CN104732614A - Access device for encrypting wiegand protocol signal and encryption and decryption method thereof - Google Patents
Access device for encrypting wiegand protocol signal and encryption and decryption method thereof Download PDFInfo
- Publication number
- CN104732614A CN104732614A CN201310696120.5A CN201310696120A CN104732614A CN 104732614 A CN104732614 A CN 104732614A CN 201310696120 A CN201310696120 A CN 201310696120A CN 104732614 A CN104732614 A CN 104732614A
- Authority
- CN
- China
- Prior art keywords
- card reader
- controller
- access
- cpu
- end key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 15
- 238000013500 data storage Methods 0.000 claims abstract description 11
- 238000004891 communication Methods 0.000 claims description 6
- 230000001360 synchronised effect Effects 0.000 claims description 3
- 230000005540 biological transmission Effects 0.000 abstract description 6
- 238000005070 sampling Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000012937 correction Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000005764 inhibitory process Effects 0.000 description 1
- 230000008054 signal transmission Effects 0.000 description 1
Landscapes
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an access device for encrypting a wiegand protocol signal and an encryption and decryption method thereof, and belongs to the technical fields of door control. The access device provided by the invention comprises a door control card reader and an access controller, and the access device is structurally characterized in that the door control card reader comprises a card reader CPU (Central Processing Unit), an encryption module, a card reader end secret key and a clock chip; the card reader CPU is connected with the clock chip and the encryption module respectively through a data bus, and the card reader end secret key is stored in a data storage region of the card reader CPU; the access controller comprises a controller CPU, a decryption module and a controller end secret key, the decryption module and the controller CPU are connected with each other through the data bus, and the controller end secret key is stored in a data storage region of the controller CPU. Compared with the prior art, the access device provided by the invention has the advantages that the confidentiality during the data transmission is guaranteed, attacking means such as eavesdrop and data falsification are effectively prevented, and the legality and security of the data is fundamentally guaranteed.
Description
Technical field
The invention belongs to gate inhibition's technical field, the gate control system that the data-signal particularly transmitted Wiegand protocol is encrypted and encipher-decipher method thereof.
Background technology
In prior art, known gate control system comprises access-control card reader and access controller, and the data-signal communicated between access-control card reader with access controller adopts Wiegand protocol to encode, and this is a kind of communication protocol of unidirectional data transmission, as shown in Figure 1.Access-control card reader is connected with access controller by data line, and data transfer mode is unidirectional be sent to access controller by access-control card reader.Access card is put into access-control card reader to get on to swipe the card, after access-control card reader checking card is legal, just uses Wiegand protocol to encode the card number of this card, send to access controller to carry out authority judgement.But, the data of Wiegand protocol transmission are expressly, and the communication line of access-control card reader and access controller is easy to be accessed illegality equipment by reequiping, thus the equipment of victim intercepts the legal card number data of transmission, even directly the legal card number data intercepted are sent to access controller by illegality equipment, reach illegal object of opening the door.Usually, adopt the gate control system of Wiegand protocol can not distinguish access-control card reader send to the card number data of access controller be whether legal, be not tampered, this brings potential safety hazard to gate control system, easily causes illegal person to invade.
Summary of the invention
For above-mentioned the deficiencies in the prior art, the object of this invention is to provide a kind of gate control system to Wiegand protocol signal encryption and encipher-decipher method thereof.It can not only ensure the confidentiality between data transfer period, and effectively can prevent the attack meanses such as eavesdropping and data falsification, fundamentally ensures legitimacy and the security of data.
In order to reach foregoing invention object, technical scheme of the present invention realizes as follows:
To a gate control system for Wiegand protocol signal encryption, it comprises access-control card reader and access controller.Its design feature is, described access-control card reader comprises card reader CPU, encrypting module, card reader end key and clock chip.Card reader CPU is connected with encrypting module with clock chip respectively by data bus, and card reader end key storage is in the data storage area of card reader CPU.Described access controller comprises controller CPU, deciphering module and controller end key, and deciphering module is connected by data bus with controller CPU, and controller end key storage is in the data storage area of controller CPU.
Encipher-decipher method as mentioned above to the gate control system of Wiegand protocol signal encryption, it uses and comprises access-control card reader and access controller, access-control card reader comprises card reader CPU, encrypting module, card reader end key and clock chip, and access controller comprises controller CPU, deciphering module and controller end key.Its method step is:
1) at initial phase, the time initial value of clock chip is carried out synchronous with the system time of access controller, card reader end key and controller end key are set to identical value, are stored in the middle of respective data storage area.
2) access-control card reader obtains the card number of card.
3) access-control card reader obtains current date and time from clock chip.
4) access-control card reader card reader end double secret key date and time is encrypted, and obtains the secret key one of interim conversation.
5) the secret key of access-control card reader interim conversation a pair card number is encrypted, and obtains ciphertext card number.6) access-control card reader is sent to access controller by Wiegand protocol communication line ciphertext card number.7) access controller controller end double secret key date and time carries out correcting rear encryption, obtains the secret key two of interim conversation.
8) the secret key of access controller interim conversation two pairs of ciphertext card numbers are decrypted, and obtain expressly card number.
In above-mentioned encipher-decipher method, described is synchronously instigate the time error of clock chip and access controller to be less than 100ms by the time initial value of clock chip with the system time of access controller.
The present invention, owing to have employed said structure and method, in the process that Wiegand protocol can be adopted to transmit in gate control system, carries out dynamic encryption to the data of transmission, ensures that the card number data transferring to access controller from access-control card reader are safe and effective.Meanwhile, the present invention can prevent the attack meanses such as eavesdropping and data falsification effectively, fundamentally ensures the security of gate control system transmission data.
Below in conjunction with the drawings and specific embodiments, the invention will be further described.
Accompanying drawing explanation
Fig. 1 is the structural representation of gate control system in prior art;
Fig. 2 is structural representation of the present invention;
Fig. 3 is workflow diagram of the present invention.
Embodiment
Referring to Fig. 2, the gate control system of the present invention to Wiegand protocol signal encryption comprises access-control card reader and access controller.Access-control card reader comprises card reader CPU1, encrypting module 11, card reader end key 12 and clock chip 13, card reader CPU1 is connected with encrypting module 11 with clock chip 13 respectively by data bus, and card reader end key 12 is stored in the data storage area of card reader CPU1.Access controller comprises controller CPU 2, deciphering module 21 and controller end key 22, and deciphering module 21 is connected by data bus with controller CPU 2, and controller end key 22 is stored in the data storage area of controller CPU 2.
Referring to Fig. 3, the encipher-decipher method step of the present invention to the gate control system of Wiegand protocol signal encryption is:
1) at initial phase, the time initial value of clock chip 13 is carried out synchronous with the system time of access controller, ensure that clock chip 13 is less than 100ms with the time error of access controller.Same at initial phase, card reader end key 12 and controller end key 22 are set to identical value, are stored in the middle of respective data storage area.
Encrypting module 11 and deciphering module 21 select identical symmetry algorithm computing module, and such as use support state close SM1 algorithm is an optimum selection.Encrypting module 11 and deciphering module 21 can use serial port protocol with the communication modes of respective CPU.Because the card number data length that will encrypt is generally 4 bytes, and the minimum length that symmetrical enciphering and deciphering algorithm carries out once-through operation is generally 8 bytes or 16 bytes, so can fill the card number data byte of padding that will encrypt, to reach the length can carrying out a sub symmetry encryption and decryption computing, the value of byte of padding can be any, but will ensure to use identical value on encrypting module 11 and deciphering module 21.
2) access-control card reader obtains the card number of card.
3) access-control card reader gets Date and the time from clock chip 13, and the value of time is accurate to second.
4) with encrypting module 11, this date and time value is encrypted, obtains interim session key one.
5) access-control card reader uses the card number data after interim conversation key a pair filling obtained to be encrypted, thus obtains ciphertext card number.
6) access-control card reader is transferred to access controller by Wiegand protocol communication line ciphertext card number.
7), after access controller receives encrypt data, be encrypted with card reader end key 12 pairs of date and times, obtain the secret key two of interim conversation.
8) now distance access-control card reader carries out time-sampling and has pass by a period of time, but this section consuming timely can control within 1 second, and that is, the time value of time value likely with access-control card reader of access controller sampling is identical, also may slow 1 second.So, just need correction when enforcement, access controller can all carry out a decrypt operation, in two decrypted results to these two kinds possible time values, the value that byte of padding sets before being then thinks legal result, so just can decipher the plaintext obtaining card number data accurately.
Use in the process of present system signal transmission, the data adopted are ciphertexts, and the key of each encryption carries out by the time dynamic key that disperses, the present invention there is never repeatability, so fundamentally can solve the security threat that the means such as eavesdropping, forgery in gate control system cause.
Claims (3)
1. the gate control system to Wiegand protocol signal encryption, it comprises access-control card reader and access controller, it is characterized in that, described access-control card reader comprises card reader CPU(1), encrypting module (11), card reader end key (12) and clock chip (13), card reader CPU(1) be connected with encrypting module (11) with clock chip (13) respectively by data bus, card reader end key (12) is stored in card reader CPU(1) data storage area; Described access controller comprises controller CPU (2), deciphering module (21) and controller end key (22), deciphering module (21) is connected by data bus with controller CPU (2), and controller end key (22) is stored in the data storage area of controller CPU (2).
2. the encipher-decipher method to the gate control system of Wiegand protocol signal encryption as claimed in claim 1, it uses and comprises access-control card reader and access controller, access-control card reader comprises card reader CPU(1), encrypting module (11), card reader end key (12) and clock chip (13), access controller comprises controller CPU (2), deciphering module (21) and controller end key (22), and its method step is:
1) at initial phase, the time initial value of clock chip (13) is carried out synchronous with the system time of access controller, card reader end key (12) and controller end key (22) are set to identical value, are stored in the middle of respective data storage area;
2) access-control card reader obtains the card number of card;
3) access-control card reader obtains current date and time from clock chip (13);
4) access-control card reader card reader end key (12) is encrypted date and time, obtains the secret key one of interim conversation;
5) the secret key of access-control card reader interim conversation a pair card number is encrypted, and obtains ciphertext card number;
6) access-control card reader is sent to access controller by Wiegand protocol communication line ciphertext card number;
7) access controller controller end key (22) corrects rear encryption to date and time, obtains the secret key two of interim conversation;
8) the secret key of access controller interim conversation two pairs of ciphertext card numbers are decrypted, and obtain expressly card number.
3. the encipher-decipher method of the gate control system to Wiegand protocol signal encryption according to claim 2, it is characterized in that, described is synchronously instigate clock chip (13) to be less than 100ms with the time error of access controller by the system time of the time initial value of clock chip (13) and access controller.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310696120.5A CN104732614B (en) | 2013-12-18 | 2013-12-18 | A kind of gate control system and its encipher-decipher method to Wiegand protocol signal encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310696120.5A CN104732614B (en) | 2013-12-18 | 2013-12-18 | A kind of gate control system and its encipher-decipher method to Wiegand protocol signal encryption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104732614A true CN104732614A (en) | 2015-06-24 |
| CN104732614B CN104732614B (en) | 2017-10-27 |
Family
ID=53456482
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310696120.5A Expired - Fee Related CN104732614B (en) | 2013-12-18 | 2013-12-18 | A kind of gate control system and its encipher-decipher method to Wiegand protocol signal encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104732614B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107170080A (en) * | 2017-05-02 | 2017-09-15 | 广州盛炬智能科技有限公司 | A kind of synchronous code encryption device and method for gate control system |
| CN107705391A (en) * | 2016-08-08 | 2018-02-16 | 同方锐安科技有限公司 | A kind of high safety, expansible access controller |
| CN109429203A (en) * | 2017-08-22 | 2019-03-05 | 深圳光启智能光子技术有限公司 | Data transmission method, terminal, storage medium and processor |
| CN109544769A (en) * | 2019-01-17 | 2019-03-29 | 福州符号信息科技有限公司 | A kind of access control system and control method based on Wiegand protocol |
| CN109767535A (en) * | 2019-01-17 | 2019-05-17 | 福州符号信息科技有限公司 | A kind of access control system and method for the adaptive bar code based on Wiegand protocol |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101246609A (en) * | 2007-12-29 | 2008-08-20 | 北京儒田科技有限公司 | Free-card access control system |
| CN101329780A (en) * | 2008-07-15 | 2008-12-24 | 胡科 | Interconnection lock for intelligent wireless network |
| US7475812B1 (en) * | 2005-12-09 | 2009-01-13 | Lenel Systems International, Inc. | Security system for access control using smart cards |
| CN101599188A (en) * | 2009-07-10 | 2009-12-09 | 广东南方信息安全产业基地有限公司 | A kind of gate control system based on the IPA safety certification |
| CN101866411A (en) * | 2009-04-16 | 2010-10-20 | 深圳市数智国兴信息科技有限公司 | Security certification and encryption method and system of multi-application noncontact-type CPU card |
| CN201662817U (en) * | 2010-02-09 | 2010-12-01 | 济南艾雅信息系统有限公司 | Low-power-consumption intelligent label system based on RFID technology |
| CN102129730A (en) * | 2010-01-14 | 2011-07-20 | 上海峥创电子有限公司 | Non-contact CPU (Central Processing Unit) card entrance guard reader |
| JP4783150B2 (en) * | 2003-12-09 | 2011-09-28 | パナソニック株式会社 | Authentication system, authentication device, and recording medium |
| CN102496199A (en) * | 2011-12-12 | 2012-06-13 | 山东大学 | Intelligent entrance guard control system with wireless ad hoc network function and control method thereof |
| CN102682506A (en) * | 2012-05-25 | 2012-09-19 | 北京华大信安科技有限公司 | Intelligent Bluetooth door access control method and device based on symmetric cryptographic technique |
| CN102831679A (en) * | 2012-08-17 | 2012-12-19 | 上海华申智能卡应用系统有限公司 | Two-way transmission expansion method and system compatible with wiegand protocol |
| CN203659084U (en) * | 2013-12-18 | 2014-06-18 | 同方锐安科技有限公司 | Access device for encrypting wiegand protocol signal |
-
2013
- 2013-12-18 CN CN201310696120.5A patent/CN104732614B/en not_active Expired - Fee Related
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4783150B2 (en) * | 2003-12-09 | 2011-09-28 | パナソニック株式会社 | Authentication system, authentication device, and recording medium |
| US7475812B1 (en) * | 2005-12-09 | 2009-01-13 | Lenel Systems International, Inc. | Security system for access control using smart cards |
| CN101246609A (en) * | 2007-12-29 | 2008-08-20 | 北京儒田科技有限公司 | Free-card access control system |
| CN101329780A (en) * | 2008-07-15 | 2008-12-24 | 胡科 | Interconnection lock for intelligent wireless network |
| CN101866411A (en) * | 2009-04-16 | 2010-10-20 | 深圳市数智国兴信息科技有限公司 | Security certification and encryption method and system of multi-application noncontact-type CPU card |
| CN101599188A (en) * | 2009-07-10 | 2009-12-09 | 广东南方信息安全产业基地有限公司 | A kind of gate control system based on the IPA safety certification |
| CN102129730A (en) * | 2010-01-14 | 2011-07-20 | 上海峥创电子有限公司 | Non-contact CPU (Central Processing Unit) card entrance guard reader |
| CN201662817U (en) * | 2010-02-09 | 2010-12-01 | 济南艾雅信息系统有限公司 | Low-power-consumption intelligent label system based on RFID technology |
| CN102496199A (en) * | 2011-12-12 | 2012-06-13 | 山东大学 | Intelligent entrance guard control system with wireless ad hoc network function and control method thereof |
| CN102682506A (en) * | 2012-05-25 | 2012-09-19 | 北京华大信安科技有限公司 | Intelligent Bluetooth door access control method and device based on symmetric cryptographic technique |
| CN102831679A (en) * | 2012-08-17 | 2012-12-19 | 上海华申智能卡应用系统有限公司 | Two-way transmission expansion method and system compatible with wiegand protocol |
| CN203659084U (en) * | 2013-12-18 | 2014-06-18 | 同方锐安科技有限公司 | Access device for encrypting wiegand protocol signal |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107705391A (en) * | 2016-08-08 | 2018-02-16 | 同方锐安科技有限公司 | A kind of high safety, expansible access controller |
| CN107170080A (en) * | 2017-05-02 | 2017-09-15 | 广州盛炬智能科技有限公司 | A kind of synchronous code encryption device and method for gate control system |
| CN109429203A (en) * | 2017-08-22 | 2019-03-05 | 深圳光启智能光子技术有限公司 | Data transmission method, terminal, storage medium and processor |
| CN109544769A (en) * | 2019-01-17 | 2019-03-29 | 福州符号信息科技有限公司 | A kind of access control system and control method based on Wiegand protocol |
| CN109767535A (en) * | 2019-01-17 | 2019-05-17 | 福州符号信息科技有限公司 | A kind of access control system and method for the adaptive bar code based on Wiegand protocol |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104732614B (en) | 2017-10-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101725847B1 (en) | Master key encryption functions for transmitter-receiver pairing as a countermeasure to thwart key recovery attacks | |
| US8516268B2 (en) | Secure field-programmable gate array (FPGA) architecture | |
| KR20140122188A (en) | Method for detecting a manipulation of a sensor and/or sensor data of the sensor | |
| CN104158653A (en) | Method of secure communication based on commercial cipher algorithm | |
| CN106487749A (en) | Key generation method and device | |
| CN103401678A (en) | Method for ensuring data transmission safety of Internet of things | |
| CN109005027B (en) | Random data encryption and decryption method, device and system | |
| AU2022203908B2 (en) | System for and method of authenticating a component of an electronic device | |
| CN107172056A (en) | A kind of channel safety determines method, device, system, client and server | |
| CN103428204A (en) | Data security implementation method capable of resisting timing attacks and devices | |
| CN104732614A (en) | Access device for encrypting wiegand protocol signal and encryption and decryption method thereof | |
| CN106878322B (en) | A kind of encryption and decryption method of fixed length ciphertext and key based on attribute | |
| CN103051869A (en) | System and method for encrypting camera video in real time | |
| CN106209916A (en) | Industrial automation produces business data transmission encryption and decryption method and system | |
| CN112653719A (en) | Automobile information safety storage method and device, electronic equipment and storage medium | |
| KR101481403B1 (en) | Data certification and acquisition method for vehicle | |
| CN205584238U (en) | Network data encryption equipment | |
| CN105262586B (en) | The method for distributing key and device of automobile burglar equipment | |
| CN112672342A (en) | Data transmission method, device, equipment, system and storage medium | |
| CN210955077U (en) | Bus encryption and decryption device based on state cryptographic algorithm and PUF | |
| KR102219086B1 (en) | HMAC-based source authentication and secret key sharing method and system for Unnamed Aerial vehicle systems | |
| CN110519238A (en) | A kind of Internet of Things security system and communication means based on cryptographic technique | |
| CN100464337C (en) | Method and equipment for carrying out safety communication between USB device and host | |
| CN104717213A (en) | Encryption and decryption method and system for network data transmission | |
| CN204808325U (en) | Carry out black equipment to data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20171027 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |