CN102129730A - Non-contact CPU (Central Processing Unit) card entrance guard reader - Google Patents
Non-contact CPU (Central Processing Unit) card entrance guard reader Download PDFInfo
- Publication number
- CN102129730A CN102129730A CN2010100228024A CN201010022802A CN102129730A CN 102129730 A CN102129730 A CN 102129730A CN 2010100228024 A CN2010100228024 A CN 2010100228024A CN 201010022802 A CN201010022802 A CN 201010022802A CN 102129730 A CN102129730 A CN 102129730A
- Authority
- CN
- China
- Prior art keywords
- card
- card reader
- authentication
- cpu
- reader
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a non-contact CPU (Central Processing Unit) card entrance guard reader comprising a radio frequency part, a 485 communication part, a security module part, a Wigan output and external control part, a power supply part, an external connection part, a microcontroller part and other parts. The non-contact CPU card entrance guard reader is internally provided with a PSAM (Pilot Symbol Assisted Modulation) card and applies security certification read-write mechanisms of the PSAM card and a CPU card. The CPU card entrance guard reader builds an integral and strict key management system by adopting the security certification of the PSAM card and the CPU card, sufficiently uses the security characteristics of the CPU card and comprises key systems of the CPU card and the PSAM card; after a key is input into the PSAM card, the key cannot be externally read, the PSAM card is inserted into card reading equipment, two-way validation is carried out through the PSAM card and the CPU card, a verified message is calculated through the participation of random data, and a same card is different every time when swiped on one equipment, therefore a counterfeit card is thoroughly prevented.
Description
[technical field]
The present invention relates to a kind of reader device, specifically, is a kind of contactless CPU card gate inhibition card reader.
[background technology]
At the beginning of 2009, the researchist of the Germany and the U.S. has successfully cracked the security algorithm of the Mifare1 chip of NXP, the Mifare1 chip is mainly used in the gate control system access control cards, and some small amount payment cards, range of application is covering the whole world, the researchist announces that there is weak link in the security of MIFARE series of products, by the communication data between research read write line and the card, find the cryptographic algorithm of this Mifare1 card and the agreement of authentication communication, and there are two kinds of methods can obtain the subregion password of MIFARE class logic encryption card, by this method, the saboteur can use the equipment that is dirt cheap just can obtain the password of a M1 card easily in 40ms, and this has come deathblow for the M1 cassette tape.
Compare with the Mifare1 card, contactless CPU card is a kind of truly " smart card ", comprise central processing unit (CPU), ROM (read-only memory) (ROM), random-access memory (ram), Electrically Erasable Read Only Memory major parts such as (EEPROM) in the integrated circuit in the CPU card, just as a superminicomputer.But have contain much information, anti-forgery security height off line job, but advantages such as multifunctional development, the CPU card adopts powerful and stable safety governor, strengthened the security of card, and the noncontact transmission interface can satisfy the requirement (as passing through fast of public transport) of fast transaction, the CPU card has adopted various chips level attack protection means, basically can not forge, CPU card peculiar inside and outside authentication mechanism and be the specific authentication mechanism of representative with the financial IC card standard can guarantee the legitimacy of concluding the business fully; In authentication and process of exchange, the CPU key is not on the line expressly to occur, sending that it is each all is to pass through random number encryption, and because the participation of random number is arranged, guarantee the content difference of each transmission, guaranteed the security of transaction, employed key all is to produce also in the hair fastener environment in safety that ciphertext is installed in SAM card and the subscriber card in authentication and process of exchange, and whole process key do not expose.
Because contactless CPU jig has above significant advantage; particularly suitable is applied to fields such as stored value card, electronic bankbook, highway automatic fare collection system, motorbus automatic ticket-selling system, social security system, IC-card fuel loading system, safe gate inhibition; contactless CPU card will progressively replace logic encryption card and become the main type selecting of IC-card; under the situation that the M1 card is cracked, adopting contactless CPU card to replace the M1 card is the final solution that solves the crisis of M1 card.
Yet, gate inhibition's card reader mainly adopts dual mode in the market, but all exist major defect: one, adopt the card number of the card number of ID card or Mifare one card as gate inhibition's subscriber card, this mode is not owing to carry out encrypting and authenticating or special-purpose key at all, its security is very low, and card number can simply be read and be copied to another card; Two, the card number mode that adopts Mifare1 card authentication back read-write in card, to write in advance, yet 2009 beginning of the years, the security algorithm of Mifare 1 chip that Germany and the researchist of the U.S. have successfully cracked, by the communication data between research read write line and the card, find the cryptographic algorithm of Mifare one card and the agreement of authentication communication, and have two kinds of methods can obtain the subregion password of MIFARE one logic encryption card.
[summary of the invention]
The object of the present invention is to provide the high contactless CPU card gate inhibition reader device of a kind of security performance, with the security breaches problem in the most important identity recognition function that solves present gate control system.
The present invention adopts contactless CPU card as gate inhibition's subscriber card, the built-in PSAM card of card reader, use the safety certification read-write mechanism of PSAM card and CPU card, improve the level of security of traditional gate inhibition's card reader greatly, the CPU toll bar is prohibited the safety certification that card reader adopts PSAM card and CPU card, set up complete, tight key management system, fully used CPU card security feature, the cipher key system that comprises CPU card and PSAM card, after key injects the PSAM card, the outside can't be read, and the PSAM card is inserted in the card-reading apparatus, sticks into capable bi-directional verification by PSAM card and CPU, the checking message is participated in calculating by random number, the same card is swiped the card on an equipment, and is all inequality at every turn, thoroughly stops the appearance of " pseudo-card ".
Contactless CPU card gate inhibition card reader, partly form by radio frequency part, 485 communications portion, security module part, the output of dimension root and external control part, power unit, external connecting branch, microcontroller, radio frequency part, security module part, external interface part, 485 communications portion intercom mutually with microcontroller, the microcontroller signal is by tieing up output and the control that root output and external control partly realize signal, and power unit is used to provide electric energy.
The technical solution adopted in the present invention is as follows:
One, this card reader has adopted contactless CPU card as gate inhibition's subscriber card, comprise central processing unit (CPU) in the integrated circuit in the CPU card, program storage (ROM), random-access memory (ram), data-carrier store (EEPROM) and card operating system major parts such as (COS), just as a superminicomputer, have and contain much information, the anti-forgery security height, but off line job, but advantages such as multifunctional development, the CPU card adopts powerful and stable safety governor, strengthened the security of card, and the noncontact transmission interface can satisfy requirement quickly and easily, the CPU card has adopted various chips level attack protection means, can not forge; CPU card peculiar inside and outside authentication mechanism and be the specific authentication mechanism of representative with the financial IC card standard can guarantee the legitimacy of concluding the business fully; In authentication and process of exchange, the CPU key is not on the line expressly to occur, sending that it is each all is to pass through random number encryption, and because the participation of random number is arranged, guarantee the content difference of each transmission, guaranteed the security of transaction, employed key all is to produce in the hair fastener environment in safety also that ciphertext is installed in PSAM card and the subscriber card in authentication and process of exchange, whole process key does not expose, the application firewall function of CPU card can ensure the safe independence of different application in the same card, to the higher financial industry of security requirement all with the standard of CPU card as bank card of future generation, adopt contactless CPU card can stop to forge card, forge terminal, forge transaction, finally guaranteed the security of system.
Two, this card reader has adopted the wireless radio-frequency of 13.56Mhz, RFlD is the english abbreviation of REID (Radio Frequency denti-fieation), claim electronic tag again, being one utilizes radiofrequency signal to realize that by space coupling (alternating magnetic field or electromagnetic field) contactless information transmission and the information of passing through to be transmitted reach the technology of identifying purpose, REID has a lot of outstanding advantages: first, safe. be suitable for the terminal of high security, secure data area is except that the cryptoguard of electronic tag, data division can be realized safety management with some algorithms, there is the process of authentication mutually between read write line and the label, can realize secure communication and storage, read write line has directly not open to final user physical interface, can guarantee the security of himself; The second, can discern a plurality of electronic tags simultaneously; The 3rd, there are not the machinery wearing and tearing, the life-span is long, and can work in rugged environments such as various oil stains, contamination by dust; The 4th, Touchless manipulation need not manual intervention when finishing identification work, and it is convenient to use.
The Card Reader chip adopts the FM1702 type Card Reader chip of Microtronic A/S of Fudan University, this Card Reader IC is fully-integrated all types of passive contactless communication modes and agreement under 13.56MHz, FM1702 supports all layers of ISO14443A, inner transmitter part does not need to increase active circuit and just can directly drive near operation distance antenna (can reach 100mm): receiver partly provides a firm and effective demodulation decoding circuit, is used for the transponder signal of ISO14443 compatibility; Numerical portion is handled ISO14443A frame and error-detecting (Qi Ou ﹠amp; CRC), (SPI: serial communication interface) can be directly connected to any microprocessor, FM1702 can be used for various based on ISO/IEC 14443A standard and require the application scenario of the contactless communication of low cost, small size, high-performance and single supply serial line interface easily easily.
Three, this card reader is supported the ISO7816 agreement, read the PSAM card that meets 7816 standards, the PSAM card is the terminal security control module, meet " China's finance integrated circuit (IC-card) PSAM calliper model ", comprise common PSAM card and high speed PSAM card, PSAM meets following standard and standard: identification card, the integrated circuit card standard of contact-carrying " ISO/IEC 7816-1/2/3/4 ", " PSAM of People's Bank of China calliper model ".
Described PSAM has following principal character:
Support a card is used more, each separate between using (many application, firewall functionality);
Support multiple file type to comprise binary file, fixed-length record file, variable-length record file, circular file, wallet file;
In communication process, support multiple safety protecting mechanism (the confidentiality and integrity protection of information);
Support multiple secure access mode and authority (authentication function and password protection);
Support Single DES, the Triple DES algorithm of People's Bank of China's approval;
Support multistage key dispersal mechanism, produce the MAC1 and the verification MAC2 of definition in " China's finance integrated circuit (IC) calliper model ";
Support multistage key dispersal mechanism, with the key after disperseing as temporary key to data encrypt, computings such as deciphering, MAC, to finish the functions such as legitimacy authentication between terminal and the card;
Support multiple kinds: contact interface is supported T=0 (character transmission) and T=1 (block transfer) communications protocol.
Contact interface meets the PPS agreement, supports multiple rate selection;
Support multiple Capacity Selection can select 2K, 8K byte EEPROM space.
Four, this card reader adopts contact PSAM card and contactless CPU card to carry out the bidirectional safe authentication mode, deposits a key in contactless CPU card, deposits the key identical with the CPU card in (being the PSAM card in the card reader) in the card reader.
CPU card external authentication step:
1, the CPU card produces one 8 byte random number and gives external program, and the CPU card is preserved random number in card temporarily;
2, external program is given card reader 8 byte random numbers, and card reader cipher key calculation random number obtains 8 byte random number ciphertexts;
3, external program is given CPU card 8 byte random number ciphertexts;
4, CPU is stuck in the inner deciphering of card 8 byte random numbers and obtains random number plain text;
5, it is inner the random number comparison of depositing in random number after the deciphering and the step 1 temporarily that CPU is stuck in card, if equate, then external authentication success is so external authentication is a CPU card authentication card reader.
Card reader internal authentication step is as follows:
1, card reader produces one 8 byte random number and gives external program, and card reader is preserved random number in card reader temporarily;
2, external program is given CPU card 8 byte random numbers, and CPU obtains 8 byte random number ciphertexts with internal authentication cipher key calculation random number;
3, external program is given card reader 8 byte random number ciphertexts;
4, card reader is deciphered 8 byte random numbers and is obtained random number plain text;
5, card reader is in inner random number comparison of depositing in random number after the deciphering and step 1 temporarily, if equate, then internal authentication success, so internal authentication is a card reader authentication CPU card, thereby card reader and CPU card have reached two-way authentication like this, guarantee the true and reliable property of card reader and CPU card, card reader and CPU card either party if forge, authentication result all can be failed.
Five, support dual mode on this card reader transmission mode: dimension root interface and 485 interfaces, after card reader reads the Customs Assigned Number of contactless CPU card stored, be transferred to access controller by Wei Gen or 485 interfaces, Wiegand (dimension root) agreement is a kind of communications protocol of being formulated by Motorola Inc., and it is applicable to the card reader that relates to access control system and the numerous characteristics of card; Its agreement does not define the baud rate of communication, do not have definition of data length dimension root form mainly to define yet is data transfer mode: 1 liang of data lines of Data 0 and Data transmits 0 and 1 respectively, a lot of forms are arranged, and the 26-bit of standard should be the most frequently used form; In addition, also have forms such as 34-bit, 66-bit, the implication of form is as follows: when provide this a string digital 02832456, the user does not also know the implication that this string is digital, but the security protection industry is unwilling open these forms, and security protection company also usually changes the confidentiality that these forms guarantee product.
And standard 26-bit form is an open form, this just means that anyone can buy the card of a certain specific format, and the kind of these specific formats be disclose optional, the 26-Bit form is exactly a widely used industrial standard, and open to all users, nearly all access control system is all accepted the 26-Bit form of standard.
The RS-485 communication interface, maximum transmission rate is 10Mbps, usually RS-485 will communicate by letter with the RS-232 of computing machine, so the highest 115200bps that is generally of actual speed rate, again because the too high meeting of speed causes the transmission range of RS-485 to reduce, so usually all about 9600bps, the maximum transmission distance standard value of RS-485 interface is 1200 meters (during 9600bps), in fact can reach 3000 meters, the RS-485 interface is to allow to connect nearly 128 transceivers on bus, be that RS-485 has the multi-computer communication ability, the user can utilize single RS-485 interface to set up device network easily, therefore the RS-485 interface has good anti-interference, long distance and multistation ability, be connected only 4 lines of needs with controller, power supply (two lines of 12VDC) and communicate by letter (A of RS-485, two lines of B), lack two control lines than the dimension root interface, it is convenient especially therefore to use.
Communication interface aspect card reader is only supported a kind of (dimension root interface and RS-485 interface), so the selectivity of client's reading card device can be higher, is fit to different interface platforms.
The present invention is control module safe in utilization (PSAM card or SAM module) in gate inhibition's card reader, contactless CPU card as gate inhibition's subscriber card, subscriber card is carried out the Card Reader visit, read the Customs Assigned Number information that writes in advance in the subscriber card, owing to adopt the CPU card technique, the card one that can truly realize subscriber card is close, utilize internal authentication and external authentication, either party can not be forged to realize card reader and subscriber card, card reader, the PSAM card, either party loses subscriber card or stolen sled, can not cause the leakage of security information, so the invention solves the high security leak of gate control system, prevent that effectively the lawless person from utilizing illegal means to attack and destroy, guarantee that the interests of country and each enterprises and institutions are not suffered a loss.
[description of drawings]
Fig. 1 is a structured flowchart of the present invention;
Fig. 2 is embodiment radio frequency part circuit theory diagrams;
Fig. 3 is an embodiment 485 communications portion circuit theory diagrams;
Fig. 4 is an embodiment security module partial circuit schematic diagram;
Fig. 5-a is that an embodiment ties up root output circuit theory diagrams;
Fig. 5-b is an embodiment external control partial circuit schematic diagram;
Fig. 6 is embodiment power unit circuit theory diagrams;
Fig. 7 is an embodiment external connecting parallel circuit schematic diagram;
Fig. 8 is an embodiment microcontroller partial circuit reason primitive;
Fig. 9 is principle of work/process flow diagram of the present invention.
[embodiment]
Below in conjunction with embodiment the present invention further is described;
See Fig. 1, contactless CPU card gate inhibition card reader, partly form by radio frequency part, 485 communications portion, security module part, the output of dimension root and external control part, power unit, external connecting branch, microcontroller, radio frequency part, security module part, external interface part, 485 communications portion intercom mutually with microcontroller, the microcontroller signal is by tieing up output and the control that root output and external control partly realize signal, and power unit is used to provide electric energy.
See Fig. 2, radio frequency part, form by coupling element and circuit, comprise radio frequency Card Reader chip U4, direct current biasing resistance R 12, R13, R21, R24, R29~31, capacitor C 16~C26, C29~C32, inductance L 2, L3, preferably U4 adopts the FM1702s1 type Card Reader chip of Microtronic A/S of Fudan University, radio frequency part is mainly used to finish the function that card reader and card-to-card communication are visited mutually, the 13.56MHZ electromagnetic wave that its emission electric wave and internal processor operation institute energy requirement all produces from card reader, user's card are converted into the part electromagnetic energy energy of working for own after receiving the electromagnetic wave signal that reader sends.
See Fig. 3,485 communications portion: by triode Q1, diode D3, D4, single-chip microcomputer U2, direct current biasing resistance R 2~R7, capacitor C 8 connection in series-parallel are formed, and support two kinds of communication interfaces, be respectively 485 interfaces and dimension root interface, 485 interfaces have easy to use, long transmission distance, characteristics such as reliability height, conveniently intercom mutually, simplify the client wiring with controller; Preferably the triode model is S8050, and the diode model is P6KE6.8, and the single-chip microcomputer model is MAX485.
See Fig. 4, the security module part, form by direct current biasing resistance R 14~R16, SMD security module U5 and PSAM card S1 etc., security module partly comprises two kinds of security modules, a kind of is PSAM, meets iso-7816 encapsulation standard, can conveniently insert in the card reader, another kind is SMD security module, adopt the sop-8 encapsulation, it is little to have size, easy to use, can be welded on pcb board, casting glue carries out embedding to plank, reaches safety, and moisture resistance is wet, characteristics such as anti-attack, two kinds of security modules can only be selected for use a kind of.
Fig. 5-a is dimension root output, Fig. 5-b is the external control part, and two parts include the dimension root interface and the external control interface of microcontroller and external transmission respectively, and the dimension root interface partly adopts switch-mode circuitries, by triode Q5, Q6, direct current biasing resistance R 18, R19, R25, R26 constitute; R25 connects in the base stage of Q5, the collector of Q5 is connected with biasing resistor R18, the emission of Q5 is the common signal end very, conveniently be connected with the dimension root interface of controller, R26 connects in the base stage of Q6, the collector of Q6 is connected with biasing resistor R19, and the collector terminal of Q5, Q6 all is added with+5V voltage, and the base terminal of Q5, Q6 is connected with pin P8, the P29 of microprocessor U1 respectively; The external control part, comprise diode D7~D10, D-B1, D-R1, capacitor C 4, direct current biasing resistance R 17, R20, R22, R23, R27, R28, R32, R33, triode Q2~Q4 etc., the negative pole of D7, D8 connect respectively the pin P13 of microcontroller U1 and external connecting divide in the pin 3 of CN1, interface mainly is the control of controlled device, adopt the hardware controls mode, real-time response, control is convenient; Preferably the triode model is S8550.
See Fig. 6, power unit comprises diode D5, D6, inductance L 1, capacitor C 10, C11, C13, C14, coupling capacitance C9, C12, C15, chip U3, power supply chip comprises two parts, and a part is the external power source input, is transformed into 5V, this part adopts switching type power supply chip LM2596, support outside input high voltage, higher limit is 40VDC, and efficient is up to more than 80%, work long hours and do not generate heat, another part is to the microcontroller power supply, and microcontroller is the 3.3V power supply, adopts LDO, 1117-3.3V, 1117 have low pressure reduction, and big electric current is exported characteristics such as stable.
See Fig. 7, the external interface part, be made of interface CN1, biasing resistor R8~R11, the pin 6 of CN1 connects the positive pole of power unit D5, and external interface partly mainly contains 3 parts: power supply, communication, control, power supply is outside input power supply, be generally 12VDC, Department of Communication Force partly is dimension root interface and 485 interfaces, but can only select for use a kind of, control section is LED control and hummer control, and controller can be controlled LED lamp and hummer respectively by two low levels.
See Fig. 8, the microcontroller part, adopt up-to-date ARM V7 kernel, adopt and breathe out not structure three class pipeline efficiently, reach 1.25DMIPS/MHZ, because many, use efficiently that microcontroller can make the whole authentication process time shorter, to reach an authentication faster to the verification process of card.
See Fig. 9, the principle of work/flow process of card reader of the present invention is as follows:
1) after card reader powered on, microcontroller carried out initialization to corresponding part, mainly was the relevant data structure assignment of program, communication port initialization, prevention at radio-frequency port partially-initialized and security module port initialization;
2) after initialization is finished, begin to seek system card, by system card is visited, obtain relevant configuration information, as: the system card type, user type, dimension root type is provided with, and seeks the configuration of card time, and the subscriber card associative directory is provided with, if system card belongs to configuration card, these information will be configured in the middle of the storer of card reader so, so that card reader uses the information of latest configuration, if system card belongs to the power card that disappears, come the relevant configuration information of cancellation according to user type so, card reader also just returns to the virgin state of dispatching from the factory like this;
3) after the operating system card was finished, card reader can be called the information of configuration once more from storer, if there is not system card, card reader also can be called the information of configuration once more from storer, and card reader just uses the information of latest configuration like this;
4) after the operation of all configuration of card reader and system card is finished, just produce a system in the software systems and seek the card clock, this time is 330ms, after the clock generating, just begin to seek subscriber card, microcontroller calls and seeks the card function automatically, if function call is returned OK, reader has been sought the card success so, and has finished anti-collision, the choosing card, the reset answer operation, at this moment card reader can be carried out relevant authentication to card and security module, and card reader is selected the catalogue of subscriber card according to the User Catalog information of configuration, after catalogue is selected successfully, just begun authentication for the first time: internal authentication, because all respectively there are a corresponding key in security module and subscriber card, get 8 random numbers from subscriber card earlier, calculate with security module and produce an authentication data, also produce an authentication data with subscriber card according to these 8 random numbers again, judge then whether two authentication datas are identical,, and then begun authentication for the second time: external authentication if identical internal authentication has so also just been finished;
5) from subscriber card, get 8 random numbers once more, with security module the random number of getting is specifically calculated authentication data of generation, after authentication data produces, just can give subscriber card and do external authentication with this authentication data, after external authentication is passed through, the access rights of user file have also just satisfied, after card reader reads the data of subscriber card, dimension root send mode according to configuration carries out transmission from the card reader to the controller to data, if failure or unsuccessful process are arranged in the whole operation process, just card reader is through with and this time seeks card/verification process so.
Preferably, return NG if seek the card function automatically, then explanation does not have card, perhaps seeks not success of card, just card reader has been finished and this time sought card so, waits for the generation that the card clock is sought by system next time.
The present invention is by control module safe in utilization (PSAM card or SAM module) in gate inhibition's card reader, contactless CPU card as gate inhibition's subscriber card, subscriber card is carried out the Card Reader visit, read the Customs Assigned Number information that writes in advance in the subscriber card, owing to adopt the CPU card technique, the card one that can truly realize subscriber card is close, utilize internal authentication and external authentication, either party can not be forged to realize card reader and subscriber card, card reader, the PSAM card, either party loses subscriber card or stolen sled, can not cause the leakage of security information, the invention solves the high security leak of gate control system, can prevent effectively that the lawless person from utilizing illegal means to attack and destroy, guarantee that the interests of country and each enterprises and institutions are not suffered a loss.
Claims (9)
1. contactless CPU card gate inhibition card reader, it is characterized in that, partly form by radio frequency part, 485 communications portion, security module part, the output of dimension root and external control part, power unit, external connecting branch, microcontroller, radio frequency part, security module part, external interface part, 485 communications portion intercom mutually with microcontroller, the microcontroller signal is by tieing up output and the control that root output and external control partly realize signal, and power unit is used to provide electric energy.
2. contactless CPU card gate inhibition card reader according to claim 1, it is characterized in that, described radio frequency part, adopt the wireless radio-frequency of 13.56Mhz, form by coupling element and circuit, comprise radio frequency Card Reader chip U4, direct current biasing resistance R 12, R13, R21, R24, R29~31, capacitor C 16~C26, C29~C32, inductance L 2, L3, preferably U4 adopts the FM1702 type Card Reader chip of Microtronic A/S of Fudan University, radio frequency part is mainly used to finish the function that card reader and card-to-card communication are visited mutually, the 13.56MHZ electromagnetic wave that its emission electric wave and internal processor operation institute energy requirement all produces from card reader, user's card are converted into the part electromagnetic energy energy of working for own after receiving the electromagnetic wave signal that reader sends.
3. contactless CPU card gate inhibition card reader according to claim 1 is characterized in that, described 485 communications portion, by triode Q1, diode D3, D4, single-chip microcomputer U2, direct current biasing resistance R 2~R7, capacitor C 8 connection in series-parallel are formed, support two kinds of communication interfaces, be respectively 485 interfaces and dimension root interface, the triode model is S8050, the diode model is P6KE6.8, and the single-chip microcomputer model is MAX485.
4. contactless CPU card gate inhibition card reader according to claim 1, it is characterized in that, described security module part, by direct current biasing resistance R 14~R16, SMD security module UU5 and PSAM card S1, security module partly comprises two kinds of security modules, a kind of is PSAM, meet iso-7816 encapsulation standard, can conveniently insert in the card reader, another kind is SMD security module, adopts the sop-8 encapsulation, is welded on pcb board, casting glue carries out embedding to plank, and two kinds of security modules can only be selected for use a kind of.
5. contactless CPU card gate inhibition card reader according to claim 1, it is characterized in that, described dimension root output and external control part, two parts include the dimension root interface and the external control interface of microcontroller and external transmission respectively, the dimension root interface partly adopts switch-mode circuitries, by triode Q5, Q6, direct current biasing resistance R 18, R19, R25, R26 constitute; R25 connects in the base stage of Q5, the collector of Q5 is connected with biasing resistor R18, the emission of Q5 is the common signal end very, be connected with the dimension root interface of controller, R26 connects in the base stage of Q6, the collector of Q6 is connected with biasing resistor R19, and the collector terminal of Q5, Q6 all is added with+5V voltage, and the base terminal of Q5, Q6 is connected with pin P8, the P29 of microprocessor U1 respectively; The external control part, comprise diode D7~D10, D-B1, D-R1, capacitor C 4, direct current biasing resistance R 17, R20, R22, R23, R27, R28, R32, R33, triode Q2~Q4 etc., the negative pole of D7, D8 connect respectively the pin P13 of microcontroller U1 and external connecting divide in the pin 3 of CN1, interface mainly is the control of controlled device, adopt the hardware controls mode, the triode model is S8550.
6. contactless CPU card gate inhibition card reader according to claim 1, it is characterized in that, described power unit, comprise diode D5, D6, inductance L 1, capacitor C 10, C11, C13, C14, coupling capacitance C9, C12, C15, chip U3, power supply chip comprises two parts, and a part is the external power source input, be transformed into 5V, this part adopts switching type power supply chip LM2596, supports outside input high voltage, and higher limit is 40VDC, efficient is up to more than 80%, work long hours and do not generate heat, another part is to the microcontroller power supply, and microcontroller is the 3.3V power supply.
7. contactless CPU card gate inhibition card reader according to claim 1, it is characterized in that, described external interface part, constitute by interface CN1, biasing resistor R8~R11, the pin 6 of CN1 connects the positive pole of power unit D5, external interface partly mainly contains 3 parts: power supply, communication, control, power supply is outside input power supply, be generally 12VDC, Department of Communication Force partly is dimension root interface and 485 interfaces, but can only select for use a kind ofly, control section is that LED control and hummer are controlled, and controller is controlled LED lamp and hummer respectively by two low levels.
8. contactless CPU card gate inhibition card reader according to claim 1, it is characterized in that, described microcontroller part, adopt up-to-date ARM V7 kernel, adopt and breathe out not structure three class pipeline efficiently, reach 1.25DMIPS/MHZ, because many verification process of card, use efficiently that microcontroller can make the whole authentication process time shorter, to reach an authentication faster.
9. contactless CPU card gate inhibition card reader according to claim 1, it is characterized in that, its principle of work/step is: after card reader powers on, microcontroller carries out initialization to corresponding part, it mainly is the relevant data structure assignment of program, the communication port initialization, prevention at radio-frequency port partially-initialized and security module port initialization; After initialization is finished, begin to seek system card, by system card is visited, obtain relevant configuration information, if system card belongs to configuration card, these information will be configured in the middle of the storer of card reader so, so that card reader uses the information of latest configuration, if system card belongs to pin power card, come the configuration information of pin decorrelation so according to user type, card reader also just returns to the virgin state of dispatching from the factory like this; After the operating system card was finished, card reader can be called the information of configuration once more from storer, if there is not system card, card reader also can be called the information of configuration once more from storer, and card reader just uses the information of latest configuration like this; After configuration that card reader is all and system card operation are finished, just produce a system in the software systems and seek the card clock, this time is 330ms, after the clock generating, just begin to seek subscriber card, microcontroller calls and seeks the card function automatically, if function call is returned OK, reader has been sought the card success so, and has finished anti-collision, the choosing card, the reset answer operation, at this moment card reader can be carried out relevant authentication to card and security module, and card reader is selected the catalogue of subscriber card according to the User Catalog information of configuration, after catalogue is selected successfully, just begun authentication for the first time: internal authentication, because all respectively there are a corresponding key in security module and subscriber card, get 8 random numbers from subscriber card earlier, calculate with security module and produce an authentication data, calculate according to these 8 random numbers with subscriber card again and produce an authentication data, judge then whether two authentication datas are identical,, and then begun authentication for the second time: external authentication if identical internal authentication has so also just been finished; From subscriber card, get 8 random numbers once more, with security module the random number of getting is specifically calculated authentication data of generation, after authentication data produces, just can give subscriber card and do external authentication with this authentication data, after external authentication is passed through, the access rights of user file have also just satisfied, after card reader reads the data of subscriber card, dimension root send mode according to configuration carries out transmission from the card reader to the controller to data, if failure or unsuccessful process are arranged in the whole operation process, card reader just is through with and this time seeks card/verification process so, return NG if seek the card function automatically, then explanation does not have card, perhaps seeks not success of card, card reader has just been finished and has this time been sought card so, waits for the generation that the card clock is sought by system next time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010100228024A CN102129730A (en) | 2010-01-14 | 2010-01-14 | Non-contact CPU (Central Processing Unit) card entrance guard reader |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010100228024A CN102129730A (en) | 2010-01-14 | 2010-01-14 | Non-contact CPU (Central Processing Unit) card entrance guard reader |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102129730A true CN102129730A (en) | 2011-07-20 |
Family
ID=44267802
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010100228024A Pending CN102129730A (en) | 2010-01-14 | 2010-01-14 | Non-contact CPU (Central Processing Unit) card entrance guard reader |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102129730A (en) |
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102289866A (en) * | 2011-08-10 | 2011-12-21 | 佛山市南海科西亚数码电气有限公司 | Intelligent store non-contact center processing unit (CPU) card payment system |
| CN102799910A (en) * | 2011-12-20 | 2012-11-28 | 深圳中科讯联科技有限公司 | Time-sharing working method of double frequency read-write card |
| CN102800141A (en) * | 2012-07-24 | 2012-11-28 | 东信和平科技股份有限公司 | Entrance guard controlling method and system based on bidirectional authentication |
| CN102881084A (en) * | 2012-07-13 | 2013-01-16 | 山西太钢不锈钢股份有限公司 | Smart card reader of wireless integrated circuit (IC) card |
| CN103034875A (en) * | 2011-09-29 | 2013-04-10 | 航天信息股份有限公司 | Radio frequency read-write module based on SM7 radio frequency identification reader-writer and radio frequency identification reader-writer |
| CN103152174A (en) * | 2013-01-28 | 2013-06-12 | 深圳市捷顺科技实业股份有限公司 | Data processing method, device and parking lot management system applied to parking lot |
| CN103198342A (en) * | 2013-04-18 | 2013-07-10 | 中国民用航空总局第二研究所 | RFID (Radio Frequency Identification) certificate verification device |
| CN103490888A (en) * | 2012-06-14 | 2014-01-01 | 中兴通讯股份有限公司 | Implementation method and system for binding reader and terminal safety control module |
| CN103871162A (en) * | 2013-12-31 | 2014-06-18 | 北京华大智宝电子系统有限公司 | Card swiping device |
| CN103971426A (en) * | 2013-01-31 | 2014-08-06 | 北京同方微电子有限公司 | PSAM safety control-based access control system and safe access control method using the same |
| CN104376631A (en) * | 2014-12-09 | 2015-02-25 | 天津光电安辰信息技术有限公司 | Commercial cipher algorithm based security access control system and implementation method thereof |
| CN104579675A (en) * | 2014-10-15 | 2015-04-29 | 深圳市金溢科技股份有限公司 | Safety module, data reading-writing system for parking lot and safety setting method |
| CN104732614A (en) * | 2013-12-18 | 2015-06-24 | 同方锐安科技有限公司 | Access device for encrypting wiegand protocol signal and encryption and decryption method thereof |
| CN106874732A (en) * | 2016-12-28 | 2017-06-20 | 广州安圣信息科技有限公司 | A kind of authoring system based on CPU card |
| CN107749105A (en) * | 2017-11-03 | 2018-03-02 | 东峡大通(北京)管理咨询有限公司 | The method for unlocking and smart lock of a kind of smart lock |
| CN108551455A (en) * | 2018-04-24 | 2018-09-18 | 北京小米移动软件有限公司 | The configuration method and device of smart card |
| CN108961516A (en) * | 2018-09-10 | 2018-12-07 | 广州大学 | A kind of intelligence based on STM32 and RFID radio-frequency technique is swiped the card control system and method |
| CN110363041A (en) * | 2019-07-02 | 2019-10-22 | 深圳华视电子读写设备有限公司 | A kind of card reader of ID card of signal stabilization transmission |
| CN110955181A (en) * | 2019-12-04 | 2020-04-03 | 山西诚鹏科技开发有限公司 | Programmable logic controller operation data recording system based on point-to-point interface |
| CN111582422A (en) * | 2020-04-10 | 2020-08-25 | 全景智联(武汉)科技有限公司 | CPU card anti-copy encryption method |
| CN111815821A (en) * | 2020-07-20 | 2020-10-23 | 深圳市明华澳汉智能卡有限公司 | IC card security algorithm applied to intelligent door lock |
| CN112215323A (en) * | 2020-10-13 | 2021-01-12 | 广东中控瑞迪优电子技术有限公司 | Anti-copy RFID card based on joint control of physical layer and algorithm layer |
| CN116543488A (en) * | 2023-07-06 | 2023-08-04 | 鼎铉商用密码测评技术(深圳)有限公司 | Entrance guard unlocking method, entrance guard system and readable storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPS6470893A (en) * | 1987-09-10 | 1989-03-16 | Ricoh Kk | Card using system |
| CN201054145Y (en) * | 2007-04-27 | 2008-04-30 | 交通部科学研究院 | Non contact card reader |
| CN101441722A (en) * | 2007-11-23 | 2009-05-27 | 中国银联股份有限公司 | Non-contact type IC card read-write system and non-contact type IC card read-write machine |
| CN201302731Y (en) * | 2008-11-28 | 2009-09-02 | 东莞市建邦计算机软件有限公司 | Attendance checking access control machine |
| CN101599188A (en) * | 2009-07-10 | 2009-12-09 | 广东南方信息安全产业基地有限公司 | A kind of gate control system based on the IPA safety certification |
-
2010
- 2010-01-14 CN CN2010100228024A patent/CN102129730A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPS6470893A (en) * | 1987-09-10 | 1989-03-16 | Ricoh Kk | Card using system |
| CN201054145Y (en) * | 2007-04-27 | 2008-04-30 | 交通部科学研究院 | Non contact card reader |
| CN101441722A (en) * | 2007-11-23 | 2009-05-27 | 中国银联股份有限公司 | Non-contact type IC card read-write system and non-contact type IC card read-write machine |
| CN201302731Y (en) * | 2008-11-28 | 2009-09-02 | 东莞市建邦计算机软件有限公司 | Attendance checking access control machine |
| CN101599188A (en) * | 2009-07-10 | 2009-12-09 | 广东南方信息安全产业基地有限公司 | A kind of gate control system based on the IPA safety certification |
Cited By (33)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102289866A (en) * | 2011-08-10 | 2011-12-21 | 佛山市南海科西亚数码电气有限公司 | Intelligent store non-contact center processing unit (CPU) card payment system |
| CN103034875A (en) * | 2011-09-29 | 2013-04-10 | 航天信息股份有限公司 | Radio frequency read-write module based on SM7 radio frequency identification reader-writer and radio frequency identification reader-writer |
| CN102799910A (en) * | 2011-12-20 | 2012-11-28 | 深圳中科讯联科技有限公司 | Time-sharing working method of double frequency read-write card |
| CN103490888B (en) * | 2012-06-14 | 2017-12-19 | 天津中兴智联科技有限公司 | Bind the realization method and system of reader and terminal safety control module |
| CN103490888A (en) * | 2012-06-14 | 2014-01-01 | 中兴通讯股份有限公司 | Implementation method and system for binding reader and terminal safety control module |
| CN102881084B (en) * | 2012-07-13 | 2014-09-10 | 山西太钢不锈钢股份有限公司 | Smart card reader of wireless integrated circuit (IC) card |
| CN102881084A (en) * | 2012-07-13 | 2013-01-16 | 山西太钢不锈钢股份有限公司 | Smart card reader of wireless integrated circuit (IC) card |
| CN102800141A (en) * | 2012-07-24 | 2012-11-28 | 东信和平科技股份有限公司 | Entrance guard controlling method and system based on bidirectional authentication |
| CN102800141B (en) * | 2012-07-24 | 2015-10-28 | 东信和平科技股份有限公司 | A kind of access control method based on two-way authentication and system |
| CN103152174A (en) * | 2013-01-28 | 2013-06-12 | 深圳市捷顺科技实业股份有限公司 | Data processing method, device and parking lot management system applied to parking lot |
| CN103152174B (en) * | 2013-01-28 | 2016-06-08 | 深圳市捷顺科技实业股份有限公司 | It is applied to the data processing method in parking lot, device and managing system of car parking |
| CN103971426A (en) * | 2013-01-31 | 2014-08-06 | 北京同方微电子有限公司 | PSAM safety control-based access control system and safe access control method using the same |
| CN103198342A (en) * | 2013-04-18 | 2013-07-10 | 中国民用航空总局第二研究所 | RFID (Radio Frequency Identification) certificate verification device |
| CN104732614A (en) * | 2013-12-18 | 2015-06-24 | 同方锐安科技有限公司 | Access device for encrypting wiegand protocol signal and encryption and decryption method thereof |
| CN104732614B (en) * | 2013-12-18 | 2017-10-27 | 同方锐安科技有限公司 | A kind of gate control system and its encipher-decipher method to Wiegand protocol signal encryption |
| CN103871162A (en) * | 2013-12-31 | 2014-06-18 | 北京华大智宝电子系统有限公司 | Card swiping device |
| CN103871162B (en) * | 2013-12-31 | 2017-09-12 | 北京华大智宝电子系统有限公司 | A kind of card reader |
| CN104579675A (en) * | 2014-10-15 | 2015-04-29 | 深圳市金溢科技股份有限公司 | Safety module, data reading-writing system for parking lot and safety setting method |
| CN104579675B (en) * | 2014-10-15 | 2018-09-07 | 深圳市金溢科技股份有限公司 | Security module, parking lot data read-write system and security setting method |
| CN104376631A (en) * | 2014-12-09 | 2015-02-25 | 天津光电安辰信息技术有限公司 | Commercial cipher algorithm based security access control system and implementation method thereof |
| CN106874732A (en) * | 2016-12-28 | 2017-06-20 | 广州安圣信息科技有限公司 | A kind of authoring system based on CPU card |
| CN106874732B (en) * | 2016-12-28 | 2020-11-06 | 广州安圣信息科技有限公司 | Authorization system based on CPU card |
| CN107749105A (en) * | 2017-11-03 | 2018-03-02 | 东峡大通(北京)管理咨询有限公司 | The method for unlocking and smart lock of a kind of smart lock |
| CN108551455A (en) * | 2018-04-24 | 2018-09-18 | 北京小米移动软件有限公司 | The configuration method and device of smart card |
| CN108961516A (en) * | 2018-09-10 | 2018-12-07 | 广州大学 | A kind of intelligence based on STM32 and RFID radio-frequency technique is swiped the card control system and method |
| CN110363041A (en) * | 2019-07-02 | 2019-10-22 | 深圳华视电子读写设备有限公司 | A kind of card reader of ID card of signal stabilization transmission |
| CN110363041B (en) * | 2019-07-02 | 2022-11-11 | 深圳华视电子读写设备有限公司 | Identity card reader with stable signal transmission |
| CN110955181A (en) * | 2019-12-04 | 2020-04-03 | 山西诚鹏科技开发有限公司 | Programmable logic controller operation data recording system based on point-to-point interface |
| CN111582422A (en) * | 2020-04-10 | 2020-08-25 | 全景智联(武汉)科技有限公司 | CPU card anti-copy encryption method |
| CN111815821A (en) * | 2020-07-20 | 2020-10-23 | 深圳市明华澳汉智能卡有限公司 | IC card security algorithm applied to intelligent door lock |
| CN111815821B (en) * | 2020-07-20 | 2021-06-29 | 深圳市明华澳汉智能卡有限公司 | IC card security algorithm applied to intelligent door lock |
| CN112215323A (en) * | 2020-10-13 | 2021-01-12 | 广东中控瑞迪优电子技术有限公司 | Anti-copy RFID card based on joint control of physical layer and algorithm layer |
| CN116543488A (en) * | 2023-07-06 | 2023-08-04 | 鼎铉商用密码测评技术(深圳)有限公司 | Entrance guard unlocking method, entrance guard system and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102129730A (en) | Non-contact CPU (Central Processing Unit) card entrance guard reader | |
| Phillips et al. | Security standards for the RFID market | |
| US9813116B2 (en) | Secure near field communication solutions and circuits | |
| CN101783040B (en) | Smart card swipe machine and information exchange method | |
| CN105450673A (en) | Security protocol authentication method based on mobile RFID system | |
| CN102314731A (en) | Mobile payment method and equipment for implementing same | |
| CN101122960A (en) | Method and device for enhancing active radio frequency identification system information safety and compatibility | |
| CN201622584U (en) | Electronic identification and information read-write device | |
| CN102916956A (en) | Hash function based RFID (Radio Frequency IDentification) mutual authentication method | |
| CN108364385A (en) | A kind of intelligent door lock equipment based on RSA Algorithm | |
| CN102118250A (en) | System and method for indentifying dynamic password based on double-interface intelligent card | |
| CN104410968A (en) | Portable universal integrated circuit card (UICC) subscriber terminal equipment and identity authentication system thereof | |
| CN102693438B (en) | Privacy protection radio frequency identification password protocol method and system | |
| EP2455921A1 (en) | A system for accessing a service and corresponding portable device and method | |
| CN102594550A (en) | RFID internal mutual authentication safety protocol based on secret key array | |
| CN100570633C (en) | The disposal route of CPU and logical encrypt double-purpose smart card and critical data thereof | |
| CN208569672U (en) | Fingerprint bio identification intelligent IC card and fingerprint recognition system | |
| CN102013026A (en) | Smart card dynamic password authentication system and smart card dynamic password authentication method | |
| CN110276423A (en) | A kind of RFID Verification System for chip finger print of high encryption | |
| CN201150068Y (en) | Multifunctional information safety equipment | |
| CN102024172B (en) | Composite chip card structure with safety protection interface and control method thereof | |
| CN108875879A (en) | A kind of two-way authorization authentication method and device based on the close security algorithm of state | |
| CN103413155A (en) | Electronic anti-counterfeiting tracing tag design compatible with high-frequency RFID and NFC system | |
| CN202838553U (en) | Electronic payment terminal | |
| CN102567009A (en) | Configurable financial smart card operation system architecture |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20110720 |