Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
Please refer to Fig. 1, be the schematic flow sheet of the first embodiment of a kind of entrance guard authentication method provided by the invention, described authentication method comprises:
Step S11, card reader judges sub-key that in its private cipher key and access card, described card reader is specified whether authentication success; Wherein, the sub-key that at least two have common female key is stored in described access card;
Wherein, the private cipher key of card reader and access card at least two of storing have the sub-key of common female key is all that key management system belonging to it writes in advance.
Particularly, the key management system of each nuclear power plant area (also known as tier-2 department) of same nuclear power enterprise subordinate is provided respectively and is managed a card reader.The private cipher key that the card reader of each nuclear power plant area stores has a common female key.Usually, each key management system is that the private cipher key of card reader of its management defines an identification number, to facilitate the certification with the sub-key of access card.
Wherein, the initialization of access card then can be performed by the unified key management system of department's (also known as level portion) of each nuclear power plant area of management.When after access card initialization, the key management system of each nuclear power plant area all can write sub-key in this access card, each key management system defines the identification number of the sub-key of its write, this identification number mates (identical or corresponding) with the identification number of the private cipher key in the card reader that it manages, and meets the sub-key of authorising conditional (i.e. door-opening condition) for distinguishing each nuclear power on-site.Wherein, each key management system all can write the reason of sub-key and is in this access card: the initialization of access card is by the unified key management system execution of each key management system of management.
In this step, owing to storing the sub-key that at least two have common female key in access card, therefore, before card reader and described access card carry out key authentication, card reader also needs the sub-key of specifying the access card carrying out certification with it.The different sub-key identification numbers stored due to access card make a distinction, and therefore, card reader, by specifying the mode of the identification number mated with the identification number of the private cipher key of its storage, specifies the sub-key of the access card carrying out certification with it.
In this step, if card reader judges its sub-key authentication success of specifying in its private cipher key and access card, flow process enters step S12, if authentification failure, then exits identifying procedure.
Step S12, described card reader obtains its data message of asking described access card to return.
Step S13, the data message of described acquisition is sent to access control terminal by described card reader, and receive data message described in described access control terminal authentication correct after the message be proved to be successful that returns.
Card reader is by the data information transfer of the access card of acquisition to access control terminal, and access control terminal when verifying that the data message of this acquisition is legal, then returns the message be proved to be successful, and opens the door to card reader.
In the present embodiment, because access card stores multiple sub-key having common female key, therefore, the card reader that this access card can manage with multiple key management system carries out certification, thus achieves the mutual certification of access card and multiple card reader.If access card distinguishes authentication success with multiple card reader respectively, then the plurality of card reader all can obtain the data message of this access card, and by this data information transfer to access control terminal.Access control terminal when verifying that the data message of this acquisition is legal, is then opened the door, and so then achieves and uses the nuclear power personnel of access card capable at the all-purpose card of each nuclear power plant area of same nuclear power enterprise subordinate.
Please refer to Fig. 2, is the schematic flow sheet of the embodiment of step S12 in the embodiment shown in Fig. 1 of the present invention,
Described method comprises:
Step S23, described card reader sends random information to described access card; Described random information comprises cipher text part and clear portion, and the described transmission security key of described cipher text part is encrypted, and is used to indicate the data message that described in described card reader request, access card returns; Described clear portion is used to specify the sub-key carrying out certification in described access card with described card reader;
Wherein, the private cipher key of card reader, specifically comprises transmission security key and root key, and this transmission security key and root key are all that the key management system belonging to card reader writes.Wherein, the data message that described in described card reader request, access card returns can be specifically the sequence number for identifying described access card.
Step S24, described card reader receives the data message that described access card returns after the described random information of deciphering;
Wherein, access card, before return data information is to card reader, also needs to perform:
Described access card receives the random information that described card reader is sent, and the clear portion obtained in random information, and according to the instruction of clear portion, judge in the multiple sub-keys stored in it, which sub-key is the sub-key carrying out certification with it that card reader is specified, and obtains this sub-key of specifying.Wherein, the sub-key stored in access card comprises sub-transmission security key and sub-root key.
Can the sub-transmission security key that described access card application card reader is specified goes to decipher the cipher text part in described random information, and judge decipher described cipher text part; If described cipher text part can be deciphered, then according to the instruction of the cipher text part after decryption processing, return the data message that card reader request returns.Wherein, when returning this data message, the sub-root key using described card reader to specify is needed to be encrypted.Wherein, this data message can be the sequence number for unique identification access card.
Step S25, described card reader judges the data message that can described root key be deciphered described access card and return;
In this step, if judge, described root key can decipher described data message, then flow process enters step S26, if can not decipher, then exits identifying procedure.
Step S26, if can decipher described data message, then described card reader confirms authentication success.
Further, before execution step S23, also comprise:
Step S21, described card reader judges whether to sense described access card;
In this step, card reader outwards sends electromagnetic wave with certain frequency cycle ground, when access card enters the electromagnetic scope of card reader transmission, then card reader judges to sense described access card, and enter step S22, whether sense access card if fail, then continuing induction has access card.
Step S22, described card reader inner obtains random information from it, and uses described transmission security key to encrypt cipher text part in described random information.
In the present embodiment, card reader, when sensing access card, obtains random information, and uses the cipher text part in transmission security key encryption random information, and the data message that reception access card returns, thus achieves appointment and the certification of the sub-key of access card.
Please refer to Fig. 3, be the schematic flow sheet of the embodiment of the private cipher key generation method of a kind of card reader provided by the invention, described method comprises:
Step S31, one-level encryption equipment generates at least two different root keys, and by the root key corresponding stored that generates at least two different secondary encryption equipments;
In specific implementation, one-level encryption equipment generates at least two different root keys, comprising:
One-level encryption equipment receives the key seed of at least two user's inputs;
Wherein, the key seed of at least two user's inputs, can be identical, also can be different.The reason that one-level encryption equipment needs reception at least two users to input key seed is: the security ensureing the female key generated.All users that one-level encryption equipment only has acquisition to hold key seed could produce identical female key after inputting key seed.
One-level encryption equipment according to described in the key seed that receives, according to female key schedule, generate female key;
Wherein, described female key schedule, comprises the enciphering and deciphering algorithm needed for gate control system.The enciphering and deciphering algorithm of the key seed received according to gate control system is calculated, female key of specified type T, version V and index I can be generated.
One-level encryption equipment receives at least two different business dispersion factors of user's input, according to female key decentralized algorithm, described female key is dispersed at least two different root keys.
Wherein, described female key decentralized algorithm, comprises the key decentralized algorithm in gate inhibition field.Business dispersion factor in this step, is also called key dispersion factor.The root key that one-level encryption equipment at least two of generating according to key decentralized algorithm are different has common female key.And divided each root key shed by female key, then become the root key of each nuclear power plant area.Usually, female key that one-level encryption equipment generates is managed by the primary department of nuclear power enterprise, and one-level encryption equipment divides the distribution of each root key shed also to be managed by the primary department of nuclear power enterprise with monitoring.
Wherein, described at least two different root keys stored in the object in secondary encryption equipment are by one-level encryption equipment: the security ensureing the sub-key generated.
In specific implementation, one-level encryption equipment under the protection of specifying Protective Key, can derive the root key of specified type T, version V and index I, and by it stored in secondary encryption equipment, such as, stored in different USB-Key.Each nuclear power plant area (tier-2 department) has the USB-Key that uniquely stores this root key, and so, primary department then completes the distribution of root key.There is unique key management system managing its root key independently in each nuclear power plant area, and the key management system of each nuclear power plant area can not produce and influences each other.Can understand like this, the quantity of the key management system of second part and the quantity of secondary encryption equipment are one to one, and a nuclear power plant area correspondence has a key management system and a secondary encryption equipment obtained from primary department.
Step S32, the base condition code that the root key that described at least two different secondary encryption equipments store according to it respectively input with the key management system of its correspondence, according to the private cipher key generating algorithm stored separately, the private cipher key of generation correspondence.
Because each root key be dispersed into is stored to secondary encryption equipment by one-level encryption equipment, and this secondary encryption equipment is disperseed to each nuclear power plant area of same nuclear power enterprise subordinate.And, there are independently key management system and the secondary encryption equipment obtained from primary department in each nuclear power plant area, therefore, the base condition code that the root key that the secondary encryption equipment that each nuclear power plant area has then can store according to it respectively inputs with the key management system of its correspondence, according to the private cipher key generating algorithm that it stores, the private cipher key of the card reader of corresponding generation correspondence.Wherein, the base condition code of key management system input, for the unique nuclear power plant area under the same nuclear power enterprise of unique identification.The root key that the secondary encryption equipment had due to district of different IPs power plant stores is different, and the base condition code that the key management system that secondary encryption equipment receives inputs is different, its private cipher key generating algorithm stored is also likely different, and the so last private cipher key generated is different certainly.Be understandable that, the root key due to each nuclear power plant area has a common female key, and the private cipher key that the secondary encryption equipment of each nuclear power plant area so last generates also has common female key.
After secondary encryption equipment generates private cipher key, the key management system that this secondary encryption equipment is corresponding also derives the private cipher key of generation, and is write in card reader.
Particularly, the process that the private cipher key that secondary encryption equipment generates by key management system writes in card reader comprises:
(1) obtain transmission security key and root key from secondary encryption equipment, be stored in respectively in two different cards, at this, these two cards be called transmission security key card and root key card.
Particularly, the generative process of transmission security key card is:
Key management system is by calling the key derivation service interface of secondary encryption equipment (as USB-Key), and to after USB-Key sends and specifies type T, the version V of transmission security key of card reader and the message of index I, the transmission security key that USB-Key returns can be received.The transmission security key that this gets, after getting transmission security key from USB-Key, can write in a card, thus define transmission security key card by key management system.
The generative process of root key card is:
Key management system by calling the key derivation service interface of USB-Key, and to after USB-Key sends and specifies type T, the version V of transmission security key of card reader and the message of index I, can receive the transmission security key that USB-Key returns.The transmission security key that this gets, after getting transmission security key from USB-Key, can write in a card by key management system.After this clamping receives the transmission security key that key management system sends, under the protection of its initiating master key, store transmission security key, and return transmission security key and store successful message to card sending system.
Key management system receives after transmission security key that this card returns stores successful message, by calling the key derivation service interface of USB-Key, and to after USB-Key sends and specifies type T, the version V of root key of card reader and the message of index I, the root key that USB-Key returns can be received.The root key that this gets, after getting root key from USB-Key, can be write this card, thus define root key card by key management system.
(2) write of card reader private cipher key
The transmission security key of write card reader, particularly, writes the transmission security key stored in transmission security key card in the SAM of card reader.
The root key of write card reader, particularly, under the protection of the transmission security key of this write, by its SAM of root key write card reader that stores in root key card, thus completes the write of card reader private cipher key.
Please refer to Fig. 4, be the schematic flow sheet of the embodiment of the sub-key generation method of a kind of access card provided by the invention, described method comprises:
Step S41, one-level encryption equipment generates at least two different root keys, and by the root key corresponding stored that generates at least two different secondary encryption equipments;
Step S42, described at least two different secondary encryption equipments according to base condition code and its root key stored of card sending system input, according to the private cipher key generating algorithm stored separately, generate corresponding private cipher key respectively;
In the present embodiment, the operation of step S41-S42 is identical with the operation of step S31-S32 in the embodiment shown in Fig. 3, does not repeat them here.
Step S43, described at least two different secondary encryption equipments are respectively according to the customer identification number that the key management system of its correspondence inputs, and according to the sub-key decentralized algorithm stored separately, the private cipher key stored is dispersed into the sub-key of correspondence.
Wherein, the key management system that secondary encryption equipment receives its correspondence inputs different customer identification numbers, and the sub-key of so corresponding generation is also different.After secondary encryption equipment generates sub-key, the sub-key generated also writes in subscriber card by key management system.
Particularly, key management system calls the key derivation service interface of secondary encryption equipment (as USB-Key), and to after USB-Key sends and specifies type T, the version V of master control key of access card and the message of index I, the master control key that USB-Key returns can be received.Key management system is after getting master control key from USB-Key, and the master control key that this can be got writes in access card.
Further, key management system writes successful message family receiving the master control key that access card returns, and under the protection of the master control key of said write, the sub-key of write access card, specifically comprises:
Key management system by calling the key derivation service interface of USB-Key, and to after USB-Key sends and specifies type T, the version V of transmission security key of access card and the message of index I, can receive the transmission security key that USB-Key returns.Key management system is after getting transmission security key from USB-Key, and the transmission security key that this can be got writes access card.
Key management system receives after transmission security key writes successful message, also obtains root key from USB-Key.Particularly, card sending system is by calling the key distribution services interface of USB-Key, and to after USB-Key sends type T, the version V of the transmission security key of specifying the access card sequence number of access card (specify), index I, the root key that USB-Key returns can be received.Key management system is after getting root key from USB-Key, and the root key that this can be got writes access card.
It should be noted that, arbitrary key management system of each nuclear power plant area all can according to method described above, the sub-key write access card that the secondary encryption equipment had generates.
The above-mentioned authentication method to a kind of access card provided by the invention has carried out description detailed, below, composition graphs 5-7, is described in detail the system adopting above-mentioned authentication method to carry out access card certification.
As shown in Figure 5, be the structural representation of the first embodiment of a kind of entrance guard authentication system disclosed by the invention, described Verification System comprises: card reader 51, access card 52 and access control terminal 53;
Wherein, described card reader 51, for judging sub-key that in its private cipher key and described access card, described card reader is specified whether authentication success; And when authentication success, obtain the data message that it asks described access card to return; Wherein, the sub-key that at least two have common female key is stored in described access card;
Wherein, the private cipher key of card reader and access card at least two of storing have the sub-key of common female key is all that key management system belonging to it writes in advance.
Particularly, the key management system of each nuclear power plant area (also known as tier-2 department) of same nuclear power enterprise subordinate is provided respectively and is managed a card reader.The private cipher key that the card reader of each nuclear power plant area stores has a common female key.Usually, each key management system is that the private cipher key of card reader of its management defines an identification number, to facilitate the certification with the sub-key of access card.
Wherein, the initialization of access card then can be performed by the unified key management system of department's (also known as level portion) of each nuclear power plant area of management.When after access card initialization, the key management system of each nuclear power plant area all can write sub-key in this access card, each key management system defines the identification number of the sub-key of its write, this identification number mates (identical or corresponding) with the identification number of the private cipher key in the card reader that it manages, and meets the sub-key of authorising conditional (i.e. door-opening condition) for distinguishing each nuclear power on-site.Wherein, each key management system all can write the reason of sub-key and is in this access card: the initialization of access card is by the unified key management system execution of each key management system of management.
Wherein, owing to storing the sub-key that at least two have common female key in access card, therefore, before card reader and described access card carry out key authentication, card reader also needs the sub-key of specifying the access card carrying out certification with it.The different sub-key identification numbers stored due to access card make a distinction, and therefore, card reader, by specifying the mode of the identification number mated with the identification number of the private cipher key of its storage, specifies the sub-key of the access card carrying out certification with it.
Described access card 52, for returning data message that described card reader 51 asks to return to described card reader 51;
Described access control terminal 53, for receiving the data message of the described acquisition that described card reader 51 is sent, and is verifying that the message returning after described data message correctly and be proved to be successful is to described card reader.
Card reader 52 is by the data information transfer of the access card of acquisition to access control terminal 53, and access control terminal 53 when verifying that the data message of this acquisition is legal, then returns the message be proved to be successful, and opens the door to card reader 51.Wherein, the whether legal method of the data message that access card returns is technology well-known to those skilled in the art, is not described in detail at this.
In the present embodiment, because access card stores multiple sub-key having common female key, therefore, the card reader that this access card can manage with multiple key management system carries out certification respectively, thus achieves the mutual certification of access card and multiple card reader.If access card respectively with multiple card reader authentication success, then the plurality of card reader all can obtain the data message of this access card, and by this data information transfer to access control terminal.Access control terminal when verifying that the data message of this acquisition is legal, is then opened the door.Like this then achieve and use the nuclear power personnel of this access card capable at the all-purpose card of each nuclear power plant area of same nuclear power enterprise subordinate.
Please refer to Fig. 6, be the structural representation of the embodiment of a kind of card reader provided by the invention, described card reader comprises:
First transceiver module 61, for sending random information to described access card 51; Described random information comprises cipher text part and clear portion, and the described transmission security key of described cipher text part is encrypted, and is used to indicate the data message that described card reader request access card returns; Described clear portion is used to specify the sub-key carrying out certification in described access card with described card reader;
Wherein, the private cipher key of described card reader comprises transmission security key and root key.
Described first transceiver module 61, also for receiving the data message that described access card returns after the described random information of deciphering;
First judge module 62, for judging the data message that can described root key be deciphered described first transceiver module 61 and receive;
Confirming module 63, for when the judged result of described first judge module 62 is for being, confirming described card reader authentication success.
Further, described card reader also comprises:
Whether induction module 64, exist described access card for induction;
Card reader outwards sends electromagnetic wave with certain frequency cycle ground, when access card 51 enters the electromagnetic scope of card reader transmission, then induction module 64 can sense described access card, and whether if induction module 64 fails to sense access card, then continuing induction has access card.
Obtaining encrypting module 65, for when the judged result of described induction module 64 is for being, inner obtaining random information from it, and use described transmission security key to encrypt cipher text part in described random information;
Described first transceiver module 61, sends to access card for the random information after being encrypted by described acquisition encrypting module 65.
In the present embodiment, obtain encrypting module when induction module senses access card, obtain random information, and use transceiver module to send random information to access card, and the data message that reception access card returns, thus achieve appointment and the certification of the sub-key of access card.
Please refer to Fig. 7, be the structural representation of a kind of access card provided by the invention, described access card comprises:
Second transceiver module 71, for receiving the random information that described card reader is sent;
Wherein, the sub-key of access card comprises: sub-transmission security key and sub-root key.
Acquisition module 72, for the instruction of clear portion in the random information that receives according to described second transceiver module 71, obtains sub-transmission security key and sub-root key that described card reader specifies;
Second judge module 73, judges that can sub-transmission security key that the described card reader that described acquisition module 72 gets is specified decipher the cipher text part of described random information;
Described second transceiver module 71, also for when the judged result of described second judge module 73 is for being, according to the instruction of the cipher text part after deciphering, returns the data message that described card reader request returns; Described data message uses described sub-root key of specifying to encrypt.
One of ordinary skill in the art will appreciate that all or part of flow process realized in above-described embodiment method, that the hardware that can carry out instruction relevant by computer program has come, described program can be stored in a computer read/write memory medium, this program, when performing, can comprise the flow process of the embodiment as above-mentioned each side method.Wherein, described storage medium can be magnetic disc, CD, read-only store-memory body (Read-Only Memory, ROM) or random store-memory body (Random Access Memory, RAM) etc.
Above disclosedly be only present pre-ferred embodiments, certainly the interest field of the present invention can not be limited with this, one of ordinary skill in the art will appreciate that all or part of flow process realizing above-described embodiment, and according to the equivalent variations that the claims in the present invention are done, still belong to the scope that invention is contained.