CN100565562C - Electronic label safety identification method - Google Patents

Electronic label safety identification method Download PDF

Info

Publication number
CN100565562C
CN100565562C CNB2007101758505A CN200710175850A CN100565562C CN 100565562 C CN100565562 C CN 100565562C CN B2007101758505 A CNB2007101758505 A CN B2007101758505A CN 200710175850 A CN200710175850 A CN 200710175850A CN 100565562 C CN100565562 C CN 100565562C
Authority
CN
China
Prior art keywords
electronic label
circuit
safety
authentication
registration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2007101758505A
Other languages
Chinese (zh)
Other versions
CN101136073A (en
Inventor
须清
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Paragon Technology Co Ltd
Original Assignee
Beijing Paragon Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Paragon Technology Co Ltd filed Critical Beijing Paragon Technology Co Ltd
Priority to CNB2007101758505A priority Critical patent/CN100565562C/en
Publication of CN101136073A publication Critical patent/CN101136073A/en
Application granted granted Critical
Publication of CN100565562C publication Critical patent/CN100565562C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The present invention proposes a kind of electronic label safety identification method of innovation, the RFID electronic tag is designed to two kinds of work-based logics of unregistered circuit logic and registered circuit logic, rfid system is designed to comprise the registration subsystem authentication subsystem of unifying constitutes RFID security certification system structure.Safety electronic label needs through safety certification could pass through authentication after the system registry; The unregistered circuit logic of safety electronic label and the variation of registered circuit logic are unidirectional, and promptly never the registration circuit logic is changed to registered circuit logic, and can not be changed to unregistered circuit logic from registered circuit logic.Solve electronic tag by bootlegging and by the problem of wrong authentication, especially in, guarantee the security of authentication and the particular importance that can not copying property becomes such as applied environments such as E-Passport and e-passport authentication system, state secret facility Personnel Authentication Identification Systems.

Description

Electronic label safety identification method
Technical field
The present invention relates to the method for communication security between RFID electronic tag, rfid system and a kind of RFID of raising label and the rfid interrogator, be particularly related to two kinds of work-based logics that the RFID electronic tag are designed to unregistered circuit logic and registered circuit logic, rfid system be designed to comprise the registration subsystem authentication subsystem of unifying constitute RFID security certification system structure.Belong to electronic label technology field and field of information security technology.
Background technology
RFID is the abbreviation because of English radio frequency identification, be called radio-frequency (RF) Reader, or radio-frequency (RF) tag or radio electronic label or wireless electronic tag, usually also abbreviate electronic tag as, adopt radiofrequency signal to realize the automatic identification of article, the RFID technology is widely used, and needs the information security ability that provides higher in a lot of the application.
RFID is the microelectronic circuit chip that has radio-frequency antenna, is divided into active rfid and passive type RFID.Active rfid provides working power from charged pool, but because the influence of factors such as cost, size, life-span, its range of application is less, and the relatively inexpensive and small size of passive type RFID can be used for identifying various article, and range of application is wider.RFID is storage one given data usually, as is used to identify the identification information of the represented article of RFID.Passive type RFID is activated by the radio-frequency antenna signal and working power is provided, in case after activating, can and read and write data information stored by radio-frequency antenna transceive data information.
Usually rfid system comprises a rfid interrogator (or card reader or reader or interrogator) and RFID electronic tag.Rfid interrogator receives the data of sending from the RFID electronic tag by radio frequency, then data is sent to background system and handles.Rfid interrogator comprises a radio-frequency (RF) transceiver, and the radiofrequency signal of transmission provides energy to start electronic tag for electronic tag.Rfid interrogator can carry out read operation and write operation to electronic tag.
Illustrate that above passive electronic tag does not need battery.RFID directly provides radio-frequency (RF) energy by radio-frequency (RF) transceiver.The communication distance of rfid system is shorter, as meets the rfid system of ISO-14443 standard, and the communication distance between electronic tag and the read write line is no more than 10 centimetres.
Closely can be regarded as a kind of security feature, but the distance that rfid system is attacked in recent findings is bigger than what expect, has reached 50 meters to the distance of electronic tag communication as attacking rfid interrogator.More detailed report, referring to " the Picking Virtual Pockets using Relay Attacks onContactless Smartcard Systems " that write by Z.Kfir and A.Wool (adopting relay attack contact type intelligent card system to steal virtual wallet), at internetwork address Http:// eprmt.iacr.org/2005/052.pdfCan viewing content.Insert this article in this manual as a reference.
Communication channel that might be by setting up overall safety is to improve security, but will need complete smart card solution, the real smart card of wherein using CPU, RAM, ROM embedded is replaced simple relatively RFID electronic tag, and adopts cryptographic algorithm, but this solution is relatively costly.
Along with the development of electronic tag (RFID) technology, it uses also more and more because electronic tag (RFID) has a lot of advantages for barcode technology, as contain much information, safer, antifouling ability is strong, can once read a plurality of labels etc.But along with development of electronic technology, the design of electronic tag (RFID) and production also become more and more easier, though the address of each electronic tag should be unique, and this address information is easy to be read out, thus still can not get rid of electronic labeling information by bootlegging may.Especially in some exigent fields of information security rank, as fields such as E-Passport, wireless payments, electronic tag (RFID) if information be illegally accessed, will bring very big loss to the electronic tag holder.
People have found out the electronic tag and the cryptographic algorithm of encrypting, and wish to guarantee the safety of electronic tag as electronic identity.Patent document comprises a series of operation technique tracking system divine force that created the universe product and finishes the list of references of item authentication, as is entitled as the European patent 0710934A2 of " Methods and System for Performing Article Authentication "; European patent 0 889 448 A2 that are entitled as " Methods of Preventing Counterfeiting of Articles of Manufacture "; The U.S. Patent No. 5,768,384 that is entitled as " System for Identifying, Authenticating, andTracking Manufactured Article "; The PCT patent No. 00818777.0 that is entitled as " method of authenticating tag ".At the application number that is entitled as " method of authenticating tag " is 00818777.0 to have proposed the method for authenticating tag.But the method for narrating in the list of references of these and other is different with method proposed by the invention.Said method can not solve electronic tag by the problem of bootlegging.
The safety electronic label of mentioning among the present invention is for general electronic tag, the Information Security that provides a new functional characteristic to improve rfid system, and simultaneously corresponding RFID security certification system contains the registration subsystem authentication subsystem of unifying.
Summary of the invention
The present invention proposes a kind of safety electronic label of innovation, wish to solve electronic tag by bootlegging and by the problem of wrong authentication, especially in, how to guarantee the security of authentication and the particular importance that can not copying property becomes such as applied environments such as E-Passport and e-passport authentication system, state secret facility Personnel Authentication Identification Systems.
For achieving the above object, the technical solution adopted for the present invention to solve the technical problems is:
Electronic tag is custom-designed safety electronic label, can be operated under two kinds of logic states, be unregistered duty and registered duty, the duty of two kinds of logics is to repel mutually, just when electronic tag was operated in unregistered duty logic, registered duty logic quit work; When electronic tag was operated in registered duty logic, unregistered duty logic quit work.After electronic tag is registered duty logic from unregistered duty logic transition simultaneously, for safety, it is irreversible can setting this logic state, can only be registered duty logic promptly, but can not be unregistered duty logic from registered duty logic transition from unregistered duty logic transition.Safety electronic label is different from ordinary electronic label part and also is, under unregistered duty logic working state, the unique identification information of safety electronic label is to be made of electronic tag address information and one group of random number, each access security electronic tag, random number all can regenerate, therefore the unregistered safety electronic label of each visit, the random number in the resulting unique identification information partly changes; And under registered duty logic working state, the random number part of safety electronic label is locked as encrypted secret key, generate a random number by the authentication management server in the authentication subsystem, add that by the electronic tag address information this random number constitutes the authentication instruction and sends to safety electronic label then, safety electronic label obtains encrypted result data as the random number of encryption key through cryptographic calculation with the random number received and safety electronic label storage inside, safety electronic label is sent these encrypted result data back in the authentication subsystem authentication management server with the electronic tag address information then, compare the cryptographic calculation results of authentication management server and the result of calculation of safety electronic label by the authentication management server in the authentication subsystem, if it is identical, authentication success, otherwise authentification failure.The selection of cryptographic algorithm is relevant with the design difficulty of safety electronic label and cost, when the cost that requires electronic tag is low, can adopt simple algorithm, as the step-by-step XOR, only need application of logic circuit module seldom can realize a kind of symmetric encipherment algorithm, its shortcoming is that the assailant can infer used algorithm through the analysis of certain hour; Along with development of semiconductor, can increase under certain situation at cost, adopt more complicated cryptographic algorithm, as common employing symmetric encipherment algorithm, as the DES algorithm, DES algorithm full name is Data Encryption Standard, i.e. data encryption algorithm, and it is that IBM Corporation is in research success in 1975 and publish.
System is a kind of safety electronic label Verification System with the pairing RFID authentication registration of the present invention, the process software that comprises registration subsystem system, authentication subsystem, database storing equipment and carry out safety certification.In this system, electronic tag among the present invention has only could be by the authentication of authentication subsystem by registration subsystem system registration electronic tag later, and after in a single day electronic tag succeed in registration, its work-based logic will be forced to switch to registered duty, and irreversiblely go back to unregistered duty.When the electronic tag of imitated same label address is registered, owing to there has been the electronic tag address of this address to exist in the registration subsystem system, can find immediately that this electronic tag is to forge electronic tag, registration can be not successful; Simultaneously because electronic tag is supported cryptographic algorithm; and key generates when registering at random at the registration subsystem system; and be stored in database storing equipment and electronic tag inside; the direct access hardware circuit that is stored in safety electronic label internal key data simultaneously when registration the fuse failure in the fuse protected circuit wherein and irrecoverable forever, thereby guarantee that key information can not come out by the data-interface leakage of information of electronic tag.Because the general database memory device all has stronger information processing capability, can encrypt for key data, and be placed in the foolproof environment, can guarantee the information security of key data.
When electronic tag is operated in authentication logic, the identification number of authentication subsystem elder generation electron gain label, the key information of search electronic tag from database, generate a random number R and then, with the key information and the random number process cryptographic algorithm generation operation result Ra1 of the identification number that obtains, electronic tag.Authentication subsystem sends to electronic tag with Rand, and electronic tag is calculated through same encryption and generated operation result Ra1 ', sends it back authentication subsystem.Authentication subsystem is Ra1 and Ra1 ' relatively, if identical, authentication success then, otherwise can not authenticate.
The design of safety electronic label is divided into two kinds, and a kind of is the passive electronic label that extracts power supply energy from radiofrequency signal, and another kind is the active electronic label that carries supplying cell.
According to above-mentioned design philosophy, the circuit design of safety electronic label of the present invention is described as follows:
A kind of can preventing by the safety electronic label of bootlegging is a kind of custom-designed safety electronic label, can work in two kinds of duties: unregistered duty and registered duty.Security logic treatment circuit and the design of known electronic tag are different, also are core design of the present invention places.
1. electronic label safety identification method comprises:
Safety electronic label, described safety electronic label comprise unregistered circuit logic and registered circuit logic;
The registration subsystem system, described registration subsystem system is the server system that places the information security environment, by electronic label read/write, registration management server and registration management software constitute, safety electronic label in the described registration subsystem system and the electronic label read/write described in the registration subsystem system carry out communication by radio frequency signal, electronic label read/write in the described registration subsystem system is connected to registration management server, described registration management software is installed in the registration management server, move described registration management software, according to register flow path, carry out registration management by the electronic label read/write in the described registration subsystem system for described safety electronic label, with described safety electronic label never the registration circuit logic switch to registered circuit logic;
Authentication subsystem, described authentication subsystem is a kind of server system, by electronic label read/write, authentication management server and authentication management software constitute, electronic label read/write described in described safety electronic label and the authentication subsystem carries out communication by radio frequency signal, electronic label read/write in the described authentication subsystem is connected to the authentication management server, described authentication management software is installed in the authentication management server, move described authentication management software, according to identifying procedure, carry out authentication management for described safety electronic label by the electronic label read/write in the described authentication subsystem;
Database storing equipment, described database storing equipment is the data storage device that places the information security environment, the data of storage comprise the log-on data information and the verify data information of described safety electronic label, be connected with all safe excessively information channels of described registration subsystem, be connected with the information channel of described authentication subsystem by safety;
Under unregistered circuit logic duty, the unique identification information of described safety electronic label is to be made of electronic tag address information and one group of random number, each access security electronic tag, and random number all can regenerate;
Under registered circuit logic duty, the random number part of described safety electronic label is locked as encrypted secret key.
2. safety electronic label carries out wireless telecommunications by electronic label read/write in wireless radio frequency mode and the registration subsystem system and is connected, and electronic label read/write carried out communication by wireless connections or wired connection mode with registration management server and is connected during registration subsystem was united; Described safety electronic label carries out wireless telecommunications by electronic label read/write in wireless radio frequency mode and the authentication subsystem and is connected, and electronic label read/write carries out communication by wireless connections or wired connection mode with the authentication management server and is connected in the authentication subsystem.
3. safety electronic label comprises electronic mark memory circuit, key memory circuit, random number generator circuit, fuse protected logical circuit, cryptographic algorithm logical circuit, data output select circuit, control and treatment logical circuit, radio-frequency antenna circuit,
Described random number generator circuit is connected with the key memory circuit by fuse protected logical circuit, fuse protected logical circuit is not during by fuse protection, the random number that random number generator circuit produces is deposited into the key memory circuit under the control of control and treatment logical circuit, fuse protected logical circuit by fuse protection after, random number generator circuit and key memory circuit physical connection disconnect, the key memory circuit comprises the non-volatile memory body, and the data of its storage no longer change;
The key memory circuit also is connected with the data output select circuit by fuse protected logical circuit simultaneously, fuse protected logical circuit is not during by fuse protection, the key of storing in the key memory circuit can send to the radio-frequency antenna circuit with data by the data output select circuit under the control of control and treatment logical circuit, the fuse of fuse protected logical circuit by fuse protection after, key memory circuit and data output select circuit physical connection disconnect, and the data of storing in the key memory circuit can not re-send to the data output select circuit;
Random number generator circuit also is connected with the data output select circuit, the random number that random number generator circuit generates can be sent to the radio-frequency antenna circuit under the control of control and treatment logical circuit;
The key memory circuit is connected with the cryptographic algorithm logical circuit, key as the cryptographic algorithm logical circuit, the output of cryptographic algorithm logical circuit is connected to the data output select circuit, data can be sent to the radio-frequency antenna circuit under the control of control and treatment logical circuit;
The electronic mark memory circuitry stores unique identification information of electronic tag, be connected with the data output select circuit, under the control of control and treatment logical circuit, data can be sent to the radio-frequency antenna circuit.
4. the safety electronic label initial logic is unregistered circuit logic, and promptly the fuse of described fuse protected logical circuit is in connected state; Described registered circuit logic is meant that the fuse of described fuse protected logical circuit is by the work-based logic after fusing.
5. the processing procedure of carrying out safety certification for safety electronic label comprises the register flow path of safety electronic label and the identifying procedure of safety electronic label; Wherein the register flow path of safety electronic label is a hardware platform with the registration subsystem system, and the identifying procedure of safety electronic label is hardware platform with the authentication subsystem.
6. the register flow path registered at registration subsystem system of safety electronic label comprises following steps:
A) described registration subsystem system sends register instruction to described safety electronic label;
B) described safety electronic label sends to described registration subsystem system with the unique identification information of safety electronic label and the key information of key memory circuitry stores;
C) described registration subsystem system receives the key information of the unique identification information of described safety electronic label and key memory circuitry stores and stores described database storing equipment into;
D) described registration subsystem system sends the accreditation verification instruction to described safety electronic label;
E) fuse of described safety electronic label blow out fuse protection logical circuit.
7. comprise the operational order step and the operational order step of obtaining the unique identification information of electronic tag of carrying out simplification (Singulation) for electronic tag before the above-mentioned step a).
8. comprise that to retrieve described safety electronic label from described database storing equipment be unregistered mistake before the above-mentioned step a), promptly be in unregistered logic.
9. above-mentioned step c) comprises the key information of receiving stored into carries out cryptographic calculation before the described database storing equipment.This cryptographic calculation only is a kind of secured fashion of registration subsystem blanket insurance deposit data, need use corresponding decipherment algorithm to be decrypted when reading canned data.Software decision algorithm by the registration subsystem system.Handle scheduling algorithm as adopting simple data shift.
10. comprise the response message that sends the accreditation verification instruction to the registration subsystem system after the above-mentioned step e), be generally the unique identification information of electronic tag or the unique identification information of electronic tag and add other response message.
11. when described safety electronic label works in unregistered circuit logic, then described random number generator circuit receives that at every turn a register instruction all will generate a new random number and stores in the key memory circuit, the key that makes the key memory circuit is always in random variation, and it is identical with the random number of described random number generator circuit generation, described key memory circuit also is connected with the data output select circuit by fuse protected logical circuit simultaneously, can be correct; When described safety electronic label works in registered circuit logic, then described random number generator circuit and described key memory circuit physical connection disconnect, described key memory circuit and data output select circuit physical connection disconnect simultaneously, make the key of key memory circuit can not follow the variation of the new random number that described random number generator circuit generates and change, and the key that has prevented the key memory circuit is output, and this moment, the output of electronic tag response register instruction in step c) was the unique identification information of safety electronic label and the new random number that random number generator circuit generates.
12. carrying the identifying procedure of authentication subsystem, safety electronic label comprises following steps:
A) described authentication subsystem generates a random number;
B) described authentication subsystem sends authentication instruction and described random number to described safety electronic label;
C) described authentication subsystem of while retrieves key information with the identification information of described safety electronic label from database storing equipment, carries out cryptographic calculation with described random number and obtains result 1;
D) after described safety electronic label receives authentication instruction and described random number, carry out cryptographic calculation with the key that is stored in the key memory circuit with the described random number of receiving and obtain result 2;
E) described safety electronic label sends to described authentication subsystem with result 2 and unique identification information by radiofrequency signal;
F) described authentication subsystem is received result 2 and the unique identification information that described safety electronic label sends, and whether comparative result 1 equate with result 2, if equal then authentication success, if unequal, authentification failure then;
13. comprise the operational order step and the operational order step of obtaining the unique identification information of electronic tag of carrying out simplification (Singulation) for electronic tag before the step a) of identifying procedure.
To retrieve described safety electronic label from described database storing equipment be registered mistake 14. comprise before the step a) of identifying procedure, promptly is in registered logic.
15. other operations that allow owner's operating system of safety electronic label to provide after the step f) of identifying procedure behind the described authentication subsystem authenticate-acknowledge.
16. described safety electronic label works in unregistered circuit logic, then described random number generator circuit receives that at every turn an instruction all will generate a new random number and stores in the key memory circuit, the key that makes the key memory circuit is always in random variation, so the result 2 of cryptographic calculation is always in random variation; When described safety electronic label works in registered circuit logic, then described random number generator circuit and described key memory circuit physical connection disconnect, and the key of key memory circuit is always remained unchanged.
17. safety electronic label needs through safety certification could pass through authentication after the system registry.
18. safety electronic label can be operated in two kinds of duties: unregistered duty and registered duty.
19. the unregistered circuit logic of safety electronic label and the variation of registered circuit logic are unidirectional, promptly never the registration circuit logic is changed to registered circuit logic, and can not be changed to unregistered circuit logic from registered circuit logic.
20. electronic label read/write is to carry out the communication of information by radio frequency signal and safety electronic label, comprises the canned data that reads, writes, revises safety electronic label.
21. registration management server is to be hardware with PC (PC) or computer server, the system of installation and operation operating system (OS), database management language and application software, wherein application software comprises the management software of special disposal safety electronic label registered application at least.
22. the authentication management server is to be hardware with PC (PC) or computer server, the system of installation and operation operating system (OS), database management language and application software, wherein application software comprises the management software of special disposal safety electronic label authentication application at least.
23. the data that database storing equipment is stored comprise address information, the key information of the safety electronic label of having registered at least, the data that described database storing equipment is stored can be managed and visit to described registration management software; Described authentication management software can be visited the data that described database storing equipment is stored.
24. registration management server, authentication management hardware of server platform can adopt a hardware platform, database storing equipment also can substitute with the hard disk of registration management server or authentication management server.
The invention has the beneficial effects as follows: because the safety electronic label that is adopted is by custom-designed, its key data that is used for cryptographic algorithm only just is determined after the accreditation verification carrying out, can guarantee the dynamic generation and the safety of key information, and electronic tag is designed to the work-based logic of unregistered state and the work-based logic under the registered state, unregistered safety electronic label can't guarantee the safety of system by authentication in authentication subsystem.Whole safety electronic label generates random number by authentication subsystem and sends to safety electronic label in carrying out verification process, reads the result through computations then, has avoided the leakage of encryption key in transmission, and is imitated by other people.The safety electronic label of comparing prior art is that tag addresses or information data are transmitted to prevent the technical scheme of leakage of information by encrypting the back, but development along with semiconductor design skill manufacturing technology and reverse engineering technology, copying the electronic tag that has identical tag addresses and cryptographic algorithm is can accomplish fully, therefore can't avoid electronic tag to be replicated, and may illegally be used, bring about great losses for legal electronic tag owner.And adopt safety electronic label of the present invention, and even there is the people can the living electronic tag of bootlegging, if the logic state of duplicating is a unregistered state, owing to had the address of this label in the security certification system, therefore can not be by authentication; If the logic state of duplicating is registered logic state, because the password of former legal safety electronic label generates when registration at random, and in case succeed in registration, this information can outwards not transmit through electronic tag yet, as long as guarantee the database data safety of security certification system, code data just can not leaked, so can't duplicate the password of safety electronic label, therefore the electronic tag of bootlegging also can not pass through authentication, thereby efficiently solves the information security issue that electronic tag is brought by bootlegging.Database data as security certification system is considered to the most secret data usually, as long as there is the safe and secret management system of height to get final product resolution system safety of data problem.
Description of drawings:
Fig. 1 is a kind of system chart of realizing of electronic tag safe authentication system
Fig. 2 constitutes the security certification system synoptic diagram by unify authentication subsystem and safety electronic label of registration subsystem.
Fig. 3 is a kind of realization block diagram of safety electronic label.
Fig. 4 is a kind of realization synoptic diagram of the security logic treatment circuit of safety electronic label.
Fig. 5 is safety electronic label sends identification information to electronic label read/write under unregistered state a schematic flow sheet.
Fig. 6 is the treatment scheme synoptic diagram safety electronic label is received the registration confirmation that electronic label read/write sends under unregistered state after.
Fig. 7 is the treatment scheme synoptic diagram safety electronic label is received the authentication information that electronic label read/write sends under registered state after.
Fig. 8 is the synoptic diagram that carries out information interaction in the registration subsystem system registration security electronic tag process of electronic tag Verification System.
Fig. 9 is the synoptic diagram that carries out information interaction in the authentication subsystem authentication security electronic tag process of electronic tag Verification System.
Embodiment:
Below in conjunction with accompanying drawing structural principle of the present invention and principle of work are elaborated.
Fig. 1 is a kind of system chart of realizing with the electronic tag Verification System in the concrete application of safety electronic label, registration subsystem system 102 and authentication subsystem 104 all are electrically connected with database storing equipment 101, in large scale system is used, usually database storing equipment 101 can be with adopting the hard-disc storage array, registration subsystem system 102 and authentication subsystem 104 generally all adopt server computer external electronic label read/write to constitute hardware platform, operation computer operating system such as Windows or Unix or Linux, and installation and operation electronic labeling information management software: the process software that carries out safety certification.Registration subsystem system 102 can an installation administration registration process software, the process software that authentication subsystem 104 can an installation administration authentication.Carry out information communication between the electronic label read/write of unregistered safety electronic label 103 by radio frequency signal and registration subsystem system 102, carry out information communication between the electronic label read/write of registered safety electronic label 105 by radio frequency signal and authentication subsystem 104.Because used electronic tag is to need custom-designed safety electronic label among the present invention, before its registration and the operation logic after the registration different.
Fig. 2 constitutes the security certification system synoptic diagram by unify authentication subsystem and safety electronic label of registration subsystem.Constitute the registration subsystem system by registration management server 201 and electronic label read/write 202, wherein on the electronic label read/write 202 radio-frequency antenna 203 is arranged, connection 208 between registration management server 201 and the electronic label read/write 202 can be a wired connection, connect as the local area ethernet network, also can adopt wireless connections, as WLAN (WLAN, Wi-Fi, Bluetooth, WIMAX, UWB etc.); With carry out wireless telecommunications between the safety electronic label 205 that electronic label read/write 202 is connected by radiofrequency signal 204, radio-frequency antenna 206 is arranged on safety electronic label 205, when safety electronic label 205 is designed to the passive type electronic tag, radio-frequency antenna 206 also induces the power supply energy of safety electronic label 205 work except transceive data information.Registration management server 201 is connected with database storing equipment 207 by the high-speed data connecting line.For the registration process that guarantees safety electronic label is to carry out in the environment of an information security, avoid information to be attacked, registration management server 201 and electronic label read/write 202, safety electronic label 205, the database storing equipment 207 with the registration subsystem system is placed in the environment 200 with information security usually.As being enough to hold the leakage of faraday's metal mesh shield internal signal of these equipment down with one.And authentication subsystem is usually operated at concrete applied environment, constitute the registration subsystem system by authentication management server 209 and electronic label read/write 210, wherein on the electronic label read/write 210 radio-frequency antenna 211 is arranged, connection 215 between authentication management server 209 and the electronic label read/write 210 can be a wired connection, connect as the local area ethernet network, also can adopt wireless connections, as WLAN (WLAN, Wi-Fi, Bluetooth, WIMAX, UWB etc.); With carry out wireless telecommunications between the safety electronic label 213 that electronic label read/write 210 is connected by radiofrequency signal 212, radio-frequency antenna 214 is arranged on safety electronic label 213, when safety electronic label 213 is designed to the passive type electronic tag, radio-frequency antenna 214 also induces the power supply energy of safety electronic label 213 work except transceive data information.Authentication management server 209 is connected with database storing equipment 207 by the high-speed data connecting line, in order to guarantee the information security of this connection, will increase firewall software usually and be installed in the authentication management server 209.
Fig. 3 is a kind of logical schematic of safety electronic label, with the passive type electronic tag serves as to realize example, antenna coupling is delivered to rectification circuit 302 and signal demodulating circuit and clock extracting circuit 304 with impedance matching circuit 301 respectively by the antenna induction radiofrequency signal, and rectification circuit 302 obtains induction current and induced voltage and carries out the voltage adjustment through feed circuit 303 and close the work that power supply distributes other logical circuits of subtab of powering from radiofrequency signal.Signal demodulating circuit and clock extracting circuit 304 are used for demodulating data message from radiofrequency signal, delivering to data extraction circuit 305 then extracts the command information received from radiofrequency signal and data and delivers to data analysis logic processing circuit 309 and instruct and carry out and data processing, claim also that in existing electronic tag product this partial circuit is control circuit or state machine circuit, ATA5590RFID electronic tag as atmel corp claims that this partial circuit is state machine circuit (Finite State Machines), claims that at the SRF of Infineon company 66V10RFID electronic tag this partial circuit is DLC (digital logic circuit) (Digital Logic).Data analysis logic processing circuit 309 carries out signal analysis, owing to have only several by the signal kinds that radiofrequency signal receives: the identification information that obtains electronic tag, the electronic tag registration confirmation, electronic tag authentication information etc., and also have only several: the electronic tag identification information under the unregistered state by the signal kinds that radiofrequency signal sends, electronic tag identification information under the registered state, wherein the electronic tag identification information under the unregistered state is the additional one group of random number formation of address information of electronic tag, electronic tag identification information under the registered state is the additional enciphered message through computations of the address information of electronic tag, so data analysis logic processing circuit 309 usefulness hardware logic electric circuits can be realized fully, do not need complicated information-processing circuit or processor.Electronic tag home address memory circuit 307 has been stored the unique identification information that distributes for each electronic tag, leaves in usually in the non-volatile read-only memory bank (ROM), can not change.Electronic tag home address memory circuit 307 is electrically connected with data analysis logic processing circuit 309, can control the output of unique identification information.Data storage circuitry 308 is generally the non-volatile memory body, as read-only memory bank of electrically erasable programmable (EEPROM) or flash memory storage body (FLASH Memory).Data storage circuitry 308 is electrically connected with data analysis logic processing circuit 309, can be by the data of radiofrequency signal by rfid interrogator modification or reading of data memory circuit 308.Data analysis logic processing circuit 309 need be undertaken data to deliver to antenna coupling and impedance matching circuit 301 after the modulation treatment for the response of the information of reception by connected signal modulator 306, sends to rfid interrogator by radio-frequency antenna then.Different with the design of general RFID electronic tag is to have increased the security logic treatment circuit 310 that is connected with data analysis logic processing circuit 309, realizes a kind of design of safe electronic tag.Provide a kind of realization of security logic treatment circuit 310 at Fig. 4.
Fig. 4 is a kind of realization synoptic diagram of the security logic treatment circuit of safety electronic label.The key that key memory circuit 401 among the figure, fuse protected logical circuit 402, random number stored logic circuit 403, randomizer logical circuit 404 constitute safety electronic label produces and the protection mechanism circuit.Random number occurrence logic circuit produces new random number under the control of the control signal 411 that data analysis logic processing circuit 309 is exported; store into then in the random number stored logic circuit 403; under fuse protected logical circuit 402 connected states; the random number that produces also stores key memory circuit 401 into; produce new key; if the fuse of fuse protected logical circuit 402 is fused; then fuse protected logical circuit 402 is in the physical connection off-state; random number just can not store in the key memory circuit 401, thereby guarantees in case the back key data that succeeds in registration does not change.The data of cryptographic algorithm logical circuit 406 input comprise from data analysis logic processing circuit 309 provide need ciphered data 407 and from the key data of data selection circuit 405, data selection circuit 405 is selected the source of key under the control of the control signal 411 of data analysis logic processing circuit 309 outputs, security that can enhanced system: when safety electronic label is in registered logic state, if the assailant wonders the key of storage, when sending the authentication instruction, the data of input are not random numbers, but essentially identical data, data analysis logic processing circuit 309 detects this state, show it is under attack, therefore select random number stored logic circuit 403 random numbers to participate in cryptographic calculation with the misdirecting attack person by data selection circuit 405, improve security as key.The output of data selection circuit 405 also is connected with data output select circuit 409 by fuse protected logical circuit 408; when electronic tag is in unregistered state; fuse protected logical circuit 408 is in the physical connection state; the key of key memory circuit 401 storages can be delivered to data analysis logic processing circuit 309 with data by signal wire 410 by data selection circuit 405, fuse protected logical circuit 408 and data output select circuit 409, again data be sent electronic tag by data analysis logic processing circuit 309.But after electronic tag was in registered state, the physical connection of fuse protected logical circuit 408 disconnected, and guaranteed that the key of key memory circuit 401 storages can not revealed away.Simultaneously random number stored logic circuit 403 also has with data output select circuit 409 and is connected, can further improve the security of electronic tag: when safety electronic label is in registered logic state, if the assailant wonders the key of storage, when sending register instruction, data analysis logic processing circuit 309 detects this state, show it is under attack, therefore select random number stored logic circuit 403 random numbers to export with the misdirecting attack person by data output select circuit 409, improve security as key.
When safety electronic label is in unregistered state; if data analysis logic processing circuit 309 is received the electronic tag registration confirmation; data analysis logic processing circuit 309 will send control information and give fuse protected logical circuit 402 and fuse protected logical circuit 408 fusing fuse separately; this moment, random number stored logic circuit 403 was disconnected with the physical connection of key memory circuit 401; the data of key memory circuit 401 storages will remain unchanged; key memory circuit 401 is electrically connected with the physics of data output select circuit 409 and is disconnected simultaneously; the data of key memory circuit 401 storages can not leaked, and therefore the data that key memory circuit 401 can be stored are as the key information of cryptographic algorithm.The control of data analysis logic processing circuit 309 will send in the electronic label read/write with impedance matching circuit 301 and radio-frequency antenna by signal modulator 306 and antenna coupling from the information of electronic tag home address memory circuit 307 down.
When safety electronic label is in registered state, if data analysis logic processing circuit 309 is received the electronic tag authentication information, at first data analysis logic processing circuit 309 extracts the random data information of authentication subsystem generation and delivers to cryptographic algorithm logical circuit 406 from the information that is received, the data of key memory circuit 401 also are sent in the cryptographic algorithm logical circuit 406 by data selection circuit 405 simultaneously, cryptographic algorithm logical circuit 406 is delivered to the result of computations in the data output select circuit 409 then, the data message of cryptographic algorithm logical circuit 406 and together send in the electronic label read/write with impedance matching circuit 301 and radio-frequency antenna by signal modulator 306 and antenna coupling from the information combination of electronic tag home address memory circuit 307 in the future under the control of data analysis logic processing circuit 309.
The algorithm of cryptographic algorithm logical circuit 406 is selected, can be according to cost requirement, when cost requirement is higher, can adopt the algorithm of simple step-by-step XOR to encrypt, the realization logical circuit is easy, when cost is less demanding, can adopt DES algorithm or 3DES (Triple DES) algorithm.Wherein 3DES (being Triple DES) is the cryptographic algorithm (1999 year, NIST be appointed as 3-DES the encryption standard of transition) of DES to the AES transition, is the safer distortion of DES.The novel contact type intelligent card IC-that can release with reference to the independent NXP of the semiconductor company semiconductor that the Philip is founded in the realization of RFID electronic tag about DES algorithm or 3DES (Triple DES) algorithm or RSA Algorithm
Figure C20071017585000181
The realization of the cryptographic algorithm among the DESFire8, the design content of quoting as the present invention.
The logic realization of randomizer logical circuit 404 can be with reference to the realization of the middle randomizer of the ATA5590 electronic tag of atmel corp, the design content of quoting as the present invention.
Fig. 5 is safety electronic label sends identification information to electronic label read/write under unregistered state a schematic flow sheet, after safety electronic label is received the instruction of obtaining identification information 501 that reader sends, judge earlier the current state of safety electronic label: whether electronic tag registered? 502, if registered, then electronic tag can not done any response to reduce the signal interference between the electronic tag, also can enter randomizer as shown and generate random number 507, change over to read to identify and read electronic tag address information 505 steps; If do not register, then enter flow process: randomizer generates random number 503, then this random number is write the non-volatile memory body 504 of stores key information, read sign and read electronic tag address information 505, at last random number and identification information are sent to reader 506 and finish the flow process that sends identification information under the unregistered state to electronic label read/write for being in.Registration subsystem system stores in the database storing body random number of receiving in should the key data field of electronic tag address into.In this flow process, the ordinary electronic of comparing label, in the identification information of electronic tag, except the electronic tag address information, added one group of random number data, before electronic label read/write did not send registration confirmation, the random number in the electronic tag identification information that at every turn obtains all changed.
Fig. 6 is the treatment scheme synoptic diagram safety electronic label is received the registration confirmation that electronic label read/write sends under unregistered state after, after safety electronic label is received the instruction 601 of the registration confirmation that reader sends, judge earlier the current state of safety electronic label: whether electronic tag registered? 602, if registered, then electronic tag can not done any response to reduce the signal interference between the electronic tag; If do not register, then enter flow process: judge that address information is identical with electronic tag? 603, if different, then show the registration confirmation that is not to send to this electronic tag, do not do any response and disturb with the signal that reduces between the electronic tag; If identical, then show it is the registration confirmation that sends to this electronic tag, enter follow-up flow process.Ensuing flow process is the fuse 604 of blow out fuse protection logical circuit; read sign then and read electronic tag address information 605, at last the electronic tag address information is sent to reader 606 with registration response flag information and finish the flow process of carrying out accreditation verification under the unregistered state and sending it back feedforward information to electronic label read/write for being in.
Fig. 7 is the treatment scheme synoptic diagram safety electronic label is received the authentication information that electronic label read/write sends under registered state after, after safety electronic label is received the instruction 701 of the authentication information that reader sends, judge earlier the current state of safety electronic label: whether electronic tag registered? 702, if unregistered mistake, then electronic tag can not done any response to reduce the signal interference between the electronic tag; If registered, then enter the subsequent authentication flow process: extract address information and random number information 703 in the authentication information, do you judge that then address information is identical with electronic tag? 704, if it is different, then show the authentication information that is not to send to this electronic tag, do not do any response and disturb with the signal that reduces between the electronic tag; If identical, then show it is the authentication information that sends to this electronic tag, enter follow-up flow process.Key information with random number, storage carries out cryptographic calculation 705, and the key information here is the random number of electronic tag locking when accreditation verification, and has stored in the database storing body in the registration subsystem system.The reading encrypted operation result 706 then, and read electronic tag address information 707, at last cryptographic calculation result and electronic tag address information are sent to reader 708 and finish for the treatment scheme that is in the electronic tag authentication information of receiving under the registered state that electronic label read/write sends.In this flow process, the ordinary electronic of comparing label, in the identification information of electronic tag, except the electronic tag address information, added one group of random number data, before electronic label read/write did not send registration confirmation, the random number in the electronic tag identification information that at every turn obtains all changed.In specific implementation, the algorithm of cryptographic calculation can adopt step-by-step XOR or DES algorithm, also can adopt other symmetric encipherment algorithm.
Safety electronic label in the present invention relates to the information interaction of safety electronic label and registration subsystem system, also relates to the information interaction of safety electronic label and authentication subsystem.The mutual realization that regards to registration process and verification process down further specifies.
Fig. 8 is the synoptic diagram that carries out information interaction in the registration subsystem system registration security electronic tag process of electronic tag Verification System.In the information interaction of registration subsystem system and safety electronic label, the registration subsystem system sends earlier and reads the instruction of identification information to safety electronic label, safety electronic label return address information and random number, if that returns has only address information (among the figure shown in the dotted line), show that then electronic tag is not an electronic tag available in the native system, registration failure; After the registration subsystem system is received the address information and random number that safety electronic label returns, the registration subsystem system sends registration confirmation and instructs to safety electronic label, return address information responded flag information with registration after safety electronic label was finished location registration process, if that returns has only address information (among the figure shown in the dotted line), show that then electronic tag is not an electronic tag available in the native system, registration failure; The registration subsystem system is received address information and the registration response flag information that safety electronic label returns, and then succeeds in registration.
Fig. 9 is the synoptic diagram that carries out information interaction in the authentication subsystem authentication security electronic tag process of electronic tag Verification System.In the information interaction of authentication subsystem and safety electronic label, authentication subsystem sends earlier and reads the instruction of identification information to safety electronic label, safety electronic label return address information, if what return is address information and random number (among the figure shown in the dotted line), then show not registration of electronic tag, authentification failure; After authentication subsystem is received the address information that safety electronic label returns, authentication subsystem sends the authentication information instruction and random number is given safety electronic label, safety electronic label is finished and is returned cryptographic calculation result and address information after cryptographic calculation is handled, if that returns has only address information (among the figure shown in the dotted line), show that then electronic tag is not an electronic tag available in the native system, authentification failure; Authentication subsystem is received cryptographic calculation result and the address information that safety electronic label returns, and compares the cryptographic calculation result of authentication subsystem calculating and the cryptographic calculation result that electronic tag returns, if equate then authentication success, otherwise authentification failure.
In description of the invention with in realizing, relate to the definition of some information commands, need agreement in advance, comprise instruction, registration confirmation instruction, registration response flag information, the authentication information instruction of reading identification information.In specific implementation, can stipulate like this, arrange complete 00, the full ff of continuous 10 bytes of continuous 10 bytes, continuous 10 bytes 55, the full aa of continuous 10 bytes is as the command information of agreement, the random number that generates in registration subsystem system, authentication subsystem and safety electronic label is if the data of above-mentioned agreement instruction, then need to regenerate to avoid the and instruction information collision, when the production safety electronic tag, the electronic tag address information of curing also needs to avoid these specific data equally.Concrete can stipulate, the full ff of continuous 10 bytes represents the instruction of reading identification information that registration subsystem system or authentication subsystem send, complete 00 registration of returning as safety electronic label of continuous 10 bytes responds flag information, the registration confirmation instruction that 55 expression registration subsystem systems of continuous 10 bytes send, the full aa of continuous 10 bytes represents the authentication information instruction that authentication subsystem sends.

Claims (10)

1. electronic label safety identification method is characterized in that comprising:
Safety electronic label, described safety electronic label comprise unregistered circuit logic and registered circuit logic;
The registration subsystem system, described registration subsystem system is the server system that places the information security environment, by electronic label read/write, registration management server and registration management software constitute, electronic label read/write described in described safety electronic label and the registration subsystem system carries out communication by radio frequency signal, electronic label read/write in the described registration subsystem system is connected to registration management server, described registration management software is installed in the registration management server, move described registration management software, according to register flow path, carry out registration management by the electronic label read/write in the described registration subsystem system for described safety electronic label, with described safety electronic label never the registration circuit logic switch to registered circuit logic;
Authentication subsystem, described authentication subsystem is a kind of server system, by electronic label read/write, authentication management server and authentication management software constitute, electronic label read/write described in described safety electronic label and the authentication subsystem carries out communication by radio frequency signal, electronic label read/write in the described authentication subsystem is connected to the authentication management server, described authentication management software is installed in the authentication management server, move described authentication management software, according to identifying procedure, carry out authentication management for described safety electronic label by the electronic label read/write in the described authentication subsystem;
Database storing equipment, described database storing equipment is the data storage device that places the information security environment, the data of storage comprise the log-on data information and the verify data information of described safety electronic label, be connected with all safe excessively information channels of described registration subsystem, be connected with the information channel of described authentication subsystem by safety;
Described safety electronic label carries out wireless telecommunications by electronic label read/write in wireless radio frequency mode and the registration subsystem system and is connected, and the electronic label read/write during described registration subsystem is united carries out communication by wireless connections or wired connection mode with registration management server and is connected;
Described safety electronic label carries out wireless telecommunications by electronic label read/write in wireless radio frequency mode and the authentication subsystem and is connected, and the electronic label read/write in the described authentication subsystem carries out communication by wireless connections or wired connection mode with the authentication management server and is connected;
Under unregistered circuit logic duty, the unique identification information of described safety electronic label is to be made of electronic tag address information and one group of random number, each access security electronic tag, and random number all can regenerate;
Under registered circuit logic duty, the random number part of described safety electronic label is locked as encrypted secret key.
2. electronic label safety identification method according to claim 1 is characterized in that described safety electronic label comprises electronic mark memory circuit, key memory circuit, random number generator circuit, fuse protected logical circuit, cryptographic algorithm logical circuit, data output select circuit, control and treatment logical circuit, radio-frequency antenna circuit;
Described random number generator circuit is connected with the key memory circuit by fuse protected logical circuit, fuse protected logical circuit is not during by fuse protection, the random number that random number generator circuit produces is deposited into the key memory circuit under the control of control and treatment logical circuit, fuse protected logical circuit by fuse protection after, random number generator circuit and key memory circuit physical connection disconnect, the key memory circuit comprises the non-volatile memory body, and the data of its storage no longer change;
The key memory circuit also is connected with the data output select circuit by fuse protected logical circuit simultaneously, fuse protected logical circuit is not during by fuse protection, the key of storing in the key memory circuit can send to the radio-frequency antenna circuit with data by the data output select circuit under the control of control and treatment logical circuit, the fuse of fuse protected logical circuit by fuse protection after, key memory circuit and data output select circuit physical connection disconnect, and the data of storing in the key memory circuit can not re-send to the data output select circuit;
Random number generator circuit also is connected with the data output select circuit, the random number that random number generator circuit generates can be sent to the radio-frequency antenna circuit under the control of control and treatment logical circuit;
The key memory circuit is connected with the cryptographic algorithm logical circuit, key as the cryptographic algorithm logical circuit, the output of cryptographic algorithm logical circuit is connected to the data output select circuit, data can be sent to the radio-frequency antenna circuit under the control of control and treatment logical circuit;
The electronic mark memory circuitry stores unique identification information of electronic tag, be connected with the data output select circuit, under the control of control and treatment logical circuit, data can be sent to the radio-frequency antenna circuit.
3. electronic label safety identification method according to claim 2 is characterized in that described safety electronic label initial logic is unregistered circuit logic, and promptly the fuse of described fuse protected logical circuit is in connected state; Described registered circuit logic is meant that the fuse of described fuse protected logical circuit is by the work-based logic after fusing.
4. electronic label safety identification method according to claim 1, it is characterized in that described registration management server is is hardware with PC (PC) or computer server, the system of installation and operation operating system (OS), database management language and application software, wherein application software comprises the management software of special disposal safety electronic label registered application at least; Described authentication management server is to be hardware with PC (PC) or computer server, the system of installation and operation operating system (OS), database management language and application software, wherein application software comprises the management software of special disposal safety electronic label authentication application at least; The data that described database storing equipment is stored comprise address information, the key information of the safety electronic label of having registered at least, and the data that described database storing equipment is stored can be managed and visit to described registration management software; Described authentication management software can be visited the data that described database storing equipment is stored.
5. electronic label safety identification method according to claim 1 is characterized in that the processing procedure of carrying out safety certification for safety electronic label comprises the register flow path of safety electronic label and the identifying procedure of safety electronic label; Wherein the register flow path of safety electronic label is a hardware platform with the registration subsystem system, and the identifying procedure of safety electronic label is hardware platform with the authentication subsystem.
6. electronic label safety identification method according to claim 5 is characterized in that described register flow path comprises following steps:
A) described registration subsystem system sends register instruction to described safety electronic label;
B) described safety electronic label sends to described registration subsystem system with the unique identification information of safety electronic label and the key information of key memory circuitry stores;
C) described registration subsystem system receives the key information of the unique identification information of described safety electronic label and key memory circuitry stores and stores described database storing equipment into;
D) described registration subsystem system sends the accreditation verification instruction to described safety electronic label;
E) fuse of described safety electronic label blow out fuse protection logical circuit.
7. electronic label safety identification method according to claim 6 is characterized in that comprising the operational order step and the operational order step of obtaining the unique identification information of electronic tag of carrying out simplification for electronic tag before described step a); Comprised also before step a) that to retrieve described safety electronic label from described database storing equipment be unregistered mistake, promptly be in unregistered logic; Comprise in step c) and to carry out cryptographic calculation before the key information of receiving stored into described database storing equipment; After step e), comprise the response message that sends the accreditation verification instruction to the registration subsystem system, be generally the unique identification information of electronic tag or the unique identification information of electronic tag and add other response message.
8. electronic label safety identification method according to claim 5 is characterized in that described identifying procedure comprises following steps:
A) described authentication subsystem generates a random number;
B) described authentication subsystem sends authentication instruction and described random number to described safety electronic label;
C) described authentication subsystem of while retrieves key information with the identification information of described safety electronic label from database storing equipment, carries out cryptographic calculation with described random number and obtains result 1;
D) after described safety electronic label receives authentication instruction and described random number, carry out cryptographic calculation with the key that is stored in the key memory circuit with the described random number of receiving and obtain result 2;
E) described safety electronic label sends to described authentication subsystem with result 2 and unique identification information by radiofrequency signal;
F) described authentication subsystem is received result 2 and the unique identification information that described safety electronic label sends, and whether comparative result 1 equate with result 2, if equal then authentication success, if unequal, authentification failure then;
9. electronic label safety identification method according to claim 8 is characterized in that comprising the operational order step and the operational order step of obtaining the unique identification information of electronic tag of carrying out simplification for electronic tag before described step a); Comprised also before step a) that to retrieve described safety electronic label from described database storing equipment be registered mistake, promptly be in registered logic; Other operations that after step f), can allow owner's operating system of safety electronic label to provide behind the described authentication subsystem authenticate-acknowledge.
10. according to the described electronic label safety identification method of arbitrary claim in the claim 1 to 9, it is characterized in that the safety electronic label needs through safety certification could pass through authentication after the system registry; The unregistered circuit logic of safety electronic label and the variation of registered circuit logic are unidirectional, and promptly never the registration circuit logic is changed to registered circuit logic, and can not be changed to unregistered circuit logic from registered circuit logic.
CNB2007101758505A 2007-10-15 2007-10-15 Electronic label safety identification method Expired - Fee Related CN100565562C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2007101758505A CN100565562C (en) 2007-10-15 2007-10-15 Electronic label safety identification method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2007101758505A CN100565562C (en) 2007-10-15 2007-10-15 Electronic label safety identification method

Publications (2)

Publication Number Publication Date
CN101136073A CN101136073A (en) 2008-03-05
CN100565562C true CN100565562C (en) 2009-12-02

Family

ID=39160163

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2007101758505A Expired - Fee Related CN100565562C (en) 2007-10-15 2007-10-15 Electronic label safety identification method

Country Status (1)

Country Link
CN (1) CN100565562C (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3120964A1 (en) * 2021-03-18 2022-09-23 Stmicroelectronics (Grenoble 2) Sas Hardware storage of a unique key

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7989322B2 (en) 2007-02-07 2011-08-02 Micron Technology, Inc. Methods of forming transistors
WO2012027898A1 (en) * 2010-09-02 2012-03-08 北京智捷通科技发展有限公司 Method and device for radio frequency identification(rfid) access control
CN101964066B (en) * 2010-09-17 2012-08-22 浙江大学 Method for distributing electronic tag management client in Internet of things
CN101951371B (en) * 2010-09-17 2012-12-26 浙江大学 Method for authenticating electronic tags in Internet of things
KR101080511B1 (en) 2011-08-03 2011-11-04 (주) 아이씨티케이 Integrated circuit chip prevneting leak of identification key and method for certification of the integrated circuit chip
JP2014528195A (en) * 2011-08-16 2014-10-23 アイシーティーケー カンパニー リミテッド Device-to-device security authentication apparatus and method based on PUF in thing intelligent communication
CN104992211B (en) * 2015-07-24 2017-11-21 沈阳工程学院 A kind of RFID system and method for anti-copying
CN105517197A (en) * 2015-12-28 2016-04-20 广西师范大学 Distributed wireless electronic label system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3120964A1 (en) * 2021-03-18 2022-09-23 Stmicroelectronics (Grenoble 2) Sas Hardware storage of a unique key

Also Published As

Publication number Publication date
CN101136073A (en) 2008-03-05

Similar Documents

Publication Publication Date Title
CN100565562C (en) Electronic label safety identification method
KR100931507B1 (en) Communication Data protection Method based on Symmetric Key Encryption in RFID system, AND APPARATUS FOR ENABLING THE METHOD
CN101847199B (en) Security authentication method for radio frequency recognition system
CN101755291B (en) Method, system and trusted service manager for securely transmitting an application to a mobile phone
CN101878492B (en) Trusted service manager managing reports of lost or stolen mobile communication devices
CN100449508C (en) Data communicating apparatus and method for managing memory of data communicating apparatus
EP2297667B1 (en) System of providing a fixed identification of a transponder while keeping privacy and avoiding tracking
US8712053B2 (en) Method and system for security authentication of radio frequency identification
CN104025122A (en) Ic chip for preventing identification key leak and authorization method thereof
CN102090017B (en) Method of authenticating radio tag by radio reader
CN114600121A (en) Radio frequency identification integrated circuit with privacy mode
CN102567697B (en) Reader, RFID label tag and read method thereof
CN102339498A (en) Method of managing electronic devices, such as integrated circuits, with internal generation of a personal authentication key
CN101127093B (en) Electronic tag safe authentication system
WO2006003562A1 (en) Method of choosing one of a multitude of data sets being registered with a device and corresponding device
CN102594550A (en) RFID internal mutual authentication safety protocol based on secret key array
CN104579688B (en) It is a kind of based on Hash function can synchronized update key RFID mutual authentication method
CN102289688A (en) Method and device for label processing and access
CN103235995A (en) Electronic anti-counterfeiting and logistics management system based on NFC (near field communication) mobile phone
CN103391117A (en) Secure near field communication solution and circuit
CN100511272C (en) Safety electronic label
CN111046413B (en) RFID communication method and system
KR101040577B1 (en) Method and System for issuing of Mobile Application
KR100951527B1 (en) Encrypting method for id of rfid tag, authenticating method of rfid tag and rfid authenticating system using the same
CN107749096B (en) Safety electronic lock based on ultrahigh frequency RFID and control method thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C17 Cessation of patent right
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20091202

Termination date: 20121015