CN103929308B - Information Authentication method applied to rfid card - Google Patents
Information Authentication method applied to rfid card Download PDFInfo
- Publication number
- CN103929308B CN103929308B CN201410168419.8A CN201410168419A CN103929308B CN 103929308 B CN103929308 B CN 103929308B CN 201410168419 A CN201410168419 A CN 201410168419A CN 103929308 B CN103929308 B CN 103929308B
- Authority
- CN
- China
- Prior art keywords
- information
- rfid card
- card
- rfid
- card reader
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The present invention proposes a kind of Information Authentication method applied to rfid card of high security, it includes procedure below, first determine whether whether legal to contact between card reader and rfid card, if, then perform following steps, 1) card reader sends checking information to rfid card, and the checking information is at least to include one group of raw information that one-off recognition code is verified in this time, or the checking information to handle the first obtained encryption information to the raw information progress;2) rfid card handles checking information progress and obtains the second encryption information;3) card reader reads the second encryption information and sends server to and verified, if the validation value that raw information described in server operation is obtained is identical with the second encryption information, then it is verified, otherwise verify and do not pass through, or, if it is identical with raw information that the second encryption information of server decryption obtains data, it is verified, otherwise verifies and do not pass through.
Description
Technical field
It is especially a kind of Information Authentication method applied to rfid card the present invention relates to Information Authentication technical field.
Background technology
(Radio Frequency IDentification, abbreviation:RFID) RFID is a kind of wireless communication technology, can be with
Specific objective is recognized by radio signals and related data is read and write, without setting up machinery between identifying system and specific objective
Or optical contact, RFID technique is widely used, such as the RFID mass transit cards being widely known by the people.
OTP (One-Time Password) is the abbreviation (password is used to cancel) of one-time password, and OTP's leads
If solving the fragility of original static password, most OTP are realized using two-factor authentication principle.If that
A system is authenticated, you need to possess a password generator for belonging to yourself (hereafter referred to collectively as token) first.
Time synchronized based on token and server, consistent dynamic password is generated by computing, based on time synchronized
Token, general turnover rate be 60 seconds, every 60 seconds produce a new password.
From the point of view of existing token, token can face following problem:
Storage time needs clock chip, and needs certain electric power and can not interrupt, and is finished so running into battery electric power
Situations such as and just can only more renew token when can not change battery.
Clock chip can run into precision problem, if clock chip timekeeping performance is not enough, or be led due to there are other reasonses
The cause time produces error, and correction in time is needed when error is to certain limit, token can only be more renewed if beyond correcting range.
At present, rfid card has also been applied in terms of the Information Authentication based on OTP technologies, such as Granted publication is
" a kind of dynamic token system based on NFC " disclosed in CN203466832U Chinese patent document, its can by mobile phone,
The various equipment with NFC function such as flat board, computer, need the system of dynamic token certification to be led to bank, finance etc.
News, complete dynamic token certification, although easy to use, practical, but this kind of rfid card may in information verification process
In the presence of certain potential safety hazard, reason is, without battery in this kind of rfid card card, and it provides the operation energy by antenna, because
This can not possibly store current time, and current time it is whether consistent with server side be certification precondition, to use
Time-based certificate scheme, current time can only then be obtained from card reader, and current time is once tampered, and thus will be produced
Potential safety hazard, security reduction, if there is illegal person beside legal rfid card, when he is following to legal RFID inputs one
Between, legal rfid card obtains time progress computing and obtains corresponding validation value password in other words, and illegal person reads this checking again
Value, illegal person can just be out-tricked server using the validation value in following time, and said process is exactly in brief, non-
Method person has extracted disposal password in advance using the legal rfid card.
The content of the invention
The technical problems to be solved by the invention are to overcome the defect of prior art there is provided a kind of application of high security
In the Information Authentication method of rfid card, to be provided using Information Authentications such as the network payment of RFID technique, credit report inquiries
Safety guarantee.
In order to solve the above technical problems, the present invention propose a kind of Information Authentication method applied to rfid card, it including with
Lower process, first determines whether whether legal to contact between card reader and rfid card, if so, then perform following steps, 1) card reader to
Rfid card sends checking information, and the checking information is at least to include one group of raw information that one-off recognition code is verified in this time, or
Person's checking information is to handle the first obtained encryption information to the raw information progress;2) rfid card is carried out to checking information
Processing obtains the second encryption information;3) card reader reads the second encryption information and sends server to and verified, if server
The validation value that raw information described in computing is obtained is identical with the second encryption information, then is verified, and otherwise verifies and do not pass through, or
Person, if server decrypts the second encryption information, to obtain data identical with raw information, is verified, otherwise verifies and do not pass through.
After said structure, compared with prior art, the present invention has advantages below:Due to before checking, in addition it is also necessary to
Judge whether card reader is legal with rfid card both sides, only legal can further be verified, if illegal, card reader
Verification process is will not continue between rfid card, verification process will be interrupted, meanwhile, in checking, the present invention possesses this checking
One-off recognition code, such as the order number that this time checking one-off recognition code is currently merchandised for a random code or user, then
This time checking one-off recognition code is unique and can not obtain in advance in current time, and this time checking one-off recognition code is by testing
The basic premise of card, therefore, can not also obtain the second encryption information that can pass through, so this hair even if having changed current time
It is bright that there is high security.
As improvement, the checking information is to carry out Hash operation acquisition to the raw information or the first encryption information
The first cryptographic Hash, so, the first cryptographic Hash of transmission has the short and small advantage of data in data handling, is provided simultaneously with general
Property, high efficiency, the advantage of security.
As improvement, second encryption information is the second cryptographic Hash;The process for obtaining second cryptographic Hash is, rfid card
Computing is encrypted to checking information first and obtains encryption information, then rfid card carries out Hash operation to the encryption information to obtain
To the second cryptographic Hash, so, after encryption, the second cryptographic Hash also obtained with encoding operation regular (Hash operation) is used as the
Two encryption information, so, the second cryptographic Hash of transmission have the short and small advantage of data in data handling, be provided simultaneously with versatility,
High efficiency, the advantage of security.
As improvement, rfid card waits user to be confirmed whether to be verified after checking information is received, if so, then performing step
It is rapid 2) so, the control for verifying whether to carry out to be transferred into user, be not in that rfid card automatically begins to checking, and, work as Card Reader
Contacted between device and rfid card after whether legal be decrypted, user can also finally determine to verify whether to carry out, to security
Raising has certain help.
As improvement, substriber validation method inputs password for user in card reader, and the password is sent to by card reader
Rfid card, rfid card judges whether password accurately decides whether to be verified, so, to card reader and rfid card without hardware
Transformation, is more convenient on original hardware to implement the present invention.
As improvement, substriber validation method is that user operates the switch for being located at rfid card, and the switch triggering rfid card is carried out
Checking, so, security is higher.
As improvement, judge that the card reader method whether legal with rfid card both sides can also be:1) card reader produces the
One random number is simultaneously backed up, and first random number is sent to rfid card;2) rfid card produces the second random number and the second random number
The second random number is connected in series in this, as the 3rd random number as character, and the 3rd random number is encrypted using key, and will
The ciphertext is sent to card reader;3) backup for the random number of first half first that card reader is worth with decryption key decryption ciphertext
Compare, it is otherwise illegal if unanimously, rfid card is legal;4) latter half being worth after card reader decrypts ciphertext is sent
To rfid card, it is legal that rfid card is compared it with the backup of the second random number the card reader if consistent, otherwise illegal.So,
Only need to one-time authentication and can determine whether whether completion both sides are legal, on the premise of it ensure that security, shorten checking stream
Journey.
As improvement, order number when this time checking one-off recognition code is customer transaction, so, be more beneficial for it is existing
The compatibility of payment system, reduces improvement cost.
Embodiment
The present invention is further detailed explanation below:
The applicable rfid card of the present invention is the rfid card with certain computing capability, refers generally to CPU type rfid cards;To use
Illustrated exemplified by RSA tokens, before using rfid card, first, RSA private keys are stored in rfid card and card reader is being judged
Contacted between rfid card whether the key used by legal middle rfid card, the server of distal end then preserves RSA private keys, Yi Ji
Judge to contact between card reader and rfid card whether the key used by legal middle rfid card, the server of distal end can also preserve
RSA public keys use for checking.
The present invention is applied to the Information Authentication method of rfid card, and it includes procedure below, first determines whether card reader and RFID
Whether legal contact between card, if so, following steps are then performed, 1) card reader is to rfid card transmission checking information, and the checking is believed
It is one group of raw information at least including verifying one-off recognition code containing this time to cease, or the checking information is to the original letter
Breath progress handles the first obtained encryption information;2) rfid card handles checking information progress and obtains the second encryption information;3) read
Card device reads the second encryption information and sends server to and verified, if the checking that raw information described in server operation is obtained
Value is identical with the second encryption information, then is verified, otherwise verifies and do not pass through;The process of raw information described in server operation with
Rfid card is completely the same, i.e., obtained in the calculating process of server operation and the algorithm and rfid card that use by raw information
The whole calculating process of second encryption information and the algorithm used are identicals, or, if server decryption the second encryption letter
It is identical with raw information that breath obtains data, then be verified, otherwise verify and do not pass through, such as, and card reader sends original to rfid card
Beginning information, then raw information is encrypted rfid card obtains the second encryption information, and card reader reads the second encryption information simultaneously
Send server to, server decrypts the second encryption information and obtains data and compared with raw information, if identical, checking is logical
Cross, otherwise verify and do not pass through.
Raw information can be constituted in a simple form, such as described current time, the word of this time checking one-off recognition code
Symbol string sequentially connects an obtained total character string, process abbreviation character string connection, similarly, if including other checkings letter
Breath, the then current time, this time checking one-off recognition code, other checkings sequentially connect one obtained with the character string of information
Individual total character string.
In 1), card reader sends checking information alterable to rfid card, such as, and checking information is plaintext, that is, is sent
It is at least to include one group of raw information that one-off recognition code is verified in this time, or, checking information is that raw information is breathed out
Cryptographic Hash after uncommon computing, or, checking information is that progress further to cleartext information encodes obtained data, and coding can be
Use base64 algorithms, Quote-Printable algorithms etc. coding method, or, checking information is the information after encryption, that is, is sent out
What is sent is that obtained ciphertext is encrypted to the raw information, and the encryption can be with aes algorithm, RSA Algorithm etc. encryption
Technology, or, checking information is that the cryptographic Hash that Hash operation is obtained further is carried out to ciphertext, or, checking information is to close
Literary information further encode obtained data.
In 2), rfid card handles checking information progress and obtains the second encryption information alterable, such as, to checking information
The ciphertext obtained after being encrypted is directly as the second encryption information, and the encryption can be existing with aes algorithm, RSA Algorithm etc.
There is encryption technology, or, processing further to ciphertext obtains the second encryption information, and the further processing can be Hash operation
Obtained cryptographic Hash, can also be for having a case that spcial character using coding methods such as base64 as the second encryption information
The data obtained after calculation process are used as the second encryption information.
In this example, the checking information is to carry out Hash operation acquisition to the raw information or the first encryption information
First cryptographic Hash;Second encryption information is the second cryptographic Hash;The process for obtaining second cryptographic Hash is that rfid card is right first
Checking information is encrypted computing and obtains encryption information, and then rfid card carries out Hash operation to obtain second to the encryption information
Cryptographic Hash.
The Hash operation is SHA256 hash algorithms.
Rfid card waits user to be confirmed whether to be verified after the first cryptographic Hash is received, if so, then performing step 2).
Substriber validation method inputs password for user in card reader, and the password is sent to rfid card, RFID by card reader
Card judges whether password accurately decides whether to be verified.
In this example, substriber validation method is that user operates the switch for being located at rfid card, and the switch triggering rfid card is tested
Card, this can be used is used as trigger signal by switching the voltage of a pin in the chip for changing rfid card, is not added with
Repeat.
Judging card reader, the method whether legal with rfid card both sides is:1) card reader produces the first random number and backed up,
First random number is sent to rfid card;2) rfid card produces the second random number and the second random number is connected in series to as character
Second random number encrypts the 3rd random number, and the ciphertext is sent into Card Reader in this, as the 3rd random number using key
Device;3) backup for the random number of first half first that card reader is worth with decryption key decryption ciphertext is compared, if unanimously,
Rfid card is legal, otherwise illegal;4) latter half being worth after card reader decrypts ciphertext is sent to rfid card, rfid card
It is compared to the card reader if consistent with the backup of the second random number legal, it is otherwise illegal.So, it is only necessary to which one-time authentication is
It can determine whether whether completion both sides are legal, on the premise of it ensure that security, shorten checking flow
Judging the card reader method whether legal with rfid card both sides can also be:As improvement, judge card reader with
The whether legal method of rfid card both sides is:1) card reader produces random number and backed up, and the random number is sent to rfid card;2)
Rfid card encrypts the generating random number ciphertext using key, and the ciphertext is sent into card reader;3) card reader is close with decrypting
The value that key decrypting ciphertext is obtained is compared with backup, if unanimously, rfid card is legal, and otherwise illegal or card reader is close with encrypting
Key compares data and the ciphertext after encryption are backed up, otherwise illegal if unanimously, rfid card is legal;4) card reader makes
It is no if explanation card reader identical with accessing key built in card is legal with cipher key access rfid card, rfid card authentication secret is accessed
It is then illegal, so, add and crack difficulty, security is more preferable.
Order number when this time checking one-off recognition code is customer transaction;This time verifies that one-off recognition code can also be
One group information, such as comprising proving time, order number, user name etc..
Claims (7)
1. a kind of Information Authentication method applied to rfid card, it is characterised in that it includes procedure below, first determines whether card reader
Whether legal contact between rfid card, if so, then perform following steps, 1) card reader sends checking information to rfid card, should
Checking information is at least to include one group of raw information that one-off recognition code is verified in this time, or the checking information is to the original
The progress of beginning information handles the first obtained encryption information;2) rfid card handles checking information progress and obtains the second encryption information;
3) card reader reads the second encryption information and sends server to and verified, if what raw information described in server operation was obtained
Validation value is identical with the second encryption information, then is verified, and otherwise verifies and do not pass through, or, if server decryption second is encrypted
It is identical with raw information that information obtains data, then be verified, otherwise verify and do not pass through;Judge to join between card reader and rfid card
Whether legal method is for system:1) card reader produces the first random number and backed up, and first random number is sent to rfid card;2)
It is random in this, as the 3rd that second random number is simultaneously connected in series to the second random number by the second random number of rfid card generation as character
Number, encrypts the 3rd random number, and the ciphertext is sent into card reader using key;3) card reader is close with decryption key decryption
The first half of text value is compared with the backup of the first random number, otherwise illegal if unanimously, rfid card is legal;4) read
The latter half that card device is worth after ciphertext is decrypted is sent to rfid card, and rfid card is by its backup ratio with the second random number
Compared with otherwise illegal if unanimously, card reader is legal.
2. the Information Authentication method according to claim 1 applied to rfid card, it is characterised in that the checking information is
The first cryptographic Hash of Hash operation acquisition is carried out to the raw information or the first encryption information.
3. the Information Authentication method according to claim 1 applied to rfid card, it is characterised in that the second encryption letter
Cease for the second cryptographic Hash;The process for obtaining second cryptographic Hash is that rfid card is encrypted computing to checking information first and obtained
Encryption information, then rfid card Hash operation is carried out to the encryption information to obtain the second cryptographic Hash.
4. the Information Authentication method according to claim 1 applied to rfid card, it is characterised in that rfid card is tested receiving
User is waited to be confirmed whether to be verified after card information, if so, then performing step 2).
5. the Information Authentication method according to claim 4 applied to rfid card, it is characterised in that substriber validation method is
User inputs password in card reader, and the password is sent to rfid card by card reader, and rfid card judges whether password accurately comes certainly
It is fixed whether to be verified.
6. the Information Authentication method according to claim 4 applied to rfid card, it is characterised in that substriber validation method is
User's operation is located at the switch of rfid card, and whether the switch triggering rfid card is verified.
7. the Information Authentication method according to claim 1 applied to rfid card, it is characterised in that this time checking is disposable
Order number when identification code is customer transaction.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410168419.8A CN103929308B (en) | 2014-04-01 | 2014-04-25 | Information Authentication method applied to rfid card |
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2014101284015 | 2014-04-01 | ||
| CN201410128401 | 2014-04-01 | ||
| CN201410128401.5 | 2014-04-01 | ||
| CN201410168419.8A CN103929308B (en) | 2014-04-01 | 2014-04-25 | Information Authentication method applied to rfid card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103929308A CN103929308A (en) | 2014-07-16 |
| CN103929308B true CN103929308B (en) | 2017-07-18 |
Family
ID=51147393
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410168419.8A Active CN103929308B (en) | 2014-04-01 | 2014-04-25 | Information Authentication method applied to rfid card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103929308B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104486758B (en) * | 2014-12-30 | 2017-12-29 | 浙江工业大学 | The encryption method of radio sensing network in intelligent medical system |
| CN104992211B (en) * | 2015-07-24 | 2017-11-21 | 沈阳工程学院 | A kind of RFID system and method for anti-copying |
| CN107346383B (en) * | 2016-09-09 | 2019-12-10 | 天地融科技股份有限公司 | authorization method and system |
| CN107911223B (en) * | 2017-11-23 | 2021-03-09 | 上海众人网络安全技术有限公司 | Cross signature method and device |
| CN108833095B (en) * | 2018-06-25 | 2022-01-25 | 北京奇虎科技有限公司 | Behavior verification method, node, system and electronic equipment in block chain |
| CN113837700A (en) * | 2021-01-11 | 2021-12-24 | 台州动产质押金融服务有限公司 | Warehousing supervision method based on RFID (radio frequency identification) tag |
| CN113645614A (en) * | 2021-07-26 | 2021-11-12 | 珠海格力电器股份有限公司 | Data transmission method and device, electronic equipment and storage medium |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101882994A (en) * | 2009-05-06 | 2010-11-10 | 上海华虹集成电路有限责任公司 | Triple authentication method based on block cipher |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100405386C (en) * | 2006-09-30 | 2008-07-23 | 华中科技大学 | Safety identification method in radio frequency distinguishing system |
| CN101038619B (en) * | 2007-02-06 | 2010-05-19 | 中国科学院研究生院 | Radio frequency recognition system privacy identification method |
| CN101051903A (en) * | 2007-03-30 | 2007-10-10 | 中山大学 | RFID random key two-way certifying method accord with EPC C1G2 standard |
| EP2426652A1 (en) * | 2010-09-06 | 2012-03-07 | Gemalto SA | Simplified method for customising a smart card and associated device |
| CN102510335A (en) * | 2011-11-10 | 2012-06-20 | 西北工业大学 | RFID (Radio Frequency Identification Device) mutual authentication method based on Hash |
-
2014
- 2014-04-25 CN CN201410168419.8A patent/CN103929308B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101882994A (en) * | 2009-05-06 | 2010-11-10 | 上海华虹集成电路有限责任公司 | Triple authentication method based on block cipher |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103929308A (en) | 2014-07-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103929308B (en) | Information Authentication method applied to rfid card | |
| US10609014B2 (en) | Un-password: risk aware end-to-end multi-factor authentication via dynamic pairing | |
| EP3435591B1 (en) | 1:n biometric authentication, encryption, signature system | |
| EP3257194B1 (en) | Systems and methods for securely managing biometric data | |
| KR100876003B1 (en) | User Authentication Method Using Biological Information | |
| US4799061A (en) | Secure component authentication system | |
| Kim et al. | A method of risk assessment for multi-factor authentication | |
| US8365262B2 (en) | Method for automatically generating and filling in login information and system for the same | |
| US8700908B2 (en) | System and method for managing secure information within a hybrid portable computing device | |
| CN105554035B (en) | A kind of electronic lock system and its control method | |
| CN109040067A (en) | A kind of user authentication device and authentication method based on the unclonable technology PUF of physics | |
| US20060005028A1 (en) | Methods and device for digitally signing data | |
| CN110189442A (en) | Authentication method and device | |
| US20190174304A1 (en) | Universal Authentication and Data Exchange Method, System and Service | |
| CN101483654A (en) | Method and system for implementing authentication and data safe transmission | |
| KR20210091155A (en) | Biocrypt Digital Wallet | |
| KR20180003113A (en) | Server, device and method for authenticating user | |
| CN106100854A (en) | The reverse authentication method of terminal unit based on authority's main body and system | |
| US10771970B2 (en) | Method of authenticating communication of an authentication device and at least one authentication server using local factor | |
| CN115455497A (en) | Computer hard disk data encryption system and method | |
| CN101933287B (en) | The encrypting and authenticating apparatus and method of the disposable one time key of antagonism wooden horse formula | |
| CN105227562A (en) | The key business data transmission mediation device of identity-based checking and using method thereof | |
| KR101746626B1 (en) | A two-channel authentication method based on heart beat using One Time Password | |
| CN108243156B (en) | Method and system for network authentication based on fingerprint key | |
| JPH0199158A (en) | Terminal authorizing method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |