecimal notation), and when the data block to be transmitted is the final data block, the command The parameter 302 is set to “80h”. The IC card 200 determines from the command parameter 302 included in the received data write command APDU 300 that the transmitted data block is the final block.

  The next step (S110) is a step in which the IC card issuing system 100 transmits the data write command APDU generated in step S100 to the IC card 200. After transmitting the generated data write command APDU, the IC card issuing system 100 receives a response APDU corresponding to the data write command APDU from the IC card 200.

  The next step (S120) is a step in which the IC card issuing system 100 confirms that the final data block has been transmitted. If the final data block has been transmitted, the process proceeds to step S130. If the final data block has not been transmitted, the process returns to step S100. The IC card issuing system 100 can transmit all the data blocks 422 to the IC card 200 by repeating the steps from step S100 to step S120. FIG. 6B is a diagram after all five data blocks 422 are written in the application data area 423.

  The next step (S130) is a step in which the IC card issuing system 100 transmits an authentication code request command to the IC card 200. When the IC card 200 receives the authentication code request command, the IC card 200 calculates an authentication code_C that is the first authentication code from the five data blocks written in the application data area 423. The function fx () used for the calculation of the authentication code _C may be any function fx () as long as the function fx () whose value is uniquely determined using the written data as an argument. As the function fx () for calculating the authentication code, an encryption function such as DES (DES: Data Encryption Standard), an addition function, or a hash function may be used. When the IC card 200 calculates the authentication code _C using a predetermined function fx (), the calculated authentication code _C is transmitted to the IC card issuing system 100, and the IC card issuing system 100 receives the authentication code _C calculated by the IC card 200. obtain.

  FIG. 6C is a diagram for explaining the calculation of the authentication code _C. The IC card 200 calculates the IC card authentication code_C500 from the function fx () using all the five data blocks written in the application data area 423 as arguments. That is, the authentication code_C500 is the value of fx (data block 1, data block 2, data block 3, data block 4, data block 5). The calculated authentication code_C500 is transmitted to the IC card issuing system.

  In the next step (S140), the authentication code _P, which is the second authentication code, is calculated from all data blocks transmitted to the IC card 200 by the IC card issuing system 100 using the same function fx () as the IC card 200. It is a step.

  In the next step (S150), the IC card issuing system compares the authentication code_C received from the IC card 200 in step S130 with the authentication code_P calculated in step S140.

  FIG. 6D is a diagram for explaining the validity verification of the data written in the IC card by the IC card issuing system 100 using the authentication code_P. The IC card issuing system 100 calculates the authentication code_P501 of the IC card issuing system 100 from the function fx () using all the five data blocks transmitted to the IC card as arguments. The calculated authentication code_P501 is compared with the authentication code_C500. If the respective authentication codes match, it can be determined that all data has been normally written in the IC card 200, and if they do not match, it can be determined that the data written in the IC card 200 is abnormal. For example, when the IC card 200 cannot receive the data block 3 in FIG. 6, the authentication code _C calculated by the IC card 200 is the value of fx (data block 1, data block 2, data block 4, data block 5). Thus, since the value is different from the authentication code _P501 calculated by the IC card issuing system 100, the IC card issuing system 100 knows that there is an abnormality in the data written in the IC card 200. After executing the processing of step S150, the data validity verification method of the present invention ends.

<Operation procedure of program mounted on IC card>
Next, the operation procedure of the program mounted on the IC card 200 will be described with reference to the drawings. FIG. 7 is a flowchart of the operation procedure of the program. As described above, this program is included in the application code 410.

  The first step (S200) is a step in which the IC card 200 receives the data write command APDU. When the data write command APDU is received, a command code, a command parameter, and a data block 422 to be written in the application data area 423 are extracted from the data write command APDU.

  The next step (S210) is a step of executing a process indicated by the command code, that is, a data write process. At least the application code 410 has an address to start writing data, and after writing the data block 422 to the application data area 423, the address to start writing the data is updated.

  The next step (S220) is a step of transmitting a response APDU to the data write command APDU. The response code of the response APDU includes a code indicating normal end / abnormal end of the data writing process.

  The next step (S230) is a step of confirming whether the data write command APDU received in step S200 is the data write command of the last data block. The confirmation is determined from the command parameter 302 included in the received data write command APDU. If it is the last data block, the process proceeds to S240, and if it is not the last data block, the process returns to step S200. The application code 310 can receive a plurality of data blocks and write all the application data 421 in the application data area 423 by repeating steps S200 to S230.

  The next step (S240) is a step of receiving an authentication code request command.

  The next step (S250) is a step of calculating the authentication code_C and returning a response APDU storing the calculated authentication code_C in the response data to the IC card issuing system 100. The calculation of the authentication code _C has already been described above. After executing step S250, the processing of the IC card program of the present invention is terminated.

  As described above, if the method of verifying the validity of the data written in the IC card of the present invention and the IC card program are used, the authentication code _C acquired from the IC card and the authentication calculated by the IC card issuing system are used. From the code _P, it is clear that the IC card issuing system 100 can verify the validity of the data written in the IC card.

[Second and third embodiments]
From here, explanation is added about other embodiment other than 1st Embodiment described so far.

  In the second embodiment, when the received data write command APDU is a command for writing the final data block, the IC card 200 automatically calculates the authentication code _C after writing the final data block to the EEPROM. The embodiment is characterized in that the calculated authentication code_C is stored in response data of a response APDU and transmitted. In the second embodiment, the IC card issuing system 100 can obtain the authentication code_C from the IC card 200 without transmitting the authentication code request command to the IC card.

  FIG. 8 shows the procedure of the data validity verification method of the second embodiment, and FIG. 9 shows the procedure of the IC card program of the second embodiment. In FIG. 8, step S130 of FIG. 5 is changed to step S131. That is, in FIG. 5, the IC card issuing system 100 transmits an authentication code request command to the IC card 200 in order to obtain the authentication code_C. In FIG. The authentication code _C is acquired from the response APDU to the command APDU.

  Further, the first step S201 and the next step S211 of the IC card program shown in FIG. 9 are the same processes as steps S200 and 210 in FIG. 7, respectively. The next step S221 is a step of confirming whether the data block written in the application data area 423 is the last data block. If it is not the final data block, the process proceeds to step S231, a response APDU is transmitted, and then the process returns to step S201. If it is the last data block, the process proceeds to step S241. In step S241, an authentication code_C is calculated, and a response APDU including the authentication code_C calculated in step S251 subsequent to step S241 is transmitted.

  The third embodiment is an embodiment in which a MAC is added to the data write command APDU. FIG. 10 is a diagram showing an operation procedure of the IC card program when the MAC is added to the data write command APDU. In FIG. 10, step S202 is added in addition to FIG. In step S202, the data block included in the data field of the data write command APDU received in step S200 is collated with the MAC. If the MAC is correct, the process proceeds to step S210. If the MAC is not correct, the data write process is terminated. In the MAC calculation, the same function as the authentication code may be used, or a different function may be used. In the description of the third embodiment, the procedure of the method for verifying the validity of the data written in the IC card is omitted, but from the description of the first embodiment and the description of the third embodiment. The procedure of the data validity verification method of the third embodiment will be readily apparent.

  In addition, in the embodiment described so far, the embodiment in which application data is written in the EEPROM has been described. However, the present invention can also be applied to the issuing process in which the multi-application OS writes the application in the EEPROM. In this case, the IC card program described so far is incorporated not in the application code but in the multi-application OS.

Explanatory drawing of an IC card issue system. IC chip structure diagram. Explanatory drawing of command APDU and response APDU. Structure diagram of the application. The figure which showed the operation | movement procedure of the data correctness verification method of 1st Embodiment. The figure for supplementing description of the data validity verification method of 1st Embodiment. The figure which showed the operation | movement procedure of the program for IC cards of 1st Embodiment. The figure which showed the operation | movement procedure of the data validity verification method of 2nd Embodiment. The figure which showed the operation | movement procedure of the program for IC cards of 2nd Embodiment. The figure which showed the operation | movement procedure of the program for IC cards of 3rd Embodiment.

Explanation of symbols

100 IC card issuing system 200 IC card 210 IC chip 300 Command APDU
310 Response APDU
400 Application 410 Application code 420 Application data 422 Data block 423 Application data area in EEPROM

Claims (4)

Transmitting an authentication code request command for requesting an authentication code of write data transmitted from the external device from the external device to the IC card;
Calculating a first authentication code based on the data written in the memory by the IC card, and transmitting the first authentication code to the external device;
Comprising a step of calculating a second authentication code based on write data transmitted from the external device to the IC card, and a step of comparing the first authentication code and the second authentication code by the external device. A method for verifying the validity of data written on a characteristic IC card. In the data validity verification method according to claim 1,
The method for verifying the validity of data written to an IC card, wherein the authentication code request command is a final command for writing data to the IC card. An IC card program mounted on an IC card,
Receiving an authentication code request command transmitted from an external device;
Calculating an authentication code based on the data written to the memory;
An IC card program, comprising at least a procedure for sequentially executing the steps of transmitting the authentication code to the external device. The IC card program according to claim 3,
The IC card program, wherein the authentication code request command is a final command for writing data to the IC card.

Images