CN101110728A - Security validating system and method for RFID certificate of title - Google Patents
Security validating system and method for RFID certificate of title Download PDFInfo
- Publication number
- CN101110728A CN101110728A CNA2007100451928A CN200710045192A CN101110728A CN 101110728 A CN101110728 A CN 101110728A CN A2007100451928 A CNA2007100451928 A CN A2007100451928A CN 200710045192 A CN200710045192 A CN 200710045192A CN 101110728 A CN101110728 A CN 101110728A
- Authority
- CN
- China
- Prior art keywords
- gateway
- title
- identity
- information
- read
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention belongs to the certificate enciphering technology field, to be concrete, a security certification system and certification method of the property right certificate. The present invention enciphers the necessary identity data and signature in a triple DES enciphering method to be stored in a chip, and the cryptographic key is calculated according the unique ID of the RFID. Each reading of the chip information requires to perform mutual identity confirmation, and the confirmation information is stored in the computer center of the real estate bureau. When the property right certificate is verified by a remote verification agency, the confirmation information is acquired through the Internet, the identity data of the property right certificate and the cipher text of the signature are read, and transmitted to the computer center through the Internet. After the computer center explains the identity data and the signature, the result is transmitted back to the remote verification agency through the Internet. Before each data transmission, three short connections are used to acquire a group of data, and the data are used as the cryptographic key to encipher all the transmitted cipher text data in a triple DES enciphering method. The operation of the present invention is easy, and the security is good.
Description
Technical field
The invention belongs to certificate encryption technology field, be specifically related to a kind of RFID title security authentication systems and verification method.
Background technology
Along with two generation the popularizing of China's Certificate of Identification, the application of RFID on certificate more and more receives publicity.But present Certificate of Identification how can be in various places (such as bank, station etc.) authenticates and handle is a problem always.Message transmission and authentication on the comparatively safe private network of the Ministry of Public Security; Only depend on fixing false proof mode and enciphered data to verify.Which kind of mode all defines the application of Certificate of Identification.If can also carry out the safety certification of certificates such as Certificate of Identification in Internet internet safe transmission data in real time, that just can make the truth identification and the safe handling of Certificate of Identification, " title ", " degree's diploma " etc. obtain real guarantee.
About the Secure Application of RFID, be the individual system that iso standard, EPC standard or uID standard all have oneself.But these all establish one's own system, and the emphasis of being paid close attention to is also different, RFID are not made a comprehensive concrete standard in authentication as safe as a house on the internet and processing.Existing various application is also being inquired into different safe modes.
The ISO14443 standard definition two types of agreements of TYPE A, TYPE B, traffic rate is 106kbit/s, their difference mainly be carrier wave modulation depth and the position coded system.TYPE A adopts the graceful Chester coding of on-off keying (On-Off keying), and TYPE B adopts the BPSK coding of NRZ-L.TYPE B compares with TYPE A, has that transmission of power does not interrupt, speed is higher, antijamming capability big powers, anti-advantage of colliding.With the Philip chip mifare that meets the ISO14443 standard is example, the Philip has defined strict both sides three second phases and has recognized each other card, what transmit in the proof procedure all is random number, rather than key itself, and the authentication by after produce transmission security key, next all communications all can be encrypted with transmission security key.Data all were through encrypting before writing, even illegally intercepted, also can't obtain initial data, and most this encrypted secret key all are to utilize unique sequence number of card/label to disperse, even the storage identical data is to different cards, because key is different, the actual data of writing in the card all are different, have stopped the possibility of bootlegging card.But how how protected in transmission and identity on the internet safely do not define information in this standard.
ETRON is that plate village, Tokyo University builds the Secure Application of RFID in wide scope that professor and his colleagues study, and such as in the safety certification and the transfer of data of carrying out RFID on the internet, now in Japan many application is arranged.But it more is to utilize unique ID of RFID to be used as identity, and the computing capability of REID chip is had relatively high expectations.System controls the object of each visit, can be to the data encryption of visit.Also have many other features in this system.But its safety is too dependent on hardware, the level of security of system the place one's entire reliance upon levels of complexity and the computing capability of hardware.For resemble " title " false proof and the management system cost too high.
As everyone knows, the EPC system is the application under an open supply chain environment, can not spend very big cost to come for each object too high coefficient of safety to be set.There is potential safety hazard in EPC Gen1 label always, and the Gen2 label has increased many designs and safety guarantee.The fail safe of EPC application system is not only by the label decision, also can set up the necessary security key element in the whole system.But too high safety requirements still needs extra effort and cost.
Summary of the invention
The object of the present invention is to provide a kind of protection easy to use, safe good title security authentication systems and verification method based on the RFID technology.
System of the present invention has the following function:
1, the property-rights exchange center be subjected to the part personnel to be subjected to part every day the time only title need be put into the desk-top read-write machine dedicated true and false just can judge title that goes up.If true, the necessary information of returning title is worked by part, if vacation is then reported to the police.
2, can put a touch-screen in the hall of property-rights exchange center, common people can self-servicely carry out some inquiry and title checking work, have not only made things convenient for common people also to alleviate subject's work.
3, can allow the true and false of some necessary remote verification agency (as: bank, house property medium etc.) remote validation title, the mechanism that authority is high (as: bank) can increase some reference informations.As: so-and-so title backed loan is declared by A bank; B intermediary declares so-and-so house and hires out or the like.Effectively prevented house swindle case.The reference information of mistake can be to the application corrigendum of property right center.
Property ownership certificate Verification System based on the RFID technology provided by the invention, its structure is referring to shown in Figure 1.System divides four major parts: the verification terminal of the computer center of housing bureau, housing bureau inside, the touch-screen of housing bureau inside and remote validation terminal.The touch-screen of housing bureau inside and verification terminal be basic identical or its subclass with the remote validation terminal all from function and structure.Therefore, system configuration is introduced in detail each part of remote validation terminal and computer center emphatically.
Be divided into authorization center, authentication center, data center and gateway in the computer center of housing bureau again; Remote validation terminal (as remote verification agency such as bank, intermediaries) comprises mechanism's ID card, read-write machine dedicated and dedicated gateway.External except these basic structures, the title that has the RFID chip also is one of important component part of system, and the inside comprises a large amount of title identity informations.
Each part all has their distinctive security factor, referring to table 1.These security factors are combined the safety verification that can be good at guaranteeing title.They how together effectively work introduce in detail in the description of each part below.
| Sequence number | | Security factor | |
| 1 | " title " | Global unique, as can not to change and forge unique ID.The ciphertext of the identity information signing messages of " title ".The encryption key of cipher-text information and encryption method.The cryptoguard of reading and writing of information. | |
| 2 | Remote validation terminal identity card | Global unique, as can not to change and forge unique ID.The ciphertext of the identity information signing messages of remote verification agency.The encryption key of cipher-text information and encryption method.The cryptoguard of reading and writing of information. | |
| 3 | Remote validation terminal-specific read write line | Unique ID that is authorized to.Binding could be worked with ID card.The identity data ciphertext. | |
| 4 | Gateway | Unique ID that is authorized to.Identification number.The identity data ciphertext.Three short data producing methods that connect.Could work with ID card and read-write machine dedicated binding.The key producing method of 3 heavy des encryptions is set.Transmit data 3 heavy des encryption/deciphering. | |
| 5 | Data center | Deciphering is encrypted and store, read fast to significant data.The control of authority of data maintenance. | |
| 6 | Authorization center | The signing messages of parts such as " title ", ID card, read-write machine dedicated, dedicated gateway and the plaintext producing method of identity information.3 heavy DES conversions of plaintext and ciphertext. | |
| 7 | Authentication center | The signing messages of parts such as " title ", ID card, read-write machine dedicated, dedicated gateway and the plaintext producing method of identity information.Ciphertext and plaintext 3 heavy DES conversion and couplings. |
Table 1
Title
Have a RFID chip that meets the ISO14443 standard, the RFID chip that meets the ISO14443 standard can be embedded in the middle of the certificate paper, perhaps be attached to certificate front cover inboard, perhaps be made into card.The ID of unique 8 character lengths of chip can not revise, also can not repeat; Chip all needs password other Card read/write the time except that ID.These password storage and uniform generate in the title mandate at random in the data center of housing bureau.
Deposit the identity information of necessity of each title and the ciphertext of signing messages in the chip.These information are encrypted according to the dynamic effective triple des key of 168 bit that generates of the ID of chip itself.Content in the chip has only the high people of only a few authority to revise, and revises password and is subjected to strict protection.Even identical like this cleartext information ciphertext in different labels is all different, forgery and deception that chip information duplicates have been stopped.
The plaintext (P) of identity information and signature totally 128 bytes in the title chip, content comprises: title numbering+owner's identity card numbering+house is located in+providing gear numeral+serial number+supply (signature bit)+effect position of signing.
Ciphertext (C) after these clear content are encrypted through triple des is as follows with relation expressly:
C=E K3[D K2[E K1 [P]]]
E is des encryption algorithm (particular content is referring to relevant international standard), and D is the DES decipherment algorithm, and K1, K2, K3 are key.The length of each key is 64bit, just in time equals the length of unique ID (uID) of chip in the title.Utilize this ID to generate three random number D1, D2 and D3 as seed, the length of three random numbers all is 64bit.Their relations of three are as follows:
If: D1[8]=uID; D2[8]=random (D1); D3[8]=random (D2)
Dn[8] be 8 character arrays, n=1,2,3.The relation of K1, K2, three keys of K3 and random number is as follows:
K1=D2[2]+D1[1]+D2[8]+D3[7]+D3[4]+D2[3]+D1[7]+D3[1];
K2=D1[2]+D1[5]+D3[2]+D2[1]+D1[6]+D3[5]+D2[4]+D3[8];
K3=D2[6]+D3[3]+D1[4]+D1[8]+D2[7]+D1[3]+D3[6]+D2[5]。
Dn[n] be any one element in the character array, the combination that D1, D2, D3 generate K1, K2, K3 also is at random, is an example here.
The algorithm of Random also must adopt foolproof BBS algorithm, the random number generating algorithm that generally can adopt programmed environment to carry.What rule generating key as for three groups of data according to also is that authorization center generates at random, and the result is left in the middle of the data center.The algorithm that generates is exactly that 24 numerals are generated random sequence.Generate rule, the key of key and expressly all be kept at the data center of computer center, encrypt data is taken computer center and in computer center's coupling, could be determined whether encrypt data is meaningful so have only.
Remote validation terminal (remote verification agency) ID card
The ID card of remote validation terminal is the same with the ID card of title, and the RFID chip that will meet the ISO14443 standard is embedded in the ID card.ID with unique 8 character lengths can not revising.All need password when reading and revising other content, write the computer center that password leaves housing bureau in, read password by remote verification agency director keeping.The most important thing is that its inside deposits the identity information of remote verification agency, the plaintext of identity information (P) is totally 128 bytes, and content comprises:
The unique ID+ director of certifying organization of remote verification agency ID card No.+certifying organization authorization role coding+providing gear signature numeral+serial number+supply (signature bit)+effect position, position
Ciphertext (C) after these clear content are encrypted through triple des is as follows with relation expressly:
C=E K3[D K2[E K1[P]]]
E is des encryption algorithm (particular content is referring to relevant international standard), and D is the DES decipherment algorithm, and K1, K2, K3 are key.The length of each key is 64bit, just in time equals the length of unique ID (uID) of chip in the ID card.Utilize this ID to generate three random number D1, D2 and D3 as seed, the length of three random numbers all is 64bit.Their relations of three are as follows:
If: D1[8]=uID; D2[8]=random (D1); D3[8]=random (D2)
Dn[8] be 8 character arrays, n=1,2,3.The relation of K1, K2, three keys of K3 and random number is as follows:
K1=D2[2]+D1[1]+D2[8]+D3[7]+D3[4]+D2[3]+D1[7]+D3[1];
K2=D1[2]+D1[5]+D3[2]+D2[1]+D1[6]+D3[5]+D2[4]+D3[8];
K3=D2[6]+D3[3]+D1[4]+D1[8]+D2[7]+D1[3]+D3[6]+D2[5]。
Dn[n] be any one element in the character array, the combination that D1, D2, D3 generate K1, K2, K3 also is at random, is an example here.
The algorithm of Random might not adopt foolproof BBS algorithm, the random number generating algorithm that generally can adopt programmed environment to carry.What rule generating key as for three groups of data according to also is that authorization center generates at random, and the result is left in the middle of the data center.The algorithm that generates is exactly that 24 numerals are generated random sequence.Generate rule, the key of key and expressly all be kept at the data center of computer center, encrypt data is taken computer center and in computer center's coupling, could be determined whether encrypt data is meaningful so have only.
Remote validation terminal (remote verification agency) read write line
The authorization center of housing bureau give the legal remote verification agency of each necessity provide one read-write machine dedicated, each is read-write machine dedicated all a fixing ID, also is that 8 characters are long.This ID can be solidificated in the form of hardware in the middle of the read write line, also can be solidificated in the middle of the driving with the form of software.Among the embodiment, adopt the form of software, ID is solidificated in the middle of the driving.Except ID, also have one group of cipher-text information of representing their identity, these identity to generally comprise the ID, providing gear, providing gear gateway information etc. of ID, the remote verification agency ID card of the dedicated gateway of read-write machine dedicated correspondence.Read-write machine dedicated in work, must could work together with the dedicated gateway and the ID card of his correspondence.
The function that this read write line is only read, unwritten function, and all need to read password when reading and writing the ciphertext content of ID card of each title or remote verification agency, but the unique ID that reads them does not need password.
Remote validation terminal (remote verification agency) gateway and computer center of housing bureau gateway
The gateway of the gateway of remote verification agency and computer center of housing bureau responds to and cooperate with each other across a great distance, they two connect each other, mutually communication, any information that the mode by safety will send oneself sends to the other side, and accepts the information from the other side safely.
Each gateway all has oneself a identity, just be reflected in the identification number (identityNum) of ID (gatewayID) and 8 character lengths of 8 the unique character lengths in the software, just decide in the time of the gateway issue, the user can not change.The identification number of in store each remote gateway of computer center and ID.In addition, in the time of gateway one issue, authorization center has just been authorized the ciphertext of one section identity data to them.This ciphertext is the sequence (MA[3] [8]) of some 3 group of 8 bit digital at random, and this sequence is each all can be changed according to specific rule after using again.As:
MA[1][1]MA[1][2]MA[1][3]MA[1][4]MA[1][5]MA[1][6]MA[1][7]MA[1][8]
MA[2][1]MA[2][2]MA[2][3]MA[2][4]MA[2][5]MA[2][6]MA[2][7]MA[2][8]
MA[3][1]MA[3][2]MA[3][3]MA[3][4]MA[3][5]MA[3][6]MA[3][7]MA[3][8]
Change into:
MA[3][2]MA[2][1]MA[1][4]MA[2][7]MA[1][2]MA[3][5]MA[1][7]MA[2][8]
MA[1][1]MA[2][6]MA[3][3]MA[3][6]MA[3][1]MA[2][5]MA[1][3]MA[1][5]
MA[2][2]MA[2][4]MA[2][3]MA[1][8]MA[3][4]MA[3][8]MA[3][7]MA[1][6]
Can be designated as:
SA[1][1]SA[1][2]SA[1][3]SA[1][4]SA[1][5]SA[1][6]SA[1][7]SA[1][8]
SA[2][1]SA[2][2]SA[2][3]SA[2][4]SA[2][5]SA[2][6]SA[2][7]SA[2][8]
SA[3][1]SA[3][2]SA[3][3]SA[3][4]SA[3][5]SA[3][6]SA[3][7]SA[3][8]
This Changing Pattern also generates at random.Different gateways is all different.The rule of each gateway all is the authorization center decision, and has the data center of property-rights exchange center.
Remote verification agency is when verifying title, and its gateway will carry out three weak points with the gateway of computer center of housing bureau and be connected, to guarantee authenticating safety.
Short for the first time the connection
The gateway of remote verification agency is not intercepted by other people for the Content of communciation that ensures own and computer center's gateway, and the remote verification agency gateway is at first set up with the other side and once is connected.Send 16 random numbers when connection is set up and own ID and identity data ciphertext are placed on the end for first section, this random number generates according to gateway ID, that is: random (gatewayID1).The whole data that send (Data1[24]) be:
Data11[24]=random(gatewayID1)[16]+gatewayID1[8]+MA[1][8]
After computer center's gateway is received this random number, utilize the ID of oneself to generate a random number, and first section of the identity data ciphertext after ID that adds oneself on this random number and variation, and result (Data2[24]) is returned.Subsequently, connect interruption.The data of returning (Data2[24]):
Data12[24]=random(gatewayID2)[16]+gatewayID2[8]+SA[1][8]。
Short for the second time the connection
And then, computer center's gateway once connects to the remote verification agency request.Send a random data when connecting, data content is to utilize own ID to generate a random number, and second section of the identity data ciphertext after the ID that adds oneself on this random number and variation.That is:
Data21[24]=Random(gatewayID2)[16]+gatewayID2[8]+SA[2][8]
The remote validation terminating gateway is obtained after the data, utilizes the identityNum of oneself to generate a random number, and adds oneself identityNum and second section of identity data ciphertext on this random number, and the result is returned.Subsequently, connect interruption.That is:
Data22[24]=Random(identityNum)[16]+identityNum[8]+MA[2][8]
Short for the third time the connection
The remote verification agency gateway connects again to computer center's gateway requests.Connect and to send a random data simultaneously, data content is to utilize own random number of identification number (identityNum) generation, and adds oneself ID and the 3rd section of identity data ciphertext on this random number.
Data31[24]=Random(identityNum)[16]+identityNum[8]+MA[3][8]
The remote validation terminating gateway is obtained after the data, utilizes the identityNum of oneself to generate a random number, and the 3rd section of the identity data ciphertext after identityNum that adds oneself on this random number and variation, and the result is returned.Subsequently, connect interruption.That is:
Data32[24]Random(gatewayID1)[16]+gatewayID1[8]+SA[3][8]。
Three short connections generate can be familiar with and the 6 groups of random numbers that can determine one's identity of both sides as can be seen from the above.With two groups is that a combination generates one 8 key (Key) and comes the 3 heavy des encryptions will be by the data (P) of gateway transmission.And after three times weak point had connected, remote verification agency was just known oneself identity data ciphertext is transformed into identity data ciphertext after the variation.
The method that extracts Key is as follows:
K1[8]=Data31[8、19、15、2]+Data22[6、1、23、13]
K2[8]=Data11[11、16、9、13]+Data32[5、20、7、14]
K3[8]=Data21[5、12、6、14]+Data12[12、17、4、13]
This combination should be the difference according to the identity of each remote verification agency, all should be different.
Transmission after P encrypts, encrypting later data is C:
C=E K3[D K2[E K1[P]]]
Can guarantee the data security transmitted between two gateways by above mode, can not obtained easily by the third party.
The data center of computer center of housing bureau
The important data of all of this part all store after encrypting.Adopt encrypted packet that oracle carries and Encryption Tool that important data are write and read and carry out encryption and decryption.Here all title identity informations, encryption key, various Changing Pattern and relationship trading record have been write down.The password abstracting method or the like of ID, identification number, identity ciphertext Changing Pattern and each gateway that is encryption key, cipher mode, each gateway of read-write password, internal information, the internal information of read-write password, the remote verification agency ID card of title chip all is stored in here.
High authority user can add reference record.These are most important with reference to record, and whether directly affect has a side to be cheated in the house transaction process.These records can not be modified and delete, and being stored in the data center also all is ciphertext.Such as A bank adds an information and says that certain property ownership certificate was mortgaged loan here, and other banks just can see so, just can not mortgage it again.If information is wrong, the owner can arrive housing bureau and apply for adding a corrigendum information, proves that bar information is wrong, and other banks just can mortgage.Remote verification agency, housing bureau's internal mechanism and touch-screen etc. all can be preserved the historical record of checking at every turn when verifying.These records can only be added and can not revise, unless handled by system's automated back-up and do deletion after the accumulation of certain hour.
The authorization center of computer center of housing bureau
Here produce the plaintext (P) and the ciphertext (C) of title identity, and plaintext is saved in data center, ciphertext is written in the chip in the title.Ciphertext and relation were expressly introduced in front.
Equally, the plaintext of the identity information of remote verification agency and ciphertext also here produce, and plaintext is saved in database, and ciphertext is written in the ID card.The read-write machine dedicated of remote verification agency also here provided.When providing, each read write line all can comprise an identity ID different with other, and the ID card information of this identity data and certifying organization is bound mutually.If the two can not mate read write line effectively with cisco unity malfunction.
Authorize for the dedicated gateway of remote verification agency, introduce as top, their ID and another one recognition factor need to set in advance.And they and read-write machine dedicated ID and ID card ID be mapped.Simultaneously, the Changing Pattern of the data that need determine one's identity ciphertext, 6 groups of random numbers generate the method for three passwords.These all information can compile remote gateway after determining, and corresponding informance is saved in the data center.
The mandate of interpolation information.There is the remote verification agency of authority not only can verify title and mechanism's identity information, can also adds some information.But these information all must be added according to the rule of making an appointment.Satisfying these regular information can be compiled into and have only the authentication center can recognition data.As: the type of adding incident can only be selected mortgage, taxi, sale etc., and each type all has a code after the conversion.Have only the authority checking center to discern.
Be the kind of event that to add below, can add but major part is the verification terminal of housing bureau inside.The kind that remote verification agency can be used seldom.
| Kind of event | Other parameter |
| Mortgage | The amount of money, time limit, identification card number, title numbering, his warrant number, or the like. |
| Sell | The amount of money, date, identification card number, title numbering, his warrant number, or the like. |
| Gift | The side's of gifting identification card number, recipient's identification card number, title number, or the like. |
| Inherit | Inheritor's identification card number, inherit kind, the former property right person part card number, title number, etc. |
| The common reserve fund loan | The amount of money, time limit, identification card number, title numbering, his warrant number, or the like. |
| …… | …… |
Table 2
The authentication center of computer center of housing bureau
The authentication process itself of remote verification agency authentication and title is basic identical, all is by gateway oneself identity data ciphertext to be sent to computer center by gateway.When remote verification agency identity cipher-text information that different is read, it is just passable that relevant director inputs password.And during the data read of title, need obtain the password that reads of title by after the authentication of gateway to the remote verification agency identity.
After password is read in acquisition, just can read the identity cipher-text information in the title.Then, by gateway data security is sent to computer center.Authentication center is decrypted the title identity data that gateway sends.After the deciphering, in database hub, take out the also plaintext of decryption identity information.Then, the two is mated.Draw the true and false of identity information according to matching result.
Communication between the gateway of computer center and far away and the authentication center gateway is independently basically.But authentication center is still known ID, recognition factor and the identity encrypt data of the gateway that each is authorized to.When each computer center gateway transmission data were come, he wanted the legitimacy of authenticating remote gateway.
About adding information correctness, legitimate verification, remote verification agency also can be done safe judgement.The information of adding is all added according to the predefined rule of authorization center.So they are compiled into some codes that have only authentication center to discern.Legal interpolation information one is passed through authentication center surely, and then enters data center.The illegal authentication center that can't pass is certainly verified.
The title secure remote authentication method that the present invention proposes is as follows:
When remote verification agency was carried out remote validation, a typical process was as follows, and concrete sequential chart can be with reference to Fig. 2.
1, the authorization center RFID chip that will meet the ISO14443 standard is embedded in the middle of the certificate paper, perhaps is attached to certificate front cover inboard, perhaps is made into card.(among the embodiment, chip being attached to the title inboard).Deposit the identity information and the signing messages of necessity of each title in the chip.These information are encrypted according to 168 effective triple des keys of the sequence dynamic assignment of the ID generation of chip itself.Content in the chip has only the people that the only a few authority is high in the authorization center (for example Chief of Centre) to revise.Even identical like this cleartext information ciphertext in different labels is all different, forgery and deception that chip information duplicates have been stopped.
2, all interior chip and interior chip datas of ID card of title have only the people that the only a few authority is high in the authorization center to revise, and other people and mechanism can only read.When reading chip at every turn, read write line all needs to read password.Do not read password, ID that can only reading chip can not read out of Memory.These read the data center that encrypted message all is kept at housing bureau, must obtain by other the mode of safety.
3, each regional related personnel of housing bureau by the authorization center of computer center, writes the ciphertext of necessary identity information and the ciphertext of signing messages in the chip in every title.When these information read, need can obtain from computer center of housing bureau by the mode of safety and read password.The information of reading all is repeatedly encrypted ciphertext, and is without any meaning, only just meaningful at the authority checking center of housing bureau.
4, authorization center can also be provided read-write machine dedicated a, ID card and a dedicated gateway that includes the RFID chip to each legal entity that is necessary.The three has the identity of oneself, any one identity difference, other all can not work.Identity information ciphertext and signing messages ciphertext that mechanism is arranged in the chip of ID card, at every turn by read-write machine dedicated when reading cipher-text information, must the input password, password is by relevant director's keeping of remote verification agency.The cipher-text information of reading only in the authority checking of housing bureau intracardiac ability meaningful.
When 5, remote verification agency is verified certain title, to read the cipher-text information of its inside chip earlier.At this moment need and read password.In order to obtain the password that reads of certain concrete title chip, remote verification agency must show the identity of oneself to computer center, and explanation will be read that title.When own identity was legal, computer center just can send the needed authority that reads.
6, during the own identity of checking, read-write machine dedicated interior oneself the identity of ID card of reading of utilizing oneself.Then the identity information of the identity information (CardInfo) of oneself, read-write machine dedicated identity information (ReaderInfo), dedicated gateway (GatewayInfo) and the title ID (uID) that will verify are combined calculating.Result calculated (ResultData) sends to the gateway of computer center by the gateway of remote verification agency.Promptly
ResultData=Recode(ReCode(CardInfo)+ReCode(ReaderInfo)+ReCode(GatewayInfo)+ReCode(uID))
ReCode is a function of oneself writing, and this function is that one section cleartext information block encryption is transformed into other one group of ciphertext.
7, after the gateway of remote verification agency is lacked connection and triple des encryption with ResultData through three times, send to the gateway of computer center.After computer center's gateway deciphering, the result is passed to the authentication center of computer center.
8, authentication center is confirmed the identity of the identity of remote verification agency, read-write machine dedicated identity, gateway and the identity of the title that will authenticate.During affirmation, above-mentioned various block encryption information are decrypted and mechanism's identity information of data center is compared.Confirm errorless after, will generate a new return results (NewResult).Comprise the full content of ResultData in the new result, and add the identity information (CenterGatewayInfo) of computer center's gateway and the title that needs to verify read password (Key).Certainly these information have all been passed through new block encryption.
NewResult=Recode(ReCode(CardInfo)+ReCode(ReaderInfo)+ReCode(GatewayInfo)+ReCode(CenterGatewayInfo)+ReCode(Key))
Notice that the ID of the title that will read is not among new return results.Authentication center has any illegal information in the process of confirming remote verification agency and the ID that will read title, all will provide warning.If three times illegal, computer center's gateway will no longer be accepted the connection from this gateway.All just often, computer center's gateway will be through sending to the remote verification agency gateway with safety as a result after three short connections.
9, after the remote verification agency gateway obtains return results, mate the gateway of oneself, read-write machine dedicated and ID card information, any one does not match, and the result of back is with invalid.All just often obtain verifying the authority that reads of title.Then, read the content of title chips, this content is a ciphertext (EncryptedInfo) of having only the computer center of housing bureau to discern.The authority, read write line identity, the combination of gateway identity that obtain this ciphertext and remote verification agency are calculated a result (DetailResult).This result is that block encoding is obtained by following contents.That is:
DetailResult=Recode(ReCode(CardInfo)+ReCode(ReaderInfo)+ReCode(GatewayInfo)+ReCode(CenterGatewayInfo)+ReCode(EncryptedInfo))
These contents are sent to computer center's gateway by dedicated gateway.After computer center's gateway deciphering and their legitimacy of simple authentication, give authentication center with the result.
10, authentication center obtains the cipher-text information in correct identity information and the title at first to the decrypts information of block encryption.After verifying that these identity informations are errorless, the cipher-text information in the title is deciphered.Consistent with the title information of front requests verification and prove then that with the information unanimity of authorizing originally title is genuine, otherwise then false.Very then obtain title the owner, number, be located in, (TrueInfo) such as information that other mechanism increases.Vacation then obtains one section warning message (FalseInfo).Return information (TrueFalseReturn) is the combination of the information that obtains and other information.That is:
TrueFalseReturn=Recode(ReCode(CardInfo)+ReCode(ReaderInfo)+ReCode(GatewayInfo)+ReCode(CenterGatewayInfo)+ReCode(TrueInfo/FalseInfo))
11, computer center's gateway returns to the remote verification agency gateway with required result.This gateway is complementary to result deciphering and with the ID card of oneself, read-write machine dedicated and gateway identity.Correct then can obtain correct return results.
12, there are some important mechanism not only can verify the information of title, and can check out of Memory or add some information according to authority.Such as: the mortgage situation in this house can be checked by bank, and increase information.Can increase certain title carried out loan mortgage, loan mortgage how much or the like information.These information can only be selected in the information of gateway regulation, and specifying information is referring to table 2.(AddDetail) sends computer center's gateway in conjunction with other information after the information via gateway coding displacement that chooses, the block encryption.Transmission information (AddInfo) is:
AddInfo=Recode(ReCode(CardInfo)+ReCode(ReaderInfo)+ReCode(GatewayInfo)+ReCode(CenterGatewayInfo)+ReCode(AddDetail))
After computer center's gateway obtains information, send it to authentication center, authentication center authenticating remote certifying organization identity, and increase information decoded, deciphers.If compliant then increase success as a result, otherwise warning.
(annotate: the 12nd is not included in the sequential chart)
Embodiment
1, native system can be used by housing bureau and relevant departments thereof, also can be used by the legal entity of any mandate.Mainly containing two parts constitutes, one is housing bureau, and the verification terminal and the touch-screen that used by the part personnel of computer center, housing bureau inside arranged in the housing bureau, and whole housing bureau is except the authentication center gateway, other should be under the internal network environment that is perfectly safe, and there is any connection in the discord external world.A part is to use department and unit (as bank, intermediary etc.) in addition, and this part also is to use special-purpose read write line, gateway and exclusive identity.So also divide two parts to implement when implementing, one is housing bureau, one is the remote verification agency of being correlated with.
What 2, housing bureau was most crucial is computer center.This part is made up of data center, authority checking center, external dedicated gateway and fire compartment wall.Except gateway and extraneous communication, other parts all are hedged off from the outer world and come.Data center adopts oracle database, the encryption method that his data encryption mode also adopts Oracle to carry.This database operates in one independently on the unix server.The authority checking center also is to operate in one independently on the unix server, this server only and the server and the gateway server of data center come into contacts with.Dedicated gateway also is to operate in one independently on the server.
3, no matter be remote verification agency, touch-screen, housing bureau's internal verification terminal, or all there is the gateway of oneself in computer center of housing bureau.Their gateway and other parts on the process of operation (being preferably on the physical connection) all are independently.
When 4, providing title, authorization center authorizes for the title in its compass of competency.For example, stick one in the title inboard and meet the ISO14443 standard, size is the label that 9mmX70mm includes Philip Mifare One S70 chip.Then, title is placed on the read write line, the password that reads of title is set, and be written in the chip after the mode that identity information and digital signature information are encrypted with triple des encrypted.The password that reads of title has only authorization center to know, when remote verification agency will read title information, must read authority from obtaining of telesecurity.Identity that writes and digital signature are also encrypted according to unique ID of chip in the label, and ciphertext is only just meaningful at the authorization/authentication center.
5, the time to the remote verification agency mandate, to they provide one read-write machine dedicated, an ID card and a special-purpose validation gateway.This read-write machine dedicated can only reading can not be write; ID card is embedded in a Philip Mifare One S70 chip that meets the ISO14443 standard, deposits in the chip with identity information and signing messages after the triple des encryption, needs password when card reads, and this password is by the related personnel of certifying organization keeping; Be the validation gateway of a special use at last.The three has identity, have only the gateway, read write line of three specific identities and ID card in conjunction with after could work.This combination also is the authorization center decision.
6, read-write machine dedicated and gateway is arranged equally on the touch-screen.Just it is in housing bureau inside, have special personnel opening and closing everyday it.It can only inquire about the true and false of title, and the identity of itself and in the particularity of housing bureau inside has determined that its enforcement is simple relatively, and comparatively safe.
7, the part personnel that are subjected to of housing bureau have the gateway program of a special use, and this gateway is similar with remote verification agency basically, and only he uses in that housing bureau is inner, so function is more complete, safety is higher, oversimplifies on the security means, and speed is faster; In addition, also have an ID card the same and a read write line with remote verification agency.
8, after system sets up,, carry out different trainings for different users of service, relate to the training of security, require the personnel of authorization center under relatively safer network environment, to work at pretty difference in functionality.The read-write password of all chips and identity signed data all are that system generates automatically, and may be often to change.So the content of training will can not done too much description to the security details of system yet.
The upgrading of certain fail safe and functional aspect also was free in 1 year with interior free maintenance in 1 year.After 1 year, we continue to keep the priority to this system maintenance and upgrading.
List of references
[1]THE ETRON WIDE-AREA DISTRIBUTED-SYSTEM ARCHITECTURE FOR E-COMMERCE by KenSakamura Noboru Koshizuka University of Tokyo at 2001 IEEE
[2]Draft ISO/IEC FCD 14443-4 Part 4:Transmission protocol
[3]EPCglobal Tag Data Translation(TDT)1.0 Ratified Standard specification byEPCglobal January 21,2006
[4]Reader Protocol Standard,Version 1.1 Ratified Standard by EPCglobal June 21,2006
[5]Object Naming Service(ONS)Version 1.0 EPCglobal Ratified SpecificationVersion of October 4,2005
[6]EPC Information Services(EPCIS)Version 1.0 Specification Ratified StandardApril 12,2007。
Claims (5)
1. title security authentication systems, it is characterized in that system comprises the computer center of housing bureau, verification terminal, the touch-screen in the housing bureau of housing bureau inside and the remote validation terminal that is arranged on remote verification agency, comprise a House Property card in addition; Touch-screen in the housing bureau and verification terminal, its function and structure and remote validation terminal basically identical; Comprise authorization center, authentication center and data center and gateway in the computer center of housing bureau, the remote validation terminal comprises the ID card of remote verification agency, read-write machine dedicated and dedicated gateway; Wherein:
Title
Have a RFID chip that meets the ISO14443 standard, this chip has the ID of unique and 8 character lengths can not revising; Chip all needs password other Card read/write the time except that ID, these password storage and uniform generate in the title mandate at random in the data center of housing bureau;
Deposit the ciphertext of the identity information and the signing messages of title in the chip, these information are encrypted according to the dynamic effective triple des key of 168 bit that generates of the ID of chip itself; Content in the chip has only the high people of only a few authority to revise, and revises password and is subjected to strict protection;
The plaintext (P) of identity information and signature totally 128 bytes in the title chip, content comprises: title numbering+owner's identity card numbering+house is located in+providing gear numeral+serial number+supply position+effect position of signing;
The remote validation terminal identity card of remote verification agency
The ID card of remote validation terminal is the same with the ID card of title, has the RFID chip that meets the ISO14443 standard, this chip has the ID of unique 8 character lengths can not revising, all need password when reading and revising other content, write the computer center that password leaves housing bureau in, read password by remote verification agency director keeping, the identity information of remote verification agency is deposited in the chip the inside, the plaintext of identity information (P) is totally 128 bytes, and content comprises:
The unique ID+ director of certifying organization of remote verification agency ID card No.+certifying organization authorization role coding+providing gear signature numeral+serial number+supply position+effect position;
The remote validation terminal-specific read write line of remote verification agency
The authorization center of housing bureau gives each one of legal remote verification agency granting read-write machine dedicated, each is read-write machine dedicated all a fixing ID, also be that 8 characters are long, except ID, also have one group of cipher-text information of representing their identity, these identity comprise ID, the ID of remote verification agency ID card, providing gear, the providing gear gateway information of the dedicated gateway of read-write machine dedicated correspondence; Read-write machine dedicated in work, must could work together with the dedicated gateway and the ID card of his correspondence;
This read-write machine dedicated function of only reading, unwritten function, and all need to read password when reading and writing the ciphertext content of ID card of each title or remote verification agency, but the unique ID that reads them does not need password;
The remote validation terminating gateway of remote verification agency and computer center of housing bureau gateway
The gateway of the gateway of remote verification agency and computer center of housing bureau responds to and cooperate with each other across a great distance, they two connect each other, mutually communication, any information that the mode by safety will send oneself sends to the other side, and accepts the information from the other side safely;
Each gateway all has oneself a identity, is reflected in the identification number (identityNum) of ID (gatewayID) and 8 character lengths of 8 the unique character lengths in the software exactly, just decides in the time of the gateway issue, and the user can not change; The identification number of in store each remote gateway of computer center and ID; In addition, in the time of certain gateway issue, authorization center is just authorized the ciphertext of one section identity data to them; This ciphertext is the sequence of some 3 groups of 8 characters at random, all can change again according to specific rule after the each use of this sequence, and this Changing Pattern generates at random, and different gateways is all different; The rule of each gateway all is the authorization center decision, and has the data center of property-rights exchange center;
Remote verification agency is when title is verified, and its gateway will carry out three weak points with the gateway of computer center of housing bureau and be connected, to guarantee authenticating safety;
The data center of computer center of housing bureau
The storage of this part is through all important data of encryption, adopts encrypted packet that oracle carries and Encryption Tool that important data are write and read and carries out encryption and decryption; The enciphered data of storage comprises: all title identity informations, encryption key, various Changing Pattern and relationship trading record, the password abstracting method of the ID of the encryption key of the read-write password of the read-write password of title chip, remote verification agency ID card, internal information, internal information, cipher mode, each gateway, identification number, identity ciphertext Changing Pattern and each gateway;
The authorization center of computer center of housing bureau
Here produce the plaintext (P) and the ciphertext (C) of title identity, and plaintext is saved in data center, ciphertext is written in the chip in the title;
The plaintext of the identity information of remote verification agency and ciphertext also here produce, and plaintext is kept at database, and ciphertext is written in the ID card; The read-write machine dedicated of remote verification agency also here provided, and in the time of granting, each is read-write machine dedicated all can to comprise an identity ID different with other, and the ID card information of this identity data and certifying organization is bound mutually;
Authorize also for the dedicated gateway of remote verification agency here, the ID of remote verification agency and another one recognition factor need to set in advance, and and read-write machine dedicated ID and ID card ID correspondence.
2. title security authentication systems according to claim 1, the mandate that it is characterized in that the authorization center of computer center of described housing bureau also comprises the mandate to the interpolation information of remote verification agency and housing bureau's internal verification terminal, these interpolation information all must be added according to the rule of making an appointment, satisfy these regular information and can be compiled into and have only the authentication center can recognition data, the kind of event and the relevant parameter of described interpolation information be as follows:
3. title security authentication systems according to claim 1, it is characterized in that the information via triple des key in the RFID chip of ID card of described title or remote validation terminal encrypts, the ciphertext (C) after it is encrypted is as follows with the relation of expressly (P):
C=E K3[D K2[E K1[P]]]
Here E is the des encryption algorithm, and D is the DES decipherment algorithm, and K1, k2, K3 are key.The length of each key is 64bit, just in time equals the length of unique ID (uID) of chip in the title, utilizes this ID to generate three random number D1, D2 and D3 as seed, and the length of each random number all is 64bit; Their relations of three are as follows:
If: D1[8]=uID; D2[8]=random (D1); D3[8]=random (D2)
Dn[8] be 8 character arrays, n=1,2,3, the pass of K1, K2, three keys of K3 and three random numbers is:
K1=D2[2]+D1[1]+D2[8]+D3[7]+D3[4]+D2[3]+D1[7]+D3[1];
K2=D1[2]+D1[5]+D3[2]+D2[1]+D1[6]+D3[5]+D2[4]+D3[8];
K3=D2[6]+D3[3]+D1[4]+D1[8]+D2[7]+D1[3]+D3[6]+D2[5];
Dn[n] be any one element in the character array, the combination that D1, D2, D3 generate K1, K2, K3 is at random.
4. method of utilizing title security authentication systems according to claim 1 to carry out the title checking is characterized in that concrete steps are as follows:
(1) the authorization center RFID chip that will meet the ISO14443 standard is embedded in the middle of the certificate paper, perhaps is attached to certificate front cover inboard, perhaps is made into card; Deposit the identity information and the signing messages of necessity of each title in the chip; These information are encrypted according to 168 effective triple des keys of the sequence dynamic assignment of the ID generation of chip itself;
(2) all interior chip and interior chip datas of ID card of title have only the people that the only a few authority is high in the authorization center to revise, and other people and mechanism can only read; When reading chip at every turn, read write line all needs to read password; Do not read password, ID that can only reading chip can not read out of Memory; These read the data center that encrypted message all is kept at housing bureau, must obtain by other the mode of safety;
(3) each regional related personnel of housing bureau by the authorization center of computer center, writes the ciphertext of necessary identity information and the ciphertext of signing messages in the chip in every title; When these information read, need obtain from computer center of housing bureau by the mode of safety and read password; The information of reading all is repeatedly encrypted ciphertext, and is without any meaning, only just meaningful at the authority checking center of housing bureau;
(4) authorization center provides read-write machine dedicated a, ID card and a dedicated gateway that includes the RFID chip for each legal entity; The three has the identity of oneself, any one identity difference, other all can not work; Identity information ciphertext and signing messages ciphertext that mechanism is arranged in the chip of ID card, at every turn by read-write machine dedicated when reading cipher-text information, must the input password, password is by relevant director's keeping of remote verification agency; The cipher-text information of reading only in the authority checking of housing bureau intracardiac ability meaningful;
When (5) remote verification agency is verified certain title, to read the cipher-text information of its inside chip earlier; At this moment need and read password; In order to obtain the password that reads of certain concrete title chip, remote verification agency must show the identity of oneself to computer center, and explanation will be read that title; When own identity was legal, computer center just can send the needed authority that reads;
(6) during the own identity of checking, read-write machine dedicated interior oneself the identity of ID card of reading of utilizing oneself; Then the identity information of the identity information (CardInfo) of oneself, read-write machine dedicated identity information (ReaderInfo), dedicated gateway (GatewayInfo) and the title ID (uID) that will verify are combined calculating; Result calculated (ResultData) sends to the gateway of computer center by the gateway of remote verification agency; Promptly
ResultData=Recode(ReCode(CardInfo)+ReCode(ReaderInfo)+ReCode(GatewayInfo)+ReCode(uID))
ReCode is a function of oneself writing, and this function is that one section cleartext information block encryption is transformed into other one group of ciphertext;
(7) after the gateway of remote verification agency is lacked connection and triple des encryption with ResultData through three times, send to the gateway of computer center; After computer center's gateway deciphering, the result is passed to the authentication center of computer center;
(8) authentication center is confirmed the identity of the identity of remote verification agency, read-write machine dedicated identity, gateway and the identity of the title that will authenticate; During affirmation, above-mentioned various block encryption information are decrypted and mechanism's identity information of data center is compared; Confirm errorless after, will generate a new return results (NewResult); Comprise the full content of ResultData in the new result, and add the identity information (CenterGatewayInfo) of computer center's gateway and the title that needs to verify read password (Key); These information have all been passed through new block encryption:
NewResult=Recode(ReCode(CardInfo)+ReCode(ReaderInfo)+ReCode(GatewayInfo)+ReCode(CenterGatewayInfo)+ReCode(Key));
Authentication center has any illegal information in the process of confirming remote verification agency and the ID that will read title, all will provide warning; If three times illegal, computer center's gateway will no longer be accepted the connection from this gateway; All just often, computer center's gateway will be through sending to the remote verification agency gateway with safety as a result after three short connections;
(9) after the remote verification agency gateway obtains return results, mate the gateway of oneself, read-write machine dedicated and ID card information, any one does not match, and the result of back is with invalid; All just often obtain verifying the authority that reads of title; Then, read the content of title chips, this content is a ciphertext (EncryptedInfo) of having only the computer center of housing bureau to discern; The authority, read write line identity, the combination of gateway identity that obtain this ciphertext and remote verification agency are calculated a result (DetailResult); This result is that block encoding is obtained by following contents; That is:
DetailResult=Recode(ReCode(CardInfo)+ReCode(ReaderInfo)+ReCode(GatewayInfo)+ReCode(CenterGatewayInfo)+ReCode(EncryptedInfo));
These contents are sent to computer center's gateway by dedicated gateway; After computer center's gateway deciphering and their legitimacy of simple authentication, give authentication center with the result;
(10) authentication center obtains the cipher-text information in correct identity information and the title at first to the decrypts information of block encryption; After verifying that these identity informations are errorless, the cipher-text information in the title is deciphered; Consistent with the title information of front requests verification and prove then that with the information unanimity of authorizing originally title is genuine, otherwise then false; Very then obtain title the owner, number, be located in, information (TrueInfo) that other mechanism increases; Vacation then obtains one section warning message (FalseInfo); Return information (TrueFalseReturn) is the combination of the information that obtains and other information; That is:
TrueFalseReturn=Recode(ReCode(CardInfo)+ReCode(ReaderInfo)+ReCode(GatewayInfo)+ReCode(CenterGatewayInfo)+ReCode(TrueInfo/FalseInfo));
(11) computer center's gateway returns to the remote verification agency gateway with required result; This gateway is complementary to result deciphering and with the ID card of oneself, read-write machine dedicated and gateway identity; Correct then can obtain correct return results.
5. method according to claim 4 is characterized in that described three short concrete steps that connect are as follows:
Short for the first time the connection
The remote verification agency gateway is at first set up with the other side and once is connected, and connects to send 16 random numbers when setting up and own ID and identity data ciphertext are placed on the end for first section, and this random number generates according to gateway ID, that is: random (gatewayID1); The whole data that send (Data1[24]) be:
Data11[24]=random(gatewayID1)[16]+gatewayID1[8]+MA[1][8]
After computer center's gateway is received this random number, utilize the ID of oneself to generate a random number, and first section of the identity data ciphertext after ID that adds oneself on this random number and variation, and result (Data2[24]) is returned; Subsequently, connect interruption; The data of returning (Data2[24]):
Data12[24]=random(gatewayID2)[16]+gatewayID2[8]+SA[1][8];
Short for the second time the connection
And then, computer center's gateway once connects to the remote verification agency request; Send a random data when connecting, data content is to utilize own ID to generate a random number, and second section of the identity data ciphertext after the ID that adds oneself on this random number and variation; That is:
Data21[24]=Random(gatewayID2)[16]+gatewayID2[8]+SA[2][8];
The remote validation terminating gateway is obtained after the data, utilizes the identityNum of oneself to generate a random number, and adds oneself identityNum and second section of identity data ciphertext on this random number, and the result is returned; Subsequently, connect interruption; That is:
Data22[24]=Random(identityNum)[16]+identityNum[8]+MA[2][8];
Short for the third time the connection
The remote verification agency gateway connects again to computer center's gateway requests; Connect and to send a random data simultaneously, data content is to utilize own random number of identification number (identityNum) generation, and adds oneself ID and the 3rd section of identity data ciphertext on this random number, that is:
Data31[24]=Random(identityNum)[16]+identityNum[8]+MA[3][8];
The remote validation terminating gateway is obtained after the data, utilizes the identityNum of oneself to generate a random number, and the 3rd section of the identity data ciphertext after identityNum that adds oneself on this random number and variation, and the result is returned; Subsequently, connect interruption; That is:
Data32[24]=Random(gatewayID1)[16]+gatewayID1[8]+SA[3][8]。
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007100451928A CN101110728A (en) | 2007-08-23 | 2007-08-23 | Security validating system and method for RFID certificate of title |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2007100451928A CN101110728A (en) | 2007-08-23 | 2007-08-23 | Security validating system and method for RFID certificate of title |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101110728A true CN101110728A (en) | 2008-01-23 |
Family
ID=39042631
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2007100451928A Pending CN101110728A (en) | 2007-08-23 | 2007-08-23 | Security validating system and method for RFID certificate of title |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101110728A (en) |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101833681A (en) * | 2010-04-02 | 2010-09-15 | 深圳市科陆电子科技股份有限公司 | Electronic label system, compression and encryption method thereof |
| CN101894282A (en) * | 2010-06-17 | 2010-11-24 | 深圳市科陆软件有限公司 | Access method of mass data in RFID (Radio Frequency Identification Device) electronic tag |
| CN102314582A (en) * | 2010-07-06 | 2012-01-11 | 台达电子工业股份有限公司 | Man-machine interface verification system utilizing radio frequency and verification method thereof |
| CN102509030A (en) * | 2009-09-25 | 2012-06-20 | 郭敏 | Anonymous preservation of a relationship and its application in account system management |
| CN102801736A (en) * | 2011-12-29 | 2012-11-28 | 公安部第三研究所 | Generation and verification control method of network identity identification code in network electronic identity card |
| CN103198341A (en) * | 2013-04-09 | 2013-07-10 | 广州中大微电子有限公司 | RFID label chip verification system and verification method |
| CN103295169A (en) * | 2013-05-03 | 2013-09-11 | 周羽 | Method and system for safely supervising real estate real person registration information |
| CN103942717A (en) * | 2014-04-03 | 2014-07-23 | 中企永联数据交换技术(北京)有限公司 | System and method for quantitative evaluation and online monitoring of Internet finance lending risk |
| CN104702561A (en) * | 2013-12-04 | 2015-06-10 | 香港微频科技有限公司 | Method, device and system for information pushing or receiving |
| CN106685637A (en) * | 2015-11-07 | 2017-05-17 | 上海复旦微电子集团股份有限公司 | Encrypted/decrypted circuit |
| WO2017128034A1 (en) * | 2016-01-26 | 2017-08-03 | 盛玉伟 | Method and system for house listing source verification on real estate network |
| CN109308103A (en) * | 2018-09-14 | 2019-02-05 | 北京清大智信科技有限公司 | A kind of grade super microcomputer for credible stamped signature |
| CN109447029A (en) * | 2018-11-12 | 2019-03-08 | 公安部第三研究所 | Electronic identity license generates system and method |
| CN109582405A (en) * | 2017-09-29 | 2019-04-05 | 慧与发展有限责任合伙企业 | Use the safety survey of tabulating equipment frame |
| CN115660021A (en) * | 2022-12-29 | 2023-01-31 | 成都普什信息自动化有限公司 | RFID anti-counterfeiting bidirectional authentication reading method and RFID anti-counterfeiting system |
-
2007
- 2007-08-23 CN CNA2007100451928A patent/CN101110728A/en active Pending
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102509030A (en) * | 2009-09-25 | 2012-06-20 | 郭敏 | Anonymous preservation of a relationship and its application in account system management |
| CN101833681B (en) * | 2010-04-02 | 2013-03-20 | 深圳市科陆电子科技股份有限公司 | Electronic label system |
| CN101833681A (en) * | 2010-04-02 | 2010-09-15 | 深圳市科陆电子科技股份有限公司 | Electronic label system, compression and encryption method thereof |
| CN101894282A (en) * | 2010-06-17 | 2010-11-24 | 深圳市科陆软件有限公司 | Access method of mass data in RFID (Radio Frequency Identification Device) electronic tag |
| CN102314582A (en) * | 2010-07-06 | 2012-01-11 | 台达电子工业股份有限公司 | Man-machine interface verification system utilizing radio frequency and verification method thereof |
| CN102801736B (en) * | 2011-12-29 | 2015-05-13 | 公安部第三研究所 | Generation and verification control method of network identity identification code in network electronic identity card |
| CN102801736A (en) * | 2011-12-29 | 2012-11-28 | 公安部第三研究所 | Generation and verification control method of network identity identification code in network electronic identity card |
| CN103198341A (en) * | 2013-04-09 | 2013-07-10 | 广州中大微电子有限公司 | RFID label chip verification system and verification method |
| CN103295169A (en) * | 2013-05-03 | 2013-09-11 | 周羽 | Method and system for safely supervising real estate real person registration information |
| CN103295169B (en) * | 2013-05-03 | 2014-05-28 | 广东裕通科技股份有限公司 | Method and system for safely supervising real estate real person registration information |
| CN104702561B (en) * | 2013-12-04 | 2019-04-12 | 香港微频科技有限公司 | A kind of information push or received method, apparatus and system |
| CN104702561A (en) * | 2013-12-04 | 2015-06-10 | 香港微频科技有限公司 | Method, device and system for information pushing or receiving |
| CN103942717B (en) * | 2014-04-03 | 2017-07-28 | 中企永联数据交换技术(北京)有限公司 | Internet finance lending quantifying risk assesses the system and method with on-line monitoring |
| CN103942717A (en) * | 2014-04-03 | 2014-07-23 | 中企永联数据交换技术(北京)有限公司 | System and method for quantitative evaluation and online monitoring of Internet finance lending risk |
| CN106685637A (en) * | 2015-11-07 | 2017-05-17 | 上海复旦微电子集团股份有限公司 | Encrypted/decrypted circuit |
| CN106685637B (en) * | 2015-11-07 | 2019-05-28 | 上海复旦微电子集团股份有限公司 | Enciphering/deciphering circuit |
| WO2017128034A1 (en) * | 2016-01-26 | 2017-08-03 | 盛玉伟 | Method and system for house listing source verification on real estate network |
| CN109582405A (en) * | 2017-09-29 | 2019-04-05 | 慧与发展有限责任合伙企业 | Use the safety survey of tabulating equipment frame |
| CN109582405B (en) * | 2017-09-29 | 2021-11-09 | 慧与发展有限责任合伙企业 | Security survey using a card system framework |
| CN109308103A (en) * | 2018-09-14 | 2019-02-05 | 北京清大智信科技有限公司 | A kind of grade super microcomputer for credible stamped signature |
| CN109447029A (en) * | 2018-11-12 | 2019-03-08 | 公安部第三研究所 | Electronic identity license generates system and method |
| CN109447029B (en) * | 2018-11-12 | 2022-09-02 | 公安部第三研究所 | Electronic identity card photo generation system and method |
| CN115660021A (en) * | 2022-12-29 | 2023-01-31 | 成都普什信息自动化有限公司 | RFID anti-counterfeiting bidirectional authentication reading method and RFID anti-counterfeiting system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101110728A (en) | Security validating system and method for RFID certificate of title | |
| CN108234515B (en) | Self-authentication digital identity management system and method based on intelligent contract | |
| ES2352743T3 (en) | ELECTRONIC METHOD FOR STORAGE AND RECOVERING ORIGINAL AUTHENTICATED DOCUMENTS. | |
| US6490358B1 (en) | Enabling business transactions in computer networks | |
| CN1290291C (en) | System and method for electronic transmission, storage and retrieval of authenticated decouments | |
| CN101546407B (en) | Electronic commerce system and management method thereof based on digital certificate | |
| JP4638990B2 (en) | Secure distribution and protection of cryptographic key information | |
| CN110383757A (en) | System and method for safe handling electronic identity | |
| US20060229988A1 (en) | Card settlement method using portable electronic device having fingerprint sensor | |
| JP2005328574A (en) | Cryptographic system and method with key escrow feature | |
| CN102959559A (en) | Method for generating certificate | |
| US20120191977A1 (en) | Secure transaction facilitator | |
| CN101216923A (en) | A system and method to enhance the data security of e-bank dealings | |
| CN101529791A (en) | A method and apparatus to provide authentication and privacy with low complexity devices | |
| CN101641707A (en) | Authentication system, server used in authentication system, mobile communication terminal, and program | |
| JPH10504150A (en) | A method for securely using digital signatures in commercial cryptosystems | |
| WO2004021667A2 (en) | Secure logging of transactions | |
| CN101009014A (en) | Secure anti-counterfeiting method and system thereof | |
| TWI591553B (en) | Systems and methods for mobile devices to trade financial documents | |
| CN101162535B (en) | Method and system for realizing magnetic stripe card trading by IC card | |
| US7505945B2 (en) | Electronic negotiable documents | |
| US20030046213A1 (en) | Anonymous processing of usage rights with variable degrees of privacy and accuracy | |
| KR20220086135A (en) | Block chain-based power transaction operation system | |
| CA2212457C (en) | Electronic negotiable documents | |
| Kuechler et al. | Digital signatures: A business view |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20080123 |