CN206907059U - China second-generation identity card reads encryption system - Google Patents

China second-generation identity card reads encryption system Download PDF

Info

Publication number
CN206907059U
CN206907059U CN201721240139.9U CN201721240139U CN206907059U CN 206907059 U CN206907059 U CN 206907059U CN 201721240139 U CN201721240139 U CN 201721240139U CN 206907059 U CN206907059 U CN 206907059U
Authority
CN
China
Prior art keywords
encryption
main control
control mcu
information
china
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201721240139.9U
Other languages
Chinese (zh)
Inventor
李元庆
李小军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Eps Technology Co Ltd
Original Assignee
Shenzhen Eps Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Eps Technology Co Ltd filed Critical Shenzhen Eps Technology Co Ltd
Priority to CN201721240139.9U priority Critical patent/CN206907059U/en
Application granted granted Critical
Publication of CN206907059U publication Critical patent/CN206907059U/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The utility model discloses a kind of China second-generation identity card and reads encryption system, including:Main control MCU, interface IC, antenna plate, bluetooth module, encryption IC, PC ends;The main control MCU includes a cache module;The antenna plate reads second-generation identification card information, and pass to main control MCU through interface IC, main control MCU, which interacts second-generation identification card information with outside Sam A modules, decrypts the information, solution confidential information is sent to encryption IC, encryption IC feeds back to encryption information the cache module of main control MCU, encryption information in its cache module feeds back to PC ends by main control MCU in a manner of USB ciphertexts, and the encryption information of acquisition is decrypted in the PC ends with the USB ciphertexts.The China second-generation identity card after reading is encrypted after the decryption of public security Sam A modules automatically for the utility model, then sends PC ends in the form of ciphertext, avoids intercepting utilization by criminal in message transmitting procedure.

Description

China second-generation identity card reads encryption system
Technical field
China second-generation identity card reading technology is the utility model is related to, more particularly to a kind of China second-generation identity card reads encryption system.
Background technology
In window services industry background system real-name authentication system, client identity card reads what equipment read and uploaded There is safety problem in identity card machine sensible information (ID_Data), be subject to Hacker Program and read by simulating Ministry of Public Security's China second-generation identity card Read dynamic base and operation system is uploaded to by client's false identities card information of forgery to identity card reader invoked procedure, gain reality by cheating What name system opened card business handles success., will after it is by backstage public security SAM-A modules because existing China second-generation identity card is read China second-generation identity card obtain information be transferred to PC ends in clear text manner, during this transmission of information lack encryption measures, Therefore, easily intercepted and captured by criminal, produce the risk that personally identifiable information is divulged a secret.Therefore the prior art is defective, it is necessary to enter The improvement of one step.
Utility model content
The problem of existing for prior art, the utility model provide a kind of China second-generation identity card and read encryption system.
To achieve the above object, the technical solution of the utility model is as follows:A kind of China second-generation identity card reads encryption system, bag Include:Main control MCU, interface IC, antenna plate, bluetooth module, encryption IC, PC ends;The main control MCU includes a cache module;It is described Antenna plate reads second-generation identification card information, and passes to main control MCU through interface IC, and main control MCU is by second-generation identification card information and outside The information is decrypted in portion's Sam-A modules interaction, solution confidential information is sent into encryption IC, encryption information is fed back to master control by encryption IC Encryption information in its cache module is fed back to PC ends, the PC by MCU cache module, main control MCU in a manner of USB ciphertexts End the encryption information of acquisition is decrypted with the USB ciphertexts.
Preferably, the encryption IC is encrypted using national secret algorithm.It is for instance possible to use SM1, SM2, SM3, SM4 scheduling algorithms.
Preferably, the data exchange of the encryption IC and main control MCU uses SPI interface, the bluetooth module and main control MCU Data exchange use serial mode.
Using above-mentioned technical scheme, the utility model is automatically to the China second-generation identity card after reading in public security Sam-A modules It is encrypted after decryption, then sends PC ends in the form of ciphertext, avoids being blocked by criminal in message transmitting procedure Cut and utilize.
Brief description of the drawings
Fig. 1 is schematic diagram of the present utility model.
Embodiment
Below in conjunction with the drawings and specific embodiments, the utility model is further illustrated.
Shown in reference picture 1, the utility model provides a kind of China second-generation identity card and reads encryption system, including:Main control MCU 1, Interface IC 2, antenna plate 3, bluetooth module 4, encryption IC 5, PC ends 6;The main control MCU 1 includes a cache module 11;It is described Antenna plate 3 reads second-generation identification card information, and passes to main control MCU 1 through interface IC 2, and main control MCU 1 believes China second-generation identity card Breath interacts with outside Sam-A modules 7 decrypts the information, and solution confidential information is sent into encryption IC 5, encryption IC 5 by encryption information The cache module 11 of main control MCU 1 is fed back to, main control MCU 1 is by the encryption information in its cache module 11 with the side of USB ciphertexts Formula feeds back to PC ends 6, and the encryption information of acquisition is decrypted in the PC ends 6 with the USB ciphertexts.
Wherein, the encryption IC 5 is encrypted using national secret algorithm.It is for instance possible to use M1, M2, M3, M4 etc. Algorithm, the present embodiment use M3, M4 algorithm.
The data exchange of the encryption IC 5 and main control MCU 1 uses SPI interface, the bluetooth module 4 and main control MCU 1 Data exchange use serial mode.
In the utility model, as a preferred embodiment, main control MCU 1, interface IC 2, the type for encrypting the threes of IC 5 It is number as follows:
Main control MCU 1 --- STM32F103;
Interface IC 2 --- THM3060;
Encrypt IC 5 --- Z32HUA.
Operation principle of the present utility model is illustrated with a testing scheme embodiment of the system below:
Step1, import initial key
Each Certification of Second Generation equipment can have unique device information triple:SAM-A sequence numbers+encryption chip sequence number+go out Factory's initial key.
Step2, the renewal of Certification of Second Generation device keyses
Certification of Second Generation equipment by operation system for the first time in use, found and access key management platform, key management platform It is required that Certification of Second Generation equipment must reset key (not resetting key cannot use), operation system calls key management platform to reset The interface of key, produce new key ciphertext (new key by Certification of Second Generation dispatch from the factory initial key using SM4_ECB encryption produce), it is close The information such as key check value and the key term of validity.Operation system issues the ciphertext, check value and the key term of validity that obtain new key Give Certification of Second Generation equipment, Certification of Second Generation equipment initial key decrypted new key and is verified with dispatching from the factory to check value, confirm it is errorless after Dispatch from the factory initial key and the key term of validity are replaced with new key, the successful information of re-cipher key is then returned into operation system. Operation system enables new key after receiving re-cipher key successful information.
Step3, the checking of identity card encryption data
Data handling procedure of the Certification of Second Generation equipment to ID card information:
1st, using SM3 algorithms by related data (ID card information ID_Data+SAM_A modules string number+safe core of collection Piece sequence number) generation summary info F1, ID card information ID_Data be Ministry of Public Security's reference format, containing include identity card text, scheme The information such as piece and finger print information;
2nd, using the encryption key that SM4 algorithms (SM4_ECB mode encryptions) and key management platform issue by summary info Generation ciphertext A1 is encrypted in F1;
3rd, ciphertext A1+ ID card information+SAM_A modules string number is formed into business datum C1, sent out by USB or blue tooth interface It is sent to PC or mobile phone terminal and is transferred to operation system.
F1=SM3 (ID card information ID_Data+SAM_A modules string number+safety chip sequence number)
A1=SM4_ECB mode encryptions (summary F1)
C1=ciphertext A1+ ID card information ID_Data+SAM_A module strings number
Identity card is read and adds safety chip by equipment supplier on equipment, to identity card ID_Data, SAM-A module string Number, safety chip sequence number using national commercial cipher digest algorithm SM3 generation eap-message digest F1, state is used to eap-message digest F1 Family commercial cipher symmetric encipherment algorithm SM4 and built-in application encryption key KEY generation ciphertext A1, then by ID card information, SAM-A Sequence number and ciphertext A1 are sent to operation system.Key management platform storage SAM-A and key KEY, pair of safety chip sequence number It should be related to, can be determined to apply encryption key KEY according to SAM-A sequence numbers, ciphertext A1 be understood, so as to be disappeared Summary F1 is ceased, then background system hashes to identity card machine sensible information ID_Data, SAM-A and safety chip sequence number again Computing generates eap-message digest F1 ', if F1 '=F1, confirms that identity information is not tampered with transmitting procedure
Preferred embodiment of the present utility model is the foregoing is only, not thereby limits the scope of the claims of the present utility model, Every equivalent structure under utility model of the present utility model design, made using the utility model specification and accompanying drawing content Conversion, or directly/be used in other related technical areas indirectly and be included in scope of patent protection of the present utility model.

Claims (3)

1. a kind of China second-generation identity card reads encryption system, it is characterised in that including:Main control MCU, interface IC, antenna plate, bluetooth mould Block, encryption IC, PC ends;The main control MCU includes a cache module;The antenna plate reads second-generation identification card information, and through connecing Mouth IC passes to main control MCU, and main control MCU, which interacts second-generation identification card information with outside Sam-A modules, decrypts the information, will decrypt Information is sent to encryption IC, and encryption IC feeds back to encryption information the cache module of main control MCU, and main control MCU is by its cache module In encryption information feed back to PC ends in a manner of USB ciphertexts, the PC ends are believed with the USB ciphertexts to decrypt the encryption of acquisition Breath.
2. China second-generation identity card according to claim 1 reads encryption system, it is characterised in that the encryption IC is close using state Algorithm is encrypted.
3. China second-generation identity card according to claim 1 or 2 reads encryption system, it is characterised in that the encryption IC and master Control MCU data exchange uses SPI interface, and the data exchange of the bluetooth module and main control MCU uses serial mode.
CN201721240139.9U 2017-09-25 2017-09-25 China second-generation identity card reads encryption system Active CN206907059U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201721240139.9U CN206907059U (en) 2017-09-25 2017-09-25 China second-generation identity card reads encryption system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201721240139.9U CN206907059U (en) 2017-09-25 2017-09-25 China second-generation identity card reads encryption system

Publications (1)

Publication Number Publication Date
CN206907059U true CN206907059U (en) 2018-01-19

Family

ID=61312133

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201721240139.9U Active CN206907059U (en) 2017-09-25 2017-09-25 China second-generation identity card reads encryption system

Country Status (1)

Country Link
CN (1) CN206907059U (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109889492A (en) * 2019-01-04 2019-06-14 深圳暨达科技有限公司 A kind of higher financial IC card of safety and the two-in-one identification communication means of China second-generation identity card
CN111654510A (en) * 2020-06-28 2020-09-11 福建捷宇电脑科技有限公司 Signing terminal with national encryption function and signing data transmission method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109889492A (en) * 2019-01-04 2019-06-14 深圳暨达科技有限公司 A kind of higher financial IC card of safety and the two-in-one identification communication means of China second-generation identity card
CN111654510A (en) * 2020-06-28 2020-09-11 福建捷宇电脑科技有限公司 Signing terminal with national encryption function and signing data transmission method
CN111654510B (en) * 2020-06-28 2022-08-16 福建捷宇电脑科技有限公司 Signing terminal with national encryption function and signing data transmission method

Similar Documents

Publication Publication Date Title
CN105229965B (en) Equipment identification system and equipment authenticating method
CN101738516B (en) Electronic electric energy meter and data secure transmission method thereof
CN102025503B (en) Data security implementation method in cluster environment and high-security cluster
CN101483654A (en) Method and system for implementing authentication and data safe transmission
CN102024123B (en) Method and device for importing mirror image of virtual machine in cloud calculation
CN106059757A (en) Audio and video monitoring device, data encryption and decryption method, and audio and video display device
CN106953732B (en) Key management system and method for chip card
CN108323230B (en) Method for transmitting key, receiving terminal and distributing terminal
CN106850638B (en) Access control method and system for vehicle-mounted equipment
CN102025744A (en) Import and export system of virtual machine image in cloud computing
CN111654510B (en) Signing terminal with national encryption function and signing data transmission method
CN104424446A (en) Safety verification and transmission method and system
CN104219044A (en) Key secret method for encrypting storing device
CN103580868A (en) Secure transmission method of electronic official document secure transmission system
CN105281910A (en) Internet of things lock with CA digital certificate serving as network access identity identifier and network access identity identification method
CN101789863B (en) Safe data information transmission method
CN111435390A (en) Safety protection method for operation and maintenance tool of power distribution terminal
CN103457742A (en) Security suite library system based on USB KEY
CN104954137A (en) Method of virtual machine security certification based on domestic password technique
CN113761488A (en) Content network copyright tracing encryption system and encryption method
CN206907059U (en) China second-generation identity card reads encryption system
CN103955664A (en) High-speed document scanner capable of safely decoding two-dimensional code of vehicle approval certificate and decoding method
CN113591109B (en) Method and system for communication between trusted execution environment and cloud
CN114238878A (en) Traceable data authorization transfer control method and system
CN111435389A (en) Power distribution terminal operation and maintenance tool safety protection system

Legal Events

Date Code Title Description
GR01 Patent grant
GR01 Patent grant