CN112688787A - Authentication platform and method based on Mifare card - Google Patents
Authentication platform and method based on Mifare card Download PDFInfo
- Publication number
- CN112688787A CN112688787A CN202110300339.3A CN202110300339A CN112688787A CN 112688787 A CN112688787 A CN 112688787A CN 202110300339 A CN202110300339 A CN 202110300339A CN 112688787 A CN112688787 A CN 112688787A
- Authority
- CN
- China
- Prior art keywords
- signal
- pseudo
- unit
- data signal
- control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides an authentication platform and method based on a Mifare card, wherein the authentication platform based on the Mifare card comprises an authentication module, a pseudo-random number module and an encryption module, wherein: the authentication module is used for receiving an external signal and respectively sending a control signal to the pseudo-random number module and the encryption module; the pseudo-random number module generates a pseudo-random data signal after receiving the control signal and sends the pseudo-random data signal to the encryption module; the encryption module receives the control signal and then generates a key according to the data signal and the pseudo-random data signal in the received external signal. The invention controls the whole authentication stage through the authentication module so as to interrupt the authentication process in time, thereby avoiding information leakage when suffering attack and further improving the security of the authentication process; and the randomness of the generated key is increased by adding the pseudo-random data signal in the process of generating the key, thereby further increasing the safety of the authentication process.
Description
Technical Field
The invention relates to the technical field of communication, in particular to an authentication platform and method based on a Mifare card.
Background
The Mifare card is a logic encryption card, can integrate a computer technology, an automatic control technology, a network communication technology, an intelligent card technology, a sensing technology, a mode identification technology and an electromechanical integration technology, and is commonly used for intelligent 'one-card-through' management of intelligent buildings, intelligent communities, modern enterprises and schools. In the authentication stage of the Mifare card, the RFID reader firstly starts encryption according to an authentication request of external data, and then performs logic encryption and decryption on each time of information and controls information of next communication.
The process of authentication is essentially the process of exchanging keys. The RFID reader needs to perform triple authentication with the Mifare card to perform subsequent memory reading and writing operations. Specifically, the first step of authentication is that the reader sends an authentication request command to the Mifare card, the Mifare card responds to send a private key A to the reader, and the Mifare logical algorithm encryption is started; the second step of authentication is that the reader sends a private key B and a logic encryption response B of the private key B to the Mifare card; the third step of authentication is that the Mifare card sends a logic encryption response a of the private key A to the reader to complete authentication. During the authentication, the Mifare logical algorithm encryption is always running, and the private key participates in the encryption and subsequent encryption in the authentication.
During the authentication process, the intermediate data of the communication needs to have certain security to ensure the security of the key. If the data in the authentication process is successfully intercepted, the information of the Mifare card is leaked, so that the information is leaked or tampered.
Disclosure of Invention
The invention provides an authentication platform and method based on a Mifare card, which are used for solving the defect that the information of the Mifare card is easy to leak in the prior art, improving the safety of the authentication process and effectively improving the authentication rate.
The invention provides an authentication platform based on a Mifare card, which comprises an authentication module, a pseudo-random number module and an encryption module, wherein:
the authentication module is used for receiving an external signal and respectively sending a control signal to the pseudo-random number module and the encryption module;
the pseudo-random number module generates a pseudo-random data signal after receiving the control signal and sends the pseudo-random data signal to the encryption module;
the encryption module receives the control signal and then generates a key according to the data signal and the pseudo-random data signal in the received external signal.
According to the authentication platform based on the Mifare card, provided by the invention, the authentication module comprises an authentication state unit, an abnormality judgment unit and a first control unit, wherein: the authentication state unit receives the external signal, judges the type of the external signal and correspondingly sends the type of the external signal to the first control unit and the abnormality judgment unit; the abnormality judging unit judges whether the received external signal is abnormal or not, if not, the first control unit is controlled to generate a control signal according to the external signal received by the abnormality judging unit, otherwise, the first control unit generates a control signal according to the external signal received by the first control unit; the first control unit transmits the generated control signals to the pseudo random number module and the encryption module, respectively.
According to the authentication platform based on the Mifare card, the external signals comprise the data signals and the abnormal signals, the authentication state unit identifies the types of the external signals after receiving the external signals, so that the data signals are correspondingly sent to the first control unit, and the abnormal signals are correspondingly sent to the abnormal judgment unit.
According to the authentication platform based on the Mifare card, provided by the invention, the first control unit comprises a first controller and a first counter, the first controller generates a control signal according to the data signal or the abnormal signal, and the first counter is used for calibrating time nodes of the control signal and the data signal.
According to the authentication platform based on the Mifare card provided by the invention, the pseudo-random number module comprises a second control unit, a disorder counting unit and a combinational logic unit, wherein: the second control unit receives the control signal to control the out-of-order counting unit to send the current value to the combinational logic unit; the combinational logic unit generates a pseudo-random data signal based on the received current value and sends the pseudo-random data signal to the encryption module.
According to the authentication platform based on the Mifare card provided by the invention, the encryption module comprises a data caching unit, a third control unit and a key generation unit, wherein: the data cache unit receives and stores a data signal in an external signal and a pseudo-random data signal output by the pseudo-random number module; the third control unit receives the control signal output by the authentication module to control the data buffer unit to send the buffered signal to the key generation unit and control the key generation unit to generate the key.
According to the authentication platform based on the Mifare card provided by the invention, the third control unit comprises a second controller and a second counter, wherein: counting the running state by a second counter; the second controller receives the control signal and selectively controls the data buffer unit and/or the key generation unit according to the running state so as to control the data signal and the pseudo-random data signal in the data buffer unit to be sent to the key generation unit and/or control the key generation unit to generate the key.
According to the authentication platform based on the Mifare card, provided by the invention, the key generation unit comprises a logic encryption circuit and a cycle counting circuit, the logic encryption circuit is controlled by the third control unit to generate the key, the cycle counting circuit circularly caches the key generated by the logic encryption circuit, and counts the number of bits of a data signal entering the logic encryption circuit to determine whether the data needs to be replaced.
The invention also provides an authentication method based on the Mifare card, which is realized based on any one of the authentication platforms based on the Mifare card, and the method comprises the following steps:
receiving an external data signal and an abnormal signal, judging the abnormal signal, if no, controlling to generate a control signal according to the abnormal signal, otherwise, controlling to generate the control signal according to the data signal;
a pseudo-random data signal is generated based on the control signal, and the pseudo-random data signal and the data signal are computed to generate the key.
According to the authentication method based on the Mifare card, provided by the invention, the abnormity judgment of the abnormal signal is carried out, and the method comprises the following steps: identifying logic information in the exception signal to convert the exception signal into an information data signal representing the information; and judging whether the information data signal is abnormal or not, and if not, controlling to generate a control signal according to the information data signal.
According to the authentication method based on the Mifare card, provided by the invention, a pseudo-random data signal is generated according to a control signal, and the authentication method comprises the following steps: after the control signal is generated, a random number is randomly generated according to the control signal, and the random number is calculated to generate a pseudo-random data signal.
According to the authentication method based on the Mifare card, provided by the invention, the pseudo-random data signal and the data signal are calculated to generate the secret key, and the authentication method comprises the following steps: calculating the data signal and the pseudo-random data signal to generate a key; and circularly caching the generated key, counting the bit number of the signal to determine whether the data needs to be replaced, and outputting the currently cached key if the data needs to be replaced.
The invention further provides an electronic device, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor executes the program to realize the steps of any one of the above authentication methods based on the Mifare card.
The present invention also provides a non-transitory computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of a Mifare card based authentication method as described in any of the above.
According to the authentication platform and method based on the Mifare card, the authentication module controls the pseudo-random module and the encryption module to receive and send signals so as to control the whole authentication stage, namely, the authentication module controls the key exchange process so as to interrupt the authentication process in time, thereby avoiding information leakage when the authentication module is attacked and further improving the security of the authentication process; the pseudo-random number module obtains different pseudo-random data signals through a certain rule and sends the pseudo-random data signals as a private key to the encryption module so as to participate in the calculation of the secret key, thereby avoiding the problem of information leakage caused by the fact that an attacker cracks historical data and ensuring the safety of the authentication process; the encryption module carries out encryption calculation on the received signals to generate key output, so that subsequent key exchange is realized.
Drawings
In order to more clearly illustrate the technical solutions of the present invention or the prior art, the drawings needed for the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a schematic structural diagram of an authentication platform based on a Mifare card according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of an authentication module according to an embodiment of the present invention;
FIG. 3 is a block diagram of a pseudo-random number module according to an embodiment of the present invention;
FIG. 4 is a block diagram of an encryption module according to an embodiment of the present invention;
fig. 5 is a schematic flowchart of an authentication method based on a Mifare card according to an embodiment of the present invention;
fig. 6 is a schematic physical structure diagram of an electronic device according to an embodiment of the present invention.
Reference numerals:
1: an authentication module; 11: an authentication status unit; 12: an abnormality determination unit; 13: a first control unit; 131: a first controller; 132: a first counter; 2: a pseudo-random number module; 21: a second control unit; 22: an out-of-order counting unit; 23: a combinational logic unit; 3: an encryption module; 31: a data cache unit; 32: a third control unit; 321: a second controller; 322: a second counter; 33: a key generation unit; 331: a logic encryption circuit; 332: a cycle count circuit; 33: a key generation unit; 331: a logic encryption circuit; 332: a cycle count circuit; 41: a processor; 42: a communication interface; 43: a memory; 44: a communication bus.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is obvious that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The authentication platform based on the Mifare card of the present invention is described below with reference to fig. 1 to fig. 4, and includes an authentication module 1, a pseudo-random number module 2, and an encryption module 3, where:
the authentication module 1 is used for receiving external signals and respectively sending control signals to the pseudo-random number module 2 and the encryption module 3;
the pseudo-random number module 2 generates a pseudo-random number data signal after receiving the control signal and sends the pseudo-random number data signal to the encryption module 3;
the encryption module 3 receives the control signal and then generates a key according to the data signal and the pseudo-random data signal in the received external signal.
Referring to fig. 1, in order to facilitate signal transmission, a pseudo random number module 2 and an encryption module 3 are connected to an authentication module 1, and the pseudo random number module 2 and the encryption module 3, respectively. The authentication module 1 controls the pseudo-random module 2 and the encryption module 3 to receive and send signals so as to control the whole authentication stage, namely, the authentication module 1 controls the key exchange process so as to interrupt the authentication process in time, thereby avoiding information leakage when the authentication module is attacked and further improving the safety of the authentication process; the pseudo-random number module 2 obtains different pseudo-random data signals through a certain rule and sends the pseudo-random data signals as private keys to the encryption module 3, so that the calculation of the secret keys is participated, the problem that information is leaked due to the fact that an attacker cracks historical data is solved, and the safety of the authentication process is guaranteed; the encryption module 3 performs encryption calculation on the received signal to generate a key output, thereby realizing the exchange of subsequent keys.
Specifically, referring to fig. 2, the authentication module 1 includes an authentication state unit 11, an abnormality judgment unit 12, and a first control unit 13, in which: the authentication state unit 11 receives the external signal, judges the type of the external signal and correspondingly sends the type of the external signal to the first control unit 13 and the abnormality judgment unit 12; the abnormality judgment unit 12 judges whether the received external signal is abnormal, if no abnormality exists, the first control unit 13 is controlled to generate a control signal according to the external signal received by the abnormality judgment unit 12, otherwise, the first control unit 13 generates a control signal according to the external signal received by the first control unit 13; the first control unit 13 transmits the generated control signals to the pseudo random number module 2 and the encryption module 3, respectively.
In this embodiment, the authentication state unit 11 includes an authentication state machine, and the authentication state machine records the authentication progress by means of the state machine, and controls the output direction of the external signal after entering the authentication module 1.
In addition, the external signal includes a data signal and an abnormal signal, and after receiving the external signal, the authentication state machine identifies the type of the external signal, so as to correspondingly transmit the data signal to the first control unit 13 and correspondingly transmit the abnormal signal to the abnormality judgment unit 12. After receiving the abnormal signal, the abnormality determining unit 12 determines whether the abnormal signal is abnormal or not, thereby determining whether the abnormal signal controls the first control unit 13 to generate the control signal or the first control unit 13 generates the control signal according to the received data signal, so that the authentication platform can be controlled by the external abnormal signal or the internal authentication unit, thereby effectively improving the authentication rate and ensuring the security of the authentication process. It should be noted that when the abnormality judgment unit 12 judges an abnormal signal, the logic information carried in the abnormal signal may be identified, so that the abnormal signal is translated into an information data signal representing the information and sent to the first control unit 13, and after it is convenient to judge that there is no abnormality, the first control unit 13 generates a control signal according to the information data signal.
More specifically, the first control unit 13 includes a first controller 131 and a first counter 131, the first controller 131 generates a control signal according to a data signal or an abnormal signal, and the first counter 132 is used to calibrate time nodes of the control signal and the data signal to ensure that the control signal and the data signal meet the PCD-to-PICC timing requirement of the ISO14443 specification.
In the present embodiment, referring to fig. 3, the pseudo random number module 2 includes a second control unit 21, an out-of-order counting unit 22, and a combinational logic unit 23, wherein: the second control unit 21 receives the control signal to control the out-of-order counting unit 22 to send its current value to the combinational logic unit 23; the combinatorial logic unit 23 generates a pseudo random data signal based on the received current value and sends the pseudo random data signal to the cryptographic module 3 to enable the pseudo random data signal to participate in the calculation of the key. Specifically, the disorder counting unit 22 includes a disorder counter, the combinational logic unit 23 includes a pseudo random number combinational logic circuit, an input end of the disorder counter is connected to the second control unit 21, and an output end of the disorder counter is connected to the pseudo random number combinational logic circuit, so that the generation of the pseudo random number data signal is controlled by the authentication module 1, the interruption of the authentication process is controlled by the authentication module, the security of the authentication process is improved, and the information leakage situation after the attack is avoided by using the randomness of the pseudo random number data signal.
Referring to fig. 4, the encryption module 3 includes a data buffering unit 31, a third control unit 32, and a key generating unit 33, in which: the data buffer unit 31 receives the data signal in the external signal and the pseudo random data signal output by the pseudo random number module 2, and stores the received signal for internal calling of the encryption module 3, and simultaneously, the data buffer unit plays a role in synchronization; the third control unit 32 receives the control signal output by the authentication module 1, so as to control the data buffering unit 31 to send the signal buffered therein to the key generation unit 33 and control the key generation unit 33 to generate the key. It should be noted that the signal sent by the data buffering unit 31 to the key generation unit 33 may be a data signal and/or a pseudo-random data signal.
The key generating unit 33 includes a logic encryption circuit 331 and a cycle count circuit 332, the logic encryption circuit 331 is controlled by the third control unit to generate a key, and the cycle count circuit 332 circularly buffers the key generated by the logic encryption circuit 331 and counts the number of bits of the data signal and/or the pseudo-random data signal entering the logic encryption circuit 331 to determine whether data needs to be replaced. In this embodiment, the logic encryption circuit 331 includes a hardware encryption circuit conforming to the Mifare logic encryption algorithm, and the early verification stage is implemented by the hardware encryption circuit, so that the complexity of a subsequent demodulation circuit is effectively reduced, the introduction of variables is reduced to a certain extent, and the stability of the system is effectively improved.
It should be noted that the logic encryption circuit 331 may employ a logic loop register with a certain rule, the loop counting circuit 332 may employ a loop counter, the logic loop register is controlled by the third control unit 32, and the generated key is circularly buffered by the loop counter. When the number of bits counted by the loop counter reaches a predetermined value, which indicates that the item of data has completely participated in the encryption process, the next data signal needs to be replaced. The predetermined value may be 64, or may be set according to actual design requirements, which is not further limited in this embodiment.
Furthermore, in order to facilitate better control of the data buffering unit 31 and the key generating unit 33, the third control unit 32 comprises a second controller 321 and a second counter 322, wherein: the second counter 322 counts the running status; the second controller 321 receives the control signal and selectively controls the data buffer unit 31 and/or the key generation unit 33 according to the operation state to control the data signal and the pseudo-random data signal in the data buffer unit 31 to be transmitted to the key generation unit 33 and/or control the key generation unit 33 to generate the key. In this embodiment, the second counter 322 needs to decode a specific control signal according to the statistical running state thereof, so as to correspondingly select the control data buffer unit and/or the key generation unit.
In summary, in the embodiments of the present invention, the authentication module controls the pseudorandom module and the encryption module to receive and transmit signals, so as to control the whole authentication stage, that is, the authentication module controls the key exchange process, so as to interrupt the authentication process in time, thereby avoiding information leakage when the authentication module is attacked, and further improving the security of the authentication process; the pseudo-random number module obtains different random data signals as a private key to be sent to the encryption module according to a certain rule, and then the different random data signals participate in the calculation of the private key, so that the problem of information leakage caused by the fact that an attacker cracks historical data is avoided, and the safety of the authentication process is ensured; the encryption module carries out encryption calculation on the received signals to generate key output, so that subsequent key exchange is realized.
The authentication method based on the Mifare card provided by the invention is described below, and the authentication method based on the Mifare card described below and the authentication platform based on the Mifare card described above can be referred to correspondingly.
Fig. 5 illustrates a schematic flowchart of an authentication method based on a Mifare card, and as shown in fig. 5, the authentication method based on the Mifare card includes:
s01: receiving an external data signal and an abnormal signal, judging the abnormal signal, if no, controlling to generate a control signal according to the abnormal signal, otherwise, controlling to generate the control signal according to the data signal;
s02: a pseudo-random data signal is generated based on the control signal, and the pseudo-random data signal and the data signal are computed to generate the key.
And step 01, receiving the external data signal and the abnormal signal, judging the abnormal signal, if no, controlling to generate a control signal according to the abnormal signal, otherwise, controlling to generate a control signal according to the data signal.
In this embodiment, the determining the abnormality of the abnormal signal includes: identifying logic information in the exception signal to convert the exception signal into an information data signal representing the information; and judging whether the information data signal is abnormal or not, if not, controlling to generate a control signal according to the information data signal, otherwise, controlling to generate the control signal according to the data signal.
Step S02 is performed to generate a pseudo-random data signal according to the control signal, and to calculate the pseudo-random data signal and the data signal to generate a key.
In the present embodiment, generating the pseudo random data signal according to the control signal includes: after the control signal is generated, the random number is randomly generated according to the control signal, and the random number is calculated to generate a pseudo-random data signal, so that the problem of information leakage caused by the fact that an attacker cracks historical data is avoided, and the safety of the authentication process is ensured.
In addition, computing the pseudo-random data signal and the data signal to generate the key includes: calculating the data signal and the pseudo-random data signal to generate a key; and circularly caching the generated key, counting the bit number of the signal to determine whether the data needs to be replaced, and outputting the currently cached key if the data needs to be replaced. It should be noted that, a value should be preset to ensure that when the number of bits of the signal reaches a predetermined value, the current buffered key is output, and the next data signal is replaced for encryption. The predetermined value may be 64, or may be set according to actual design requirements, which is not further limited in this embodiment.
In summary, the embodiment of the present invention determines whether to control the authentication process according to the abnormal signal or to control the cognitive process according to the data signal by performing the abnormal judgment on the received abnormal signal, thereby effectively improving the authentication rate, facilitating the terminal authentication process in time, and ensuring the security of the authentication process; in addition, a pseudo-random data signal is added in the key generation process, so that the randomness of the key is increased, the problem of information leakage caused by the fact that an attacker cracks historical data is avoided, and the safety of the authentication process is further ensured.
Fig. 6 is a schematic physical structure diagram of an electronic device according to an embodiment of the present invention, and as shown in fig. 6, the electronic device may include: a processor (processor)41, a communication Interface (communication Interface)42, a memory (memory)43 and a communication bus 44, wherein the processor 41, the communication Interface 42 and the memory 43 complete communication with each other through the communication bus 44. Processor 41 may invoke logic instructions in memory 43 to perform a Mifare card based authentication method comprising: receiving an external data signal and an abnormal signal, judging the abnormal signal, if no, controlling to generate a control signal according to the abnormal signal, otherwise, controlling to generate the control signal according to the data signal; a pseudo-random data signal is generated based on the control signal, and the pseudo-random data signal and the data signal are computed to generate the key.
Furthermore, the logic instructions in the memory 43 may be implemented in the form of software functional units and stored in a computer readable storage medium when sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In another aspect, the present invention also provides a computer program product comprising a computer program stored on a non-transitory computer readable storage medium, the computer program comprising program instructions, which when executed by a computer, enable the computer to perform the Mifare card based authentication method provided by the above methods, the method comprising: receiving an external data signal and an abnormal signal, judging the abnormal signal, if no, controlling to generate a control signal according to the abnormal signal, otherwise, controlling to generate the control signal according to the data signal; a pseudo-random data signal is generated based on the control signal, and the pseudo-random data signal and the data signal are computed to generate the key.
In yet another aspect, the present invention also provides a non-transitory computer readable storage medium having stored thereon a computer program, which when executed by a processor is implemented to perform the above-mentioned Mifare card-based authentication method, the method including: receiving an external data signal and an abnormal signal, judging the abnormal signal, if no, controlling to generate a control signal according to the abnormal signal, otherwise, controlling to generate the control signal according to the data signal; a pseudo-random data signal is generated based on the control signal, and the pseudo-random data signal and the data signal are computed to generate the key.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (9)
1. The utility model provides an authentication platform based on Mifare card which characterized in that, includes authentication module, pseudo-random number module and encryption module, wherein:
the authentication module is used for receiving an external signal and respectively sending a control signal to the pseudo-random number module and the encryption module; the authentication module comprises an authentication state unit, an abnormality judgment unit and a first control unit, wherein: the authentication state unit receives an external signal, judges the type of the external signal and correspondingly sends the type of the external signal to the first control unit and the abnormality judgment unit; the abnormality judging unit judges whether the received external signal is abnormal, if no, the first control unit is controlled to generate a control signal according to the external signal received by the abnormality judging unit, otherwise, the first control unit generates a control signal according to the external signal received by the first control unit; the first control unit respectively sends the generated control signals to the pseudo-random number module and the encryption module;
the pseudo-random number module generates a pseudo-random data signal after receiving the control signal and sends the pseudo-random data signal to the encryption module;
and the encryption module receives the control signal and then generates a key according to a data signal and the pseudo-random data signal in the received external signal.
2. The Mifare card-based authentication platform as claimed in claim 1, wherein the external signals include data signals and abnormal signals, and the authentication state unit identifies the type of the external signals after receiving the external signals, so as to correspondingly send the data signals to the first control unit and correspondingly send the abnormal signals to the abnormal judgment unit;
the first control unit comprises a first controller and a first counter, the first controller generates a control signal according to the data signal or the abnormal signal, and the first counter is used for calibrating time nodes of the control signal and the data signal.
3. The Mifare card-based authentication platform of claim 1, wherein the pseudo random number module comprises a second control unit, an out-of-order counting unit and a combinational logic unit, wherein:
the second control unit receives the control signal to control the out-of-order counting unit to send the current value of the out-of-order counting unit to the combinational logic unit;
the combinational logic unit generates a pseudo-random data signal according to the received current value and sends the pseudo-random data signal to the encryption module.
4. The Mifare card-based authentication platform of claim 1, wherein the encryption module comprises a data caching unit, a third control unit and a key generation unit, wherein:
the data cache unit receives and stores a data signal in the external signal and a pseudo-random data signal output by the pseudo-random number module;
the third control unit receives the control signal output by the authentication module to control the data caching unit to send the cached signal in the data caching unit to the key generation unit and control the key generation unit to generate the key.
5. The Mifare card-based authentication platform of claim 4, wherein the third control unit comprises a second controller and a second counter, wherein:
the second counter counts the running state;
the second controller receives the control signal and selectively controls the data buffer unit and/or the key generation unit according to the running state so as to control the data signal and the pseudo-random data signal in the data buffer unit to be sent to the key generation unit and/or control the key generation unit to generate a key.
6. The Mifare card-based authentication platform as claimed in claim 5, wherein the key generation unit comprises a logic encryption circuit and a loop count circuit, the logic encryption circuit is controlled by the third control unit to generate the key, the loop count circuit circularly buffers the key generated by the logic encryption circuit and counts the number of bits of the data signal entering the logic encryption circuit to determine whether the data needs to be replaced.
7. An authentication method based on a Mifare card, which is implemented based on the authentication platform based on the Mifare card of any one of claims 1 to 6, and the method comprises the following steps:
receiving an external data signal and an abnormal signal, judging the abnormality of the abnormal signal, if no abnormality exists, controlling to generate a control signal according to the abnormal signal, otherwise, controlling to generate a control signal according to the data signal;
a pseudo-random data signal is generated from the control signal, and the pseudo-random data signal and the data signal are computed to generate a key.
8. The Mifare card-based authentication method according to claim 7, wherein the determining the abnormality of the abnormal signal includes:
identifying logic information in the exception signal to convert the exception signal into an information data signal representing information;
and judging whether the information data signal is abnormal or not, and if not, controlling to generate a control signal according to the information data signal.
9. The Mifare card-based authentication method of claim 7, the generating the pseudo-random data signal according to the control signal comprising: after the control signal is generated, random numbers are randomly generated according to the control signal, and the random numbers are calculated to generate pseudo-random data signals;
said computing said pseudo random data signal and said data signal to generate a key, comprising:
calculating the data signal and the pseudo-random data signal to generate a key;
and circularly caching the generated key, counting the bit number of the signal to determine whether the data needs to be replaced, and outputting the currently cached key if the data needs to be replaced.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110300339.3A CN112688787B (en) | 2021-03-22 | 2021-03-22 | Authentication platform and method based on Mifare card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110300339.3A CN112688787B (en) | 2021-03-22 | 2021-03-22 | Authentication platform and method based on Mifare card |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112688787A true CN112688787A (en) | 2021-04-20 |
| CN112688787B CN112688787B (en) | 2021-06-08 |
Family
ID=75455746
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110300339.3A Active CN112688787B (en) | 2021-03-22 | 2021-03-22 | Authentication platform and method based on Mifare card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112688787B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113992445A (en) * | 2021-12-28 | 2022-01-28 | 广东曜芯科技有限公司 | Authentication apparatus and method |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080044025A1 (en) * | 2006-08-18 | 2008-02-21 | Corndorf Eric D | Secure Telemetric Link |
| CN104579673A (en) * | 2014-03-06 | 2015-04-29 | 上海励识电子科技有限公司 | Interactive authentication method between RFID card and card reader |
| CN105743653A (en) * | 2014-12-29 | 2016-07-06 | 三星电子株式会社 | User Authentication Method and Electronic Device Performing User Authentication |
| CN110034929A (en) * | 2019-04-10 | 2019-07-19 | 民航成都电子技术有限责任公司 | A kind of all-purpose card card based on airport environment |
| CN110765438A (en) * | 2019-10-24 | 2020-02-07 | 江苏云涌电子科技股份有限公司 | High-performance password card and working method thereof |
| US10594689B1 (en) * | 2015-12-04 | 2020-03-17 | Digimarc Corporation | Robust encoding of machine readable information in host objects and biometrics, and associated decoding and authentication |
-
2021
- 2021-03-22 CN CN202110300339.3A patent/CN112688787B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080044025A1 (en) * | 2006-08-18 | 2008-02-21 | Corndorf Eric D | Secure Telemetric Link |
| CN104579673A (en) * | 2014-03-06 | 2015-04-29 | 上海励识电子科技有限公司 | Interactive authentication method between RFID card and card reader |
| CN105743653A (en) * | 2014-12-29 | 2016-07-06 | 三星电子株式会社 | User Authentication Method and Electronic Device Performing User Authentication |
| US10594689B1 (en) * | 2015-12-04 | 2020-03-17 | Digimarc Corporation | Robust encoding of machine readable information in host objects and biometrics, and associated decoding and authentication |
| CN110034929A (en) * | 2019-04-10 | 2019-07-19 | 民航成都电子技术有限责任公司 | A kind of all-purpose card card based on airport environment |
| CN110765438A (en) * | 2019-10-24 | 2020-02-07 | 江苏云涌电子科技股份有限公司 | High-performance password card and working method thereof |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113992445A (en) * | 2021-12-28 | 2022-01-28 | 广东曜芯科技有限公司 | Authentication apparatus and method |
| CN113992445B (en) * | 2021-12-28 | 2022-04-19 | 广东曜芯科技有限公司 | Authentication apparatus and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112688787B (en) | 2021-06-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11303661B2 (en) | System and method for detection and prevention of attacks on in-vehicle networks | |
| CN111262701A (en) | Replay attack detection method, system, equipment and storage medium | |
| CN105721142B (en) | RFID system key generation method based on tag ID and device | |
| US20230018185A1 (en) | Obfuscating data at-transit | |
| CN112688787B (en) | Authentication platform and method based on Mifare card | |
| CN112019548A (en) | User-defined interface signature method, server and system for preventing malicious attacks | |
| CN111414605B (en) | Unlocking method and device of embedded security unit, electronic equipment and storage medium | |
| CN111245778B (en) | Method and system for providing a workload proving concept in a vehicle and vehicle | |
| CN111865595A (en) | Block chain consensus method and device | |
| CN108038392A (en) | A kind of smart card encryption method | |
| CN1659496B (en) | Method and apparatus for communicating securely with a token | |
| CN111177676B (en) | Verification system, verification method, and non-transitory computer-readable recording medium | |
| CN109302442A (en) | A kind of data storage method of proof and relevant device | |
| CN113992445B (en) | Authentication apparatus and method | |
| JP3869657B2 (en) | Method for authentication of at least one subscriber in data exchange | |
| CN106097600A (en) | Device management method based on ATL, system and financial self-service equipment | |
| CN101639883B (en) | Method for checking PIN code and intelligent key equipment | |
| CN113179163B (en) | Intelligent card information remote reading method and system | |
| US9195857B2 (en) | Computational system | |
| EP3797498A1 (en) | Authenticating an entity | |
| CN117499159B (en) | Block chain-based data transaction method and device and electronic equipment | |
| CN108434744A (en) | Connect control system | |
| CN113922953B (en) | Data processing method and device | |
| CA2687506C (en) | Method and device for detecting an attempt to substitute an original casing portion of an electronic system with a replacement casing portion | |
| CN115828332A (en) | Method and system for strengthening PCI password card to resist timing attack |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |