Disclosure of Invention
In view of the above, it is necessary to provide an authentication system and method for a tag chip, a computer device, and a storage medium, which can improve security of RFID tag authentication.
An authentication system of a tag chip, comprising: a tag chip and a reader/writer;
the tag chip is used for acquiring authentication data to be encrypted from a radio frequency front-end circuit, acquiring a secret key and security configuration information which are sent by the reader based on an EPC protocol and are generated based on a national secret algorithm, generating a preset random number based on the secret key and the security configuration information, and encrypting the authentication data according to the national secret algorithm and the preset random number;
the reader is used for acquiring the encrypted authentication data sent by the tag chip and performing bidirectional authentication on the tag chip based on the EPC protocol and the authentication data.
In one of the embodiments, the first and second electrodes are,
the reader is further configured to send a state switching instruction to the tag chip before authentication, so as to switch the tag chip from an idle state to a single state.
In one of the embodiments, the first and second electrodes are,
the reader-writer is further configured to read the tag identification code of the tag chip based on an EPC protocol, and disperse the tag identification code according to the secret key of the reader-writer and the cryptographic algorithm to obtain the secret key of the tag chip.
In one of the embodiments, the first and second electrodes are,
the radio frequency front-end circuit is used for generating a clock signal, generating a reset signal and/or modulating or demodulating a baseband signal.
In one of the embodiments, the first and second electrodes are,
the reader-writer is further configured to send a lock instruction to the tag chip based on an EPC protocol after writing the key and the security configuration information into the tag chip based on the EPC protocol, so as to lock the key and the security configuration information of the tag chip.
In one of the embodiments, the first and second electrodes are,
and the reader-writer is further used for sending a data processing instruction to the tag chip based on the EPC protocol if the bidirectional authentication passes the bidirectional authentication so as to process the data of the protected area in the tag chip.
An authentication method of a tag chip is applied to the tag chip, and the method comprises the following steps:
acquiring authentication data to be encrypted from a radio frequency front-end circuit;
acquiring a secret key and security configuration information which are sent by a reader based on an EPC protocol and generated based on a national secret algorithm;
and generating a preset random number based on the secret key and the security configuration information, encrypting the authentication data according to the national secret algorithm and the preset random number, and sending the encrypted authentication data to a corresponding reader-writer, wherein the reader-writer is used for performing bidirectional authentication on the tag chip based on an EPC protocol and the encrypted authentication data.
A tag chip, comprising: the system comprises a radio frequency front-end circuit module, an EPC protocol processing module, a memory module, a security control module and a national encryption algorithm module;
the radio frequency front end circuit module is used for converting a radio frequency signal sent by the reader-writer into authentication data to be encrypted;
the EPC protocol processing module is used for acquiring authentication data to be encrypted from the radio frequency front-end circuit;
the memory module is used for storing a secret key and security configuration information which are sent by the reader based on an EPC protocol and are generated based on a national secret algorithm;
the security control module is used for acquiring the secret key and the security configuration information stored by the memory module and transmitting the secret key and the security configuration information to the national secret algorithm module;
the cryptographic algorithm module is used for generating a preset random number based on the secret key and the security configuration information, encrypting the authentication data according to the cryptographic algorithm and the preset random number, and sending the authentication data to the reader-writer through the EPC protocol processing module, and the reader-writer is used for performing bidirectional authentication and authentication on the tag chip based on an EPC protocol and the encrypted authentication data.
A computer device comprising a memory storing a computer program and a processor implementing the steps of the method described above when executing the computer program.
A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the above-mentioned method.
According to the authentication system, the authentication method, the tag chip, the computer equipment and the storage medium of the tag chip, authentication data to be encrypted are obtained through the tag chip, a preset random number is generated according to a secret key and security configuration information which are sent by a reader-writer based on an EPC protocol and are generated based on a national secret algorithm, the authentication data are encrypted according to the national secret algorithm and the random number, the encrypted authentication data sent by the tag chip can be obtained through the reader-writer, and bidirectional authentication and authentication are conducted on the tag chip based on the EPC protocol and the encrypted authentication data. Compared with the traditional authentication mode through the password, the scheme reads and encrypts authentication data by using the EPC protocol and the national encryption algorithm through the tag chip, and obtains the encrypted authentication data through the reader-writer and carries out bidirectional authentication, so that the safety authentication between the tag chip and the reader-writer can be realized, and the safety of the RFID tag authentication is improved.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
In one embodiment, as shown in fig. 1, an authentication system of a tag chip is provided, which may be implemented by providing two devices, and specifically, the system may include: a tag chip 102 and a reader/writer 104. The tag chip 102 and the reader/writer 104 may be located at different positions in the authentication system of the tag chip, the number of the tag chips 102 may be set according to actual conditions, and the functions of the tag chip 102 and the reader/writer 104 may not be limited to the functions described in the specification, that is, the tag chip 102 and the reader/writer 104 may also be used to implement other functions. The authentication system of the tag chip may include the following details:
the tag chip 102 is configured to obtain authentication data to be encrypted from the radio frequency front-end circuit, obtain a secret key and security configuration information, which are sent by the reader based on an EPC (evolved packet core) protocol and are generated based on a national secret algorithm, generate a preset random number based on the secret key and the security configuration information, and encrypt the authentication data according to the national secret algorithm and the preset random number;
the tag chip 102 may be an EPC protocol tag chip conforming to the national cryptographic specification, and the instructions supported by the tag chip 102 are mandatory instructions or optional instructions of the EPC protocol, which may implement data communication based on the RFID technology. The rf front-end circuit may be part of a communication system between an antenna and intermediate frequency or baseband circuitry, in which section signals may be transmitted in rf form, and for a wireless receiver, the rf front-end typically includes: amplifiers, filters, frequency converters and some rf connections and matching circuits; the radio frequency front-end circuit may further include an antenna switch, a duplexer, a low noise amplifier, and the like. The rf front-end circuit may include a transmitting path and a receiving path, and devices of the transmitting path may include a power amplifier, a filter, and the like, and devices of the receiving path may include low noise amplifier, a filter, and the like, including indexes such as gain, sensitivity, and rf receiving bandwidth, so as to ensure that useful rf signals can be completely picked up from space and transmitted to a frequency conversion, intermediate frequency amplification, and the like circuit of a subsequent stage without distortion. Specifically, the rf front-end circuit may be responsible for a circuit that converts energy of an rf signal, generates a clock and a reset signal, and modulates and demodulates a baseband signal, a receiving path in the rf signal may be used to receive related data information sent by the reader/writer 104, a transmitting path in the rf signal may be used to send related data information to the reader/writer 104, thereby implementing data transmission and information exchange between the tag chip 102 and the reader/writer 104, and the communication between the tag chip 102 and the reader/writer 104 may include the authentication data. The authentication data acquired by the tag chip 102 may be data to be encrypted, the authentication data may be authentication data to be encrypted generated by the tag chip 102, the authentication data may be related data for performing bidirectional authentication with the reader/writer 104 after being encrypted, and the authentication data may include the predetermined random number, so as to increase security of the authentication data.
In addition, in one embodiment, the rf front-end circuit may be configured to generate a clock signal, a reset signal, and a baseband signal. Wherein the clock signal may be a signal for ensuring that components in the tag chip 102 operate synchronously; the reset signal may be a reset signal that is sent to a specific interface of the tag chip 102 to restore the operation of the software to a specific program segment operation when the program runs away or jumps during the operation of the tag chip 102, and this process may be referred to as a reset; the modulation of the baseband signal may be a process of converting very low frequency spectral components, which are not suitable for direct transmission in the channel, into high frequency signals, which are band-suitable for transmission in the channel, and the demodulation may be a process of recovering the original baseband signal from a parametric variation of the modulated signal. Through the embodiment, the tag chip 102 can perform functions such as clock, reset, modulation and demodulation through the radio frequency front end circuit, and the information transmission efficiency of the tag chip 102 in the authentication process can be improved.
The EPC protocol can be an ISO/IEC 18000-6C protocol, namely an ultrahigh frequency band communication protocol, and compared with other ultrahigh frequency band communication protocols, the EPC protocol has the advantages of mature and complete protocol, complete functions, international universality and the like, and the early version of the EPC protocol mainly emphasizes the identification function of the RFID tag and only has a password protection function in the aspect of data protection. With the widespread application of RFID technology, data security is receiving more and more attention, and the latest version of EPC protocol also adds a security function based on a cryptographic algorithm as an option. The tag chip 102 and the reader/writer 104 may implement authentication and data transmission processes through various EPC-based protocol commands. The national cryptographic algorithm can be a national commercial cryptographic standard, and in order to guarantee the security of the commercial cryptographic, a series of cryptographic standards are established by the national commercial cryptographic management office, including SM1, SM2, SM3, SM4, SM7, SM9, Zhangchong cryptographic algorithm and the like. Wherein, the SM1, SM4, SM7 and ZUZUChong passwords are symmetric algorithms; SM2, SM9 are asymmetric algorithms; SM3 is a hashing algorithm. The key may be a key generated according to the cryptographic algorithm and transmitted by the reader 104 based on the EPC protocol, the key may be used to implement mutual authentication between the tag chip 102 and the reader 104, and the security configuration information may be security configuration information transmitted by the reader 104 based on the EPC protocol.
The tag chip 102 may obtain authentication data to be encrypted from the radio frequency front end circuit, and obtain a secret key and security configuration information that are sent by the reader/writer 104 based on an EPC protocol, where the secret key may be a secret key that is generated by the reader/writer 104 based on the cryptographic algorithm, and the tag chip 102 may generate a preset random number based on the secret key and the security configuration information, and may encrypt the authentication data through the cryptographic algorithm and the random number to obtain encrypted authentication data, where the encrypted authentication data may include the preset random number, and send the encrypted authentication data to the reader/writer 104.
The reader/writer 104 is configured to acquire the encrypted authentication data sent by the tag chip 102, and perform bidirectional authentication on the tag chip 102 based on the EPC protocol and the authentication data.
The reader/writer 104 may be a device capable of reading and writing data from and into the tag chip 102, and needs to perform bidirectional authentication with the tag chip 102 before reading and writing data from and into the tag chip 102. The authentication data may be encrypted authentication data sent by the tag chip 102, and the encrypted authentication data may be data that the tag chip 102 sends to the reader/writer 104 through the rf front-end circuit and may be used for bidirectional authentication between the reader/writer 104 and the tag chip 102, and specifically, the reader/writer 104 may perform bidirectional authentication on the tag chip 102 based on the received encrypted authentication data by using a preset authentication instruction in the EPC protocol.
In the above embodiment, the tag chip obtains the authentication data to be encrypted, generates the preset random number according to the secret key and the security configuration information, which are sent by the reader based on the EPC protocol and are generated based on the national secret algorithm, and encrypts the authentication data according to the national secret algorithm and the random number, and can also obtain the encrypted authentication data sent by the tag chip through the reader, and perform bidirectional authentication and authentication on the tag chip based on the EPC protocol and the encrypted authentication data. Compared with the traditional authentication mode through the password, the scheme reads and encrypts authentication data by using the EPC protocol and the national encryption algorithm through the tag chip, and obtains the encrypted authentication data through the reader-writer and carries out bidirectional authentication, so that the safety authentication between the tag chip and the reader-writer can be realized, and the safety of the RFID tag authentication is improved.
In one embodiment, the reader/writer 104 is further configured to send a state switching instruction to the tag chip 102 to switch the tag chip 102 from the idle state to the singulation state before authentication.
In this embodiment, the tag chip 102 may include two different states, an idle state and a single state, where the idle state may be a state when the tag chip 102 does not need to perform bidirectional authentication or data transmission with the reader/writer 104; the singulation state may be a state where the tag chip 102 is located when the tag chip 102 needs to perform mutual authentication or data transmission with the reader/writer 104. Specifically, the reader 104 may switch the tag chips 102 from the idle state to the single state through a multi-tag anti-collision algorithm, which is mainly classified into three categories: aloha-based algorithms, also known as stochastic algorithms; tree-based algorithms, also known as deterministic algorithms; hybrid algorithm, an algorithm that is generated by combining an Aloha-based algorithm and a tree-based algorithm. In the antenna action range of the reader 104 of the RFID application system, a plurality of tags often exist at the same time, when the reader sends out an inquiry command, a plurality of tag chips 102 often respond at the same time, and the response information collides on a shared wireless channel, so that the response signal is difficult to be recognized by the reader 104, and thus the multi-tag chips 102 collide, the reader 104 should distinguish the collided tags for completing the identification of all the tag chips 102, and then communicate with the tags one by one, and an algorithm used by the reader 104 for completing the work can be called a multi-tag anti-collision algorithm.
Through the embodiment, the reader/writer 104 can convert the tag chips 102 from the idle state to the single state during authentication, so that identification collision among a plurality of tag chips 102 can be avoided, and the authentication efficiency of the tag chips 102 and the reader/writer 104 is improved.
In an embodiment, the reader 104 is further configured to read the tag identification code of the tag chip 102 based on the EPC protocol, and disperse the tag identification code according to the secret key of the reader 104 and the cryptographic algorithm, so as to obtain the secret key of the tag chip 102.
In this embodiment, the tag identification code may be an identification code for identifying the identity of the tag chip 102, and may also be referred to as a TID code. The key may be the key of the reader/writer 104 itself, and the key of the reader/writer 104 may be used to generate the key of the tag chip 102. Specifically, the EPC protocol may include a plurality of instructions, and reader 104 may Read the TID code of tag chip 102 using a Read instruction specified by the EPC protocol when tag chip 102 is in a singulated state, and may obtain the key of tag chip 102 by using the cryptographic algorithm, for example, cryptographic SM4 algorithm, and dispersing the key by using the cryptographic algorithm. The SM4 algorithm can be a grouping algorithm used for wireless local area network products, the grouping length of the algorithm is 128 bits, the key length is 128 bits, the encryption algorithm and the key expansion algorithm both adopt 32-round nonlinear iteration structures, the decryption algorithm and the encryption algorithm have the same structure, but the use sequence of round keys is opposite, and the decryption round keys are the reverse sequence of the encryption round keys. The algorithm adopts a nonlinear iteration structure, each iteration is given by a round function, wherein the round function is formed by compounding a nonlinear transformation and a linear transformation, the nonlinear transformation is given by an S box, rki is a round key, and a synthetic permutation T forms the round function.
Through the embodiment, the reader/writer 104 may generate the key required by the tag chip 102 through the EPC protocol and the national cryptographic algorithm, so that the key meets the requirement of the national cryptographic algorithm, and the authentication security between the tag chip 102 and the reader/writer 104 is improved.
In one embodiment, the reader 104 is further configured to send a lock instruction to the tag chip 102 based on the EPC protocol after writing the key and the security configuration information to the tag chip 102 based on the EPC protocol, so as to lock the key and the security configuration information of the tag chip.
In this embodiment, the reader/writer 104 may write the key and the security configuration information of the tag chip 102 into the tag chip 102 based on the related instructions in the EPC protocol, and may also lock the information into the tag chip 102. Specifically, as shown in fig. 2, fig. 2 is a schematic flow chart illustrating a step of obtaining a key by a reader/writer in an embodiment. The reader/writer 104 may switch the tag chip from the idle state to the singulated state by using a multi-tag anti-collision algorithm, may Read the TID code in the tag chip 102 by using a Read instruction specified by the EPC protocol, and may obtain the key of the tag chip 102 by dispersing the key of the reader/writer 104 and the SM4 algorithm, and the reader/writer 104 may Write the key of the tag chip 102 into the memory unit of the tag chip by using a Write instruction specified by the EPC protocol, may Write the security configuration information into the memory unit of the tag chip 102 by using a Write instruction also specified by the EPC protocol, and finally, the reader/writer 104 may Lock the key and the security configuration information stored in the tag chip 102 by using a Lock instruction specified by the EPC protocol.
Through the embodiment, the reader 104 can lock and store the key and the security configuration information conforming to the national encryption algorithm into the tag chip 102 through an instruction of an EPC protocol, so that the security of authentication between the tag chip 102 and the reader 104 is improved.
In an embodiment, the reader 104 is further configured to send a data processing instruction to the tag chip based on an EPC protocol if the bidirectional authentication is passed, so as to process data of a protected area in the tag chip 102.
In this embodiment, the bidirectional authentication may be performed when the reader/writer 104 passes authentication on the encrypted authentication data acquired from the tag chip 102, and the tag chip 102 and the reader/writer 104 may be considered to pass the bidirectional authentication, and when the reader/writer 104 and the tag chip 102 pass the bidirectional authentication, the reader/writer 104 may process data in a protected area in the tag chip 102 based on an EPC protocol. Specifically, as shown in fig. 3, fig. 3 is a schematic flowchart of the reader/writer authentication step in one embodiment. The reader/writer 104 may first switch the tag chip 102 from the idle state to the singulated state through the multi-tag anti-collision algorithm, then Read a TID code, i.e., a tag identification code, in the tag chip using a Read instruction specified by the EPC protocol, apply a key of the reader/writer 104 itself, and obtain a key of the tag chip 102 according to the SM4 algorithm in a dispersed manner, and then the reader/writer 104 may perform bidirectional authentication conforming to the national password with the tag chip 102 using the key, and after the bidirectional authentication is passed, the reader/writer 104 may obtain the Read/Write permission of the tag chip 102, and may perform Read/Write operation on a protected data area in the tag chip 102 using Read and Write instructions specified by the EPC protocol.
With the present embodiment, the reader/writer 104 can perform read/write operation on the data in the tag chip 102 only after passing the bidirectional authentication based on the cryptographic algorithm, thereby improving the data security of the tag chip 102.
The authentication method of the tag chip provided by the application can be applied to the system shown in fig. 1.
In one embodiment, as shown in fig. 4, an authentication method for a tag chip is provided, which is described by taking the method as an example applied to the tag chip in fig. 1, and includes the following steps:
step S202, the authentication data to be encrypted is acquired from the rf front-end circuit.
The rf front-end circuit may be a part between an antenna and an intermediate frequency or baseband circuit in a communication system, in which a signal may be transmitted in an rf form, and for a wireless receiver, the rf front-end generally includes: amplifiers, filters, frequency converters and some rf connections and matching circuits; the radio frequency front-end circuit may further include an antenna switch, a duplexer, a low noise amplifier, and the like. The rf front-end circuit may include a transmitting path and a receiving path, and devices of the transmitting path may include a power amplifier, a filter, and the like, and devices of the receiving path may include low noise amplifier, a filter, and the like, including indexes such as gain, sensitivity, and rf receiving bandwidth, so as to ensure that useful rf signals can be completely picked up from space and transmitted to a frequency conversion, intermediate frequency amplification, and the like circuit of a subsequent stage without distortion. Specifically, the rf front-end circuit may be responsible for a circuit that converts energy of an rf signal, generates a clock and a reset signal, and modulates and demodulates a baseband signal, a receiving path in the rf signal may be used to receive related data information sent by the reader/writer 104, a transmitting path in the rf signal may be used to send related data information to the reader/writer 104, thereby implementing data transmission and information exchange between the tag chip 102 and the reader/writer 104, and the communication between the tag chip 102 and the reader/writer 104 may include the authentication data. The authentication data acquired by the tag chip 102 may be authentication data to be encrypted.
Step S204, a secret key and security configuration information generated based on the cryptographic algorithm and transmitted by the reader/writer 104 based on the EPC protocol are acquired.
The EPC protocol can be an ISO/IEC 18000-6C protocol, namely an ultrahigh frequency band communication protocol, and compared with other ultrahigh frequency band communication protocols, the EPC protocol has the advantages of mature and complete protocol, complete functions, international universality and the like, and the early version of the EPC protocol mainly emphasizes the identification function of the RFID tag and only has a password protection function in the aspect of data protection. With the widespread application of RFID technology, data security is receiving more and more attention, and the latest version of EPC protocol also adds a security function based on a cryptographic algorithm as an option. The tag chip 102 and the reader/writer 104 may implement authentication and data transmission processes through various EPC-based protocol commands. The national cryptographic algorithm can be a national commercial cryptographic standard, and in order to guarantee the security of the commercial cryptographic, a series of cryptographic standards are established by the national commercial cryptographic management office, including SM1, SM2, SM3, SM4, SM7, SM9, Zhangchong cryptographic algorithm and the like. Wherein, the SM1, SM4, SM7 and ZUZUChong passwords are symmetric algorithms; SM2, SM9 are asymmetric algorithms; SM3 is a hashing algorithm. The key may be a key generated according to the cryptographic algorithm and transmitted by the reader 104 based on the EPC protocol, the key may be used to implement mutual authentication between the tag chip 102 and the reader 104, and the security configuration information may be security configuration information transmitted by the reader 104 based on the EPC protocol. The reader/writer 104 can Write the key and the security configuration information into the tag chip 102 by Write command of EPC protocol.
Step S206, a preset random number is generated based on the secret key and the security configuration information, the authentication data is encrypted according to the national secret algorithm and the preset random number and is sent to the corresponding reader/writer 104, and the reader/writer 104 is configured to perform bidirectional authentication and authentication on the tag chip based on the EPC protocol and the encrypted authentication data.
The tag chip 102 may obtain authentication data to be encrypted from the radio frequency front end circuit, and obtain a secret key and security configuration information that are sent by the reader/writer 104 based on an EPC protocol, where the secret key may be a secret key that is generated by the reader/writer 104 based on the cryptographic algorithm, and the tag chip 102 may generate a preset random number based on the secret key and the security configuration information, and may encrypt the authentication data through the cryptographic algorithm and the random number to obtain encrypted authentication data, where the encrypted authentication data may include the preset random number, and send the encrypted authentication data to the reader/writer 104. The reader/writer 104 may be a device that can read and write data from and to the tag chip 102, and needs to perform mutual authentication with the tag chip 102 before reading and writing data from and to the tag chip 102. The reader/writer 104 may perform bidirectional authentication on the tag chip 102 based on the received encrypted authentication data by using a preset authentication command in the EPC protocol.
In the authentication method of the tag chip, authentication data to be encrypted is obtained through the tag chip, a preset random number is generated according to a secret key and security configuration information which are sent by a reader-writer based on an EPC protocol and generated based on a national secret algorithm, the authentication data are encrypted according to the national secret algorithm and the random number, the encrypted authentication data sent by the tag chip can be obtained through the reader-writer, and bidirectional authentication and authentication are carried out on the tag chip based on the EPC protocol and the encrypted authentication data. Compared with the traditional authentication mode through the password, the scheme reads and encrypts authentication data by using the EPC protocol and the national encryption algorithm through the tag chip, and obtains the encrypted authentication data through the reader-writer and carries out bidirectional authentication, so that the safety authentication between the tag chip and the reader-writer can be realized, and the safety of the RFID tag authentication is improved.
It should be understood that although the various steps in the flowcharts of fig. 2-4 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2-4 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed in turn or alternately with other steps or at least some of the other steps or stages.
In one embodiment, as shown in fig. 5, there is provided a tag chip including: a radio frequency front end circuit module 502, an EPC protocol processing module 504, a memory module 506, a security control module 508 and a cryptographic algorithm module 510, wherein:
the rf front-end circuit module 502 is configured to convert an rf signal sent by the reader into authentication data to be encrypted.
An EPC protocol processing module 504 is configured to obtain authentication data to be encrypted from the radio frequency front end circuit.
A memory module 506, configured to store the key and the security configuration information, which are generated based on the cryptographic algorithm and sent by the reader 104 based on the EPC protocol.
A security control module 508 for obtaining the key and security configuration information stored by the memory module 506 and transmitting to a cryptographic algorithm module 510.
The cryptographic algorithm module 510 is configured to generate a preset random number based on the secret key and the security configuration information, encrypt the authentication data according to the cryptographic algorithm and the preset random number, and send the encrypted authentication data to the reader 104 through the EPC protocol processing module, where the reader 104 is configured to perform bidirectional authentication and authentication on the tag chip 102 based on the EPC protocol and the encrypted authentication data.
In one embodiment, the rf front-end circuit module 502 may further be configured to generate a clock signal, and/or generate a reset signal, and/or modulate or demodulate a baseband signal.
In an embodiment, the EPC protocol processing module 504 may be further configured to parse, process, and return data of the EPC protocol command of the reader/writer 104.
In one embodiment, the security control module 508 is specifically configured to read the secret key in the memory module 506 and transmit the secret key to the cryptographic algorithm module 510, generate a random number, convert the original instruction data generated by the EPC protocol processing module into a plaintext or ciphertext input of the cryptographic algorithm module 510, and convert the ciphertext or plaintext output of the cryptographic algorithm module 510 into return data required by the EPC protocol processing module 504.
In one embodiment, the cryptographic algorithm module 510 is further configured to perform a plaintext and ciphertext transformation with the key.
For the specific definition of the tag chip, reference may be made to the above definition of the authentication method of the tag chip, which is not described herein again. The modules in the tag chip can be implemented in whole or in part by software, hardware and a combination thereof. The modules can be embedded in a hardware form or independent of a processor in the tag chip, and can also be stored in a memory in the tag chip in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a processor of a tag chip, and its internal structure diagram may be as shown in fig. 6. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the computer device is used for storing authentication data. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a method of authentication of a tag chip.
Those skilled in the art will appreciate that the architecture shown in fig. 6 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, which includes a memory and a processor, wherein the memory stores a computer program, and the processor implements the authentication method of the tag chip described above when executing the computer program.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored, which, when being executed by a processor, implements the authentication method of the tag chip described above.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include at least one of non-volatile and volatile memory. Non-volatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.