CN104732614B - A kind of gate control system and its encipher-decipher method to Wiegand protocol signal encryption - Google Patents
A kind of gate control system and its encipher-decipher method to Wiegand protocol signal encryption Download PDFInfo
- Publication number
- CN104732614B CN104732614B CN201310696120.5A CN201310696120A CN104732614B CN 104732614 B CN104732614 B CN 104732614B CN 201310696120 A CN201310696120 A CN 201310696120A CN 104732614 B CN104732614 B CN 104732614B
- Authority
- CN
- China
- Prior art keywords
- card reader
- access
- controller
- key
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 14
- 238000013500 data storage Methods 0.000 claims abstract description 10
- 230000005764 inhibitory process Effects 0.000 claims abstract description 6
- 238000004891 communication Methods 0.000 claims description 6
- 238000005516 engineering process Methods 0.000 abstract description 2
- 230000005540 biological transmission Effects 0.000 description 6
- 238000005070 sampling Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000007812 deficiency Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
Abstract
A kind of gate control system and its encipher-decipher method to Wiegand protocol signal encryption, belongs to gate inhibition's technical field.Gate control system of the present invention includes access-control card reader and access controller.It is structurally characterized in that the access-control card reader includes card reader CPU, encrypting module, card reader end key and clock chip.Card reader CPU is connected with clock chip and encrypting module respectively by data/address bus, and card reader end key storage is in card reader CPU data storage area.The access controller includes controller CPU, deciphering module and controller end key, and deciphering module is connected with controller CPU by data/address bus, and controller end key storage is in controller CPU data storage area.Compared with the existing technology, the confidentiality during the present invention can not only ensure data transfer, and the attack meanses such as eavesdropping and data falsification can be effectively prevented, fundamentally ensure the legitimacy and security of data.
Description
Technical field
The invention belongs to gate inhibition's technical field, particularly it is to the gate inhibition that the data-signal that Wiegand protocol is transmitted is encrypted
System and its encipher-decipher method.
Background technology
In the prior art, known gate control system includes access-control card reader and access controller, access-control card reader and gate inhibition
The data-signal communicated between controller is encoded using Wiegand protocol, and this is a kind of communication protocols of unidirectional data transmission
View, as shown in Figure 1.Access-control card reader is connected by data wire with access controller, and data transfer mode is unidirectional by door
Prohibit card reader and be sent to access controller.Access card is put into access-control card reader to get on to swipe the card, when access-control card reader verifies card
After legal, just the card number of the card is encoded using Wiegand protocol, access controller is sent to and carries out authority judgement.But
It is that the data of Wiegand protocol transmission are plaintexts, and the communication line of access-control card reader and access controller is easy to meeting quilt
Reequip and access illegality equipment, so that the legal card number data of transmission are intercepted by the equipment of attacker, or even by illegality equipment
Directly the legal card number data intercepted are sent to access controller, the purpose illegally opened the door is reached.Generally, assisted using Wiegand
Whether the gate control system of view cannot distinguish between access-control card reader and be sent to the card number data of access controller is legal, is not tampered with
Cross, this brings potential safety hazard to gate control system, easily cause illegal person's invasion.
The content of the invention
For above-mentioned the deficiencies in the prior art, it is an object of the invention to provide a kind of to Wiegand protocol signal encryption
Gate control system and its encipher-decipher method.It can not only ensure the confidentiality during data transfer, and can effectively prevent from stealing
Listen with the attack meanses such as data falsification, fundamentally ensure the legitimacy and security of data.
In order to reach foregoing invention purpose, technical scheme is realized as follows:
A kind of gate control system to Wiegand protocol signal encryption, it includes access-control card reader and access controller.Its structure
Feature is that the access-control card reader includes card reader CPU, encrypting module, card reader end key and clock chip.Card reader CPU
It is connected respectively with clock chip and encrypting module by data/address bus, data of the card reader end key storage in card reader CPU
Memory block.The access controller includes controller CPU, deciphering module and controller end key, deciphering module and controller CPU
It is connected by data/address bus, controller end key storage is in controller CPU data storage area.
The encipher-decipher method of gate control system as described above to Wiegand protocol signal encryption, it, which is used, includes access-control card reader
And access controller, access-control card reader include card reader CPU, encrypting module, card reader end key and clock chip, access control
Device includes controller CPU, deciphering module and controller end key.Its method and step is:
1)In initial phase, the system time of the time initial value of clock chip and access controller is synchronized,
Card reader end key and controller end key are set to identical value, are stored among respective data storage area.
2)Access-control card reader obtains the card number of card.
3)Access-control card reader obtains current date and time from clock chip.
4)Date and time is encrypted with card reader end key for access-control card reader, obtains interim conversation key one.
5)Access-control card reader is encrypted with a pair of card numbers of interim conversation key, obtains ciphertext card number.6)Access-control card reader
Ciphertext card number is sent to by Wiegand protocol communication line by access controller.7)Access controller is with controller end key to day
Phase and time encrypt after being corrected, and obtain interim conversation key two.
8)Ciphertext card number is decrypted with interim conversation key two for access controller, obtains plaintext card number.
In above-mentioned encipher-decipher method, the system time by the time initial value of clock chip and access controller is carried out
It is synchronously that the time error for instigating clock chip and access controller is less than 100ms.
The present invention can use the process that Wiegand protocol is transmitted as a result of said structure and method in gate control system
In, dynamic encryption is carried out to the data of transmission, it is ensured that from the card number data that access-control card reader is transmitted to access controller be safety,
Effectively.Meanwhile, the present invention can effectively prevent the attack meanses such as eavesdropping and data falsification, fundamentally ensure that gate control system is passed
The security of transmission of data.
The invention will be further described with reference to the accompanying drawings and detailed description.
Brief description of the drawings
Fig. 1 is the structural representation of gate control system in the prior art;
Fig. 2 is schematic structural view of the invention;
Fig. 3 is the workflow diagram of the present invention.
Embodiment
Referring to Fig. 2, the present invention includes access-control card reader and access controller to the gate control system of Wiegand protocol signal encryption.
Access-control card reader includes card reader CPU1, encrypting module 11, card reader end key 12 and clock chip 13, and card reader CPU1 passes through
Data/address bus is connected with clock chip 13 and encrypting module 11 respectively, and card reader end key 12 is stored in card reader CPU1 number
According to memory block.Access controller includes controller CPU2, deciphering module 21 and controller end key 22, deciphering module 21 and control
Device CPU2 is connected by data/address bus, and controller end key 22 is stored in controller CPU2 data storage area.
Referring to Fig. 3, the present invention is to the encipher-decipher method step of the gate control system of Wiegand protocol signal encryption:
1)In initial phase, the system time of the time initial value of clock chip 13 and access controller is synchronized,
Ensure that the time error of clock chip 13 and access controller is less than 100ms.Equally in initial phase, card reader end key
12 and controller end key 22 be set to identical value, be stored among respective data storage area.
Encrypting module 11 and deciphering module 21 select identical symmetry algorithm computing module, such as using the support close SM1 of state
Algorithm is an optimal selection.Encrypting module 11 and deciphering module 21 and respective CPU communication modes can use serial ports to assist
View.Because the card number data length to be encrypted is usually 4 bytes, and symmetrical enciphering and deciphering algorithm carries out the minimum length of once-through operation
Usually 8 bytes or 16 bytes, it is possible to which the card number data to be encrypted are filled with byte of padding, so that reach can be with
The length of a sub-symmetry encryption and decryption computing is carried out, the value of byte of padding can be any, but to ensure to conciliate in encrypting module 11
Identical value is used in close module 21.
2)Access-control card reader obtains the card number of card.
3)Access-control card reader gets Date and the time from clock chip 13, and the value of time is accurate to a second
4)This date and time value is encrypted with encrypting module 11, interim session key one is obtained.
5)Access-control card reader is encrypted using the card number data after a pair of the fillings of obtained interim conversation key, so that
Obtain ciphertext card number.
6)Ciphertext card number is transferred to access controller by access-control card reader by Wiegand protocol communication line.
7)Access controller is received after ciphertext data, and date and time is encrypted with card reader end key 12,
Obtain interim conversation key two.
8)Now time sampling is carried out apart from access-control card reader to have pass by a period of time, but this section takes and can controlled
System is within 1 second, that is to say, that the time value of access controller sampling is possible to identical with the time value of access-control card reader,
May be slow 1 second.Then, correction is accomplished by when implementing, access controller can all enter to both possible time values
Row is once decrypted in computing, two decrypted results, and byte of padding is that the value set before is then considered legal result, thus
The plaintext for obtaining card number data can accurately be decrypted.
During using present system transmission signal, the data of use are ciphertexts, and the key encrypted every time
It is the dynamic key disperseed passage time, with never repeated, so the present invention can fundamentally solve gate inhibition system
The security threat that the means such as eavesdropping, forgery are caused in system.
Claims (3)
1. a kind of gate control system to Wiegand protocol signal encryption, it includes access-control card reader and access controller, and its feature exists
In the access-control card reader includes card reader CPU(1), encrypting module(11), card reader end key(12)And clock chip
(13), card reader CPU(1)By data/address bus respectively with clock chip(13)And encrypting module(11)It is connected, card reader end
Key(12)It is stored in card reader CPU(1)Data storage area;The access controller includes controller CPU(2), decryption mould
Block(21)With controller end key(22), deciphering module(21)With controller CPU(2)It is connected by data/address bus, controller
Hold key(22)It is stored in controller CPU(2)Data storage area;Initial phase, the clock chip(13)Controlled with gate inhibition
The system time synchronization of device processed, card reader end key(12)With controller end key(22)It is set to identical value and is stored in each
From data storage area in;Access-control card reader is from clock chip(13)In get Date and be accurate to the time of second and by adding
Close module(11)Date and time is encrypted to generate interim conversation key one, access controller controller end key
(22)Date and time is encrypted to generate interim conversation key two, the key encrypted every time is to be divided passage time
Scattered dynamic key.
2. the encipher-decipher method of the gate control system as claimed in claim 1 to Wiegand protocol signal encryption, the gate control system
Including access-control card reader and access controller, access-control card reader includes card reader CPU(1), encrypting module(11), card reader end it is close
Key(12)And clock chip(13), access controller include controller CPU(2), deciphering module(21)With controller end key
(22), its method and step is:
1)In initial phase, by clock chip(13)Time initial value and the system time of access controller synchronize,
Card reader end key(12)With controller end key(22)Identical value is set to, is stored among respective data storage area;
2)Access-control card reader obtains the card number of card;
3)Access-control card reader is from clock chip(13)Upper acquisition current date and time;
4)Access-control card reader card reader end key(12)Date and time is encrypted, interim conversation key one is obtained;
5)Access-control card reader is encrypted with a pair of card numbers of interim conversation key, obtains ciphertext card number;
6)Ciphertext card number is sent to access controller by access-control card reader by Wiegand protocol communication line;
7)Access controller controller end key(22)Encrypted after being corrected to date and time, obtain interim conversation key
Two;
8)Ciphertext card number is decrypted with interim conversation key two for access controller, obtains plaintext card number.
3. the encipher-decipher method of the gate control system according to claim 2 to Wiegand protocol signal encryption, it is characterised in that
It is described by clock chip(13)Time initial value and the system time of access controller to synchronize be to instigate clock chip(13)
It is less than 100ms with the time error of access controller.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310696120.5A CN104732614B (en) | 2013-12-18 | 2013-12-18 | A kind of gate control system and its encipher-decipher method to Wiegand protocol signal encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310696120.5A CN104732614B (en) | 2013-12-18 | 2013-12-18 | A kind of gate control system and its encipher-decipher method to Wiegand protocol signal encryption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104732614A CN104732614A (en) | 2015-06-24 |
| CN104732614B true CN104732614B (en) | 2017-10-27 |
Family
ID=53456482
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310696120.5A Expired - Fee Related CN104732614B (en) | 2013-12-18 | 2013-12-18 | A kind of gate control system and its encipher-decipher method to Wiegand protocol signal encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104732614B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107705391A (en) * | 2016-08-08 | 2018-02-16 | 同方锐安科技有限公司 | A kind of high safety, expansible access controller |
| CN107170080A (en) * | 2017-05-02 | 2017-09-15 | 广州盛炬智能科技有限公司 | A kind of synchronous code encryption device and method for gate control system |
| CN109429203A (en) * | 2017-08-22 | 2019-03-05 | 深圳光启智能光子技术有限公司 | Data transmission method, terminal, storage medium and processor |
| CN109544769A (en) * | 2019-01-17 | 2019-03-29 | 福州符号信息科技有限公司 | A kind of access control system and control method based on Wiegand protocol |
| CN109767535A (en) * | 2019-01-17 | 2019-05-17 | 福州符号信息科技有限公司 | A kind of access control system and method for the adaptive bar code based on Wiegand protocol |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101599188A (en) * | 2009-07-10 | 2009-12-09 | 广东南方信息安全产业基地有限公司 | A kind of gate control system based on the IPA safety certification |
| CN102129730A (en) * | 2010-01-14 | 2011-07-20 | 上海峥创电子有限公司 | Non-contact CPU (Central Processing Unit) card entrance guard reader |
Family Cites Families (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1914649A (en) * | 2003-12-09 | 2007-02-14 | 松下电器产业株式会社 | Authentication system, authentication device, and recording medium |
| US7475812B1 (en) * | 2005-12-09 | 2009-01-13 | Lenel Systems International, Inc. | Security system for access control using smart cards |
| CN101246609A (en) * | 2007-12-29 | 2008-08-20 | 北京儒田科技有限公司 | Free-card access control system |
| CN101329780B (en) * | 2008-07-15 | 2011-04-13 | 郑乐斌 | Interconnection lock for intelligent wireless network |
| CN101866411B (en) * | 2009-04-16 | 2012-07-25 | 深圳市数智国兴信息科技有限公司 | Security certification and encryption method and system of multi-application noncontact-type CPU card |
| CN201662817U (en) * | 2010-02-09 | 2010-12-01 | 济南艾雅信息系统有限公司 | Low-power-consumption intelligent label system based on RFID technology |
| CN102496199B (en) * | 2011-12-12 | 2014-04-16 | 山东大学 | Intelligent entrance guard control system with wireless ad hoc network function and control method thereof |
| CN102682506B (en) * | 2012-05-25 | 2015-07-08 | 北京华大信安科技有限公司 | Intelligent Bluetooth door access control method and device based on symmetric cryptographic technique |
| CN102831679B (en) * | 2012-08-17 | 2015-05-06 | 上海华申智能卡应用系统有限公司 | Two-way transmission expansion method and system compatible with wiegand protocol |
| CN203659084U (en) * | 2013-12-18 | 2014-06-18 | 同方锐安科技有限公司 | Access device for encrypting wiegand protocol signal |
-
2013
- 2013-12-18 CN CN201310696120.5A patent/CN104732614B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101599188A (en) * | 2009-07-10 | 2009-12-09 | 广东南方信息安全产业基地有限公司 | A kind of gate control system based on the IPA safety certification |
| CN102129730A (en) * | 2010-01-14 | 2011-07-20 | 上海峥创电子有限公司 | Non-contact CPU (Central Processing Unit) card entrance guard reader |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104732614A (en) | 2015-06-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101725847B1 (en) | Master key encryption functions for transmitter-receiver pairing as a countermeasure to thwart key recovery attacks | |
| US8516268B2 (en) | Secure field-programmable gate array (FPGA) architecture | |
| CN104732614B (en) | A kind of gate control system and its encipher-decipher method to Wiegand protocol signal encryption | |
| KR20140122188A (en) | Method for detecting a manipulation of a sensor and/or sensor data of the sensor | |
| JP5845393B2 (en) | Cryptographic communication apparatus and cryptographic communication system | |
| JP2018529271A (en) | Key generation method and apparatus using double encryption | |
| WO2013117087A1 (en) | Method and system for downloading file | |
| CN106878322B (en) | A kind of encryption and decryption method of fixed length ciphertext and key based on attribute | |
| CN103428204A (en) | Data security implementation method capable of resisting timing attacks and devices | |
| CN106453326A (en) | Authentication and access control method for CAN (Controller Area Network) bus | |
| CN103051869A (en) | System and method for encrypting camera video in real time | |
| CN105262586B (en) | The method for distributing key and device of automobile burglar equipment | |
| CN107104795A (en) | Method for implanting, framework and the system of RSA key pair and certificate | |
| KR101481403B1 (en) | Data certification and acquisition method for vehicle | |
| CN105791258A (en) | Data transmission method, terminal and open platform | |
| CN106209916A (en) | Industrial automation produces business data transmission encryption and decryption method and system | |
| CN114338213A (en) | Temperature-assisted authentication system and authentication method thereof | |
| CN112672342A (en) | Data transmission method, device, equipment, system and storage medium | |
| CN106657085A (en) | Data processing method and device and encryption device | |
| CN109451504B (en) | Internet of things module authentication method and system | |
| CN102916810A (en) | Method, system and apparatus for authenticating sensor | |
| CN100464337C (en) | Method and equipment for carrying out safety communication between USB device and host | |
| CN113141333B (en) | Communication method, device, server, system and storage medium of network access device | |
| CN208707655U (en) | A kind of power distribution automation key agreement system | |
| CN111081338A (en) | Safe human health parameter acquisition method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20171027 |