CN107707527A - A kind of detection method, read-write terminal and the system of smart card relay attack - Google Patents
A kind of detection method, read-write terminal and the system of smart card relay attack Download PDFInfo
- Publication number
- CN107707527A CN107707527A CN201710779601.0A CN201710779601A CN107707527A CN 107707527 A CN107707527 A CN 107707527A CN 201710779601 A CN201710779601 A CN 201710779601A CN 107707527 A CN107707527 A CN 107707527A
- Authority
- CN
- China
- Prior art keywords
- key verification
- smart card
- read
- write terminal
- execution time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
Abstract
The embodiment of the present invention provides a kind of detection method, read-write terminal and the system of smart card relay attack.Wherein, methods described includes:After the completion of anti-collision, before starting transceiving data with selected smart card, read-write terminal records current timestamp t1, and key verification order is sent to the smart card;The read-write terminal receives the key verification command response that smart card returns;The read-write terminal records current timestamp t2, and according to the timestamp t1With the timestamp t2The execution time of the key verification order is calculated, by the way that the execution time of the key verification order is judged whether by relay attack compared with set threshold value.Detection method, read-write terminal and the system of smart card relay attack provided in an embodiment of the present invention, can be before read-write terminal and smart card proper communication, judge whether by relay attack, solve the problems, such as that prior art is difficult to prevent relay attack, communication can be interrupted in time when detecting by relay attack, avoid losing.
Description
Technical field
The present embodiments relate to wireless communication technology field, specially a kind of detection method of smart card relay attack,
Read-write terminal and system.
Background technology
The use of smart card brings convenience to daily life.Near-field communication (NFC, Near Field
Communication before) card occurs, people generally use magnetic stripe card.Duplication yet with magnetic stripe card is very simple,
Easily it is forged, therefore nfc card occurs having obtained rapid popularization afterwards.With the popularization of NFC mobile phone, increasing NFC hands
Machine user selection is consumed using NFC mobile phone instead of traditional smart card, the particularly consumption in the field such as public transport.
Although nfc card has higher security, but still is easily perplexed by attack meanses such as relay attacks, have
Security risk.Particularly, as the development of NFC technique, main frame snap gauge intend (Host-based Card Emulation, HCE) skill
Art can simulate smart card on mobile phone without security module.At present, existing researcher, which proposes, a variety of is based on HCE technologies
Relay attack means, all kinds of smart card systems such as fiscard, transportation card can be attacked.So-called relay attack, refer to monitor and
Legal communication process is relayed, and the data message of collection is analyzed, waits distorted or to perform other non-when necessary
Method operates.By forging the modes such as transaction data, attacker can pass through operation of the relay attack of low cost to related service
Person brings huge loss.
Due to the standards of data fit ISO/IEC 14443 of relay attack generation, therefore existing equipment is difficult to prevent this
Kind attack meanses.Therefore it provides the infringement gesture that the effective detection method and then prevention relay attack of a kind of relay attack are brought exists
It must go.
The content of the invention
To solve the problems, such as that smart card relay attack is difficult to prevention in the prior art, the embodiment of the present invention provides a kind of intelligence
Detection method, read-write terminal and the system of card relay attack.
In a first aspect, the embodiment of the present invention provides a kind of detection method of smart card relay attack, this method includes:Anti-
After the completion of conflict, before starting transceiving data with selected smart card, read-write terminal records current timestamp t1, and send key
Check command gives the smart card;The read-write terminal receives the key verification command response that smart card returns;The read-write is eventually
End records current timestamp t2, and according to the timestamp t1With the timestamp t2Calculate holding for the key verification order
The row time, by judging whether to be attacked the execution time of the key verification order by relaying compared with set threshold value
Hit.
Second aspect, the embodiment of the present invention provide a kind of read-write terminal, and the terminal includes key verification order sending module,
For after the completion of anti-collision, before starting transceiving data with selected smart card, recording current timestamp t1, and send key
Check command gives the smart card;Key verification command response receiving module, for receiving the key verification life of smart card return
Order response;Key verification order performs time judgment module, for recording current timestamp t2, and according to the timestamp t1
With the timestamp t2The execution time of the key verification order is calculated, by by the execution time of the key verification order
Judge whether compared with set threshold value by relay attack.
The third aspect, the embodiment of the present invention provide a kind of detecting system of smart card relay attack, and the system includes read-write
Terminal, for after the completion of anti-collision, before starting transceiving data with selected smart card, recording current timestamp t1, concurrently
Key verification order is sent to receive the key verification command response that smart card returns to the smart card, record current timestamp
t2, and according to the timestamp t1With the timestamp t2The execution time of the key verification order is calculated, by will be described close
The execution time of key check command judges whether by relay attack compared with set threshold value;Smart card, for receiving
The key verification order of read-write terminal transmission is stated, performs the key verification order, and send the key verification command response
To the read-write terminal.
Fourth aspect, the embodiment of the present invention provide a kind of electronic equipment, including memory and processor, the processor and
The memory completes mutual communication by bus;The memory storage has and can referred to by the program of the computing device
Order, the processor call described program instruction to be able to carry out following method:After the completion of anti-collision, opened with selected smart card
Before beginning transceiving data, read-write terminal records current timestamp t1, and key verification order is sent to the smart card;The reading
Write terminal and receive the key verification command response that smart card returns;The read-write terminal records current timestamp t2, and according to
The timestamp t1With the timestamp t2The execution time of the key verification order is calculated, by the way that the key verification is ordered
The execution time of order judges whether by relay attack compared with set threshold value.
5th aspect, the embodiment of the present invention provide a kind of computer-readable recording medium, are stored thereon with computer program,
The computer program realizes following method when being executed by processor:After the completion of anti-collision, start to receive and dispatch with selected smart card
Before data, read-write terminal records current timestamp t1, and key verification order is sent to the smart card;The read-write terminal
Receive the key verification command response that smart card returns;The read-write terminal records current timestamp t2, and according to it is described when
Between stab t1With the timestamp t2The execution time of the key verification order is calculated, passes through holding the key verification order
The row time judges whether by relay attack compared with set threshold value.
Detection method, read-write terminal and the system of smart card relay attack provided in an embodiment of the present invention, it can read and write
Terminal is with before smart card proper communication, judging whether by relay attack solve prior art and be difficult to prevent relay attack
Problem, communication can be interrupted in time when detecting by relay attack, avoid losing.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are this hairs
Some bright embodiments, for those of ordinary skill in the art, on the premise of not paying creative work, can be with root
Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is the detection method flow chart of smart card relay attack provided in an embodiment of the present invention;
Fig. 2 is the detection method flow chart of another smart card relay attack provided in an embodiment of the present invention;
Fig. 3 is the structural representation of read-write terminal provided in an embodiment of the present invention;
Fig. 4 is the structural representation of another read-write terminal provided in an embodiment of the present invention;
Fig. 5 is the detecting system structural representation of smart card relay attack provided in an embodiment of the present invention;
Fig. 6 is the structural representation of electronic equipment provided in an embodiment of the present invention.
Embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention
In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is
Part of the embodiment of the present invention, rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art
The every other embodiment obtained under the premise of creative work is not made, belongs to the scope of protection of the invention.
In the communication of smart card and read-write terminal, receiving and sending messages and reading and writing due to read-write terminal and contact type intelligent card
Operation is completed by radio wave, easily by relay attack.After relay attack, read-write terminal and contactless intelligence
It can block and be communicated by trunking (such as non-contact read-write chip PN532, NFC mobile phone).Read-write terminal and contactless intelligence
Communication between blocking is forwarded or even is tampered by trunking, so that attacker reaches illegal objective.
For the infringement that brings of defence relay attack, can after the completion of read-write terminal and contact type intelligent card anti-collision,
The detection of relay attack is carried out in advance before starting transceiving data, if detected by relay attack, interrupts contact type intelligent card
With the communication of read-write terminal, so as to reach defence purpose.
Fig. 1 is the detection method flow chart of smart card relay attack provided in an embodiment of the present invention.As shown in figure 1, the party
Method includes:
Step 101, after the completion of anti-collision, before starting transceiving data with selected smart card, read-write terminal record is current
Timestamp t1, and key verification order is sent to the smart card;
Wireless communication technology, the read-write terminal with contact intelligent card are used between read-write terminal and contact type intelligent card
There is a special deck different, it is understood that there may be multiple smart cards are appeared in the communication range of read-write terminal.Therefore, reading and writing
Before terminal starts proper communication with contact type intelligent card, anti-collision processing is carried out first, selects a smart card to be led to
Letter.
After the completion of anti-collision, before starting transceiving data with selected smart card, read-write terminal records current timestamp
t1, and key verification order is sent to the smart card;Smart card for meeting ISO/IEC 7816-4 standards, the key
Check command can use internal verification (Internal Authentication) to order, and can also use what smart card was supported
Other are used for the order for verifying smart card validity.The AES of the key verification order can be data encryption standards
(Data Encryption Standard, DES), 3DES (Triple DES) or Advanced Encryption Standard (Advanced
Encryption Standard, AES) scheduling algorithm, arranged by read-write terminal and smart card.
The key verification order includes random number plain text;The smart card receives described close including random number plain text
After key check command, the random number plain text is encrypted according to the AES arranged with the read-write terminal, will
The random number plain text is changed into random number ciphertext.
Step 102, the read-write terminal receive the key verification command response that smart card returns;
The key verification command response includes the random number ciphertext.
Step 104, the read-write terminal record current timestamp t2, and according to the timestamp t1With the timestamp
t2The execution time of the key verification order is calculated, by the way that the execution time of the key verification order is entered with set threshold value
Whether row multilevel iudge is by relay attack.
The execution time of the key verification order is t2-t1, by by the execution time of the key verification order and institute
Judge whether if threshold value is compared by relay attack.Because by after relay attack, read-write terminal is with smart card in
Communicated after equipment, therefore call duration time has extension than the time of proper communication, based on this principle, can rule of thumb set
The fixed set threshold value, the execution time of the key verification order is completed during as read-write terminal and smart card proper communication,
Then by the execution time of the key verification order obtained in detection process compared with set threshold value, if can obtain
The execution time for going out the key verification order is more than set threshold value, then can be determined that there occurs relay attack, and the read-write is eventually
End can interrupt the communication with the smart card;, whereas if the execution time of the key verification order is not more than set threshold
Value, then can be determined that and relay attack do not occur, the read-write terminal can be with the smart card proper communication.
The embodiment of the present invention from read-write terminal to smart card by before read-write terminal and smart card proper communication, sending close
Key check command, and by the execution time of key verification order compared with set threshold value, and then judge whether to be relayed
Attack, solve the problems, such as that prior art is difficult to prevent relay attack, can be interrupted in time when detecting by relay attack
Communication, avoids losing.
Further, it is described by by the execution time of the key verification order and set threshold based on above-described embodiment
Value, which is compared, to be judged whether to be specifically included by relay attack:
Judge whether the execution time of the key verification order exceedes set threshold value, if the key verification order is held
The row time exceedes set threshold value, then knows by relay attack;If the execution time of the key verification order is not less than set
Threshold value, then know and be not affected by relay attack;Wherein, the system for the execution time that the set threshold value passes through the key verification order
Evaluation obtains.
Because in the communication of read-write terminal and smart card, the execution time of key verification order is incomplete same.To homotype
The execution time of number key verification order of read-write terminal and smart card based on selected encryption algorithm is counted, and can be obtained close
The statistical value of the execution time of key check command, the statistical value of the executions time of key verification order can reflect read-write terminal and
The execution time of key verification order during smart card proper communication.Therefore, the set threshold value can pass through the key
The statistics of the execution time of check command is worth to.The set threshold value can be that t+ (4~6) σ, wherein t is the key verification
The average value of the execution time of order, is by smart card designs specification, in the card reader that smart card manufacturer specifies more specifically
Under, perform the average time needed for the key verification order;σ is the standard deviation of the execution time of the key verification order,
More specifically, it is by smart card designs specification, under the card reader that smart card manufacturer specifies, performs the key verification order
The standard deviation of required time.
The read-write terminal judges whether the execution time of the key verification order in detection process exceedes set threshold
Value, if the execution time of the key verification order exceedes set threshold value, know by relay attack, the read-write terminal can
To interrupt the communication with the smart card;If the execution time of the key verification order not less than set threshold value, is known not
By relay attack, the read-write terminal can be with the smart card proper communication.
On the basis of above-described embodiment, the statistical value for the execution time that the embodiment of the present invention passes through key verification order obtains
To set threshold value, and by the execution time of key verification order compared with the size of set threshold value, so judge whether by
To relay attack, accuracy and reliability that relay attack detects are improved.
Further, based on above-described embodiment, the set threshold value is t+5 σ, and wherein t is the key verification order
The average value of time is performed, σ is the standard deviation of the execution time of the key verification order.
On the basis of above-described embodiment, the embodiment of the present invention obtains more reasonably set threshold value by testing, and improves
The accuracy and reliability of relay attack detection.
Further, based on above-described embodiment, the key verification order that smart card return is received in the read-write terminal rings
After answering, current timestamp t is recorded2Also include before:
If the read-write terminal judges to know that the key verification command response is illegal, interrupt and the intelligent cartoon
Letter, no longer performs subsequent step.
Fig. 2 is the detection method flow chart of another smart card relay attack provided in an embodiment of the present invention.As shown in Fig. 2
This method includes:
Step 101, after the completion of anti-collision, before starting transceiving data with selected smart card, read-write terminal record is current
Timestamp t1, and key verification order is sent to the smart card;
Step 102, the read-write terminal receive the key verification command response that smart card returns;
If step 103, the read-write terminal judge to know that the key verification command response is illegal, interrupt and the intelligence
Energy cartoon letters, no longer perform subsequent step.
Because the communication between read-write terminal and smart card is by after relay attack, trunking is supervised to Content of Communication
Depending on that can forward communication data or communication data is distorted.If the key verification that the smart card that read-write terminal receives is sent
Command response is different from expected key verification command response, that is, receives illegal key verification command response, then explanation relaying
Equipment is distorted to communication data, would know that the communication between read-write terminal and smart card by relay attack, is then interrupted
With the smart card communications, subsequent step is no longer performed.
If the key verification command response that the smart card that read-write terminal receives is sent is rung with expected key verification order
Should be identical, that is, legal key verification command response is received, then illustrates that trunking is not distorted to communication data, but not
It is capable of determining whether by relay attack, because if trunking is only forwarding data, then the key verification command response is still
It is so legal.
Therefore when the key verification command response is legal, step 104 need to be further performed, by performing step 104
Further determine whether by relay attack.
Step 104, the read-write terminal record current timestamp t2, and according to the timestamp t1With the timestamp
t2The execution time of the key verification order is calculated, by the way that the execution time of the key verification order is entered with set threshold value
Whether row multilevel iudge is by relay attack.
Wherein, step 101, step 102 and step 104 are identical with Fig. 1 flow, and here is omitted.
On the basis of above-described embodiment, during the embodiment of the present invention is judged by the legitimacy of key verification command response
After the generation of attack, the efficiency that relay attack detects is improved.
Fig. 3 is the structural representation of read-write terminal provided in an embodiment of the present invention.As shown in figure 3, the read-write terminal bag
Include key verification order sending module 10, key verification command response receiving module 20 and key verification order and perform time judgement
Module 40, wherein:
Key verification order sending module 10 is used for after the completion of anti-collision, starts transceiving data with selected smart card
Before, record current timestamp t1, and key verification order is sent to the smart card;
Smart card for meeting ISO/IEC 7816-4 standards, the key verification order can be ordered using internal verification
Order, other orders for being used to verify smart card validity that smart card can also be used to support.The key verification order adds
Close algorithm is arranged by read-write terminal and smart card.
The key verification order includes random number plain text;The smart card receives described close including random number plain text
After key check command, the random number plain text is encrypted according to the AES arranged with the read-write terminal, will
The random number plain text is changed into random number ciphertext.
Key verification command response receiving module 20 is used for the key verification command response for receiving smart card return;
The key verification command response includes the random number ciphertext.
Key verification order performs time judgment module 40 and is used to record current timestamp t2, and according to the timestamp
t1With the timestamp t2The execution time of the key verification order is calculated, during by by the execution of the key verification order
Between judge whether compared with set threshold value by relay attack.
The execution time of the key verification order is t2-t1, by by the execution time of the key verification order and institute
Judge whether if threshold value is compared by relay attack.The set threshold value can be rule of thumb set, as read-write terminal
It is the execution time with completing the key verification order during smart card proper communication, then described close by what is obtained in detection process
The execution time of key check command is compared with set threshold value, if the execution time of the key verification order can be drawn
More than set threshold value, then it can be determined that there occurs relay attack;, whereas if the execution time of the key verification order is little
In set threshold value, then it can be determined that and relay attack do not occur.
The embodiment of the present invention from read-write terminal to smart card by before read-write terminal and smart card proper communication, sending close
Key check command, and by the execution time of key verification order compared with set threshold value, and then judge whether to be relayed
Attack, solve the problems, such as that prior art is difficult to prevent relay attack, can be interrupted in time when detecting by relay attack
Communication, avoids losing.
Further, perform time judgment module 40 based on above-described embodiment, key verification order and be additionally operable to:
Judge whether the execution time of the key verification order exceedes set threshold value, if the key verification order is held
The row time exceedes set threshold value, then knows by relay attack;If the execution time of the key verification order is not less than set
Threshold value, then know and be not affected by relay attack;Wherein, the system for the execution time that the set threshold value passes through the key verification order
Evaluation obtains.
Because in the communication of read-write terminal and smart card, the execution time of key verification order is incomplete same.To homotype
The execution time of number key verification order of read-write terminal and smart card based on particular encryption algorithm is counted, and can obtain institute
The statistical value of the execution time of key verification order is stated, the statistical value of the execution time of key verification order can reflect read-write eventually
End and the execution time of key verification order during smart card proper communication.Therefore, the set threshold value can pass through the key
The statistics of the execution time of check command is worth to.The set threshold value can be that t+ (4~6) σ, wherein t is the key verification
The average value of the execution time of order, σ are the standard deviations of the execution time of the key verification order.
Key verification order performs the execution that time judgment module 40 judges the key verification order in detection process
Whether the time exceedes set threshold value, if the execution time of the key verification order exceedes set threshold value, knows and is relayed
Attack;If the execution time of the key verification order not less than set threshold value, is known and is not affected by relay attack.
On the basis of above-described embodiment, the statistical value for the execution time that the embodiment of the present invention passes through key verification order obtains
To set threshold value, and by the execution time of key verification order compared with the size of set threshold value, so judge whether by
To relay attack, accuracy and reliability that relay attack detects are improved.
Further, based on above-described embodiment, the set threshold value is t+5 σ, and wherein t is the key verification order
The average value of time is performed, σ is the standard deviation of the execution time of the key verification order.
On the basis of above-described embodiment, the embodiment of the present invention obtains more reasonably set threshold value by testing, and improves
The accuracy and reliability of relay attack detection.
Fig. 4 is the structural representation of another read-write terminal provided in an embodiment of the present invention.As shown in figure 4, the read-write is eventually
End includes key verification order sending module 10, key verification command response receiving module 20, key verification command response and judged
Module 30 and key verification order perform time judgment module 40, wherein:
Key verification order sending module 10 is used for after the completion of anti-collision, starts transceiving data with selected smart card
Before, record current timestamp t1, and key verification order is sent to the smart card;
Key verification command response receiving module 20 is used for the key verification command response for receiving smart card return;
Key verification command response judge module 30 is used for the key verification that smart card return is received in the read-write terminal
After command response, current timestamp t is recorded2Before, if judging to know that the key verification command response is illegal, interrupt
With the smart card communications, subsequent step is no longer performed.
If the key verification command response that the smart card that key verification command response receiving module 20 receives is sent with it is pre-
The key verification command response of phase is different, that is, receives illegal key verification command response, then illustrates trunking to the number that communicates
According to being distorted, key verification command response judge module 30 would know that communication between read-write terminal and smart card by
After attack, then interrupt and perform time judgment module 40 with the smart card communications, no longer triggering key verification order and act.
If the key verification command response that the smart card that key verification command response receiving module 20 receives is sent with it is pre-
The key verification command response of phase is identical, that is, receives legal key verification command response, then illustrates trunking not to communication
Data are distorted, but key verification command response judge module 30 not can determine that the communication between read-write terminal and smart card
Whether by relay attack, then trigger the key verification order execution action of time judgment module 40 and determined whether.
Key verification order performs time judgment module 40 and is used to record current timestamp t2, and according to the timestamp
t1With the timestamp t2The execution time of the key verification order is calculated, during by by the execution of the key verification order
Between judge whether compared with set threshold value by relay attack.
Wherein, key verification order sending module 10, key verification command response receiving module 20 and key verification order
The 26S Proteasome Structure and Function of execution time judgment module 40 is identical with Fig. 3, and here is omitted.
On the basis of above-described embodiment, during the embodiment of the present invention is judged by the legitimacy of key verification command response
After the generation of attack, the efficiency that relay attack detects is improved.
Fig. 5 is the detecting system structural representation of smart card relay attack provided in an embodiment of the present invention.As shown in figure 5,
The system includes read-write terminal 100 and smart card 200, wherein:
Read-write terminal 100 is used for after the completion of anti-collision, before starting transceiving data with selected smart card, records current
Timestamp t1, and key verification order is sent to the smart card;Receive the key verification command response that smart card returns;Record
Current timestamp t2, and according to the timestamp t1With the timestamp t2Calculate the execution time of the key verification order;
By the way that the execution time of the key verification order is judged whether by relay attack compared with set threshold value;
Smart card 200 is used to receive the key verification order that the read-write terminal is sent, and performs the key verification order,
And the key verification command response is sent to the read-write terminal.
Read-write terminal 100 before starting transceiving data with smart card 200, records current timestamp after the completion of anti-collision
t1, and key verification order is sent to smart card 200;Smart card for meeting ISO/IEC 7816-4 standards, the key
Check command can use internal verification order, and other that can also be supported using smart card are used to verify smart card validity
Order, the AES of the key verification order are arranged by read-write terminal and smart card.
The key verification order includes random number plain text;The smart card receives described close including random number plain text
After key check command, the random number plain text is encrypted according to the AES arranged with the read-write terminal, will
The random number plain text is changed into random number ciphertext.
Smart card 200 sends the key verification command response for including the random number ciphertext to read-write terminal 100, and read-write is eventually
End 100 records current timestamp t after receiving the key verification command response of smart card return2, and according to the timestamp t1
With the timestamp t2Calculate the execution time t of the key verification order2-t1, by by the execution of the key verification order
Time judges whether compared with set threshold value by relay attack, can rule of thumb set the set threshold value, as
Read-write terminal and the execution time that the key verification order is completed during smart card proper communication.Read-write terminal 100 will detect
The execution time of the key verification order obtained in journey is compared with set threshold value, if the key school can be drawn
The execution time for testing order is more than set threshold value, then can be determined that there occurs relay attack;, whereas if the key verification life
The execution time of order is not more than set threshold value, then can be determined that and relay attack does not occur.
The embodiment of the present invention from read-write terminal to smart card by before read-write terminal and smart card proper communication, sending close
Key check command, and by the execution time of key verification order compared with set threshold value, and then judge whether to be relayed
Attack, solve the problems, such as that prior art is difficult to prevent relay attack, can be interrupted in time when detecting by relay attack
Communication, avoids losing.
Further, it is additionally operable to based on above-described embodiment, read-write terminal 100:Judge the execution of the key verification order
Whether the time exceedes set threshold value, if the execution time of the key verification order exceedes set threshold value, knows and is relayed
Attack;If the execution time of the key verification order not less than set threshold value, is known and is not affected by relay attack;Wherein, institute
The statistics for stating the execution time that set threshold value passes through the key verification order is worth to.
The statistical value of the execution time of key verification order can reflect read-write terminal and key during smart card proper communication
The execution time of check command.Therefore, the set threshold value can pass through the statistics of the execution time of the key verification order
It is worth to.The set threshold value can be t+ (4~6) σ, wherein t be the key verification order the execution time average value, σ
It is the standard deviation of the execution time of the key verification order.
Read-write terminal 100 judges whether the execution time of the key verification order in detection process exceedes set threshold
Value, if the execution time of the key verification order exceedes set threshold value, know by relay attack;If the key verification
The execution time of order not less than set threshold value, is then known and is not affected by relay attack.
On the basis of above-described embodiment, the statistical value for the execution time that the embodiment of the present invention passes through key verification order obtains
To set threshold value, and by the execution time of key verification order compared with the size of set threshold value, so judge whether by
To relay attack, accuracy and reliability that relay attack detects are improved.
Further, based on above-described embodiment, the set threshold value is t+5 σ, and wherein t is the key verification order
The average value of time is performed, σ is the standard deviation of the execution time of the key verification order.
On the basis of above-described embodiment, the embodiment of the present invention obtains more reasonably set threshold value by testing, and improves
The accuracy and reliability of relay attack detection.
Further, it is additionally operable to based on above-described embodiment, read-write terminal 100:Receiving the key school of the return of smart card 200
Test after command response, record current timestamp t2Before, if judging to know that the key verification command response is illegal, in
It is disconnected to be communicated with the smart card 200, no longer perform subsequent step.
If the key verification command response that the smart card that read-write terminal 100 receives is sent and expected key verification order
Response is different, that is, receives illegal key verification command response, then illustrate that trunking is distorted to communication data, reads and writes
Terminal 100 would know that the communication between read-write terminal and smart card is led to by relay attack, then interruption with the smart card 200
Letter.
If the key verification command response that the smart card that read-write terminal 100 receives is sent and expected key verification order
Respond identical, that is, receive legal key verification command response, then illustrate that trunking is not distorted to communication data, still
Whether read-write terminal 100 not can determine that communication between read-write terminal and smart card by relay attack, need to further pass through by
The execution time of the key verification order is judged compared with set threshold value.
On the basis of above-described embodiment, during the embodiment of the present invention is judged by the legitimacy of key verification command response
After the generation of attack, the efficiency that relay attack detects is improved.
Read-write terminal provided in an embodiment of the present invention and system are for the above method, and concrete function can refer to above-mentioned side
Method flow, here is omitted.
Fig. 6 is the structural representation of electronic equipment provided in an embodiment of the present invention.As shown in fig. 6, electronic equipment 1 includes place
Manage device 301, memory 302 and bus 303.Wherein, the processor 301 and the memory 302 are complete by the bus 303
Into mutual communication;The processor 301 is used to call the programmed instruction in the memory 302, to perform above-mentioned each side
The method that method embodiment is provided, such as including:After the completion of anti-collision, before starting transceiving data with selected smart card, read
Write terminal and record current timestamp t1, and key verification order is sent to the smart card;The read-write terminal receives intelligence
Block the key verification command response returned;The read-write terminal records current timestamp t2, and according to the timestamp t1And institute
State timestamp t2The execution time of the key verification order is calculated, by by the execution time of the key verification order and institute
Judge whether if threshold value is compared by relay attack.
The embodiment of the present invention discloses a kind of computer program product, and the computer program product is non-transient including being stored in
Computer program on computer-readable recording medium, the computer program include programmed instruction, when described program instructs quilt
When computer performs, computer is able to carry out the method that above-mentioned each method embodiment is provided, such as including:Completed in anti-collision
Afterwards, before starting transceiving data with selected smart card, read-write terminal records current timestamp t1, and send key verification order
To the smart card;The read-write terminal receives the key verification command response that smart card returns;The read-write terminal record is worked as
Preceding timestamp t2, and according to the timestamp t1With the timestamp t2The execution time of the key verification order is calculated, is led to
Cross and judge whether the execution time of the key verification order by relay attack compared with set threshold value.
The embodiment of the present invention provides a kind of non-transient computer readable storage medium storing program for executing, the non-transient computer readable storage
Medium storing computer instructs, and the computer instruction makes the computer perform the side that above-mentioned each method embodiment is provided
Method, such as including:After the completion of anti-collision, before starting transceiving data with selected smart card, when read-write terminal records current
Between stab t1, and key verification order is sent to the smart card;The read-write terminal receives the key verification life that smart card returns
Order response;The read-write terminal records current timestamp t2, and according to the timestamp t1With the timestamp t2Described in calculating
The execution time of key verification order, by the way that the execution time of the key verification order is judged compared with set threshold value
Whether by relay attack.
One of ordinary skill in the art will appreciate that:Realizing all or part of step of above method embodiment can pass through
Programmed instruction related hardware is completed, and foregoing program can be stored in a computer read/write memory medium, the program
Upon execution, the step of execution includes above method embodiment;And foregoing storage medium includes:ROM, RAM, magnetic disc or light
Disk etc. is various can be with the medium of store program codes.
The embodiments such as electronic equipment described above are only schematical, illustrate wherein described as separating component
Unit can be or may not be physically separate, can be as the part that unit is shown or may not be thing
Manage unit, you can with positioned at a place, or can also be distributed on multiple NEs.It can select according to the actual needs
Some or all of module therein is selected to realize the purpose of this embodiment scheme.Those of ordinary skill in the art are not paying wound
In the case of the work for the property made, you can to understand and implement.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can
Realized by the mode of software plus required general hardware platform, naturally it is also possible to pass through hardware.Based on such understanding, on
The part that technical scheme substantially in other words contributes to prior art is stated to embody in the form of software product, should
Computer software product can store in a computer-readable storage medium, such as ROM/RAM, magnetic disc, CD, including some fingers
Make to cause an electronic equipment (can be personal computer, server, or network equipment etc.) to perform each embodiment
Or the method described in some parts of embodiment.
Finally it should be noted that:The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although
The present invention is described in detail with reference to the foregoing embodiments, it will be understood by those within the art that:It still may be used
To be modified to the technical scheme described in foregoing embodiments, or equivalent substitution is carried out to which part technical characteristic;
And these modification or replace, do not make appropriate technical solution essence depart from various embodiments of the present invention technical scheme spirit and
Scope.
Claims (10)
- A kind of 1. detection method of smart card relay attack, it is characterised in that including:After the completion of anti-collision, before starting transceiving data with selected smart card, read-write terminal records current timestamp t1, and Key verification order is sent to the smart card;The read-write terminal receives the key verification command response that smart card returns;The read-write terminal records current timestamp t2, and according to the timestamp t1With the timestamp t2Calculate described close The execution time of key check command, by the way that judgement is compared with set threshold value by the execution time of the key verification order It is no by relay attack.
- 2. according to the method for claim 1, it is characterised in that described by by the execution time of the key verification order Judge whether to be specifically included by relay attack compared with set threshold value:Judge whether the execution time of the key verification order exceedes set threshold value, if during the execution of the key verification order Between exceed set threshold value, then know by relay attack;If the execution time of the key verification order not less than set threshold value, Then know and be not affected by relay attack;Wherein, the statistical value for the execution time that the set threshold value passes through the key verification order Obtain.
- 3. according to the method for claim 2, it is characterised in that the set threshold value is t+5 σ, and wherein t is the key school The average value of the execution time of order is tested, σ is the standard deviation of the execution time of the key verification order.
- 4. according to any methods described of claims 1 to 3, it is characterised in that receive what smart card returned in the read-write terminal After key verification command response, current timestamp t is recorded2Also include before:If the read-write terminal judges to know that the key verification command response is illegal, interruption and the smart card communications, no Subsequent step is performed again.
- A kind of 5. read-write terminal, it is characterised in that including:Key verification order sending module, for after the completion of anti-collision, before starting transceiving data with selected smart card, recording Current timestamp t1, and key verification order is sent to the smart card;Key verification command response receiving module, for receiving the key verification command response of smart card return;Key verification order performs time judgment module, for recording current timestamp t2, and according to the timestamp t1And institute State timestamp t2The execution time of the key verification order is calculated, by by the execution time of the key verification order and institute Judge whether if threshold value is compared by relay attack.
- 6. read-write terminal according to claim 5, it is characterised in that also including key verification command response judge module, It is specifically used for:After the key verification command response that the read-write terminal receives that smart card returns, current timestamp t is recorded2Before, If judgement knows that the key verification command response is illegal, interruption and the smart card communications, subsequent step is no longer performed.
- A kind of 7. detecting system of smart card relay attack, it is characterised in that including:Read-write terminal, for after the completion of anti-collision, before starting transceiving data with selected smart card, recording current timestamp t1, and key verification order is sent to the smart card;Receive the key verification command response that smart card returns;Record currently Timestamp t2, and according to the timestamp t1With the timestamp t2Calculate the execution time of the key verification order;Passing through will The execution time of the key verification order judges whether by relay attack compared with set threshold value;Smart card, the key verification order sent for receiving the read-write terminal, performs the key verification order, and send The key verification command response gives the read-write terminal.
- 8. system according to claim 7, it is characterised in that the read-write terminal is additionally operable to:After the key verification command response that smart card returns is received, current timestamp t is recorded2Before, if judging to know institute It is illegal to state key verification command response, then interruption and the smart card communications, no longer perform subsequent step.
- 9. a kind of electronic equipment, it is characterised in that including memory and processor, the processor and the memory pass through total Line completes mutual communication;The memory storage has and can adjusted by the programmed instruction of the computing device, the processor The method as described in Claims 1-4 is any is able to carry out with described program instruction.
- 10. a kind of computer-readable recording medium, is stored thereon with computer program, it is characterised in that the computer program quilt The method as described in Claims 1-4 is any is realized during computing device.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710779601.0A CN107707527A (en) | 2017-09-01 | 2017-09-01 | A kind of detection method, read-write terminal and the system of smart card relay attack |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710779601.0A CN107707527A (en) | 2017-09-01 | 2017-09-01 | A kind of detection method, read-write terminal and the system of smart card relay attack |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107707527A true CN107707527A (en) | 2018-02-16 |
Family
ID=61171402
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710779601.0A Pending CN107707527A (en) | 2017-09-01 | 2017-09-01 | A kind of detection method, read-write terminal and the system of smart card relay attack |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107707527A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111383011A (en) * | 2018-12-29 | 2020-07-07 | 华为技术有限公司 | Method for processing relay attack and security unit |
CN112688774A (en) * | 2020-12-09 | 2021-04-20 | 天地融科技股份有限公司 | Secure communication method and system for protecting key negotiation by using timing communication |
CN114513371A (en) * | 2022-04-19 | 2022-05-17 | 广州万协通信息技术有限公司 | Attack detection method and system based on interactive data |
WO2022121938A1 (en) * | 2020-12-09 | 2022-06-16 | 天地融科技股份有限公司 | Secure communication method and system for protecting key negotiation by using timing communication |
CN115086072A (en) * | 2022-07-20 | 2022-09-20 | 紫光同芯微电子有限公司 | Smart card attack testing method and device |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102047606A (en) * | 2008-05-26 | 2011-05-04 | Nxp股份有限公司 | Decoupling of measuring the response time of a transponder and its authentication |
CN103095346A (en) * | 2011-11-04 | 2013-05-08 | Nxp股份有限公司 | Proximity assurance for short-range communication channels |
CN103679058A (en) * | 2013-12-25 | 2014-03-26 | 湖北警官学院 | System and method of non-contact IC card for defending relay attack |
CN104821945A (en) * | 2015-04-30 | 2015-08-05 | 南京邮电大学 | Defensive system of relay attack of near-field mobile payment and realization method thereof |
CN105046177A (en) * | 2014-04-29 | 2015-11-11 | 恩智浦有限公司 | Proximity check for communication devices |
-
2017
- 2017-09-01 CN CN201710779601.0A patent/CN107707527A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102047606A (en) * | 2008-05-26 | 2011-05-04 | Nxp股份有限公司 | Decoupling of measuring the response time of a transponder and its authentication |
CN103095346A (en) * | 2011-11-04 | 2013-05-08 | Nxp股份有限公司 | Proximity assurance for short-range communication channels |
CN103679058A (en) * | 2013-12-25 | 2014-03-26 | 湖北警官学院 | System and method of non-contact IC card for defending relay attack |
CN105046177A (en) * | 2014-04-29 | 2015-11-11 | 恩智浦有限公司 | Proximity check for communication devices |
CN104821945A (en) * | 2015-04-30 | 2015-08-05 | 南京邮电大学 | Defensive system of relay attack of near-field mobile payment and realization method thereof |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111383011A (en) * | 2018-12-29 | 2020-07-07 | 华为技术有限公司 | Method for processing relay attack and security unit |
CN111383011B (en) * | 2018-12-29 | 2023-09-29 | 华为技术有限公司 | Method for processing relay attack and safety unit |
CN112688774A (en) * | 2020-12-09 | 2021-04-20 | 天地融科技股份有限公司 | Secure communication method and system for protecting key negotiation by using timing communication |
WO2022121938A1 (en) * | 2020-12-09 | 2022-06-16 | 天地融科技股份有限公司 | Secure communication method and system for protecting key negotiation by using timing communication |
CN114513371A (en) * | 2022-04-19 | 2022-05-17 | 广州万协通信息技术有限公司 | Attack detection method and system based on interactive data |
CN115086072A (en) * | 2022-07-20 | 2022-09-20 | 紫光同芯微电子有限公司 | Smart card attack testing method and device |
CN115086072B (en) * | 2022-07-20 | 2022-12-16 | 紫光同芯微电子有限公司 | Smart card attack testing method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107707527A (en) | A kind of detection method, read-write terminal and the system of smart card relay attack | |
EP3537745B1 (en) | Physical and logical detections for fraud and tampering | |
CN102547682B (en) | Control protected built-in function and the method and apparatus of application in microcircuit card | |
CN103778730B (en) | Improve the method for mobile terminal near-field communication payment safety, system and terminal thereof | |
CN107645482A (en) | A kind of risk control method and device for business operation | |
CN102542453B (en) | Mobile payment identity verification method | |
WO2017128976A1 (en) | Credit payment method and device based on card emulation of mobile terminal | |
CN106997527A (en) | Credit payment method and device based on mobile terminal P2P | |
CN103699997B (en) | A kind of method, apparatus and electronic equipment of locking mobile payment service | |
CN103268547A (en) | NFC (Near Field Communication) mobile phone payment system with fingerprint authentication mechanism | |
CN101918985A (en) | Contactless biometric authentication system and authentication method | |
CN108810831A (en) | Method for pushing, electronic device and the readable storage medium storing program for executing of short message verification code | |
CN105324777A (en) | Device and authentication system | |
CN104363589A (en) | Identity authentication method, device and terminal | |
CN103794000A (en) | Method for processing in case of non-contact IC card data reading failure and device for implementing method | |
CN101872513B (en) | Data processing method, device and system based on POS (Point-Of-Sale) machine | |
Radu et al. | Practical EMV relay protection | |
CN204242233U (en) | A kind of NFC mobile phone payment system | |
CN102779374B (en) | The transaction processing method of stored value card and system | |
CN103684779B (en) | communication network authentication method and system | |
CN107294981B (en) | Authentication method and equipment | |
CN104169942A (en) | Card swiping method and device for determining mobile terminal for swiping card, utilizing intensity of ultrasonic signal | |
CN107862768A (en) | A kind of intelligent bicycle lock control method and device | |
US11403639B2 (en) | Method of auto-detection of an attempted piracy of an electronic payment card, corresponding card, terminal and program | |
CN104573765B (en) | Smart card information processing method and processing device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180216 |
|
RJ01 | Rejection of invention patent application after publication |