CN102571326B - The method for testing security of differentiated control mode key management system - Google Patents
The method for testing security of differentiated control mode key management system Download PDFInfo
- Publication number
- CN102571326B CN102571326B CN201010581208.9A CN201010581208A CN102571326B CN 102571326 B CN102571326 B CN 102571326B CN 201010581208 A CN201010581208 A CN 201010581208A CN 102571326 B CN102571326 B CN 102571326B
- Authority
- CN
- China
- Prior art keywords
- key
- management system
- fail safe
- card
- key management
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Abstract
The invention discloses a kind of method for testing security of differentiated control mode key management system, comprising: in test next stage key generation process, the fail safe of key storage and transmission; And the fail safe of test upper level key reconsul repetitive generation next stage key.The method for testing security of this key management system, two angles are realized from system and system, to adopting the key storage of the key management system of differentiated control pattern, the fail safe of transmission and key reconsul repetitive generation tests, thus decrease the leak that key management system may exist, improve the fail safe of application of IC cards system.
Description
Technical field
The present invention relates to the measuring technology of key management system, particularly relate to a kind of method for testing security of differentiated control mode key management system.
Background technology
In smart card projects, the fail safe of key is depended in the fail safe of application system, and security control and the management of key are responsible for realization by key management system (KeyManagementSystem, KMS).
The key management system of differentiated control pattern mainly provides the production of key, storage, the service such as distribution and management for production management, application service, its main feature be next stage key by upper level key according to certain cipher key calculation generate rule.The responsibility card that the key management system of differentiated control pattern relates to and the mutual incidence relation of each responsibility card can be consulted shown in Fig. 1, include:
Leader blocks, and deposits root key component, for generating root key card;
Root key card, deposits root key, for combining with service code card, generates master key card;
Master key card, deposits master key, for combining with operation code card, generates hair fastener master card or PSAM card;
Service code card, deposits the code of all business;
Operation code card, deposits the command code of all business;
Subscriber card hair fastener master card, deposits the female key of card of all business;
PSAM card, the female key of storing card (being no more than the female size of key of the card deposited in hair fastener master card);
Transmission card, deposits transmission security key, for carrying out external authentication and route protection to responsibility card.
To the test of key management system, mainly concentrate on function, performance, installation/aspect such as unloading and ease for use at present, security test, particularly the security test of data transmission aspect, then seldom relate to.But, in key management system, ensure that the fail safe of key is topmost task.Although now widely used authority control method, namely different institutions or the operation such as generation, renewal, use of personnel to different key have different authorities, for ensureing that the fail safe tool of key has certain effect, but along with improving constantly of computer technology, only dependence authority control method has been not enough to the attack that crime prevention system may be subject to.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of method for testing security of differentiated control mode key management system, and it can improve the fail safe of application of IC cards system.
For solving the problems of the technologies described above, the method for testing security of differentiated control mode key management system of the present invention, comprises the following steps:
1) test in upper level secret generating next stage cipher key processes, the fail safe of key storage and transmission;
2) fail safe of upper level key reconsul repetitive generation next stage key is tested.
Described step 1) before, first can audit the design documentation of key management system, with from system design view, examine the fail safe of key storage and transmission and the fail safe of key reconsul repetitive generation.
Described step 1) can be realized by following steps: in key management system; perform key storage, importing and derivation operation, authentication secret whether to be only stored in security medium and can not be read, the correctness of cipher key calculation rule and whether have employed correct route protection transmission means.
Described step 2) can be realized by following steps: in key management system, use identical key seed or key dispersion factor data, respectively key at different levels is repeated to generation and the storage operation of key, check that whether the clear data of each key generated is consistent.
The present invention is by testing the fail safe of the key storage of differentiated control mode key management system and the fail safe of transmission and key reconsul repetitive generation, decrease the security breaches that application of IC cards system may exist, thus the fail safe of system is improved.
Accompanying drawing explanation
Fig. 1 is the responsibility card associated diagram of differentiated control mode key management system;
Fig. 2 is method flow schematic diagram of the present invention.
Embodiment
Understand more specifically for having technology contents of the present invention, feature and effect, now in conjunction with illustrated execution mode, details are as follows:
The method for testing security of the differentiated control mode key management system of the embodiment of the present invention, mainly tests the fail safe of the key storage of key management system and the fail safe of transmission aspect and key reconsul repetitive generation aspect.
To in upper level secret generating next stage cipher key processes; when the fail safe of key storage and transmission is tested; first auditing system design documentation; from system design view; check whether and differentiated control has been carried out to key; and by key storage in the storage medium (i.e. corresponding key card) of safety, and whole key be have employed to the transmission means of route protection (ciphertext namely having random number to participate in adds message-authentication code MAC).
Then, in key management system, perform key storage and importing/derivation operates, check system, when implementing, whether carries out differentiated control to key, and can not be read in security medium by key storage; Meanwhile, run supervision and the gripping tool of bus data bag, catch the protocol package from key management system equipment and inputoutput data, when check system is implemented, whether there is the risk with plaintext transmission key.
When testing the fail safe of upper level key reconsul repetitive generation next stage key, first, auditing system design documentation, check and whether add the random number factor in the generative process of key at different levels, adopt same key seed or key dispersion factor as key recovery means using check system, correctness in design.
Then, use identical key seed or key dispersion factor (i.e. service code, operation code etc.) data in systems in which, respectively key at different levels is repeated to the operation of secret generating and storage, check that whether the key plain be formed and stored in key card is consistent, when implementing with verification system, the fail safe of key reconsul repetitive generation.
Below with upper level card for leader card, next stage card is root key card is example, is described further the method for testing security of the present embodiment.
Refer to shown in Fig. 2, comprise the following steps:
(1) auditing system design documentation, from design angle, in whole key management system, the fail safe of key storage and transmission and the fail safe of key reconsul repetitive generation are tested.
(2) in card reader, insert 3 leader's cards and corresponding leader's card transmission card respectively, by key management system software, use PIN and leader's card transmission card, the identity of leader's card is confirmed, and uses the supervision of bus data bag to be got off by the data grabber in this process with gripping tool.
If identity validation passes through, then by the above-mentioned process data grabbed, according to the rule of design definition, carry out the deciphering of ciphertext, external authentication instruction the operation such as to distinguish, with the correctness of demonstration validation process.Then continue to perform step (3).
If identity validation does not pass through, then provide miscue, PIN value or the leader inserted block the correctness with leader's card transmission card to ask user to confirm.
(3) in card reader, insert root key card and corresponding root key transmission card respectively, to confirm the identity of root key card, and use the supervision of bus data bag to be got off by the data grabber in this process with gripping tool.
If identity validation passes through, then the process data grabbed is carried out the deciphering of ciphertext according to the rule of design definition, distinguishing of external authentication instruction waits operation, with the correctness of demonstration validation process, then continues execution step (4).
If identity validation does not pass through, then provide miscue, ask user to confirm the correctness of root key card and the root key transmission card inserted.
(4) carry out the operation generating root key, and use the supervision of bus data bag to be got off by the data grabber in this process with gripping tool; According to the rule of design definition, the deciphering of ciphertext is carried out to the process data grabbed, and operation, the correctness of authentication secret computation rule and the correctness of route protection such as the calculating of MAC.
Then, use is read instruction and is carried out read operation to root key card, and whether checking root key card does not support the read operation to key.
(5) repeat step 4, and use the supervision of bus data bag to be got off to analyze by the data grabber in each implementation with gripping tool, whether checking performs the root key clear data generated at every turn all identical.
Below only list one embodiment of the present of invention, this embodiment only for explaining the present invention, is not intended to limit the present invention.All conversion with above-described embodiment equivalence and displacement, all should belong to protection scope of the present invention.
Claims (3)
1. a method for testing security for differentiated control mode key management system, is characterized in that, comprise the following steps:
1) test in upper level secret generating next stage cipher key processes, the fail safe of key storage and transmission: perform key storage and importing/derivation operates in key management system, check system is when implementing, whether differentiated control is carried out to key, and key storage can not to be read in security medium; Meanwhile, run supervision and the gripping tool of bus data bag, catch the protocol package from key management system equipment and inputoutput data, when check system is implemented, whether there is the risk with plaintext transmission key;
2) fail safe of upper level key reconsul repetitive generation next stage key is tested: in key management system, use identical key seed or key dispersion factor data, respectively key at different levels is repeated to generation and the storage operation of key, check that whether the clear data of the key be at every turn formed and stored in key card is consistent.
2. method for testing security as claimed in claim 1, it is characterized in that, described step 1) before, also comprise step: the design documentation of examination & verification key management system, check in the design of key management system, the fail safe of key storage and transmission and the fail safe of key reconsul repetitive generation.
3. method for testing security as claimed in claim 1 or 2, is characterized in that, described step 1) before, also comprise step:
The correctness of test upper level key card identity validation process;
The correctness of test next stage key card identity validation process.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010581208.9A CN102571326B (en) | 2010-12-09 | 2010-12-09 | The method for testing security of differentiated control mode key management system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010581208.9A CN102571326B (en) | 2010-12-09 | 2010-12-09 | The method for testing security of differentiated control mode key management system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102571326A CN102571326A (en) | 2012-07-11 |
| CN102571326B true CN102571326B (en) | 2016-03-23 |
Family
ID=46415869
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010581208.9A Expired - Fee Related CN102571326B (en) | 2010-12-09 | 2010-12-09 | The method for testing security of differentiated control mode key management system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102571326B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107682147B (en) * | 2017-10-10 | 2020-08-11 | 捷德(中国)科技有限公司 | Security management method and system for smart card chip operating system file |
| CN111092866B (en) * | 2019-12-06 | 2023-04-07 | 航天信息股份有限公司 | Key management method and device based on Hadoop |
| CN111475414A (en) * | 2020-04-03 | 2020-07-31 | 深圳市吉祥腾达科技有限公司 | Method and system for simulating multiple AP (Access Point) clients to realize online of server products |
| CN112311536B (en) * | 2020-09-30 | 2023-01-10 | 航天信息股份有限公司 | Key hierarchical management method and system |
| CN113268722B (en) * | 2021-05-17 | 2022-04-26 | 时昕昱 | Personal digital identity management system and method |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1949707A (en) * | 2006-11-10 | 2007-04-18 | 北京飞天诚信科技有限公司 | Key transmission method and system for multi-stage intelligent key apparatus |
| CN101908112A (en) * | 2010-07-30 | 2010-12-08 | 上海华岭集成电路技术股份有限公司 | Test method and system of security chip |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1526472A3 (en) * | 1995-02-13 | 2006-07-26 | Intertrust Technologies Corp. | Systems and methods for secure transaction management and electronic rights protection |
-
2010
- 2010-12-09 CN CN201010581208.9A patent/CN102571326B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1949707A (en) * | 2006-11-10 | 2007-04-18 | 北京飞天诚信科技有限公司 | Key transmission method and system for multi-stage intelligent key apparatus |
| CN101908112A (en) * | 2010-07-30 | 2010-12-08 | 上海华岭集成电路技术股份有限公司 | Test method and system of security chip |
Non-Patent Citations (1)
| Title |
|---|
| IC卡系统设计中的安全性考虑;张吉文等;《微型机与应用》;20000227;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102571326A (en) | 2012-07-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103905207B (en) | Method and system for unifying APK signature | |
| CN103714633B (en) | A kind of method of safe generating transmission key and POS terminal | |
| CN103580872B (en) | A kind of system and method generating for key and managing | |
| CN101419652B (en) | Software and hardware combined program protecting method | |
| CN102571326B (en) | The method for testing security of differentiated control mode key management system | |
| CN109417481A (en) | Safety is improved by the temporary key of the virtual non-contact card of software in mobile phone | |
| CN103413159B (en) | A kind of RFID electronic certificate off-line false proof realization method and system of Jianzhen based on CPK | |
| CN101369306B (en) | Electronic label security system | |
| CN106027245B (en) | Key sharing method and device | |
| CN104798337A (en) | Method and arrangement for secure communication between network units in a communication network | |
| CN103914913A (en) | Intelligent card application scene recognition method and system | |
| CN104408825B (en) | Encrypted card swiping public charging pile and charging method | |
| CN106063182A (en) | Electronic signing methods, systems and apparatus | |
| CN102624711B (en) | Sensitive information transmission method and sensitive information transmission system | |
| CN106295257A (en) | A kind of authentication method being reinforced software and device | |
| CN104166914A (en) | Secure system and method based on secure element and applied to host card emulation technology | |
| CN104350703B (en) | The safe transmission of message | |
| JP6972044B2 (en) | Modification verification of sensor signal | |
| CN106296177A (en) | Data processing method based on bank's Mobile solution and equipment | |
| CN108376290A (en) | A kind of control method, device and server that financial self-service equipment is safeguarded | |
| CN102624710A (en) | Sensitive information transmission method and sensitive information transmission system | |
| CN105844469A (en) | Authority trusted secure system component | |
| CN104410500B (en) | Signature, signature verification and copy analogy method and system based on Designated-Verifier | |
| CN206961165U (en) | A kind of NFC Antiforge systems | |
| CN206481316U (en) | Information acquisition system and system of real name information gathering, application system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160323 Termination date: 20191209 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |