CN103155010B - For smart card being carried out personalized method for simplifying and the equipment being associated - Google Patents
For smart card being carried out personalized method for simplifying and the equipment being associated Download PDFInfo
- Publication number
- CN103155010B CN103155010B CN201180042772.6A CN201180042772A CN103155010B CN 103155010 B CN103155010 B CN 103155010B CN 201180042772 A CN201180042772 A CN 201180042772A CN 103155010 B CN103155010 B CN 103155010B
- Authority
- CN
- China
- Prior art keywords
- code
- electronic equipment
- safe electronic
- individualized
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000004891 communication Methods 0.000 claims description 5
- 238000000034 method Methods 0.000 claims description 5
- 230000004044 response Effects 0.000 claims description 5
- 239000000203 mixture Substances 0.000 claims description 4
- 238000004590 computer program Methods 0.000 claims description 3
- 230000005611 electricity Effects 0.000 claims 1
- 230000005540 biological transmission Effects 0.000 abstract description 4
- 210000003371 Toes Anatomy 0.000 description 1
- 239000000853 adhesive Substances 0.000 description 1
- 239000012141 concentrate Substances 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002708 enhancing Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
Abstract
The present invention relates to a kind of for using the encryption device that may be adapted to standard authentication device that electronic equipment is carried out personalized method.Described encryption device make it possible to guarantee secret identification code from user the confidentiality to the transmission of possible personalized service device.
Description
Technical field
The present invention relates to a kind of for smart card is carried out personalized method for simplifying.
The present invention is related more specifically to one and makes it possible to be read by standard intelligent card while maintaining the highest level of security
The method taking device input personal information.
Background technology
The expansion along with miniaturization known by mobile electronic device.Now, electronic equipment can be hand-held, and with
Occur that the old desk computer of several years is compared, there is higher computing capability.
This incident evolution when equipment carrying out miniaturization and strengthens its capacity opens in application aspect and newly regards
Wild.
Now, mobile phone or music player can perform Password Operations and encode information or decode.
As the pioneer of the evolution of EMBEDDED AVIONICS, microchip experienced by this evolution in it is applied.
Microchip is embedded in large number quipments at present.These microchips are it is of course possible to see in smart card and also permissible
See in electronic identity documents, in intelligence self-adhesive label etc..
This microchip (also commonly referred to as " computing unit ") provides extra high security performance, and certainly, this makes it have can
Its utilization can will be concentrated on safety or at least safety applications.
Therefore, microchip is usually used in government or banking etc..
All these application step based on particular importance: individualized.This step is such a step: in this step
Period, by data and more particularly secret is inserted in chip.
Some in these secrets can associate with end user.Such as, this secret can also is that secret identification code.Should
Secret identification code (also referred to as PIN CODE (representing " Personal Identification Number CODE ")) enables validated user to utilize chip
It is identified.In the case of bank card, request user provides his/her secret identification code before the trade is general custom, with
Just guarantee that he/her has the right to ask described transaction.
In order to perform this operation:
-insert cards in terminal;
-terminal notifying user inputs his/her secret identification code;
Input code is sent to card and from the identification of the card described code of request by-terminal;
-card verifies described code the result to this checking of terminal notification.
In order to the described code that checking is submitted to, card must be known by all or part of of this code.In simple reality
Executing in mode, described code thus known by card, and it compared with input code.In more advanced embodiments, fixture
There are some information relevant with described code (such as, code based on hash) and in input code, search for identical information.
Under any circumstance, calorie requirement knows all or part of so as to verify it of described code.
The quite a number of variation of electronic equipment and application thereof causes the number of the secret identification code that each user is to be remembered
Dramatically increase.Additionally, this phenomenon tends to user oneself must select its secret identification code, in order to be easier to these secret generations of memory
Code.
So, it has a problem in that and make user participate in the safest personalization process, the most often concentrate on shielded place.
First solution considered is: set up telecommunication between individualized center and user.For this step
Suddenly, owing to user is typically in branch (such as, bank or branch of government), it means therefore that in individualized center and institute
Have between branch and set up secure communication.
This solution is dropped in the near future, and this is owing to the so many potential entrance of secure personalisation system certainly will cause
Greater risk.
Second solution studied is that each branch has the (commonly referred to as HSM (representative of safe ciphering unit
" hardware security module ")) equipment.This hardware security module makes it possible to add data in security context
Close, and it is thus possible to transmit these data subsequently.
In the sense that wider, HSM (hardware security module) be regarded as anti-tamper, the setting of cryptographic function is provided
Standby.This equipment is to provide the electronic item of the equipment of Security Service, Security Service generally comprise generation, store, use and
Protection cryptographic key.
In this case, data to be encrypted are the data provided by end user, such as, and his/her secret identification code.
After sending data to individualized center, individualized center has the resource for being decrypted these data
(most commonly be another HSM), and therefore can analyze and process this data.
This solution problem encountered is the high cost of this HSM.
Additionally, use new equipment to need the new certification of described chain in individualized chain.It is true that by the safest this mistake
Journey is committed to test and the set (being referred to as " certification ") confirmed.This " label " ensure that expert checks the peace of whole system
All participants of full property.
But, HSM or any other equipment being inserted in this chain and needs new certification, this is extremely expensive.
Summary of the invention
Therefore, it is desirable to provide the personalization method in the case of a kind of equipment in not revising individualized chain, wrap
Include end user.
First, the present invention describes a kind of for using security terminal and to be able to carry out computer program (the most individual
Peopleization program) communication electronic equipment (also referred to as computer) electronic equipment (also referred to as target electronic device) is carried out
Personalized method, this method comprises the following steps:
-safe electronic the equipment that will differ from described target electronic device is inserted in described terminal;
-send the request to described safe electronic equipment submission code of its described security terminal of request by described individualized program;
-user use the keyboard of described terminal to input secret identification code (also referred to as " code provided "), and, by request
REQ is by described secret identification code transmission extremely described safe electronic equipment;
-code provided is saved in the memorizer of described safe electronic equipment;
" Pin (Get-encrypted-Pin) after being encrypted " order is sent by-described individualized program by described security terminal
To described safe electronic equipment;
-described safe electronic equipment uses cryptographic algorithm ALG and key K to be encrypted described provided code, to obtain
" code provided after encryption ";
-by the extremely described individualized program of the code transfer provided after encryption.
Described request REQ can be the request of the code that checking is provided.
It is then possible to by the code transfer provided after this encryption to long-range personalized service device.
Described personalization method can also include verification step, during described verification step, when described safe electronic equipment
When provided code is provided, analyze at least one safety rule.
Described safe electronic equipment can be according to the result of the application of safety rule, by described terminal to described individualized
Program sends back different responses.Such as, this safety rule can include the form verifying the code provided.
Secondly, invention further describes a kind of safe electronic equipment, including nonvolatile memory, cryptographic key K, password
Algorithm ALG, it is characterised in that described safe electronic equipment has for performing the following device operated:
-in the framework of order of the code provided is provided, the code provided is saved in internal storage;
-by application algorithm ALG and key K, the code provided is encrypted, in order to " being provided after encryption is provided
Code ";
-order in response to " pin after being encrypted ", send " code provided after encryption ".
This equipment can include following such device: makes it possible to change context (context), it is possible to
The process being exclusively used in order that the precision of the code that checking is provided is associated with each in described context.
At least one safety rule that this equipment is additionally may included in nonvolatile memory.Such as, this safety
Property rule can include that the character consisting of provided code checking differs, or form provided code by checking
Character do not form the factor 1 (factor one) arithmetic progression, verify that the size of provided code falls into predefined border
In Bmin and Bmax.
An advantage of the present invention is: can fit the individualized chain according to the present invention for low-down cost
Join.It is true that management equipment (also referred to as encryption device) and more particularly smart machine are (if this form is preferred
) cost entirely different with the equipment with HSM of all branches.
Accompanying drawing explanation
While referring to the drawings in detail, other characteristics mentioning the present invention are described in detail in describing below indicative and nonrestrictive
And advantage, in the accompanying drawings:
-Fig. 1 shows the sequence chart of signal the method according to the invention.
Detailed description of the invention
Now, be easily achieved nearly all point of sale of the personalization method according to the present invention provide computer 2,
Smart card reader 3 and numeral connect.
The invention provides the utilization to safe electronic equipment 4 (also referred to as " encryption device ", such as, smart card).
This encryption device is able to receive that at least 2 orders: make it possible to the order 8 of the precision of the code 7 that checking is provided;With
And " pin (get-encrypted-pin) after being encrypted " order 12.
Such as, verification command 8 can be " checking pin (verify pin) " order (ISO 7816-4):
The checking data that this checking Pin order is initiated to be sent by interface equipment in card are (such as, close with the reference data of storage in card
Code) comparison.
" pin after being encrypted " orders 12 by the value after the encryption of the code 7 enabling card loopback 13 to be provided.
Preferably, this order will be sent by reader 3 by computer 2.If needing so, then will read
The general orders of device seals this order, to realize and the communication of card.
In one embodiment, and if only if when in advance having performed verification command 8, the Pin order ability after being encrypted
PIN after enough loopback encryptions.
But, encryption device 4 can process these orders with raw mode.
It is true that in the so-called individualized embodiment of according to the present invention, described encryption device " is tested receiving
Card pin " order time, the pin code provided is saved in internal storage as parameter.Described encryption device utilizes appoints
Meaning replies (such as " OK ") and responds, it means that the most correctly perform " checking pin " and result is affirmative.
When receiving the Pin order 12 after being encrypted, it is right that encryption device uses cryptographic algorithm ALG and key K to come
Described provided pin code 7 is encrypted.
This encryption can be to use any encryption device well known by persons skilled in the art (more particularly to use symmetrical or non-
Symmetry algorithm) perform.
Symmetric cipher or Private Key Cryptography art based on two participants to secret shared understanding.
The algorithm (the most such as, DES, 3DES, AES ...) used is based on the fact that disappear when you know
During the encryption ceased, as a consequence it is hardly possible to find clear-text message in the case of not knowing the key for encrypting.
Asymmetric cryptography art or public key cryptography are based on can not contrafunctional exist.
Therefore, public key cryptography is the asymmetric key system using double secret key.This key is (commonly referred to as
" public keys " and " private key ") it is so designed so that the content having utilized a key to encrypt only can be by second
Individual secret key decryption.
It should be noted that, it is impossible to guess private key according to public keys.
Generate public keys/private key to not being the purpose of the present invention.All methods described in the prior or make
The future methods likely obtaining this double secret key is applicable to the present invention.
Make it possible to key (its of " group encryption " type several private keys and public keys being associated
In, each key makes it possible to being completely or partially decrypted the content utilizing public-key encryption) can be perfect
It is applicable to the present invention.
Accordingly, as the answer to the pin order after being encrypted, encryption device respond described encryption after provided
Pin code.
In a preferred embodiment, encryption device 4 includes safety and the certification machine making it possible to verify the identity of user
System, those mechanism the most well known by persons skilled in the art.
The solution being particularly suitable for the present invention is to utilize context creation.It is true that when logging in (such as, when right
When encryption device powers on), " checking pin " order has so-called standard operation (standard context), and this standard operation is observed
Descriptions thereof in 7616-4 (or ETSI102-221) standard.When the certification success of user, equipment can automatically or
The so-called crypto context according to the present invention is switched to according to the standard proposed.In this embodiment, " checking pin " life
Order operates according to the present invention, as mentioned above.
In the exemplary utilization shown in Fig. 1, such as, user 5 goes to the sales counter of bank, to select following bank card
Pin code.
His/her encrypted card 4 is inserted in smart card reader 3 by the financial advisers being responsible for this individualized operation.
The computer 2 that described smart card reader is connected to performs the individualized program according to the present invention.
This program sends pin code 6 verification command (checking pin) to card reader.Reader switches to safe mode, and
Wait candidate's pin code.
User 5 inputs the pin generation that he/her wishes to be inserted in his/her following bank card on the safety keyboard of card reader
Code 7.
The pin code 7 provided is transmitted to encrypted card as the parameter of pin code verification order 8.
Then, the pin code 7 provided is saved in its internal storage by encrypted card 4.
In the simple embodiment of the present invention, encrypted card loopback arbitrarily replies 9 (such as OK).
In the more advanced embodiment of the present invention, advantageously, card can comprise the collection of provided pin code verification rule
Close, in order to assure compliance with predefined safety rule.Such as, card can verify the numeral of pin code that composition provided
Number falls in predefined Bmin border and Bmax border.This border can be predefined in safety rule, or
Person is to be transmitted by the individualized program performed on described computer, such as the parameter of checking pin order.
This safety rule can also verify that all numerals of the code that composition provided differ, or these numbers
Word does not forms ordinary (trivial) mathematical sequence, the such as factor 1 arithmetic progression etc..
In this embodiment, card (if toe the mark, is then OK in response to pin code verification order;If do not observed
Rule, then for KO) and respond.This answer is transmitted to the individualizing according to the present invention performed on computers by card reader
Program.
In one embodiment, the affirmative further to pin code is verified, encrypted card can switch to the 3rd context,
That is, context is confirmed.
In this context, card will wait at least new pin code verification order, and verify the provided certain phase of pin code
With.If the pin code provided is the most identical with the pin code being provided in advance, then this new pin code verification will be considered
Success.For optimization purposes, and in the case of safety rule is applied to provided pin code, advantageously, can
So that this rule to be only applied to first pin code provided, the most ensuing provided pin code must be with institute
State first pin code provided identical.
This context makes it possible to avoid keying in mistake when inputting pin code.
For security reasons, the preferred embodiments of the present invention include returning to standard context at this stage of the method
Return, in order to confirm to hold the identity of the employee of encrypted card again.
Then, the individualized program performed on the computer 2 is made " after being encrypted by smart card reader 3
Pin code " ask 11,12.When receiving this order, encrypted card 4 loopback utilizes cryptographic algorithm and key to encrypt 13
The pin code provided.
It can be advantageous to realize all mechanism that are known to those skilled in the art and that make it possible to optimize cryptographic security.
More particularly, key is derived, in order to the most systematically use same key, be inserted in computations by variable, or described
Encryption utilizes OTP (" disposal password ").OTP is the most expendable generated value.
Can be implemented in and ensure by making it possible to enhancing system peace while the authorized equipment subsequent decryption to Data Entry
All mechanism of full property.
This encryption there is a possibility that inputted pin code will never be outer to illustrate in plain text at card.Therefore, user is to know this
Plant only people of the value of pin code.The financial advisers performing operation cannot obtain this value.
Pin code 13 after encryption is transmitted to smart card reader by encrypted card, smart card reader and then transmitted 14
To the individualized program performed on computers.
Then, the pin code transfer 15 after encryption (can be referred to as target electronic to responsible following smart card by computer
Equipment) final personalized data processing server 1.This server 1 has under optimum safety condition described pin
Code is decoded required encryption apparatus.The HSM (hardware security module) being connected with this server is particularly suitable for this
This step of method.
HSM is safe electronic equipment, and guarantees the safety assurance to privacy and safety.
This transmission can be performed by any device well known by persons skilled in the art, to realize the exchange to numerical data.
In a preferred embodiment, this transmission is performed in safe mode by network.
Claims (11)
1. for being provided/transmit secret identification code that target electronic device is carried out a personalized method by user to individualized program,
Use security terminal (3) and be able to carry out the communication electronic equipment (2) of computer program described target electronic device is carried out
Individualized, described computer program is referred to as " individualized program ", and described communication electronic equipment (2) is referred to as " calculating
Machine ", it is characterised in that said method comprising the steps of:
-safe electronic the equipment that will differ from described target electronic device is inserted in described security terminal (3);
-described individualized program send request (6), described individualized program by described request (6) ask described security terminal to
Described safe electronic equipment submits code to;
-user (5) uses the keyboard of described security terminal (3) to input secret identification code, and described secret identification code is referred to as " being provided
Code " (7), and, by request REQ (8) by described provided code transfer to described safe electronic equipment
(4);
-described provided code (7) is saved in the memorizer of described safe electronic equipment (4);
" Pin after being encrypted " order (12) are sent to described peace by-described individualized program by described security terminal (3)
All electronic equipment (4);
-described safe electronic equipment (4) uses cryptographic algorithm ALG and key K to add described provided code (7)
Close, to obtain " code provided after encryption ";And
-code (13) provided after described encryption is transmitted to described individualized program,
The code provided after-described encryption is transmitted further to be responsible for final personalized long-range of described target electronic device
Peopleization server (1).
The most according to claim 1 for being provided/transmit secret identification code that target electronic device is entered by user to individualized program
The personalized method of row, it is characterised in that described request REQ (8) is the life verifying described provided code (7)
Order.
3. provided/transmit secret identification code to come target electricity by user to individualized program according to being used for one of claim 1 to 2 Suo Shu
Subset carries out personalized method, it is characterised in that described method also includes verification step, during described verification step,
When described safe electronic equipment (4) receives described provided code (7), analyze at least one safety rule.
The most according to claim 3 for being provided/transmit secret identification code that target electronic device is entered by user to individualized program
The personalized method of row, it is characterised in that described safe electronic equipment (4) is according to the knot of the application of described safety rule
Really, by described security terminal (3) to the different response of described individualized program loopback.
The most according to claim 3 for being provided/transmit secret identification code that target electronic device is entered by user to individualized program
The personalized method of row, it is characterised in that described safety rule includes the form verifying described provided code.
6. a safe electronic equipment (4), it is configured to be inserted in security terminal, and described safe electronic equipment (4) bag
Include nonvolatile memory, cryptographic key K, cryptographic algorithm ALG, it is characterised in that described safe electronic equipment (4) has
Have for performing the following device operated:
-in the framework of order of the code provided is provided, described provided code is saved in described nonvolatile memory
In;
-by application described algorithm ALG and described key K, described provided code is encrypted, in order to obtain " encryption
After the code provided ";And
-order in response to " pin after being encrypted ", described " code provided after encryption " is provided.
Safe electronic equipment (4) the most according to claim 6, it is characterised in that described safe electronic equipment (4) includes using
In the device of change context, wherein it is exclusively used in process checking and the described context of the order of the code that described checking is provided
The precision of each described provided code being associated.
8. according to the safe electronic equipment according to any one of claim 6 or 7, it is characterised in that described safe electronic equipment exists
Nonvolatile memory includes at least one safety rule.
Safe electronic equipment the most according to claim 8, it is characterised in that described safety rule includes verifying described being carried
The size of the code of confession is included in predefined boundary B min and Bmax.
Safe electronic equipment the most according to claim 8, it is characterised in that described safety rule includes that checking composition is described
The character of the code provided differs.
11. safe electronic equipment according to claim 8, it is characterised in that described safety rule includes that checking composition is described
The character of the code provided does not forms the factor 1 arithmetic progression.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP10305956.4 | 2010-09-06 | ||
EP10305956A EP2426652A1 (en) | 2010-09-06 | 2010-09-06 | Simplified method for customising a smart card and associated device |
PCT/EP2011/063786 WO2012031848A1 (en) | 2010-09-06 | 2011-08-10 | Simplified method for personalizing a smart card, and associated device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103155010A CN103155010A (en) | 2013-06-12 |
CN103155010B true CN103155010B (en) | 2016-12-14 |
Family
ID=
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5721781A (en) * | 1995-09-13 | 1998-02-24 | Microsoft Corporation | Authentication system and method for smart card transactions |
US5745571A (en) * | 1992-03-30 | 1998-04-28 | Telstra Corporation Limited | Cryptographic communications method and system |
WO1999018533A1 (en) * | 1997-10-03 | 1999-04-15 | Citibank, N.A. | Method and system for electronically delivering defined financial services for large mobile passenger conveyances |
WO2000074007A1 (en) * | 1999-05-28 | 2000-12-07 | Utm Systems Corporation | Network authentication with smart chip and magnetic stripe |
DE10117445A1 (en) * | 2000-12-15 | 2002-07-11 | Datev Eg | Chip card authentication system uses random PIN generator avoids postal distribution and manual input |
CN1914603A (en) * | 2004-04-01 | 2007-02-14 | 富士通株式会社 | Use authentication method, use authentication program, information processing device, and recording medium |
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5745571A (en) * | 1992-03-30 | 1998-04-28 | Telstra Corporation Limited | Cryptographic communications method and system |
US5721781A (en) * | 1995-09-13 | 1998-02-24 | Microsoft Corporation | Authentication system and method for smart card transactions |
WO1999018533A1 (en) * | 1997-10-03 | 1999-04-15 | Citibank, N.A. | Method and system for electronically delivering defined financial services for large mobile passenger conveyances |
WO2000074007A1 (en) * | 1999-05-28 | 2000-12-07 | Utm Systems Corporation | Network authentication with smart chip and magnetic stripe |
DE10117445A1 (en) * | 2000-12-15 | 2002-07-11 | Datev Eg | Chip card authentication system uses random PIN generator avoids postal distribution and manual input |
CN1914603A (en) * | 2004-04-01 | 2007-02-14 | 富士通株式会社 | Use authentication method, use authentication program, information processing device, and recording medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10681025B2 (en) | Systems and methods for securely managing biometric data | |
KR102477453B1 (en) | Transaction messaging | |
CN103701812B (en) | TMK (Terminal Master Key) secure downloading method and system | |
CN101765996B (en) | Device and method for remote authentication and transaction signatures | |
RU2018105186A (en) | VERIFICATION OF PORTABLE CONSUMER DEVICES | |
CN107925581A (en) | 1:N organism authentications, encryption, signature system | |
EP3017580B1 (en) | Signatures for near field communications | |
CN102782694A (en) | Transaction auditing for data security devices | |
KR20100016579A (en) | System and method for distribution of credentials | |
CN101312453A (en) | User terminal, method for login network service system, method for binding and debinding | |
CN110290134A (en) | A kind of identity identifying method, device, storage medium and processor | |
US20230252451A1 (en) | Contactless card with multiple rotating security keys | |
CN1954345A (en) | Smart card data transaction system and method for providing storage and transmission security | |
CN110460581A (en) | Sharing files method, equipment, SE device, is shared end and medium at system | |
KR101792220B1 (en) | Method, mobile terminal, device and program for providing user authentication service of combining biometric authentication | |
US9292992B2 (en) | Simplified smartcard personalization method, and corresponding device | |
Le et al. | Building an Application that reads Secure Information Stored on the Chip of the Citizen Identity Card in Vietnam | |
KR102122555B1 (en) | System and Method for Identification Based on Finanace Card Possessed by User | |
CN103155010B (en) | For smart card being carried out personalized method for simplifying and the equipment being associated | |
Pillai et al. | A decentralized data privacy for mobile payment using blockchain technology | |
CN1889420B (en) | Method for realizing encrypting | |
Fujita et al. | Design and Implementation of a multi-factor web authentication system with MyNumberCard and WebUSB | |
CN108133366B (en) | payment method and payment system of financial card and mobile terminal | |
Desta | Security for Mobile Payment Transaction | |
Bhatta et al. | Secure Credential Derivation for Paperless Travel |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20161214 Termination date: 20200810 |