![<?echo $_SERVER['SERVER_NAME'];?>](/template/twentyseventeen/skin/images/header.jpg)
1 Introduction
In the current identity authentication technology, smart card applications are very extensive. Smart card authentication has undergone pure smart card authentication, password-based smart card authentication, and three stages of researching very popular biometric-based smart card authentication. In order to improve the reliability of authentication, the data stored in the smart card is also increasing. For example, the smart card unique identity key pair, the cardholder's personal information, the cardholder's P1N code, the cardholder's palm print, fingerprint and other biological information. However, the security problems that exist in the interaction between the smart card and the card reader seriously infringe on personal privacy and affect the reliability of identity authentication.
The security problems of smart card data mainly come from the following five aspects: tampering with the data in the smart card or forging the smart card, so that the data is stored on the unsafe card; modifying the card reader; eavesdropping on the communication channel between the card reader and the smart card, intercepting and changing Or replay the message information; the illegal molecule uses the legal card reader to attempt to read the basic data in the smart card if the card holder is unknown; the card reader accesses the sensitive information in the smart card, such as fingerprints and other biological information.
At present, domestic manufacturers and international norms on data protection mainly focus on the research of the first three problems', the technology is relatively mature, and the two problems of illegal access to smart card data of different degrees of card readers do not propose a better solution. At the same time, the encryption of information during transmission is relatively weak, so it is urgent to solve the security problems existing in data interaction. This paper starts from the security of data interaction between smart card and card reader. Based on the existing security technology, this paper proposes a relatively complete security design solution to solve the security problems existing in the current data interaction process. The second part introduces the overall framework of the proposed security scheme, the third to the fifth part is to propose the specific solution to the legacy of the pre-I security system, and the sixth part is to analyze the security of the whole scheme.
2 Smart card and card reader data interaction security solution
In our security solution, the data in the smart card is divided into high-sensitivity data and low-sensitivity data according to the data security requirements in the smart card. For example, information with strong privacy such as palm prints and fingerprints is called high-sensitivity data; barcodes printed on the surface of smart cards (MRZ), basic information of some cards stored internally, and relatively weak personal privacy information are called low-sensitivity data. . Different security protection mechanisms are established for different sensitivity levels. The specific security scheme is shown in Figure 1. Among them, smart card data integrity authentication, smart card authenticity authentication, card reader authenticity authentication can adopt the more mature security technology', therefore, this paper focuses on the physical access authority authentication, secure message transmission and card reader of the card reader. Access to authentication for highly sensitive data permissions is discussed.
.jpg)
Figure 1 Data interaction security scheme between smart card and card reader
3 Card reader physical access authority authentication
In order to prevent illegal elements from using the card reader to access the basic data in the smart card, infringe the cardholder's personal privacy, and ensure that the card reader's access is carried out with the cardholder's willingness, the need to establish communication between the card reader and the smart card. The stage verifies the physical access rights of the reader. The barcode on the surface of the smart card can only be read when the cardholder presents it. Therefore, we determine the physical access rights of the reader by verifying that the reader reads the correct barcode. Its implementation process is divided into three steps:
The first step: in the smart card initialization phase, using the fixed length information of the barcode, the key generation mechanism is used to generate a 16-byte encryption key Kenc, and the 16-byte MAC generation key Kmac is then stored in the smart card. The process of the key generation mechanism includes:
(1) Using the fixed length data as the root, generate a 20-byte digest value through SHA1;
(2) The first 16 bytes in the digest value are the encryption key, and the key of the MAC is generated.
The key is authenticated by a symmetric key-based authentication method with the card reader. Specific steps are as follows:
(1) The card reader sends a random number command to obtain an 8-byte random number A generated by the smart card;
(2) The card reader generates an 8-byte random number B, and generates a 16-byte random number random_read, encrypts A, B and random_read with the encryption key Kencl to obtain ciphertext C; C uses Kmac to generate a check code macl, and sends the ciphertext C and the check code macl to the smart card;
(3) After receiving the information, the smart card obtains the ciphertext C and the check code macl, generates the mac2 by using the key Kmac stored in the card, compares mac2 with the macl, decrypts it successfully, obtains the plaintext, and authenticates. The correctness of the random number A completes the authentication of the card reader;
(4) The smart card obtains the random number B from the plaintext, generates a 16-byte random number random-card, and encrypts A, B and random_card with the encryption key Kenc to obtain the ciphertext C1, and uses Kmac to encrypt the secret. Generating a check code mac'; sending the ciphertext and the check code to the card reader;
(5) After receiving the information, the card reader uses the key Kmacl to become mac'2; compares with the obtained MAC value, and then decrypts the information when it is consistent, compares the obtained random number B, and can also implement the smart card. Certification.
4 secure message transmission
In order to ensure that the transmitted information is not eavesdropped or tampered with by a third party in the channel, and the information is prevented from being played back, secure message transmission is required. The general information transmission methods are plain text, check code mode, cipher text mode, cipher text + check code mode. This scheme adopts ciphertext + check code mode to ensure the integrity and confidentiality of information transmission. The process of generating the session key is as follows:
(1) In the physical access authority authentication of the card reader, the random number generated by the card reader (rand_reader) and the random number generated by the smart card (rand_card) are root values.
(2) The key is generated by the key generation mechanism, the encryption key is the first 16 bits, and the key for generating the verification code is the last 16 bytes.
The check code generation mechanism uses a 16-byte key DES algorithm to generate an 8-byte check code. The format of the transmitted data is in accordance with the BER TLV coding rules defined in ISO/IEC 7816-4.
5 card reader access to highly sensitive data permissions authentication
In order to prevent unauthorized access to sensitive data in the smart card and ensure data security, the reader must be set to access sensitive data. Its design consists of three parts:
(1) Part 1: Extension of the certificate
According to X. The definition of the certificate in 509 can be added to the extended area to access sensitive data, as shown in Figure 2.
According to the principle of PKI and PMI, it is recommended to separate the certificate that sets the access authority from the certificate that sets the public key, to avoid frequent changes of the authority in the authority certificate, and to increase the burden on the certificate authority.
.jpg)
(2) Part II: Issuance of certificates
The certificate is issued by the CA agency. CCA (C0untry CA), a trusted point trusted by users in the region, issues an identity certificate to the following sub-organization DCA (department CA), so that other organizations can trust the certificate issued by the organization and set access rights in the certificate. (access right, abbreviated as ar), indicating that the superior authority grants access to the sub-organization. The sub-organization then issues a certificate for the card reader (T) it manages and sets access rights (sub access right, abbreviated as sar). In certificate issuance and permission setting, one principle must be followed: the access rights of the reader cannot exceed the access rights of the institution that issued the certificate for it (sar<=ar, where security level 1>0), as shown in Figure 3.
.jpg)
Figure 3 Settings for access rights in the certificate
(3) Part III: Certification of certificates
The certification of the certificate is carried out as follows:
1) The card reader sends the attribute certificate to the smart card. The smart card first checks the certificate issuing authority (SCA) in the certificate (TCER), and then reads the issuing institution's certificate (SCER), and uses the CA public key certificate issued for the SCA certificate. The validity of the certificate, read its access rights (SAR).
2) Then verify the legality of the TCER of the card reader, read the access right (TAR) from the certificate (TCER), and when TAR <= SAR, it proves that the permission setting is legal.
3) Finally, depending on the permissions, decide whether to provide access to sensitive data for the reader.
6 Security analysis
This paper proposes a security scheme to solve the problem of illegal access of smart card data by card readers, and establishes an effective security mechanism to ensure the security of smart card data. The following is an analysis of the security of the three modules designed in this paper:
(1) Authenticated card reader physical access rights: According to the actual application, the bar code MRZ on the surface of the card reader can only be obtained by the card reader if the card holder actively presents the card, if the illegal molecule uses the card reader at the cardholder If you access the smart card in an unknown situation, you cannot get the MRZ. According to the principle of the symmetric key algorithm, when the data before and after encryption and decryption are consistent, the physical authority of the card reader can be authenticated.
(2) Security message transmission mechanism: The encryption verification mode can prevent tampering and eavesdropping on information. By using the random number generated in the mutual authentication to generate the session key, not only can one time and one secret be realized, but also the security of the key can be ensured, and the danger of information playback can be prevented.
(3) Card reader certificate authentication and access authority authentication: According to the principle of public key certificate, the certificate is extended, the access authority is set, and the certificate is managed and distributed by the CA organization, which ensures the legality of the certificate and access rights. Through the authentication certificate, the access rights can be authenticated to protect the reader's access to highly sensitive data in the smart card.
Therefore, through this security scheme, we can solve the security problems existing in the data interaction between the smart card and the card reader on the basis of the current security technology, and ensure the security of data interaction.
(Text / School of Computer and Information Technology, Beijing Jiaotong University, Yue Pei, Sun Dongmei, Zhang Dawei)
Includes high-quality backpacks for business travel, laptop backpacks, business briefcases, laptop shoulder bags, travel toiletry bags, travel cosmetic bags, and other equipment.
Business Supplies,Business Equipment
Mianyang Crossing Cross-Border E-Commerce Co., Ltd. , https://www.wycybag.com