![<?echo $_SERVER['SERVER_NAME'];?>](/template/twentyseventeen/skin/images/header.jpg)
1 Introduction
With the development of smart card technology, smart cards can independently run the self-contained features of cryptographic operations, making them widely used in high security requirements. At present, smart cards have been widely used in identity legality authentication, privacy and integrity of data storage or transmission, non-repudiation of information interaction, and information processing and information security fields such as mobile computing. With the development of identity authentication technology and the widespread application of smart cards, theoretical and strategic research, chip design and product development around smart card application security are both hot topics in academic research and the focus of industry.
As an important development direction of smart card technology, contactless smart card communication communication between card and card reader is undoubtedly the top priority in the security of contactless smart card application system. Contactless smart cards usually contain the user's identification tag, which guarantees a secure interaction with the reader through a specific cryptographic protocol. At present, the security threats of contactless smart cards mainly include the following aspects: (1) The contradiction between the cost limitation of the smart card and the security strength of the protocol causes some manufacturers to abandon the security for cost saving; 2 The designer's self-contained characteristics for the smart card Blind trust, lack of awareness of the threat of cloning attacks; 3 smart card's unique identity is easy to reveal user privacy.
Information security between contactless smart cards and readers includes the following features: authentication, confidentiality and integrity. The essence of its security application can be summarized as: building a secure terminal (identity identification between smart card and card reader) and building a secure channel (establishing a trusted smart card information transaction channel between the smart card and the card reader).
This paper proposes an improved security protocol for communication between contactless smart cards and readers by analyzing and utilizing existing authentication protocols and cryptographic algorithms.
The symbols used in this article are as follows:
A: card reader; B: smart card; P: message plaintext; Ei: i public key; Di: i private key; Ki: secret key, i represents the key owner; Ks: session key: Ri: i generates a random number; P(R): identity information pointed to by the random number R; SSC: sequence counter.
2 Certification Agreement
Identity authentication means that both parties to the communication reliably verify the identity of the other party. To ensure the authenticity of the data, to prevent the opponent's active attacks, such as tampering or impersonation. Authentication is often the first line of defense for security protection in smart card applications. Due to the open channel characteristics between the contactless smart card and the reader, the identity information is easily leaked during the process of transmission. So a secure authentication protocol is very important.
Currently, identity authentication on smart cards has generally used dynamic authentication, but its security depends entirely on the privacy of the key. Once the key is compromised, the system is in danger. The following improvements are proposed for this article. In the contactless smart card, there is generally unique identification information of the card (such as card serial number, manufacturer code, etc.), in this agreement,
.jpg)
Figure 1 Identity Authentication Protocol
The card's identity information is extended to make it a unique identity data block graph D (of course not too large to exceed the card's storage range). When each card and the reader are mutually authenticated, only a part of them are used for transmission. The specific protocol is shown in Figure 1. In this agreement, A and B know the public key of the other party in advance and share a master secret key Kab. The protocol is described as follows:
(1) A generates a position random number R, and encrypts it with B's public key Eb and transmits it to B. After receiving it, B decrypts it with its own private key Db to obtain Ra, and R passes through a position permutation function T (position The range includes the entire identity data block diagram) to derive the corresponding data information location in D and to read the data.
(2) B uses the shared key Kab to encrypt the identity information using the 2-DES algorithm, and then generates a location random number Rb, encrypts Rb with A's public key E, and finally transmits it to A.
(3) A decrypts the message 2 with the shared key K ab, and inputs the same positional replacement function T of the Ra input in B to obtain the corresponding data information position, and the identity information obtained by decrypting the Ka b and the A are obtained. The information is compared, and the agreement is that B is legal. Then, Ea (Rb) is decrypted by A's private key Da to obtain Rb, Rb is subjected to position substitution function T to obtain the corresponding data information position, the data is read, and the data is encrypted and transmitted by kab using 2-DES algorithm. After B and B are decrypted, they are verified. If they are consistent, A is considered to be legal, and mutual authentication between A and B is completed.
Here, the position permutation function T plays a very important role. Its task is to finally output a random number through a series of security operations, and require that only A and B can complete this process. We can use the 2-DES algorithm to generate the MAC value to get this position number, take the position random number as input, and use the shared key K ab to get a function value, which is the required number of positions. Considering the hardware cost limit of the contactless smart card and the speed of authentication, most of the data traffic is encrypted with 2-DES, and most of the current smart cards have added a cryptographic coprocessor to speed up the encryption. The asymmetric algorithm in the protocol uses the ECC (Elliptic Curve Encryption) algorithm, and only encrypts two random numbers, which does not cause too much burden on the system.
3 channel security
In this protocol, a new randomly selected session key will be used for each communication, which minimizes the traffic sent by the user's secret and public keys, thereby reducing the number of intruders. The number of ciphertexts. When the session is established, all permanent keys will exit the communication process, and the damage can be minimized even if the session key is exposed.
The generation of session keys based on the Diffie-Hellman key exchange protocol is described below.
(1) A produces two large random numbers n and g, the D-H parameters. Here, n is required to be a prime number, (n-1)/2 is also a prime number, and g is an original root of n. These two numbers can be publicly transmitted to B.
(2) A selects a large random number X, x
(3) A obtains the shared key Ka by calculating K = yax modn, and B also obtains the shared key Kb by calculating K = ybx modn. According to the modular arithmetic theorem, the calculation results of both sides are the same. Thus A, B share a secret key K = Ka = Kb.
Because X and Y are kept secret, the parameters that an intruder can use are only n, g, Ya, and Yb. Thus the intruder is forced to take the discrete logarithm to determine the key. For example, to obtain the secret key of B, the intruder must first calculate Y and then calculate its secret key K in the same way that B uses. The security of the Diffie-Hellman key exchange algorithm relies on the fact that although it is relatively easy to calculate an exponential modulo a prime, it is difficult to calculate the discrete logarithm. For large prime numbers, it is almost impossible to calculate the discrete logarithm.
At the same time, in order to prevent man-in-the-middle attacks, when n, g, Ya, and Yb are transmitted, they are encrypted using the master key Kab. The specific agreement is shown in Figure 2.
.jpg)
Figure 2 Session Key Generation Protocol
Of course, the obtained K cannot be directly used for the session key, because the K at this time is only a secret data string of variable length, and the key length required for the card to perform encryption and decryption calculation is fixed. The variable length information can be converted into fixed length information using the hash algorithm mentioned below, and this fixed length data string is the session key Ks shared by both parties.
In addition, when the card communicates with the terminal, if a set of D-H parameters are regenerated each time and a corresponding negotiation step is performed, the communication efficiency is low. Therefore, it is recommended in the protocol to use the same set of D-H parameters to negotiate session keys to ensure execution efficiency.
4 Data integrity
Since the communication between the contactless smart card and the terminal is exposed in the open environment, the two parties may easily encounter the following attacks when exchanging information: 1 tampering with the communication data; 2 using the forged message, deleting or using the previously sent message Perform a replay attack.
In order to prevent the attacker from tampering with the communication data of both A and B, and considering the computational efficiency of the contactless smart card, this protocol uses the MD5 hash algorithm to calculate the message digest of the data to obtain a fixed-length hash value, which is attached to the ciphertext and sent to the ciphertext. The receiver only needs to obtain the corresponding hash value by using the MD5 algorithm after decrypting the ciphertext, and compares it with the accepted hash value. The result is the same, indicating that the message has not been tampered with.
.jpg)
Figure 3 message transfer protocol
For the second case, the sequence counter mechanism can be used to ensure the real-time and authenticity of the information, that is, a time series number is added during the validity period of the session key.
The use of the transmit sequence counter mechanism in secure communications is not due to its own security approach. It only makes sense to combine the transmit sequence counter with the security protocol, otherwise any modification by the attacker to the counter will be difficult to detect. The sequence counter works by having a sequence number in each message that depends on the time it was sent, which allows immediate attention to be taken when a message is removed or inserted during the process, so that the recipient can take appropriate countermeasures.
In this protocol, a unique shared key K is generated for each session, which can be used to initialize the sequence counter (ssc). The message counter is incremented each time it is sent. The length of the counter can be set by a hash function as needed. The specific agreement is shown in Figure 3.
5 Security analysis
It's actually impossible to build a complete system with perfect security without being infiltrated by anyone, even smart cards. In order to ensure the authentication, confidentiality and integrity of the communication between the two parties, the three aspects of the protocol are specifically designed, and it is hoped that the security between them can be superimposed on each other, that is, combined in a logical or logical relationship. The link is attacked, and the subsequent operations of the protocol can effectively resist and deal with these attacks. The following is a security analysis of this protocol through common attack methods.
(1) In the identity authentication phase, this protocol not only uses asymmetric algorithms for identity authentication, but also adds dynamic authentication of identity information. Security depends not only on the confidentiality of the key, but also on the identity of the user. The privacy of the information, the attacker can not complete the authentication even if the private key of one or both parties is analyzed through the intercepted large amount of information. Because the attacker can't get the complete identity data block graph through the intercepted information, because the attacker does not know the specific process of the replacement function (it is secretly stored in the card and terminal, does not appear in the channel), can not Analyze the location number that the location random number really corresponds to. Effectively resisted guessing attacks.
(2) This protocol is based on the Diffie-Hellman algorithm and uses a one-time method to construct a secure communication channel. In the process of generating the session key, the man-in-the-middle attack is prevented by encrypting the public data. At the same time, even if the session key is leaked, it will not lead to the leakage of the previous session key, which guarantees the forward security of the key.
(3) By using the message digest, the attacker's tampering with the message is effectively prevented. Adding a sequence counter to a message effectively resists replay attacks by deleting or using previously sent messages.
(4) In order to prevent an attack based on a known plaintext-ciphertext pair, in the communication process of this protocol, the corresponding plaintext-ciphertext pair is avoided.
6 performance analysis
Considering that the contactless smart card has higher requirements for real-time performance, the protocol implementation process needs to have a higher rate. In this protocol, only two asymmetric key algorithms, ECC and Diffie-Hellman, are used in the location authentication of the identity authentication and the session key generation. The rest of the protocol uses a symmetric encryption algorithm that is fast. In order to verify the operational efficiency of this protocol, the analog clock frequency is 4.9MHz, a smart card with a DES coprocessor, and the time-consuming of each step was tested in the experiment. The ECC key uses 1 35b, the Diffie-HelIman key uses 1 28b, and the symmetric encryption algorithm uses 2-DES. In the description of the protocol in Section 123, we divide the security protocol into three parts: 1 identity authentication; 2 session key generation: 3 secure communication between the two parties. In the first step, the time is about 0.742 s; the second step is O. 041 S or so, at this stage, the generation and transmission of D-H parameters only need to be done once, so the calculation and communication time are not considered; the third step is the secure communication process between the two parties. Because of the use of the DES coprocessor, the processing of each message The time is about 0.25ms. It takes a long time in the first step because an asymmetric algorithm is used and multiple permutations are made. The second step takes longer than the Diffie-Hellman algorithm for key negotiation. However, the total speed does not exceed 1 S, and the agreement can be considered to meet the requirements of real-time.
7 end
This paper proposes an improved security protocol for communication between contactless smart cards and readers by analyzing and utilizing existing authentication protocols and cryptographic algorithms. The proposed protocol is verified by several attack methods, which shows that this protocol can effectively resist replay attacks and man-in-the-middle attacks; the use of temporary session keys reduces the probability of key leakage; using dynamic identity information, the keys are reduced. The hazard of leakage.
However, there are many ways to attack. This protocol still has security risks, and it needs to be analyzed and improved through more effective methods. Considering the characteristics of the contactless smart card, the authentication protocol of this paper does not introduce a trusted third authenticator, but completes independent mutual authentication on the card and the card reader.
(Text / School of Computer and Control, Guilin University of Electronic Technology, Feng Jing, Xu Yong)
Outdoor Beach Chair brings you a wonderful lounge time at seaside or poolside.The materials synthetic PE rattan,aluminium frame and waterproof cushion are resistant to difference weather conditions and easy to maintain.
Outdoor Beach Chair is crafted from rattan wicker weaved into an aluminium frame. This combination help make this chair durable and comfortable all at once. The adjustable backrest allows you to adjust to different positions so that you can relax on the patio or by the pool.
Features
· For outdoor and indoor use
· High quality rattan plait
· Suitable to all weather conditions
· Easy to maintain
· Matches any outdoor decor
· Quick to assemble
· Adjustable backrest
Maintenance tips
· Do not use any abrasive cleaning agents for cleaning
· Clean the chaise lounge with a damp, soft cloth (you may use a mild cleaning agent) and wipe it dry afterwards
· In case of ceaseless heavy rain or during the winter, the furniture should be stored inside or have a protective cover on it
Outdoor Beach Chair is ranged in different style: Rattan Chair,Sing Mesh Chair,Aluminium Powder Coat Chair.Single and double chairs are available for option.
If you have any questions, please contact with us directly. Outdoor Sofa Furniture are produced
by Golden Eagle Outdoor Furniture With High Quality and Good Appearance. Welcome you can visit our Factory.For any inquiry,Please send mail directly to us.
Rattan Beach Chair,Sun Lounger Beach Chair,Pool Beach Chair,Chaise Lounger Beach Chair
Golden Eagle Outdoor Furniture Co., LTD. , https://www.geleisurefurnitures.com