TW202026933A - Data security system and operation method thereof - Google Patents

Data security system and operation method thereof Download PDF

Info

Publication number
TW202026933A
TW202026933A TW107147756A TW107147756A TW202026933A TW 202026933 A TW202026933 A TW 202026933A TW 107147756 A TW107147756 A TW 107147756A TW 107147756 A TW107147756 A TW 107147756A TW 202026933 A TW202026933 A TW 202026933A
Authority
TW
Taiwan
Prior art keywords
data
card
module
data group
chip card
Prior art date
Application number
TW107147756A
Other languages
Chinese (zh)
Other versions
TWI707247B (en
Inventor
王傳陞
洪丞甫
周淑羚
Original Assignee
中華電信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中華電信股份有限公司 filed Critical 中華電信股份有限公司
Priority to TW107147756A priority Critical patent/TWI707247B/en
Publication of TW202026933A publication Critical patent/TW202026933A/en
Application granted granted Critical
Publication of TWI707247B publication Critical patent/TWI707247B/en

Links

Images

Abstract

A data security system and an operation method thereof are provided. The system provides a security means of a chip card, and the chip card includes an application module and a target module, and the data security system comprises: an application write card module which is used in a card writing process inputting a feature data required for the chip card to the application module; and a security write card module configured to input a target data group for protecting the feature data to the target module in the card writing process, wherein the target data group includes a feature data portion and a key portion, the feature data portion is used to store the feature data, and the key portion is used to protect the feature data portion. By this design, when the card checking process is performed, the key portion is verified to confirm whether the chip card is a counterfeit.

Description

資料保全系統及其使用方法 Data preservation system and its use method

本發明係揭露一種資料保全系統,特別是一種可用於複合型晶片卡的資料保全系統及其使用方法。 The invention discloses a data security system, in particular a data security system that can be used in a composite chip card and a method of use thereof.

隨著科技與資訊的進步,以往作為身分認證(如身分證、健保卡、學生證、借書證或其它)或是金融交易的電子證件(如優遊卡)、信用卡或金融卡,逐漸整合於一張複合型晶片卡(或聯名卡)中,以提供使用者(或消費者)多卡合一的便利性,且使用的需求量日益遽增。 With the advancement of technology and information, in the past, as identity authentication (such as ID card, health insurance card, student ID, library card, or other) or electronic documents (such as Uyou card), credit card or financial card for financial transactions, gradually integrated into one A composite chip card (or co-branded card) to provide users (or consumers) with the convenience of multi-card integration, and the demand for use is increasing.

由於成本的問題或其它針對使用者(或消費者)的信賴原則,晶片卡製造商往往疏於建置晶片卡的保全機制,導致該晶片卡遭有心人士偽造或複製資料的事件發生,造成晶片卡服務端的困擾,故若多卡合一的晶片卡無法有效防止偽造或複製等事件的發生,將會造成社會問題,如詐騙等。因此,如何有效防止晶片卡偽造或複製的情形發生,已成為現今社會中亟需解決的課題。 Due to cost issues or other principles of trust for users (or consumers), chip card manufacturers often neglect to establish a security mechanism for chip cards, which leads to incidents in which the chip card is forged or copied by interested parties, causing the chip The card server is troubled, so if the multi-card integrated chip card cannot effectively prevent the occurrence of counterfeiting or copying, it will cause social problems such as fraud. Therefore, how to effectively prevent the occurrence of counterfeiting or copying of chip cards has become an urgent issue in today's society.

針對上述的缺點,目前業界已提出一種驗證方法,係透過指紋辨識方式,再配合加密金鑰的保護,以提高晶片 卡的安全性,但此方式所需之檢驗設備之成本極高,因而無法增加使用普及率,且此方法並無法得知晶片卡資料是否屬於偽造。 In view of the above-mentioned shortcomings, the industry has now proposed a verification method that uses fingerprint recognition, coupled with the protection of encryption keys to improve the chip The security of the card, but the cost of the inspection equipment required by this method is extremely high, so it cannot increase the penetration rate, and this method cannot know whether the chip card data is forged.

再者,業界亦提出一種管理隱藏區域的方法,係透過磁區標示之控制機制以保護資料無法任意存取,但此方法係藉由建立資料隱蔽性,而非資料本身的完整性與不可否認性,故無法將晶片卡發行端之金鑰與代理發行端(或公正第三方)之憑證作結合。 Furthermore, the industry also proposes a method to manage hidden areas, which is to protect data from arbitrary access through the control mechanism of the sector label. However, this method is to establish data concealment rather than the integrity and undeniability of the data itself. Therefore, it is impossible to combine the key of the chip card issuer with the certificate of the agent issuer (or fair third party).

又,業界更提出一種數位簽章的技術,於發卡階段利用數位簽章先行驗證其資料之完整性與不可否認性,雖然此方法於寫卡階段可於代理發行端(或公正第三方)驗證晶片卡來源的合法性,但無法控管晶片卡於讀取階段中所寫入之資料(如變更資料或偽造資料)的可靠性。 In addition, the industry has even proposed a digital signature technology that uses digital signatures to verify the integrity and non-repudiation of the data at the card issuance stage, although this method can be verified at the agency issuing end (or a fair third party) at the card writing stage The legality of the source of the chip card, but the reliability of the data (such as changed data or forged data) written in the chip card during the read phase cannot be controlled.

因此,如何輕易且安全地檢驗晶片卡,已成目前亟需解決的課題。 Therefore, how to inspect the chip card easily and safely has become an urgent issue to be solved.

為解決前揭之問題,本發明係提供一種資料保全系統,係用以提供晶片卡之保全機制,且該晶片卡包含有應用模組與目標模組,該資料保全系統係包括:應用寫卡模組,係於寫卡作業中將該晶片卡所需之特徵資料寫入該應用模組中;以及保全寫卡模組,係於寫卡作業中將用以保護該特徵資料之目標資料群寫入該目標模組中,其中,該目標資料群係包含特徵資料群與金鑰機制,該特徵資料群係用以儲存該特徵資料,且該金鑰機制係用以保全該特徵資料 群。 In order to solve the aforementioned problems, the present invention provides a data security system for providing a chip card security mechanism, and the chip card includes an application module and a target module, and the data security system includes: application writing card The module is used to write the characteristic data required by the chip card into the application module during the writing operation; and the secure writing module is the target data group used to protect the characteristic data during the writing operation Write in the target module, where the target data group includes a characteristic data group and a key mechanism, the characteristic data group is used to store the characteristic data, and the key mechanism is used to preserve the characteristic data group.

前述之資料保全系統中,更包括讀卡模組,係用以於驗卡作業中讀取該晶片卡之應用模組之特徵資料。 The aforementioned data security system further includes a card reader module, which is used to read the characteristic data of the chip card's application module during card verification.

前述之資料保全系統中,更包括驗卡模組,係用以於驗卡作業中驗證該應用模組之特徵資料與該晶片卡之目標模組之特徵資料群。例如,該驗卡模組係透過Nonce值進行驗證。 The aforementioned data security system further includes a card verification module, which is used to verify the characteristic data of the application module and the characteristic data group of the target module of the chip card in the card verification operation. For example, the card verification module is verified through the Nonce value.

前述之資料保全系統中,該特徵資料係為不可變動之公開資料。 In the aforementioned data preservation system, the characteristic data is unchangeable public data.

前述之資料保全系統中,該特徵資料群係以主雜湊碼寫入該目標模組中。 In the aforementioned data preservation system, the characteristic data group is written into the target module with the master hash code.

前述之資料保全系統中,該金鑰機制係包含主動認證資料群及被動認證資料群,該主動認證資料群係具有公鑰資料,且依據該公鑰資料演算出輔助雜湊碼,俾供作為該被動認證資料群。 In the aforementioned data security system, the key mechanism includes an active authentication data group and a passive authentication data group. The active authentication data group has public key data, and an auxiliary hash code is calculated based on the public key data to serve as the Passive authentication data group.

前述之資料保全系統中,該晶片卡係為複合型。 In the aforementioned data security system, the chip card is a composite type.

本發明更提供一種資料保全系統之使用方法,係包括寫卡作業,其包含有:提供一晶片卡及該資料保全系統,該資料保全系統係包括寫卡裝置及電子裝置,且該晶片卡包含有應用模組與目標模組,其中,該晶片卡係配置有私鑰資料;藉由該寫卡裝置將該晶片卡所需之特徵資料寫入該應用模組中,以形成特徵資料群;藉由該寫卡裝置將該特徵資料利用雜湊法演算,以形成主雜湊碼,且於該主雜湊碼中編入第一輔助雜湊碼而形成特徵值;該寫卡裝置依 據該特徵值將該特徵資料群儲存於該晶片卡之目標模組中;於該寫卡裝置中建立主動認證資料群,其中,該主動認證資料群係具有公鑰資料;藉由該寫卡裝置將該公鑰資料結合該特徵值以產生第二輔助雜湊碼,俾供作為被動認證資料群;以及將該主動認證資料群與該被動認證資料群儲存於該晶片卡之目標模組中。 The present invention further provides a method for using a data security system, which includes a card writing operation, which includes: providing a chip card and the data security system, the data security system includes a card writing device and an electronic device, and the chip card includes There are application modules and target modules, where the chip card is configured with private key data; the feature data required by the chip card is written into the application module by the card writing device to form a feature data group; The characteristic data is calculated by the card writing device using the hash method to form the main hash code, and the first auxiliary hash code is compiled into the main hash code to form the characteristic value; the card writing device is based on Store the characteristic data group in the target module of the chip card according to the characteristic value; establish an active authentication data group in the card writing device, wherein the active authentication data group has public key data; The device combines the public key data with the characteristic value to generate a second auxiliary hash code for use as a passive authentication data group; and stores the active authentication data group and the passive authentication data group in the target module of the chip card.

前述之使用方法中,該特徵資料係為不可變動之公開資料。 In the aforementioned method of use, the characteristic data is unchangeable public data.

前述之使用方法中,更包括驗卡作業,其包含有:藉由該電子裝置讀取該晶片卡之目標資料群;令該電子裝置依據該目標資料群而建立Nonce值;將該Nonce值傳輸至該晶片卡,以令該私鑰資料結合該Nonce值,再進行演算以將演算後的結果資料回傳至該電子裝置;令該電子裝置從該目標模組中取得該公鑰資料以進一步驗證該結果資料之有效性;令該電子裝置驗證該被動認證資料群,以確認該晶片卡之可信任憑證;以及令該電子裝置進行該主雜湊碼之比對。例如,該被動認證資料群係具有簽章憑證資料,以藉由該電子裝置驗證該簽章憑證資料,而確認該晶片卡之可信任憑證。進一步,該應用模組係具有根憑證,以透過該簽章憑證資料作簽章。 The aforementioned method of use further includes a card verification operation, which includes: reading the target data group of the chip card by the electronic device; making the electronic device create a Nonce value based on the target data group; and transmitting the Nonce value To the chip card to combine the private key data with the Nonce value, and then perform calculations to return the calculated result data to the electronic device; make the electronic device obtain the public key data from the target module for further Verify the validity of the result data; make the electronic device verify the passive authentication data group to confirm the trusted certificate of the chip card; and make the electronic device perform the comparison of the master hash code. For example, the passive authentication data group has signature certificate data, so that the electronic device verifies the signature certificate data to confirm the trusted certificate of the chip card. Further, the application module has a root certificate, which can be used as a signature through the signature certificate data.

由上可知,本發明之資料保全系統及其使用方法,主要利用該電子裝置之保全寫卡模組寫入該目標資料群,其依ICAO(國際民航組織,International Civil Aviation Organization)9303規範產製金鑰機制並將該私鑰資料存入 該晶片卡中,再寫入公鑰資料,以透過計算該晶片卡之應用模組之特徵資料及該特徵值,而建立防護機制,且於後續於驗卡作業中,可透過該驗卡模組依ICAO 9303規範驗證該PA資料群及該AA資料群,以確認該晶片卡是否為複製品或偽造品,故發卡商或商家藉由本發明之資料保全系統,能輕易且安全地確認該晶片卡之合法性。 It can be seen from the above that the data security system and its use method of the present invention mainly use the security write card module of the electronic device to write the target data group, which is produced in accordance with ICAO (International Civil Aviation Organization) 9303 Key mechanism and store the private key data in Write the public key data in the chip card to establish a protection mechanism by calculating the characteristic data and the characteristic value of the application module of the chip card. In the subsequent card verification operations, the card verification module can be used The PA data group and the AA data group are verified according to the ICAO 9303 standard to confirm whether the chip card is a copy or a counterfeit. Therefore, the card issuer or merchant can easily and safely confirm the chip through the data protection system of the present invention The legality of the card.

1‧‧‧資料保全系統 1‧‧‧Data Security System

10‧‧‧晶片卡 10‧‧‧Chip Card

10’‧‧‧目標物 10’‧‧‧Target

10a‧‧‧晶片 10a‧‧‧chip

110‧‧‧應用模組 110‧‧‧Application Module

120‧‧‧目標模組 120‧‧‧Target Module

130‧‧‧AA資料群 130‧‧‧AA Data Group

140‧‧‧特徵資料群 140‧‧‧Characteristic Data Group

150‧‧‧PA資料群 150‧‧‧PA Data Group

20‧‧‧寫卡裝置 20‧‧‧Card writing device

210‧‧‧應用寫卡模組 210‧‧‧Application card writing module

220‧‧‧保全寫卡模組 220‧‧‧Security write card module

30‧‧‧電子裝置 30‧‧‧Electronic device

310‧‧‧讀卡模組 310‧‧‧Card Reader Module

320‧‧‧驗卡模組 320‧‧‧Card Verification Module

請參閱有關本發明之詳細說明及其附圖,將可進一步瞭解本發明之技術內容及其目的功效;有關附圖如下:第1圖係為本發明之資料保全系統之寫卡裝置之架構與晶片卡之配置示意圖;第2圖係為本發明之目標群組之架構示意圖;第3圖係為本發明之資料保全系統之使用方法之寫卡作業之過程示意圖;第4圖係為本發明之資料保全系統之電子裝置之架構與晶片卡之配置示意圖;以及第5圖係為本發明之資料保全系統之使用方法之驗卡作業之過程示意圖。 Please refer to the detailed description of the present invention and its accompanying drawings to further understand the technical content of the present invention and its objectives and effects; the relevant drawings are as follows: Figure 1 is the structure and structure of the card writing device of the data security system of the present invention The schematic diagram of the chip card configuration; Figure 2 is a schematic diagram of the structure of the target group of the present invention; Figure 3 is a schematic diagram of the card writing operation process of the use method of the data security system of the present invention; Figure 4 is the present invention The structure of the electronic device of the data security system and the configuration diagram of the chip card; and Figure 5 is a schematic diagram of the card verification operation of the method of use of the data security system of the present invention.

為了使本發明的目的、技術方案及優點更加清楚明白,下面結合附圖及實施例,對本發明進行進一步詳細說明。應當理解,此處所描述的具體實施例僅用以解釋本發明,但並不用於限定本發明。 In order to make the objectives, technical solutions and advantages of the present invention clearer, the following further describes the present invention in detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the present invention, but not used to limit the present invention.

須知,本說明書所附圖式所繪示之結構、比例、大小 等,均僅用以配合說明書所揭示之內容,以供熟悉此技藝之人士之瞭解與閱讀,並非用以限定本創作可實施之限定條件,故不具技術上之實質意義,任何結構之修飾、比例關係之改變或大小之調整,在不影響本創作所能產生之功效及所能達成之目的下,均應仍落在本創作所揭示之技術內容得能涵蓋之範圍內。同時,本說明書中所引用之如「上」及「一」等之用語,亦僅為便於敘述之明瞭,而非用以限定本創作可實施之範圍,其相對關係之改變或調整,在無實質變更技術內容下,當亦視為本創作可實施之範疇。 Note, the structure, proportion, and size shown in the drawings in this manual Etc., are only used to cooperate with the contents disclosed in the manual for the understanding and reading of those who are familiar with the art. They are not used to limit the limited conditions for the implementation of this creation, so they have no technical significance. Any structural modification, The change of the proportional relationship or the adjustment of the size should still fall within the scope of the technical content disclosed in this creation without affecting the effects and goals that the creation can produce. At the same time, the terms such as "上" and "一" cited in this manual are only for ease of description and are not used to limit the scope of implementation of this creation. Changes or adjustments in their relative relationships are not Substantial changes to the technical content should also be regarded as the scope of the creation that can be implemented.

請參閱第1圖,其為本發明之跨卡種應用服務的資料保全系統1之寫卡裝置20之架構與晶片卡10之配置示意圖。 Please refer to FIG. 1, which is a schematic diagram of the structure of the card writing device 20 and the configuration of the chip card 10 of the data protection system 1 for cross-card application services of the present invention.

如第1圖所示,製造商會依據發卡商之需求製造晶片卡10,以配合市場智能晶片卡及複合型(多卡合一)晶片卡10的需求。於本實施例中,該晶片卡10係為複合型或多卡合一形式,但不以此為限。 As shown in Figure 1, the manufacturer will manufacture the chip card 10 according to the needs of the card issuer to meet the market demand for smart chip cards and composite (multi-card-in-one) chip cards 10. In this embodiment, the chip card 10 is a composite or multiple cards in one form, but it is not limited to this.

例如,製造商所製造之複合型晶片卡10可包含應用模組110(如具有借書證之應用、優遊卡之應用、學生證之應用等),且該應用模組110之各特徵資料會儲存於該晶片卡10之晶片10a所對應之資料庫(圖略)中,並透過雜湊法(Hash)分別以一主雜湊碼形式儲存於各該資料庫中,其中,該主雜湊碼可為製造商以該應用模組110中的根憑證透過該雜湊法所產出,以加強防偽之保護機制。具體地,該應用模組110可為悠遊卡、信用卡、學生證等任何可寫 入資料庫中之模組型態,且該應用模組110所需之特徵資料係為不可變動之公開資料,如姓名、卡號、身分證字號、生日等資料。應可理解地,各該資料庫亦可設於該應用模組110中。 For example, the composite chip card 10 manufactured by the manufacturer may include an application module 110 (such as an application with a library card, an application for a U-Travel card, an application for a student card, etc.), and each feature data of the application module 110 is stored In the database (the figure omitted) corresponding to the chip 10a of the chip card 10, it is stored in each database in the form of a master hash code through the hash method, wherein the master hash code can be a manufacturing The merchant uses the root certificate in the application module 110 to generate it through the hash method to strengthen the anti-counterfeiting protection mechanism. Specifically, the application module 110 can be any writable card, credit card, student card, etc. The type of the module entered into the database, and the characteristic data required by the application module 110 is unchangeable public data, such as name, card number, ID number, birthday, etc. It should be understood that each of the database can also be provided in the application module 110.

所述之寫卡裝置20係包含複數應用寫卡模組210(如第1至第N個應用寫卡模組,且N為大於1的正整數),以供製造商依據該應用模組110所需之各特徵資料,藉由各該應用寫卡模組210對應寫入該應用模組110中並儲存於資料庫(如第1至第N個資料庫)中。 The card writing device 20 includes a plurality of application card writing modules 210 (for example, the 1st to Nth application card writing modules, and N is a positive integer greater than 1) for the manufacturer to follow the application module 110 The required feature data is correspondingly written in the application module 110 by the application card writing module 210 and stored in the database (such as the first to the Nth database).

所述之寫卡裝置20復包含至少一保全寫卡模組220,係用來保護各該應用模組110之特徵資料,且能讀取各該應用模組110之特徵資料,以於該晶片卡10之目標模組120中建置特徵資料群140而保護各該應用模組110之特徵資料。 The card writing device 20 further includes at least one security writing card module 220, which is used to protect the characteristic data of each application module 110 and can read the characteristic data of each application module 110 for the chip A feature data group 140 is built in the target module 120 of the card 10 to protect the feature data of each application module 110.

於本實施例中,如第2圖所示,當建置該目標模組120時,會依據國際民航組織(International Civil Aviation Organization,簡稱ICAO)之晶片規範(如ICAO 9303),同時將主動認證(Active Authentication,簡稱AA)資料群130及被動認證(Passive Authentication,簡稱PA)資料群150建立於該目標模組120中,以保護該應用模組110之各特徵資料。例如,該主動認證資料群130係包含有一公鑰資料,且該晶片卡10內建之金鑰產製功能所形成之私鑰資料係儲存於該晶片卡10之晶片10a內,而該晶片卡10之發卡商(或核發者)會將一簽章憑證寫入該被動認證資 料群150中,以識別使用者(或消費者)之身分。 In this embodiment, as shown in Figure 2, when the target module 120 is built, it will follow the ICAO (International Civil Aviation Organization, ICAO) chip specifications (such as ICAO 9303), and will actively authenticate An Active Authentication (AA) data group 130 and a Passive Authentication (PA) data group 150 are established in the target module 120 to protect each characteristic data of the application module 110. For example, the active authentication data group 130 includes a public key data, and the private key data formed by the built-in key production function of the chip card 10 is stored in the chip 10a of the chip card 10, and the chip card 10 10 card issuers (or issuers) will write a signature certificate into the passive authentication In the data group 150, the identity of the user (or consumer) is identified.

請參閱第3圖,係為本發明之寫卡裝置20之寫卡作業之過程示意圖。 Please refer to FIG. 3, which is a schematic diagram of the card writing operation of the card writing device 20 of the present invention.

如第3圖所示,首先,於步驟S31中,製造商透過該寫卡裝置20之應用寫卡模組210將各卡種(如借書證、優遊卡、學生證或其它)之特徵資料寫入該晶片卡10之該應用模組110(或資料庫)內;接著,於步驟S32中,透過該寫卡裝置20之保全寫卡模組220讀取該晶片卡10之資料庫有關該應用模組110之各特徵資料,即讀取該主雜湊碼,使該保全寫卡模組220再一次運用該雜湊法(Hash),於各該主雜湊碼中分別加入第一輔助雜湊碼(如一組亂數),以加強保護機制,並透過計算該些第一輔助雜湊碼的方式以產生特徵值。 As shown in Figure 3, first, in step S31, the manufacturer writes the characteristic data of each card type (such as a library card, a travel card, student card, or other) through the application card writing module 210 of the card writing device 20 Into the application module 110 (or database) of the chip card 10; then, in step S32, the security card writing module 220 of the card writing device 20 reads the database of the chip card 10 about the application Each feature data of the module 110 is to read the main hash code, so that the secure card writing module 220 uses the hash method (Hash) again to add a first auxiliary hash code (such as a hash code) to each main hash code. Group random numbers) to strengthen the protection mechanism, and generate feature values by calculating the first auxiliary hash codes.

之後,於步驟S33~S35中,該保全寫卡模組220分別在該晶片卡10之目標模組120中建立目標資料群,如該主動認證資料群(AA資料群)130、對應該應用模組110之特徵資料群140及被動認證資料群(PA資料群)150等。具體地,該保全寫卡模組220依據其所計算之特徵值(來自該第一輔助雜湊碼)將該應用模組110之各特徵資料及該特徵值儲存於該晶片卡10之目標模組120中以形成該特徵資料群140,再將該AA資料群130的公鑰資料結合該特徵值並利用該雜湊法(Hash)以產生第二輔助雜湊碼而形成該PA資料群150,且將該AA資料群130與該PA資料群150儲存於該晶片卡10之目標模組120中。藉此,該製造 商完成該晶片卡10之製作。 After that, in steps S33 to S35, the security card writing module 220 respectively establishes a target data group in the target module 120 of the chip card 10, such as the active authentication data group (AA data group) 130, corresponding to the application module The characteristic data group 140 and the passive authentication data group (PA data group) 150 of the group 110, etc. Specifically, the security card writing module 220 stores the characteristic data of the application module 110 and the characteristic value in the target module of the chip card 10 according to the calculated characteristic value (from the first auxiliary hash code). 120 to form the characteristic data group 140, then combine the public key data of the AA data group 130 with the characteristic value and use the hash method to generate a second auxiliary hash code to form the PA data group 150, and The AA data group 130 and the PA data group 150 are stored in the target module 120 of the chip card 10. With this, the manufacturing The vendor completes the production of the chip card 10.

於後續應用中,當使用者(或消費者)於使用該晶片卡10時,若應用端(如商家或公正第三方)需要檢驗該晶片卡10之真偽性,可藉由一電子裝置30(如第4圖所示)讀取該晶片卡10中之各該應用模組110以進行檢驗作業。 In subsequent applications, when the user (or consumer) uses the chip card 10, if the application terminal (such as a merchant or a fair third party) needs to verify the authenticity of the chip card 10, an electronic device 30 can be used (As shown in Fig. 4) Read each of the application modules 110 in the chip card 10 to perform inspection operations.

所述之電子裝置30係包括一讀卡模組310及一驗卡模組320。 The electronic device 30 includes a card reading module 310 and a card verification module 320.

於本實施例中,該讀卡模組310係用以讀取該應用模組110之各特徵資料,且該驗卡模組320係用以分析該應用模組110之各特徵資料及該目標模組120內的目標資料群(如第2圖所示之特徵資料群140、PA資料群150及AA資料群130),以依據其所擷取或讀取之目標資料群而建立密碼數值(即Nonce),供進行驗證,其中,Nonce值可為8-byte的數值。 In this embodiment, the card reading module 310 is used to read the characteristic data of the application module 110, and the card verification module 320 is used to analyze the characteristic data of the application module 110 and the target The target data group in the module 120 (such as the characteristic data group 140, the PA data group 150 and the AA data group 130 as shown in Fig. 2) establishes a password value based on the target data group retrieved or read ( Namely, Nonce) for verification, where the Nonce value can be an 8-byte value.

具體地,在資訊安全中,所述之Nonce係為一個在加密通訊只能使用一次的數字,且在認證協定中,其往往是一個隨機或偽隨機數,以避免重送攻擊;另一方面,Nonce也用於串流加密法以確保安全。因此,若需要使用相同的金鑰加密一個以上的訊息時,則需以Nonce確保不一樣的訊息與該金鑰所加密的金鑰流為不相同。 Specifically, in information security, the Nonce is a number that can only be used once in encrypted communication, and in authentication protocols, it is often a random or pseudo-random number to avoid retransmission attacks; , Nonce is also used for streaming encryption to ensure security. Therefore, if you need to use the same key to encrypt more than one message, you need to use Nonce to ensure that the different message is not the same as the key stream encrypted by the key.

再者,於消費者使用該晶片卡10時,該電子裝置30僅藉由該讀卡模組310讀取該應用模組110之其中一特徵資料。另一方面,若商家懷疑該晶片卡10之真偽性時,可透過該驗卡模組320進行驗卡作業。 Furthermore, when a consumer uses the chip card 10, the electronic device 30 only reads one of the characteristic data of the application module 110 through the card reader module 310. On the other hand, if the merchant doubts the authenticity of the chip card 10, the card verification module 320 can be used for card verification.

進一步,請參閱第5圖,係為本發明之電子裝置30對於目標物10’(如商家懷疑之晶片卡)之驗卡作業之過程示意圖。 Further, please refer to FIG. 5, which is a schematic diagram of the card verification operation of the electronic device 30 of the present invention for the target 10' (such as the chip card suspected by the merchant).

如第5圖所示,首先,於步驟S51中,令該驗卡模組320讀取該目標模組120內的目標資料群,使該驗卡模組320所建立之Nonce值會傳輸至該目標模組120中的被動認證資料群150,以令該AA資料群130將該目標物10’之晶片10a內的私鑰資料結合該Nonce值,再透過該AA資料群130中的指令進行演算以將演算後的結果資料回傳至該驗卡模組320中,其中,此演算過程可視同一種加密行為。 As shown in Figure 5, first, in step S51, the card verification module 320 is made to read the target data group in the target module 120, so that the Nonce value created by the card verification module 320 is transmitted to the The passive authentication data group 150 in the target module 120, so that the AA data group 130 combines the private key data in the chip 10a of the target 10' with the Nonce value, and then performs calculations through the commands in the AA data group 130 The result data after the calculation is returned to the card verification module 320, wherein the calculation process can be regarded as the same encryption behavior.

接著,於步驟S52中,該驗卡模組320會從該目標模組120中取得該AA資料群130的公鑰資料以進一步驗證該結果資料是否有效。具體地,由於每一張晶片卡10之私鑰資料係由該晶片卡10之硬體(如該晶片10a)保護,因而即使透過複製方式或軟體竄改方式皆無法取得該私鑰資料之任何內容,故當該Nonce值無法與該目標物10’之私鑰資料結合時,則該公鑰資料將無法驗證該結果資料,因而此狀況可表示為該目標物10’中的資料屬於不可信任(即偽造可能性極高)之狀態。 Then, in step S52, the card verification module 320 obtains the public key data of the AA data group 130 from the target module 120 to further verify whether the result data is valid. Specifically, since the private key data of each chip card 10 is protected by the hardware of the chip card 10 (such as the chip 10a), any content of the private key data cannot be obtained even through copying or software tampering. , So when the Nonce value cannot be combined with the private key data of the target 10', the public key data will not be able to verify the result data, so this situation can be expressed as the data in the target 10' is untrustworthy ( That is, the possibility of forgery is extremely high).

另一方面,於步驟S53中,當該Nonce值(或該結果資料)驗證通過後,該驗卡模組320會驗證該PA資料群150內的簽章憑證,以確認該簽章憑證係由代理商(或第三公正方)所核發之可信任憑證。具體地,由於製造商在 製卡過程中會將該應用模組110之根憑證針對該主雜湊碼透過該簽章憑證作簽章,故當該簽章憑證經由該驗卡模組320驗證通過後,即表示該目標物10’內所構成的憑證鏈係可受信任。 On the other hand, in step S53, when the Nonce value (or the result data) is verified, the card verification module 320 verifies the signature certificate in the PA data group 150 to confirm that the signature certificate is from A trusted certificate issued by an agent (or a third party). Specifically, because the manufacturer is During the card manufacturing process, the root certificate of the application module 110 will be signed with the signature certificate for the master hash code, so when the signature certificate is verified by the card verification module 320, it means the target object The certificate chain formed within 10' can be trusted.

最後,於步驟S54中,該驗卡模組320會將該應用模組110之主雜湊碼進行比對。於本實施例中,若經比對後之該應用模組110之主雜湊碼與製造商於製作該晶片卡10時之主雜湊碼係相同時,則表示該目標物10’之資料不屬於複製者或竄改者,即表示各該特徵資料群140係為可信任狀態,且也可藉由比對各該第二輔助雜湊碼,確認該應用模組110之特徵值的真實性,即確認該目標物10’為製造商所製作之晶片卡10。 Finally, in step S54, the card verification module 320 compares the master hash code of the application module 110. In this embodiment, if the master hash code of the application module 110 after the comparison is the same as the master hash code of the manufacturer when the chip card 10 is made, it means that the data of the target 10' does not belong to Duplicators or falsifiers means that each characteristic data group 140 is in a trusted state, and the authenticity of the characteristic value of the application module 110 can also be confirmed by comparing each of the second auxiliary hash codes, that is, confirming the The target 10' is a chip card 10 made by a manufacturer.

綜上所述,本發明之資料保全系統1,係藉由該保全寫卡模組220將該目標資料群(AA資料群130、特徵資料群140及PA資料群150或其它等)寫入該晶片卡10之目標模組120中,以強化加密防偽的能力,並使任何人均能藉由該電子裝置30進行檢驗作業,故相較於習知技術,本發明之資料保全系統1不僅能普及化,且能確保該晶片卡10內之資料完整無誤,以證實該晶片卡10內之資料之不可否認性,因而提升該多卡合一型晶片卡10之驗證可靠度。 In summary, the data preservation system 1 of the present invention writes the target data group (AA data group 130, characteristic data group 140, PA data group 150 or others, etc.) into the data group by the security card writing module 220 The target module 120 of the chip card 10 enhances the ability of encryption and anti-counterfeiting, and enables anyone to perform inspection operations with the electronic device 30. Therefore, compared with the conventional technology, the data security system 1 of the present invention can not only be popularized It can ensure that the data in the chip card 10 is complete and correct to verify the non-repudiation of the data in the chip card 10, thereby improving the verification reliability of the multi-card-in-one chip card 10.

上述實施例係用以例示性說明本發明之原理及其功效,而非用於限制本發明。任何熟習此項技藝之人士均可在不違背本發明之精神及範疇下,對上述實施例進行修改。 因此本發明之權利保護範圍,應如後述之申請專利範圍所列。 The above-mentioned embodiments are used to exemplify the principles and effects of the present invention, but not to limit the present invention. Anyone familiar with this technique can modify the above-mentioned embodiments without departing from the spirit and scope of the present invention. Therefore, the scope of protection of the rights of the present invention should be listed in the scope of patent application described later.

1‧‧‧資料保全系統 1‧‧‧Data Security System

10‧‧‧晶片卡 10‧‧‧Chip Card

10a‧‧‧晶片 10a‧‧‧chip

110‧‧‧應用模組 110‧‧‧Application Module

120‧‧‧目標模組 120‧‧‧Target Module

20‧‧‧寫卡裝置 20‧‧‧Card writing device

210‧‧‧應用寫卡模組 210‧‧‧Application card writing module

220‧‧‧保全寫卡模組 220‧‧‧Security write card module

Claims (13)

一種資料保全系統,係用以提供晶片卡之保全機制,且該晶片卡包含有應用模組與目標模組,該資料保全系統係包括:應用寫卡模組,係於寫卡作業中將該晶片卡所需之特徵資料寫入該應用模組中;以及保全寫卡模組,係於該寫卡作業中將用以保護該特徵資料之目標資料群寫入該目標模組中,其中,該目標資料群係包含特徵資料群與金鑰機制,該特徵資料群係用以儲存該特徵資料,且該金鑰機制係用以保全該特徵資料群。 A data security system is used to provide a security mechanism for a chip card, and the chip card includes an application module and a target module. The data security system includes: an application card writing module, which is used in the card writing operation. The characteristic data required by the chip card is written into the application module; and the secure card writing module writes the target data group used to protect the characteristic data into the target module during the writing operation, wherein: The target data group includes a characteristic data group and a key mechanism, the characteristic data group is used to store the characteristic data, and the key mechanism is used to preserve the characteristic data group. 如申請專利範圍第1項所述之資料保全系統,更包括讀卡模組,係用以於驗卡作業中讀取該晶片卡之應用模組之特徵資料。 For example, the data security system described in item 1 of the scope of patent application further includes a card reader module, which is used to read the characteristic data of the chip card's application module during card verification. 如申請專利範圍第1項所述之資料保全系統,更包括驗卡模組,係用以於驗卡作業中驗證該應用模組之特徵資料與該晶片卡之目標模組之特徵資料群。 For example, the data security system described in item 1 of the scope of patent application further includes a card verification module, which is used to verify the characteristic data of the application module and the characteristic data group of the target module of the chip card during the card verification operation. 如申請專利範圍第3項所述之資料保全系統,其中,該驗卡模組係透過Nonce值進行驗證。 For example, in the data protection system described in item 3 of the scope of patent application, the card verification module is verified by the Nonce value. 如申請專利範圍第1項所述之資料保全系統,其中,該特徵資料係為不可變動之公開資料。 For example, in the data preservation system described in item 1 of the scope of patent application, the characteristic data is unchangeable public data. 如申請專利範圍第1項所述之資料保全系統,其中,該特徵資料群係以主雜湊碼寫入該目標模組中。 For example, the data preservation system described in item 1 of the scope of patent application, wherein the characteristic data group is written into the target module with a master hash code. 如申請專利範圍第1項所述之資料保全系統,其中,該 金鑰機制係包含主動認證資料群及被動認證資料群,該主動認證資料群係具有公鑰資料,且依據該公鑰資料演算出輔助雜湊碼,俾供作為該被動認證資料群。 Such as the data protection system described in item 1 of the scope of patent application, wherein the The key mechanism includes an active authentication data group and a passive authentication data group. The active authentication data group has public key data, and an auxiliary hash code is calculated based on the public key data to serve as the passive authentication data group. 如申請專利範圍第1項所述之資料保全系統,其中,該晶片卡係為複合型。 Such as the data protection system described in item 1 of the scope of patent application, wherein the chip card is a composite type. 一種資料保全系統之使用方法,係包括寫卡作業,其包含有:提供一晶片卡及該資料保全系統,其中,該資料保全系統係包括寫卡裝置及電子裝置,且該晶片卡包含有應用模組與目標模組,該晶片卡並配置有私鑰資料;藉由該寫卡裝置將該晶片卡所需之特徵資料寫入該應用模組中,以形成特徵資料群;藉由該寫卡裝置將該特徵資料利用雜湊法演算,以形成主雜湊碼,俾於該主雜湊碼中編入第一輔助雜湊碼而形成特徵值;該寫卡裝置依據該特徵值將該特徵資料群儲存於該晶片卡之目標模組中;於該寫卡裝置中建立主動認證資料群,其中,該主動認證資料群係具有公鑰資料;藉由該寫卡裝置將該公鑰資料結合該特徵值以產生第二輔助雜湊碼,俾供作為被動認證資料群;以及將該主動認證資料群與該被動認證資料群儲存於該晶片卡之目標模組中。 A method for using a data security system includes a card writing operation, which includes: providing a chip card and the data security system, wherein the data security system includes a card writing device and an electronic device, and the chip card contains applications Module and target module, the chip card is configured with private key data; the feature data required by the chip card is written into the application module by the card writing device to form a feature data group; The card device uses the hash method to calculate the characteristic data to form a main hash code, so that the first auxiliary hash code is compiled into the main hash code to form a characteristic value; the card writing device stores the characteristic data group in the characteristic value according to the characteristic value. In the target module of the chip card; an active authentication data group is established in the card writing device, wherein the active authentication data group has public key data; the public key data is combined with the characteristic value by the card writing device Generating a second auxiliary hash code for use as a passive authentication data group; and storing the active authentication data group and the passive authentication data group in the target module of the chip card. 如申請專利範圍第9項所述之使用方法,其中,該特 徵資料係為不可變動之公開資料。 Such as the use method described in item 9 of the scope of patent application, wherein The collected information is unalterable public information. 如申請專利範圍第9項所述之使用方法,更包括驗卡作業,其包含有:藉由該電子裝置讀取該晶片卡之目標資料群;令該電子裝置依據該目標資料群而建立Nonce值;將該Nonce值傳輸至該晶片卡,以令該私鑰資料結合該Nonce值,再進行演算以將演算後的結果資料回傳至該電子裝置;令該電子裝置從該目標模組中取得該公鑰資料以進一步驗證該結果資料之有效性;令該電子裝置驗證該被動認證資料群,以確認該晶片卡之可信任憑證;以及令該電子裝置進行該主雜湊碼之比對。 For example, the use method described in item 9 of the scope of patent application includes card verification operations, which include: reading the target data group of the chip card by the electronic device; making the electronic device create a nonce based on the target data group Value; transfer the Nonce value to the chip card, so that the private key data is combined with the Nonce value, and then perform calculations to return the calculated result data to the electronic device; make the electronic device from the target module Obtain the public key data to further verify the validity of the result data; make the electronic device verify the passive authentication data group to confirm the trusted certificate of the chip card; and make the electronic device perform the comparison of the master hash code. 如申請專利範圍第11項所述之使用方法,其中,該被動認證資料群係具有簽章憑證資料,以藉由該電子裝置驗證該簽章憑證資料,而確認該晶片卡之可信任憑證。 For example, the use method described in item 11 of the scope of patent application, wherein the passive authentication data group has signature certificate data, so that the electronic device verifies the signature certificate data and confirms the trusted certificate of the chip card. 如申請專利範圍第12項所述之使用方法,其中,該應用模組係具有根憑證,以透過該簽章憑證資料作簽章。 Such as the use method described in item 12 of the scope of patent application, wherein the application module has a root certificate, and the signature certificate data is used as a signature.
TW107147756A 2018-12-28 2018-12-28 Data security system and operation method thereof TWI707247B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW107147756A TWI707247B (en) 2018-12-28 2018-12-28 Data security system and operation method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW107147756A TWI707247B (en) 2018-12-28 2018-12-28 Data security system and operation method thereof

Publications (2)

Publication Number Publication Date
TW202026933A true TW202026933A (en) 2020-07-16
TWI707247B TWI707247B (en) 2020-10-11

Family

ID=73005060

Family Applications (1)

Application Number Title Priority Date Filing Date
TW107147756A TWI707247B (en) 2018-12-28 2018-12-28 Data security system and operation method thereof

Country Status (1)

Country Link
TW (1) TWI707247B (en)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI250450B (en) * 2004-04-16 2006-03-01 Via Tech Inc Microprocessor apparatus and method for providing configurable cryptographic key size
US9448950B2 (en) * 2013-12-24 2016-09-20 Intel Corporation Using authenticated manifests to enable external certification of multi-processor platforms
CN104182874B (en) * 2014-08-12 2019-03-19 北京橙鑫数据科技有限公司 Multi-use card device, system and card information loading method
TWI596547B (en) * 2016-11-17 2017-08-21 Chunghwa Telecom Co Ltd Card application service anti-counterfeiting writing system and method based on multi-card combination
TWI632508B (en) * 2017-07-31 2018-08-11 中華電信股份有限公司 Multi-card integrated chip card application sharing authentication method

Also Published As

Publication number Publication date
TWI707247B (en) 2020-10-11

Similar Documents

Publication Publication Date Title
AU2020202492B2 (en) Systems and methods for updating a distributed ledger based on partial validations of transactions
US11908030B2 (en) Secure transaction system
US20200134619A1 (en) System and Method for Financial Transaction Validation
RU2144269C1 (en) Method of secret use of digital signatures in commercial cryptographic system
US11663595B1 (en) Blockchain transactional identity verification
US10657523B2 (en) Reconciling electronic transactions
US20220172198A1 (en) Real-time blockchain settlement network
US20010016838A1 (en) Electronic negotiable documents
US20190286841A1 (en) Detecting alterations of journal data structures
CN114945931A (en) Method and apparatus for mitigating bill financing fraud
Gladman et al. Digital signatures, certificates and electronic commerce
JP5431804B2 (en) Authentication system and authentication method
CN111275554A (en) Securities type general certificate trading method and system and storage medium
TWI707247B (en) Data security system and operation method thereof
US20240086503A1 (en) User Verification with Non-Fungible Tokens
Skevington From security to trust-creating confidence to trade electronically
CN112801659A (en) Privacy transaction processing method and device based on intelligent contract and storage medium
EP4281918A1 (en) System and method for compliance-enabled digitally represented assets
CN115660679A (en) Hash locking based decentralized secure transaction method
CN115829569A (en) TPM-based digital currency secure storage and authentication system and method
Javani et al. A New Credit Card Payment System Based on 3D-Secureᵀᴹ Using One-time-use Transaction Numbers
Nguyen Computer Internet