CN101582123A - Radio frequency system, device and safe processing method - Google Patents

Radio frequency system, device and safe processing method Download PDF

Info

Publication number
CN101582123A
CN101582123A CN 200910087323 CN200910087323A CN101582123A CN 101582123 A CN101582123 A CN 101582123A CN 200910087323 CN200910087323 CN 200910087323 CN 200910087323 A CN200910087323 A CN 200910087323A CN 101582123 A CN101582123 A CN 101582123A
Authority
CN
China
Prior art keywords
radio frequency
feedback shift
shift register
frequency card
card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN 200910087323
Other languages
Chinese (zh)
Other versions
CN101582123B (en
Inventor
南相浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yihengxin Verification Science and Technology Co., Ltd., Beijing
Original Assignee
南相浩
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 南相浩 filed Critical 南相浩
Priority to CN 200910087323 priority Critical patent/CN101582123B/en
Publication of CN101582123A publication Critical patent/CN101582123A/en
Priority to PCT/CN2010/074304 priority patent/WO2010149041A1/en
Application granted granted Critical
Publication of CN101582123B publication Critical patent/CN101582123B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • H04L9/0662Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a radio frequency system, a device and a safe processing method. The system comprises a writer, a reader and a radio frequency card, wherein, a UID domain, a supplement domain and a balance domain of the radio frequency card are respectively and correspondingly provided with three linear feedback shift registers; the system also comprises a CPK-key which is embedded into the writer and the reader; the CPK-key is provided with three keys that are respectively used for encrypting supplement data, balance data and control parameters; feedback and carry of the linear feedback shift registers are controlled by the control parameters, so that the difficulty of resolution and analysis is increased; content involvement digital signature of the linear feedback shift registers improves the difficulty of impersonation, and question and answer mechanism increases the difficulty of duplication.

Description

A kind of radio frequency system, device and security processing
Technical field
The present invention relates to field of information security technology, the security processing that particularly relates to a kind of radio frequency system, device and differentiate and prevent duplicating.
Background technology
Radio frequency card (Radio Frequency Identification, RFID) technology, claim electronic tag, radio RF recognition technology again, it is a kind of communication technology, can discern specific objective and read and write related data by radio signals, and need not to set up machinery between recognition system and the specific objective or optics contacts.The RFID technology is widely used in stored value card, transportation card, field such as false proof.
In recent years except that general RFID, develop again and the wireless well-informed card of a kind of new RFID--(smartcard) mifare, wireless well-informed card also has simple computing function except having memory function, be applicable to fields such as mass transit card, stored value card.
No matter be general RFID or wireless well-informed card, its security requirement is identical, that is: one is anti-replicability; The 2nd, anti-counterfeit property can only lean on physical characteristics to solve, and logical method is helpless; For counterfeit property, can only lean on logic behavior to solve, physical method is helpless.Therefore, the outlet that a kind of physics and logic combine is being sought in the whole world always, and prior art shows that static physical device can not prevent to duplicate, and dynamic physical device also differs and prevents from surely to duplicate, just as wireless well-informed card.
Along with the particularly wireless well-informed widespread use that is stuck in every field of RFID; its safety problem is also more and more outstanding, and in the particularly wireless well-informed card of RFID, that need most protection is user ID (UserIdentification; UID) territory is supplemented territory and remaining sum territory with money.
At first, the primary characteristic of RFID is the uniqueness of user ID, and one is blocked one number, because ID number is the unique identification of this card, guarantees that the authenticity of this sign becomes subject matter.If the UID territory is replicated, can produce a plurality of heavy cards so.
Be replicated if supplement the district with money, then can change and supplement with money, as: buy two cards and supplement different cards with money, supplement 50 yuan with money for one, another supplements 1000 yuan with money, then 1000 yuan key element is copied on 50 yuan the card.
If the remaining sum territory is replicated, then can change remaining sum, as: buy a card, earlier the remaining sum initial value in the card is preserved separately, after certain consumption, again the remaining sum initial value of preserving is separately duplicated into then, make old card renovation.
As shown in Figure 1, be the discriminating authentication processing synoptic diagram of wireless well-informed card, it guarantees its security by the mutual authentication that writes between instrument Writer, radio frequency card TAG, the card reader Reader three.The design feature of wireless well-informed card has reflected differentiating the different understanding of relation, writing between instrument Writer, radio frequency card TAG, the card reader Reader three, wireless well-informed card has been given prominence to the mutual discriminating between card reader and the radio frequency card, have to give radio frequency card certain " intelligence " function thus, so be provided with simple dynamically device such as scrambler and randomizer in radio frequency card, inadequate and card reader is differentiated alternately.But this mutual discriminating can not be reciprocity, because card reader is active intelligent device, and radio frequency card is passive memory device.Therefore produced unsurmountable fatal leak:
1) in the prior art, the randomizer in the radio frequency card is that (Linear Feedback Shift Register, LFSR), its initial value is the on time to 16 grades of linear feedback shift registers.Because of the on time is as can be known, so whole sequence can be described as " bright " sequence;
2) in the prior art, the scrambler cipher01 in the radio frequency card is one 48 grades a linear feedback shift register.From the structure and the agreement implementation of scrambler cipher01, extraneous input random number N t (being produced by randomizer) and user ID (UID) directly are exposed to the outside, and therefore can derive this linear feedback shift register initial value K provides foundation.
3) in the prior art, according to finding in the authentication protocol trace analysis that the encryption synchronisation process of the scrambler cipher01 of radio frequency card TAG and card reader can not be carried out with concealed manner.
This shows, the discriminating authentication processing process of wireless well-informed card is insecure, recently, being cracked of wireless well-informed card, and the appearance of emulation cryptanalysis machine ghost, can indiscriminately ad. as one wishes produce legal wireless well-informed card, thereby cause very big fear at home and abroad, bring enormous pressure for radio frequency card manufacturer and applying unit.
Summary of the invention
The object of the invention is to provide a kind of radio frequency system, device and security processing, and it can improve the degree of safety of radio frequency card greatly, reduces the harsh requirement to radio frequency card TAG simultaneously greatly.
A kind of radio frequency system for realizing that the object of the invention provides comprises writing instrument, card reader and radio frequency card, and the said write instrument, card reader and radio frequency card comprise the UID territory respectively, supplement territory and remaining sum territory with money;
The UID territory of described radio frequency card, supplement with money territory, remaining sum territory respectively correspondence 3 linear feedback shift registers are set;
Described radio frequency system also comprises CPK-key, and it is embedded in said write instrument and the card reader, makes said write instrument and card reader have the function of block encryption system;
Described CPK-key is provided with three keys, is respectively applied for the encryption of load value data and balance data and controlled variable;
The feedback of described linear feedback shift register and carry are subjected to the control of described controlled variable, and the content of described linear feedback shift register participates in the encryption and decryption of described block encryption system.
For realizing the object of the invention, a kind of radio frequency card also is provided, it comprises 3 linear feedback shift registers of 32 grades of bull feedbacks independently each other, controls UID territory among the radio frequency card TAG respectively, supplements the territory with money, the data in remaining sum territory;
The UID territory is controlled by linear first feedback shift register, is used for the signature of UID;
Supplement the territory with money and controlled by second linear feedback shift register, be used to write the signature of instrument load value data;
The remaining sum territory is controlled by the trilinear feedback shift register, is used to write the signature of card reader to balance data.
For realizing the object of the invention, a kind of security processing of radio frequency system also further is provided, comprise the steps:
Steps A by CPK-key, is utilized the block cipher system encryption method, and UID is carried out safe handling;
Step B, the CPK-key embedding is write instrument and two devices of card reader, make its identification function with block cipher system, write instrument the load value data in the radio frequency card is carried out safe handling, card reader is carried out safe handling to the balance data in the radio frequency card.
The invention has the beneficial effects as follows: radio frequency system of the present invention, device and security processing, utilize block encryption system method, CPK block encryption system method particularly, realized that with disposable signature technology UID differentiates and supplements with money, balance data is differentiated, utilize many tap control and carry controls of later feeding back shifting memory, realized the diversity of cryptography architecture, there is the identical RFID device of structure hardly, reach and prevent to duplicate, prevent the target of attacking, can be used for less radio-frequency card technique various payment systems such as (as the small amount stored value cards) safely.
Description of drawings
Fig. 1 is the radio frequency system structural representation of prior art;
Fig. 2 is the radio frequency system structural representation of the embodiment of the invention;
Fig. 3 is the security processing process flow diagram of the radio frequency system of the embodiment of the invention.
Embodiment
In order to make purpose of the present invention, technical scheme and advantage clearer,, a kind of radio frequency system of the present invention, device and security processing are further elaborated below in conjunction with drawings and Examples.Should be appreciated that specific embodiment described herein only in order to explanation the present invention, and be not used in qualification the present invention.
The embodiment of the invention is by the sign authentication technique based on CPK, writing between instrument Writer, radio frequency card TAG, the card reader Reader three, the outstanding mutual discriminating that writes between instrument and the card reader, with the block encryption system, particularly the sign authentication technique of CPK block encryption system directly applies in the mutual discriminating that writes instrument and card reader, and digital signature and checking are provided, data encryption and deciphering etc., radio frequency card are just as the instrument of acting on behalf of that writes instrument.Owing to write instrument and card reader is active intelligent appliance, discriminating can be reciprocity mutually, can improve the degree of safety of radio frequency card thus greatly, greatly reduces the harsh requirement to radio frequency card simultaneously.
In applications such as stored value card, transportation cards, be afraid of that most the place that is replicated is: the UID territory, supplement territory, remaining sum territory with money.Because radio frequency card as the birth defect of wireless well-informed card Mifare in design, under the situation of not changing radio frequency card TAG structure, is difficult to solve this duplicating.
As shown in Figure 2, radio frequency system of the present invention comprises writing instrument Writer card reader Reader, and radio frequency card TAG;
Said write instrument Writer, card reader Reader and radio frequency card TAG comprise the UID territory respectively, supplement the territory with money, the remaining sum territory;
The UID territory of described radio frequency card, supplement the corresponding respectively linear feedback shift register (division circuit) that 3 32 grades of inter-stage moulds 2 are set in territory, remaining sum territory with money, remember LFSR respectively 1, LFSR 2, LFSR 3, as shown in table 1.
The LFSR table that show the 1UID territory, supplement the territory with money, the remaining sum territory is provided with
The territory Data Signature LFSR Output line
UID 6B 18B 32 grades 32 grades
Supplement with money 6B 18B 32 grades 32 grades
Remaining sum 6B 18B 32 grades 32 grades
Radio frequency system of the present invention also comprises CPK-key (perhaps being called CPK-chip), it is embedded into and writes instrument Writer and two devices of card reader Reader, make it have the function of block encryption system, preferably be the identification function of CPK block encryption system, the discriminating between radio frequency card TAG and the card reader Reader is concerned that the discriminating of changing into card reader Reader and writing between the instrument Writer concerns;
Described CPK identification function, number of patent application the applicant is: 200510002156.4, denomination of invention: " based on the key generation method of sign ", and number of patent application: 200610065663.7, denomination of invention: in the Chinese patent application of " based on the method for anti-counterfeit territory device of CPK electronic tag " detailed description is arranged, in this application, quoting in full this application number is 200510002156.4, denomination of invention: " based on the key generation method of sign ", and number of patent application: 200610065663.7, denomination of invention: the technical scheme content of differentiating about CPK in describing in " based on the method for anti-counterfeit territory device of CPK electronic tag ", and describe in detail no longer one by one in this application.
Described CPK-key is provided with three key k 1, k 2, k 3, deposit in after the encryption among the CPK-key, be respectively applied for load value data and balance data and and the encryption of the variable m of controlled variable.
Preferably, key k 1, k 2, k 3Length be 64bit (8B), the block encryption system is for can being block encryption systems such as AES, DES; More preferably, described block encryption system preferably is a CPK block encryption system, and CPK PKI length is 98bit (12B), and it cracks the 48bit (6B) that difficulty is equivalent to symmetric key.
Described CPK block cipher system, at application number be: 200510002156.4, denomination of invention: " based on the key generation method of sign ", and number of patent application: 200610065663.7, denomination of invention: in the Chinese patent application of " based on the method for anti-counterfeit territory device of CPK electronic tag " detailed description is arranged, in this application, quoting in full this application number is 200510002156.4, denomination of invention: " based on the key generation method of sign ", and number of patent application: 200610065663.7, denomination of invention: the technical scheme content of differentiating about CPK in describing in " based on the method for anti-counterfeit territory device of CPK electronic tag ", and describe in detail no longer one by one in this application.
The control of the feedback of described linear feedback shift register and the controlled parameter m of carry, the content of linear feedback shift register participates in the encryption and decryption processes such as digital signature of block encryption system.
In the prior art, radio frequency card, although particularly wireless well-informed card Mifare is provided with dynamic scrambler, but, product under its be a kind of discriminating thinking of " radio frequency card TAG reading card device Reader ", and the embodiment of the invention is under the discriminating thinking of " writing instrument Writer reading card device Reader ", scrambler does not just have much good, and all keys are differentiated, as identify discriminating, data are differentiated, duplicate discriminating etc., all rely on the block encryption system, particularly CPK block encryption system technology realizes, and all discriminatings are all carried out writing among instrument Writer or the card reader Reader of intelligence.
CPK block encryption system CPK signature technology is based on the signature of sign, and signature is short, and speed is fast.Signature length can be accomplished 18 bytes, and the signature time is not once waited from 2 milliseconds to 200 milliseconds with chip used difference, and the CPK chip cost is dozens of yuan RMB also, and cost is low.The CPK signature technology can improve the security of radio frequency system, widens its application prospect.
Feedback shift register occupation condition in radio frequency card TAG based on the CPK signature technology is as shown in table 2.
Table 2 feedback shift register is the resource occupation table in radio frequency card TAG
Variable name n 1 m 1 n 2 m 2 n 3 m 3
Length 6B 5B 6B 5B 6B 5B
Signature 18B 18B 18B
The transmission of the variable of described controlled variable m is with block cipher system, particularly CPK block cipher system cipher mode carries out, the any secret information that sends by radio frequency card TAG, only write instrument Writer and card reader Reader can decipher, and emulation cryptanalysis machine and man-in-the-middle attack people have no way of finding out about it, and guarantee its security.
Preferably, described linear feedback shift register is many division circuits of feedback later;
Described digital signature changes with the variation of feedback shift register state.
The control of the controlled parameter m of feedback tap of the displacement of described linear feedback shift register, the 1st grade and the 32nd grade necessarily has tap, has 1 tap at least in the 2nd grade to the 31st grade, can constitute 2 30Hundred million kinds of different feedback relationships of-1=10.
Back 8 controls of the controlled parameter m of carry digit of described linear feedback shift register can constitute 2 8=256 kinds of different carry digits;
Preferably, the initial state of the linear feedback shift register among the described radio frequency card TAG is not to be the random state of " 0 " entirely; Begin feedback tap and work always from the input initial state, the eternal shuttling movement of linear feedback shift register from then on, in cycle period not repeatedly.
In a radio frequency card TAG, be provided with three shifting memories, three controlled variable m.The variable quantity of such three controlled variable m approximates (2 (30+8)) 3=2 114≈ 10 34Plant, have less radio-frequency (RFID) device of same structure hardly.The diversity of less radio-frequency device effectively prevents to utilize the possibility of different card crime like this.
The private key of the digital signature in said write instrument and the card reader, data encryption key all are stored among the CPK-key; do not have CPK-key to utilize to write instrument and card reader is decrypted and rewrites UID, supplements with money and balance data, reach protection radio frequency system purpose of safety.
CPK-key is distributed to and respectively writes instrument (Writer) operator and each card reader (Reader) operator, inserts CPK-key during operation, to obtain the right of operation, helps audit, helps tracing responsibility after incident takes place.
At end-of-job, just extract CPK-key.CPK-key is very little, is beneficial to keeping.Do not have CPK-key write instrument (Writer) operator and card reader (Reader) operator just can't operate, do not need to be beneficial to management to writing instrument and card reader is taken care of especially.This input mode and the method for operation effectively prevent to utilize the possibility with the card crime;
Be example with the radio frequency card below, the safe handling process of radio frequency system of the present invention is described.
On radio frequency card, comprise 3 linear feedback shift register LFSR of 32 grades of bulls feedback independently each other 1, LFSR 2, LFSR 3, control UID territory among the radio frequency card TAG respectively, supplement the territory with money, the data in remaining sum territory.
The UID territory is subjected to linear feedback shift register LFSR 1Control, be used for the signature of UID;
Supplement the territory with money and be subjected to linear feedback shift register LFSR 2Control is used to write the signature of instrument Writer to load value data;
The remaining sum territory is subjected to linear feedback shift register LFSR 3Control is used to write the signature of card reader Reader to balance data.
Linear feedback shift register LFSR 1Line of displacement and UID territory writing line connect together;
Linear feedback shift register LFSR 2Line of displacement with supplement the territory writing line with money and connect together;
Linear feedback shift register LFSR 3Line of displacement and remaining sum territory writing line line connect together, as shown in Figure 2.
Whenever the UID territory or supplement the territory with money or remaining sum is supplemented the territory with money when " writing " operation takes place, activate the displacement of corresponding linear feedback shift register respectively, up to " writing " EO.
Preferably, the content of TAG neutral line feedback shift register can not be imported from the external world, and its initial value is not to be complete any number of zero, and when " writing " action did not take place, it is motionless that the linear feedback shift register state keeps.Because the content of linear feedback shift register participates in signature, when writing action, just cause that its content is ensued variation with the linear feedback shift register displacement, signature also changes, and realizes disposable signature with this:
1) Enterprise of enterprise signs to the UID territory: SIG enterpris e - 1 ( UID + LFSR 1 ) = sign 1 ;
Wherein, SIG is a signature agreement, enterprise -1Be the signature private key of enterprise, sign 1Be the signed codevector of enterprise to UID, UID+LFSR 1Expression is with UID and the shifting memory content LFSR of TAG 1Tie up.
Described SIG signature agreement is the signature agreement of CPK system, is implemented by CPK-key;
Preferably, described signature agreement is the signature agreement of CPK block cipher system, and CPK PKI length is 98bit (12B), and it cracks the 48bit (6B) that difficulty is equivalent to symmetric key, is implemented by CPK-key.
2) write instrument Writer to supplementing the territory signature with money: SIG writeri - 1 ( data 1 + UID + LFSR 2 ) = sign 2 ;
Wherein, SIG is a signature agreement, Writer -1Be the signature private key that writes instrument, sign 2Be to write instrument to load value data data 1Signed codevector, data 1+ UID+LFSR 2Expression is with load value data data 1UID and linear feedback shift register content LFSR with TAG 2Tie up.
Described SIG signature agreement can be the signature agreement of various block encryption systems such as AES, DES, is implemented by CPK-key;
Preferably, described signature agreement is the signature agreement of CPK block cipher system, and CPK PKI length is 98bit (12B), and it cracks the 48bit (6B) that difficulty is equivalent to symmetric key, is implemented by CPK-key.
3) card reader Reader signs to the remaining sum territory: SIG readeri - 1 ( data 1 data 2 + UID + LFSR 3 ) = sign 31
Wherein, SIG is a signature agreement, Reader -1Be the signature private key of card reader, sign 3Be that card reader is to balance data data 2Signed codevector, data 1+ data 2+ UID+LFSR 3Expression is with balance data data 2UID, load value data data with TAG 1, shifting memory content LFSR 3Tie up.
Described SIG signature agreement is the signature agreement of CPK system, is implemented by CPK-key;
Preferably, described signature agreement is the signature agreement of CPK block cipher system, and CPK PKI length is 98bit (12B), and it cracks the 48bit (6B) that difficulty is equivalent to symmetric key, is implemented by CPK-key.
Described radio frequency card also comprises controlled variable m, and the tap relation of described three linear feedback shift registers and number of steps are by the controlled variable m control of linear feedback shift register.
Preferably, the preceding 32bit of controlled variable m, corresponding one by one with 32 feedback taps of linear feedback shift register, if ' 1 ', feedback tap works, if ' 0 ', this tap is then inoperative.
The number of steps of back 1B (8bit) the decision linear feedback shift register of controlled variable m.
The initial value of controlled variable m defines at random, but the 1st and the 32nd of m is fixed as 1, contains one " 1 " at least in middle 30, and the content of back 8bit can not " complete 0 ".
Controlled variable m CPK key K 3Encryption obtains the n of 6B (48bit), i.e. E K3(m)=and n, m and n are charged among the radio frequency card TAG.
M is used for the inner encryption of radio frequency card TAG;
N is used to send to the other side and is decrypted.
Then use key K writing instrument Writer and card reader Reader in advance 3Deciphering is obtained m, i.e. D K3(n)=m.
Wherein E represents to encrypt, and D represents deciphering, and used cipher system is can be various block encryption systems such as existing AES, DES, K 3Be to add, decipher used key, all encryptions, decryption acts are all carried out in CPK-key.
Preferably, used block encryption system is the CPK block cipher system, and CPK PKI length is 98bit (12B), and it cracks the 48bit (6B) that difficulty is equivalent to symmetric key, is implemented by CPK-key.
Preferably, n is signed, though then password cracking can not arbitrarily palm off.
Describe the security processing of the radio frequency system of the embodiment of the invention below in detail, wherein, UID is defined by the Manufacturer of producer, and writes among the TAG, and offers the Enterprise of enterprise.
As shown in Figure 3, the security processing of the radio frequency system of the embodiment of the invention comprises the following steps:
Step S100 by CPK-key, utilizes the block cipher system encryption method, and UID is carried out safe handling;
CPK-key inserted write instrument Writer, utilize the variable m of CPK block cipher system the controlled variable that generates at random 1Use K 3Encrypt n 1, and UID signature obtained signed codevector sign 1, with m 1, n 1, sing 1Write among the radio frequency card TAG, and offer other and respectively write instrument Writer i
Among the described step S100, utilize the CPK system to generate signature sign 1, controlled variable n 1, m 1, and write among the radio frequency card TAG, and offer other and respectively write instrument Writer iDetailed process as follows:
Step 110, enterprise writes instrument Writer and reads linear feedback shift register state LFSR among the TAG earlier 1, enterprise utilizes the instrument Writer that writes that inserts CPK-key that UID is signed, promptly SIG enterpris e - 1 ( UID + LFS R 1 ) = sign 1 ;
Wherein SIG is a signature agreement, enterprise -1Be the signature private key of enterprise, UID+LFSR1 is UID and linear feedback shift register state LFSR 1Binding, sign 1Be the signed codevector of enterprise to UID.
Described SIG signature agreement is the signature agreement of CPK system, is implemented by CPK-key;
CPK PKI length is 98bit (12B), and it cracks the 48bit (6B) that difficulty is equivalent to symmetric key.
Step S120, KMC (KMC) is provided with data encryption key K 1, K 2, K 3, and write among all CPK-key, wherein, K 1Be used for the encryption of load value data, K 2Be used for the encryption of balance data, K 3Be used for the encryption of parameter m.
Step S130 is for each radio frequency card TAG generates three couples of n i, m i, n wherein i=E K3(m i), m wherein 1, n 1Be used for the UID territory; m 2, n 2Be used to supplement with money the territory; m 3, n 3Be used for the remaining sum territory.
Step S140, the enterprise sign that will sign 1, the variable m of three pairs of controlled variable iAnd n i, write among the radio frequency card TAG, what offer other writes instrument Writer iOr card reader Writer j
Step S200, the CPK-key embedding is write instrument Writer and two devices of card reader Reader, make it have the identification function of CPK cipher system, write instrument Writer the load value data among the radio frequency card TAG is carried out safe handling, card reader Reader carries out safe handling to the balance data among the TAG.
The CPK-key embedding is write instrument Writer and two devices of card reader Reader, make it have the identification function of CPK system, write instrument Writer load value data is carried out safe handling, card reader Reader carries out safe handling to the balance data in the radio frequency card, like this, the discriminating that just relation of the discriminating between radio frequency card TAG and the card reader Reader can be changed into card reader Reader and write between the instrument Writer concerns.
Write for the instrument Writer for one, can dispose several operators, each bright operator has CPK-key, when having only the CPK-key that inserts the operator, just can open and write the instrument Writer line operate of going forward side by side.Operations of operators is audited in writing instrument Writer.
Among the described step S200, write instrument Writer the load value data among the radio frequency card TAG is carried out safe handling.Comprise the steps:
Step S211 writes instrument Writer and utilizes CPK-key, the unique identification UID of radio frequency card TAG is verified, i.e. SIG -1 Enterprise(UID+LFSR 1)=sign 1';
Wherein, SIG -1Be indentification protocol, described indentification protocol CPK indentification protocol is implemented by CPK-key;
CPK PKI length is 98bit (12B), and it cracks the 48bit (6B) that difficulty is equivalent to symmetric key.
In the CPK cipher system based on sign, enterprise's name is exactly a PKI, and sign ' is to UID+LFSR 1Identifying code, if sign=sign ', then the checking pass through.
When supplementing with money, if balance data is arranged in the radio frequency card, then again balance data is verified, comprise step S212 and step S213:
If step S212 is the K of the remaining sum numeric field data among the radio frequency card TAG 2Encrypt, then utilize K 2Balance data is decrypted, obtains balance data, be i.e. D K2(code 2)=data 2
Wherein, D represents deciphering, and code is a password, data 2It is the balance data after the deciphering.
Used encryption system is can be various block encryption systems such as existing AES, DES, K 3Be to add, decipher used key, all encryptions, decryption acts are all carried out in CPK-key.
CPK PKI length is 98bit (12B), and it cracks the 48bit (6B) that difficulty is equivalent to symmetric key.
Step S213 writes instrument Writer the balance data that deciphering from radio frequency card TAG obtains is verified, be i.e. SIG -1 Writeri(data 2)=sign 3';
Wherein, SIG -1Be indentification protocol, described indentification protocol is the CPK indentification protocol, is implemented by CPK-key; CPK PKI length is 98bit (12B), and it cracks the 48bit (6B) that difficulty is equivalent to symmetric key.
Writer is the PKI that writes instrument, sign 3' be identifying code to balance data, if sign 3=sign 3', then checking is passed through.
Step S214, writing instrument Writer supplements with money radio frequency card TAG, then cause " writing " action, excite the shifting function of the linear feedback shift register among the TAG, write instrument Writer and from radio frequency card TAG, read earlier linear feedback shift register state LFSR 2, utilize the CPK system to sign to load value data by CPK-key, promptly SIG writer i - 1 ( data 1 + UID + LFSR 2 ) = sign 2 ;
Wherein, SIG is a signature agreement, Writer -1Be the signature private key that writes instrument, sign 2Be to write instrument to load value data data 1Signed codevector, data 1+ UID+LFSR 2Expression load value data data 1UID, shifting memory content LFSR with TAG 2Binding.
Described SIG signature agreement is the CPK signature agreement, is implemented by CPK-key.
Step S215 with writing the load value data of instrument Writer to radio frequency card TAG, utilizes the block cipher system encryption method to encrypt by CPK-key, i.e. E K1(data 1)=code 1
Wherein, E represents to encrypt data 1Be load value data code 1It is password.
Used block cipher system is can be various block cipher systems such as existing AES, DES, K 1Load value data is added, deciphers used key, and all encryptions, decryption acts are all carried out in CPK-key.
Preferably, used cipher system can be the AES/DES block cipher system.
If the operation of supplementing with money is at unique identification UID, load value data data1, balance data data2, linear feedback shift register LFSR 2The basis on carry out, in the then described step 214, write instrument Writer radio frequency card TAG supplemented with money, then excite linear feedback shift register LFSR 2Shifting function, utilize the block encryption system to sign to load value data by CPK-key, specifically comprise the steps:
Step S2141 writes instrument Writer and sends " writing " order, and perhaps action is write in the territory of supplementing with money of radio frequency card, linear feedback shift register LFSR 2Begin operation;
Step S2142 writes the linear feedback shift register LFSR that instrument Writer accepts radio frequency card TAG output 2Currency (being designated as 1 attitude) and the password n of the controlled variable that sends 2Write instrument Writer with n 2M is obtained in deciphering 2: D K3(n 2)=m 2, use m 2Preceding 30 definite linear feedback shift register LFSR 2Feedback relationship, back 8 definite carry digits;
Step S2143 writes the linear feedback shift register LFSR of instrument Writer and radio frequency card 2On 1 attitude basis, walk m 2In the step, be designated as 2 attitudes;
Step S2144, radio frequency card TAG output load value data data 1
Step S2145 writes instrument Writer and verify load value data data on 2 attitude 1
Step S2146 writes instrument Writer and sends a t1 (t1=0..31);
Step S2147, the linear feedback shift register LFSR of radio frequency card 2Output t1 position rise 5 bit.
Step S2148 writes instrument Writer and checks 5 bit, if to would send t2 (t2=0..31);
Step S2149, the linear feedback shift register LFSR of radio frequency card 2Output t2 position rise 5 bit;
Step S21410 writes instrument Writer and checks, if right, then sends t3 (t3=0..31);
Step S21411, the linear feedback shift register LFSR of radio frequency card 25 bit that output t3 rises the position;
If all question and answer have all been passed through, then carry out next step, otherwise withdraw from process.
Step S21412, the linear feedback shift register LFSR2 of the radio frequency card m that on 2 attitudes, moves 2Step is designated as 3 attitudes, and m again moves 2Step is designated as 4 attitudes, with the value addition that will supplement with money, obtains the load value data SUM after the addition 2
Step S21413, write instrument Writer on 4 attitudes to the load value data SUM after the addition 2Signature: SIG writeri - 1 ( SUM 2 ) = sign 2
Step S21414 writes instrument Writer with signed codevector sign 2Write among the radio frequency card TAG;
Step S21415, the linear feedback shift register of radio frequency card TAG is stepping m on 1 attitude 2Step is designated as 2 attitudes, and m again moves 2In the step, be designated as 3 attitudes.
The next round process is carried out since 3 attitudes like this, and radio frequency card TAG sends 3 attitudes; Write instrument Writer like this and just on 4 attitudes, verify, and on 5 attitudes, sign.Whole process has been advanced and one has been taken turns, nonsensical empty information such as aerial 1 attitude that sends, 3 attitudes, 5 attitudes, and the information that really is used in signature then is that 2 attitudes, 4 attitudes, 6 attitudes etc. but do not expose.
Like this, the transmission of the variable of controlled variable is carried out in the dislocation mode, and the variable of the controlled variable of really enabling is not exposed in this communication.
For card reader Reader, it can be a plurality of card reader Reader.When inserting CPK-key, open the card reader Reader line operate of going forward side by side.
Among the described step S200, card reader Reader carries out safe handling to the balance data among the radio frequency card TAG, comprises checking and signature, deciphering and encryption etc., comprises the steps:
Step S221, card reader Reader utilizes CPK-key, the UID among the radio frequency card TAG is verified, i.e. SIG -1 Enterprise(UID+LFSR 1)=sign 1';
Card reader Reader is to the checking of UID, and instrument Writer is identical to the checking of UID with writing among the step S211, therefore describes in detail no longer one by one.
Step S222 has utilized K if supplement the territory among the radio frequency card TAG with money 1Encrypt, card reader Reader then to the territory of supplementing with money of radio frequency card TAG, utilizes CPK-key, by corresponding K 3Load value data is decrypted the load value data after obtaining deciphering, i.e. D K1(code 1)=data 1Wherein D represents deciphering, code 1Be password, data 1It is the load value data after the deciphering.Used block encryption system is can be various block encryption systems such as existing AES, DES, perhaps CPK block cipher system, K 1Be that load value data is added, deciphers used key, all encryptions, decryption acts are all carried out in CPK-key.
Step S223, card reader Reader verify the load value data that deciphering obtains, i.e. SIG -1 Writer(data 1+ UID+LFSR 2)=sign 2';
Wherein, SIG -1Be indentification protocol, described indentification protocol is the CPK indentification protocol, is implemented by CPK-key, and writer is the PKI that writes instrument, sign 2' be to write the identifying code of instrument to the load value data signature, if sign 2=sign 2', then checking is passed through.
Step S224, card reader Reader verify the existing balance data from radio frequency card TAG, i.e. SIG -1 Readeri(data 2+ data 1+ UID+LFSR 3)=sign 3';
Wherein, SIG -1Be indentification protocol, described indentification protocol is the CPK indentification protocol, is implemented reader by CPK-key iBe the PKI of card reader, sign 3' be identifying code to existing balance data, here, balance data with load value data data 1, UID, shifting memory state LFSR 3If binding is sign 3=sign 3', then checking is passed through.
Step S225, card reader Reader carries out " writing " operation to the balance data among the radio frequency card TAG, then excites the shifting function of linear feedback shift register, by CPK-key, balance data is signed, promptly SIG readeri - 1 ( data 2 + data 1 + UID + LFSR 3 ) = sign 3 ;
Wherein, SIG is a signature agreement, and data2 is new balance data, with load value data data1, UID, new shifting memory state LFSR 3Binding is by the private key reader of card reader with oneself -1Signature.Signature carries out in CPK-key, and signed codevector is write among the TAG.
Described signature agreement is the CPK signature agreement.
Step S226 when remaining sum is verified, if the balance data among the radio frequency card TAG is encrypted, then with the balance data in the radio frequency card, utilizes the deciphering in advance of block encryption system by CPK-key, obtains the balance data in the radio frequency card, i.e. D K2(code 2)=data 2
Wherein D is a decryption protocol, and card reader Reader reads the password code of balance data from radio frequency card TAG 2, decrypt balance data data with key K 2 2Decryption oprerations is carried out in CPK-key.
Step S227 encrypts new balance data if desired, then utilizes the block encryption system to encrypt by CPK-key, and writes among the radio frequency card TAG, i.e. E K2(data 2)=code 2
Wherein E is a cryptographic protocol, and balance data data2 is through k 2The password code that encrypts 2Cryptographic operation carries out in CPK-key, with the password code after encrypting 2Write among the TAG.
Among the described step S225, excite the shifting function of linear feedback shift register, balance data is signed, specifically comprise the steps: by CPK-key
Step S2251, card reader Reader send " writing " order, and perhaps action is write in the remaining sum territory of radio frequency card, and linear feedback shift register carries out shifting function;
Step S2252, card reader Reader accept the linear feedback shift register LFSR of radio frequency card TAG output 3Currency (being designated as 1 attitude) and the password n of the controlled variable that sends 3Card reader Reader is with n 3M is obtained in deciphering 3: D K3(n 3)=m 3, use m 3Preceding 30 definite linear feedback shift register LFSR 3Feedback relationship, back 8 definite carry digits.
Step S2253, the linear feedback shift register LFSR of card reader Writer and radio frequency card 3M moves on 1 attitude basis 3In the step, be designated as 2 attitudes;
Step S2254, radio frequency card TAG output remaining sum territory data2;
Step S2255, card reader Reader verifies balance data on 2 attitudes;
Step S2256, card reader Reader send a t1 (t1=0..32);
Step S2257, the linear feedback shift register LFSR of radio frequency card 35 bit that output t1 rises the position.
Step S2258, card reader Reader checks, if right, then sends t2;
Step S2259, the linear feedback shift register LFSR of radio frequency card 35 bit that output t2 rises the position;
Step S22510, card reader Reader checks, if right, then sends t3;
Step S22511, the linear feedback shift register LFSR of radio frequency card 35 bit that output t3 rises the position;
If 3 times question and answer are all correct, then enter next process, otherwise withdraw from process.
Step S22512, the linear feedback shift register LFSR of radio frequency card 3M moves on 2 attitudes 3Step is designated as 3 attitudes, and m again moves 3Step is designated as 4 attitudes, operates SUM as a result after obtaining operating with remaining sum 3
Step S22513, card reader Reader on 4 attitudes to SUM 3Signature, promptly SIG readeri - 1 ( SUM 3 ) = sign 3 ;
Step S22514, card reader Reader is with signed codevector sign 3Write among the radio frequency card TAG;
Step S22515, the linear feedback shift register LFSR of radio frequency card TAG 3M goes further on 1 attitude 3Step is designated as 2 attitudes, and m goes further 3Step is designated as 3 attitudes, and then the next round linear feedback is since 3 attitudes.
Like this, when the UID territory, supplement with money in territory, the remaining sum territory and any change to take place, replace, when duplicating, just cause and write action, excite the shifting function of linear feedback shift register simultaneously, the content of signature is changed, it is invalid that the signature that duplicates just becomes.This disposable signature is to rely on the line of displacement of linear feedback shift register LFSR to realize, shifting function changes the state of shifting memory, the change of state is signed needed just, because legal operator has the ability of signature again, do not influence its legitimacy, but the ability that illegal operation person does not then sign again.
The present invention is based on the security processing of radio frequency system of the digital signature of CPK, can effectively differentiate UID and data;
In the present invention, the anti-problem of duplicating of radio frequency card RFID has turned to and has prevented the duplicating in the displacement control with linear feedback shift register of linear feedback shift register content, if the content of linear feedback shift register can not former state read or can not former state write into, so just can be in case duplicated, therefore, also will consider anti-probe attack in the present invention, the present invention is by utilizing CPK-key, utilize the block encryption system to carry out safe handling, thereby address this problem.
By the present invention as can be seen, the present invention can effectively finish the safe handling to radio frequency card in general sense, promptly on the radio frequency card basis, utilize with card, differently stick into capable various duplicating, below further analyze the present invention and can resist Ghost and easy card and dissect and attack.
Design a kind of easy card, its design is identical with this card, and the different just states of feedback shift register can be imported from the external world.Can easy card become the legal card identical with this card so?
At first buy a card of supplementing 1000 yuan with money;
With UID number information reproduction to easy card; Promptly duplicate UID number, operating personnel to the signature of UID, the controlled variable of feedback shift register.
Equally, with load value data information and balance data information reproduction to easy card.
Because it is close that the feedback shift register controlled variable has added, can not decipher, because can not decipher controlled variable, wait when using next time and to differentiate and can't pass, must expose.
If want to obtain the controlled variable m of real feedback shift register, the just essential chip of dissecting, if controlled variable m is readable, so can infinite copy supplementing with money is 1000 legal easy card; If can not read, though dissected also of no use.Therefore, An Quan key ties up in the protection of controlled variable m of feedback shift register.
In conjunction with the drawings to the description of the specific embodiment of the invention, others of the present invention and feature are conspicuous to those skilled in the art.
More than specific embodiments of the invention are described and illustrate it is exemplary that these embodiment should be considered to it, and be not used in and limit the invention, the present invention should make an explanation according to appended claim.

Claims (20)

1, a kind of radio frequency system comprises writing instrument, card reader and radio frequency card, and the said write instrument, card reader and radio frequency card comprise the UID territory respectively, supplement territory and remaining sum territory with money, it is characterized in that:
The UID territory of described radio frequency card, supplement with money territory, remaining sum territory respectively correspondence 3 linear feedback shift registers are set;
Described radio frequency system also comprises CPK-key, and it is embedded in said write instrument and the card reader, makes said write instrument and card reader have the encryption and decryption functions and the CPK signature verification function of block encryption system;
Described CPK-key is provided with three keys, is respectively applied for the encryption of load value data and balance data and controlled variable;
The feedback of described linear feedback shift register and carry are subjected to the control of described controlled variable, and the content of described linear feedback shift register participates in digital signature.
2, radio frequency system according to claim 1 is characterized in that, described block encryption system is a kind of in AES or the DES block encryption system.
3, radio frequency system according to claim 1 is characterized in that, described CPK cipher system is a public key system, and its PKI length is 98bit.
According to each described radio frequency system of claim 1 to 3, it is characterized in that 4, described linear feedback shift register is 32 grades of linear feedback shift registers.
5, radio frequency system according to claim 4 is characterized in that, described linear feedback shift register is many division circuits of feedback later; Described digital signature changes with the variation of feedback shift register state.
6, radio frequency system according to claim 5 is characterized in that, back 8 controls of the controlled parameter of carry digit of described linear feedback shift register.
7, radio frequency system according to claim 1 is characterized in that, the initial state of described linear feedback shift register is not to be 0 random state entirely.
8, a kind of radio frequency card is characterized in that, comprises 3 linear feedback shift registers of 32 grades of bulls feedback independently each other, controls UID territory among the radio frequency card TAG respectively, supplements the territory with money, the data in remaining sum territory;
The UID territory is controlled by linear first feedback shift register, is used for the signature of UID;
Supplement the territory with money and controlled by second linear feedback shift register, be used to write the signature of instrument load value data;
The remaining sum territory is controlled by the trilinear feedback shift register, is used for the signature of card reader to balance data.
9, radio frequency card according to claim 8 is characterized in that, the line of displacement of described first linear feedback shift register and UID territory writing line connect together;
The line of displacement of described second linear feedback shift register with supplement the territory writing line with money and connect together;
The line of displacement of described trilinear feedback shift register and remaining sum territory writing line line connect together.
10, according to Claim 8 or 9 described radio frequency cards, it is characterized in that, also comprise controlled variable, the tap relation of described three linear feedback shift registers and number of steps are by the controlled variable control of linear feedback shift register.
11, radio frequency card according to claim 10 is characterized in that, the preceding 32bit of described controlled variable is corresponding one by one with 32 feedback taps of described linear feedback shift register; If 1, feedback tap works, if 0, this tap is then inoperative;
The back 8bit of described controlled variable determines the number of steps of described linear feedback shift register;
The initial value of described controlled variable defines at random, but the 1st and the 32nd of described controlled variable is fixed as 1, contains one 1 at least in middle 30, and the content of back 8bit can not complete 0.
12, a kind of security processing of radio frequency system is characterized in that, comprises the steps:
Steps A by CPK-key, is utilized block cipher system and digital signature function, and UID is carried out secret and signature processing;
Step B, the CPK-key embedding is write instrument and two devices of card reader, make its identification function with block cipher system and CPK, write instrument the load value data in the radio frequency card is carried out safe handling, card reader is carried out safe handling to the balance data in the radio frequency card.
13, the security processing of radio frequency system according to claim 12 is characterized in that, described steps A comprises the following steps:
Steps A 1, the CPK-key insertion is write instrument, utilize the CPK block cipher system to generate the variable of controlled variable, the variable of controlled variable is with the encryption variables that obtains of the 3rd secret key encryption, and UID signature obtained signed codevector, variable, encryption variables, the signed codevector of controlled variable write in the radio frequency card.
14, the security processing of radio frequency system according to claim 13 is characterized in that, in the described steps A 1, the described CPK system of utilizing generates signed codevector, the variable of controlled variable and encryption variables, and write in the radio frequency card, comprise the following steps:
Steps A 11 writes instrument and reads the first linear feedback shift register state in the radio frequency card earlier, utilizes the instrument that writes that inserts CPK-key that UID is signed;
Steps A 12 is provided with data encryption key K 1, K 2, K 3, and write among all CPK-key, wherein, K 1Be used for the encryption of load value data, K 2Be used for the encryption of balance data, K 3Be used for the encryption of parameter m;
Steps A 13 is for each radio frequency card generates three couples of n i, m i, n wherein i=E K3(m i), m wherein 1, n 1Be used for the UID territory; m 2, n 2Be used to supplement with money the territory; m 3, n 3Be used for the remaining sum territory;
Steps A 14, with signed codevector, the variable m of three pairs of controlled variable iAnd n i, write among the radio frequency card TAG, and offer other and write instrument.
15, according to the security processing of each described radio frequency system in the claim 12 to 14, it is characterized in that, among the described step B, write instrument the load value data in the radio frequency card is carried out safe handling, comprise the steps:
Step B11 writes instrument and utilizes CPK-key, and the enciphering authentication by the block encryption system is verified the unique identification UID of radio frequency card TAG;
Step B12, writing instrument supplements with money radio frequency card TAG, then cause " writing " action, excite the shifting function of the linear feedback shift register in the radio frequency card, write instrument and from radio frequency card, read the second linear feedback shift register state earlier, utilize the CPK system to sign by CPK-key load value data;
Step B13 with writing the load value data of instrument to radio frequency card, utilizes the block cipher system encryption method to encrypt by CPK-key.
16, the security processing of radio frequency system according to claim 15 is characterized in that, between described step B11 and the step B12, when supplementing with money, if balance data is arranged in the radio frequency card, then again balance data is verified, also comprise the following steps:
If step B111 is the K of the remaining sum numeric field data in the radio frequency card 2Encrypt, then utilize K 2Balance data is decrypted, obtains balance data;
Step B112 writes instrument the balance data that deciphering from radio frequency card obtains is verified.
17, the security processing of radio frequency system according to claim 15, it is characterized in that, among the described step B12, writing instrument supplements with money radio frequency card, then excite the shifting function of second linear feedback shift register, utilize the block encryption system to sign to load value data by CPK-key, comprise the steps:
Step B121 writes instrument and sends " writing " order, and perhaps action is write in the territory of supplementing with money of radio frequency card, and second linear feedback shift register in the radio frequency card begins operation;
Step B122 writes the currency that instrument is accepted second linear feedback shift register of radio frequency card output, is designated as 1 attitude, and the password n of the controlled variable that sends 2Write instrument with n 2M is obtained in deciphering 2: D K3(n 2)=m 2, use m 2Preceding 30 feedback relationships of determining second linear feedback shift registers, back 8 definite carry digit t 2
Step B123, second linear feedback shift register that writes instrument and radio frequency card is walked m on 1 attitude basis 2In the step, be designated as 2 attitudes;
Step B124, radio frequency card output load value data data 1
Step B125 writes instrument and verify load value data data on 2 attitude 1
Step B126 writes instrument and sends t1, wherein a t1=0..32;
Step B127,5 bit that rise second linear feedback shift register output t1 position of radio frequency card are as answer.
Step B128 writes the instrument inspection and sends t2;
Step B129,5 bit that rise second linear feedback shift register output t2 position of radio frequency card are as answer;
Step B1210 writes the instrument inspection and sends t3;
Step B1211, the second linear feedback shift register LFSR of radio frequency card 25 bit that output t3 rises the position are as answer;
Step B1212, second linear feedback shift register of the radio frequency card m that on 2 attitudes, moves 2Step is designated as 3 attitudes, and m again moves 2Step is designated as 4 attitudes, with the value addition that will supplement with money, obtains the load value data SUM after the addition 2
Step B1213, write instrument on 4 attitudes to the load value data SUM after the addition 2Signature: SIG writeri - 1 ( SUM 2 ) = sign 2
Step B1214 writes instrument with signed codevector sign 2Write in the radio frequency card;
Step B1215, the linear feedback shift register of radio frequency card is stepping m on 1 attitude 2Step is designated as 2 attitudes, and m again moves 2In the step, be designated as 3 attitudes.
According to the security processing of each described radio frequency system in the claim 12 to 14, it is characterized in that 18, among the described step B, card reader is carried out safe handling to the balance data in the radio frequency card, comprises the steps:
Step B21, card reader is utilized CPK-key, by the encryption of block encryption system and the verification method of CPK the UID in the radio frequency card is verified;
Step B22 has utilized K if supplement the territory in the radio frequency card with money 1Encrypt, card reader then to the territory of supplementing with money of radio frequency card TAG, is utilized CPK-key, by corresponding K 3Load value data is decrypted the load value data after obtaining deciphering;
Step B23, card reader Reader verifies the load value data that deciphering obtains;
Step B24, card reader Reader verifies the existing balance data from radio frequency card TAG;
Step B25, card reader is carried out " writing " operation to the balance data in the radio frequency card, then excites the shifting function of linear feedback shift register, by CPK-key, utilizes the block encryption system that balance data is signed.
19, the security processing of radio frequency system according to claim 18 is characterized in that, also comprises the steps: after the described step B25
Step B26 when remaining sum is verified, if the balance data in the radio frequency card is encrypted, then with the balance data in the radio frequency card, utilizes the deciphering in advance of block encryption system by CPK-key, obtains the balance data in the radio frequency card;
Step B27 encrypts new balance data if desired, then utilizes the block encryption system to encrypt by CPK-key, and writes in the radio frequency card.
20, according to the security processing of claim 17 or 18 described radio frequency systems, it is characterized in that, among the described step B25, excite the shifting function of linear feedback shift register, by CPK-key, utilize the block encryption system that balance data is signed, comprise the steps:
Step B251, card reader is sent " writing " order, and perhaps action is write in the remaining sum territory of radio frequency card, and the trilinear feedback shift register in the radio frequency card carries out shifting function;
Step B252, card reader is accepted the currency of the trilinear feedback shift register of radio frequency card output, is designated as 1 attitude, and the password n of the controlled variable that sends 3Card reader is with n 3M is obtained in deciphering 3: D K3(n 3)=m 3, use m 3Preceding 30 determine trilinear feedback shift register feedback relationships, back 8 definite carry digits;
Step B253, the trilinear feedback shift register of card reader and the radio frequency card m that on 1 attitude basis, moves 3In the step, be designated as 2 attitudes;
Step B254, radio frequency card output remaining sum territory data2;
Step B255, card reader is verified balance data on 2 attitudes;
Step B256, card reader is sent t1, wherein a t1=0..32;
Step B257,5 bit that rise the linear feedback shift register LFSR2 output t1 position of radio frequency card are as answer;
Step S2258, card reader Reader checks and sends t2;
Step S2259,5 bit that rise the linear feedback shift register LFSR2 output t2 position of radio frequency card are as answer;
Step S22510, card reader Reader checks and sends t3;
Step S22511,5 bit that rise the linear feedback shift register LFSR2 output t3 position of radio frequency card are as answer;
Step B256, the trilinear feedback shift register of card reader and the radio frequency card m that on 2 attitudes, moves 3Step is designated as 3 attitudes, and m again moves 3Step is designated as 4 attitudes, operates SUM as a result after obtaining operating with remaining sum 3
Step B257, card reader on 4 attitudes to SUM 3Signature, promptly SIG readeri - 1 ( SUM 3 ) = sign 3 ;
Step B258, card reader is with signed codevector sign 3Write among the radio frequency card TAG;
Step B259, the trilinear feedback shift register of the radio frequency card m that on 1 attitude, goes further 3Step is designated as 2 attitudes, and m goes further 3Step is designated as 3 attitudes, and then the next round linear feedback is since 3 attitudes.
CN 200910087323 2009-06-23 2009-06-23 Radio frequency system, device and safe processing method Expired - Fee Related CN101582123B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN 200910087323 CN101582123B (en) 2009-06-23 2009-06-23 Radio frequency system, device and safe processing method
PCT/CN2010/074304 WO2010149041A1 (en) 2009-06-23 2010-06-23 Radio frequency system, radio frequency device and security processing method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 200910087323 CN101582123B (en) 2009-06-23 2009-06-23 Radio frequency system, device and safe processing method

Publications (2)

Publication Number Publication Date
CN101582123A true CN101582123A (en) 2009-11-18
CN101582123B CN101582123B (en) 2012-08-15

Family

ID=41364262

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 200910087323 Expired - Fee Related CN101582123B (en) 2009-06-23 2009-06-23 Radio frequency system, device and safe processing method

Country Status (2)

Country Link
CN (1) CN101582123B (en)
WO (1) WO2010149041A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010149041A1 (en) * 2009-06-23 2010-12-29 北京易恒信认证科技有限公司 Radio frequency system, radio frequency device and security processing method
CN102682333A (en) * 2012-02-28 2012-09-19 南相浩 RFID system and method based on bidirectional authentication
CN103875005A (en) * 2011-05-31 2014-06-18 复制停止系统有限责任公司 A system for verifying a communication device and a security communication device
CN108597119A (en) * 2018-04-24 2018-09-28 山东和同信息科技股份有限公司 A kind of intelligent control method of agricultural water price reform radio-frequency card terminal

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6026163A (en) * 1995-12-13 2000-02-15 Micali; Silvio Distributed split-key cryptosystem and applications
CN1337803A (en) * 2001-07-03 2002-02-27 上海复旦微电子股份有限公司 Enciphering method and circuit for safe communication of IC card data
GB0121747D0 (en) * 2001-09-08 2001-10-31 Amphion Semiconductor Ltd Improvements in and relating to data encryption\decryption apparatus
US7879111B2 (en) * 2006-11-02 2011-02-01 Sony Corporation System and method for RFID transfer of MAC, keys
CN100461669C (en) * 2005-02-03 2009-02-11 贾松仁 Public key code hopping safety system and method
CN101001142A (en) * 2007-01-17 2007-07-18 张建华 Encipher-decipher method based on iterative random number generator
CN101083792A (en) * 2007-06-27 2007-12-05 浙江省电信有限公司 PHS non-contact card small amount payment system for public transport system
CN101582123B (en) * 2009-06-23 2012-08-15 北京易恒信认证科技有限公司 Radio frequency system, device and safe processing method

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010149041A1 (en) * 2009-06-23 2010-12-29 北京易恒信认证科技有限公司 Radio frequency system, radio frequency device and security processing method
CN103875005A (en) * 2011-05-31 2014-06-18 复制停止系统有限责任公司 A system for verifying a communication device and a security communication device
US9323230B2 (en) 2011-05-31 2016-04-26 Copy Stop Systems Aps System for verifying a communication device and a security communication device
CN103875005B (en) * 2011-05-31 2016-08-17 复制停止系统有限责任公司 For verifying communicator and the system of secure communication device
CN102682333A (en) * 2012-02-28 2012-09-19 南相浩 RFID system and method based on bidirectional authentication
CN102682333B (en) * 2012-02-28 2015-01-14 南相浩 RFID system and method based on bidirectional authentication
CN108597119A (en) * 2018-04-24 2018-09-28 山东和同信息科技股份有限公司 A kind of intelligent control method of agricultural water price reform radio-frequency card terminal

Also Published As

Publication number Publication date
CN101582123B (en) 2012-08-15
WO2010149041A1 (en) 2010-12-29

Similar Documents

Publication Publication Date Title
EP3449451B1 (en) Implementing logic gate functionality using a blockchain
CN101923660B (en) Dynamic password identity authorization system and method based on RFID
CN101847199B (en) Security authentication method for radio frequency recognition system
US20200106600A1 (en) Progressive key encryption algorithm
US20060153380A1 (en) Personal cryptoprotective complex
CN103198344A (en) Tax-control safety two-dimensional code encoding and decoding processing method
CN104488219A (en) Methods and system for secure communication between an rfid tag and a reader
CN103414549A (en) QR two-dimensional code binary image partition-based key varying chaotic encryption method
WO2013072437A1 (en) Key protected nfc tag method and system, and a method for diversify coupon on a viral distribution chain by nfc
CN101582123B (en) Radio frequency system, device and safe processing method
CN102385710A (en) Method and system for verifying fact or fiction
CN106067205A (en) A kind of gate inhibition's method for authenticating and device
CN107147494A (en) A kind of method of the quantum dual signature based on the phased cryptographic operation of chain type
CN104243164A (en) Dynamic encryption non-contact type anti-counterfeit label and control method
CN104091191B (en) A kind of efficiently and effectively false proof authenticating method
CN103546284A (en) Hufu token authentication system
CN1221928C (en) Cryptographic method of protecting electronic chip against fraud
CN115567540A (en) Online learning evaluation method and system based on block chain technology
CN105376704A (en) Mobile wallet near-field communication payment method based on image encryption
CN107465655A (en) Pass through the card certification of contactless reading
CN208488752U (en) A kind of cryptography electronic label
CN105656629A (en) Secure non-adjacent form realization method in chip
CN102682333B (en) RFID system and method based on bidirectional authentication
WO2006003711A1 (en) Prepaid card, settlement system thereof, and electronic key
CN106781572A (en) A kind of method and device of guidance information issue

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
ASS Succession or assignment of patent right

Owner name: BEIJING IHENGXIN AUTHORIZATION

Free format text: FORMER OWNER: NAN XIANGHAO

Effective date: 20100701

C41 Transfer of patent application or patent right or utility model
COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: 100042 SECTION E-G, 3RD FLOOR, XIN'AN BUILDING, NO.40, SHIJINGSHAN ROAD, SHIJINGSHAN DISTRICT, BEIJING TO: 100042 SECTION E-G, 3RD FLOOR, XIN'AN BUILDING, NO.40, SHIJING ROAD, SHIJINGSHAN DISTRICT, BEIJING

TA01 Transfer of patent application right

Effective date of registration: 20100701

Address after: 100042 Beijing City, Shijingshan District Road No. 40 Xin'an stone building three layer E-G

Applicant after: Yihengxin Verification Science and Technology Co., Ltd., Beijing

Address before: 100042 Beijing City, Shijingshan District Shijingshan Road No. 40 building three layer E-G Xin'an

Applicant before: Nan Xianghao

C14 Grant of patent or utility model
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20120815

Termination date: 20180623