[go: up one dir, main page]

WO2015037886A1 - Dispositif et procédé d'authentification de puce intelligente - Google Patents

Dispositif et procédé d'authentification de puce intelligente Download PDF

Info

Publication number
WO2015037886A1
WO2015037886A1 PCT/KR2014/008379 KR2014008379W WO2015037886A1 WO 2015037886 A1 WO2015037886 A1 WO 2015037886A1 KR 2014008379 W KR2014008379 W KR 2014008379W WO 2015037886 A1 WO2015037886 A1 WO 2015037886A1
Authority
WO
WIPO (PCT)
Prior art keywords
smart chip
authentication
terminal
identifier
smart
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/KR2014/008379
Other languages
English (en)
Korean (ko)
Inventor
김덕상
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020140093838A external-priority patent/KR101901414B1/ko
Application filed by Individual filed Critical Individual
Publication of WO2015037886A1 publication Critical patent/WO2015037886A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response

Definitions

  • the present invention relates to a smart chip authentication device and a method thereof, and more particularly, to a smart chip authentication device and method for performing authentication for a smart chip using only the smart chip identifier and a common factor exposed to the outside.
  • the method such as the product warranty or warranty card itself is easy to forgery, so the function as a countermeasure is almost unknown, and the method of registering the buyer is a product that is confirmed as a legitimate buyer if the buyer intentionally fakes the product. It does not confirm whether or not the forgery of the registration process has the disadvantage of cumbersome.
  • the activation technology and service provide an advanced forgery confirmation method than the above two methods, but have the following disadvantages.
  • the present invention provides an IC chip that can determine the authenticity of the product through the product certification using the short-range communication between the wireless terminal device and the IC chip, to prevent the forgery of the product directly and at the same time without the intervention of the server Provides an authentication method capable of authentication.
  • the present invention can replace the conventional certificate method used in non-face-to-face credit transactions such as Internet shopping, banking services or electronic payment.
  • the electronic transaction is made by credit card using an accredited certificate
  • the accredited certificate transaction method has a problem that a transaction party who does not actually have a card can perform an electronic transaction if only the password of the accredited certificate and the credit card number are known.
  • a transaction service requiring confirmation of the user's medium is required.
  • a product authentication method using short-range communication between a wireless terminal device and an IC chip of the present invention uses an IC chip. In a credit card transaction that includes, it can also be used as a means for authenticating the identity.
  • Another object of the present invention is to provide a smart chip authentication apparatus and method for verifying possession of a smart card (chip) using only public data that can be recognized externally.
  • a method for authenticating the smart chip by a terminal that exchanges data with the smart chip comprising: receiving or receiving a smart chip identifier from the smart chip; Encrypting the smart chip identifier to generate an encrypted text, and transmitting the encrypted text to the smart chip; Receiving, by the smart chip, a decrypted text generated by decrypting the cipher text using a secret key; And determining whether the decryption text is generated from the received smart chip identifier, and authenticating the smart chip, wherein the smart chip identifier is a public key corresponding to the secret key.
  • the smart chip identifier is a public key corresponding to the secret key.
  • the smart chip identifier provides a smart chip authentication method characterized in that the form is publicly recognized from the outside.
  • the smart chip identifier provides a smart chip authentication method, characterized in that the smart chip unique number.
  • the terminal and the smart chip provides a smart chip authentication method, characterized in that for transmitting and receiving data in short-range communication.
  • the authentication provides a smart chip authentication method, characterized in that for generating an authentication key from the smart chip identifier, and authenticating the smart chip from the authentication key.
  • the smart chip authentication method may further include storing a common factor, wherein the authentication generates a decryption factor using the common factor and the authentication key.
  • the authentication provides a smart chip authentication method characterized by deriving a random number by using the decryption factor and the common factor.
  • the authentication provides a smart chip authentication method, characterized in that for decoding the random number (Decoding).
  • the authentication provides a smart chip authentication method characterized in that it is determined whether the decoding value of the random number and the smart chip identifier match.
  • the authentication provides a smart chip authentication method, characterized in that the smart chip is authenticated as valid if the decoding value of the random number and the smart chip identifier match.
  • the present invention provides a terminal for exchanging data with a smart chip, comprising: a terminal transceiver for receiving a smart chip identifier, a decryption text from the smart chip, and transmitting an encrypted text to the smart chip; An encryption unit for encrypting the smart chip identifier to generate the cipher text; And an authenticator configured to determine whether the decrypted text is generated from the received smart chip identifier, and to authenticate the smart chip, wherein the decrypted text is decrypted by the smart chip using the secret key.
  • Generated by the smart chip identifier is a public key corresponding to the secret key.
  • the present invention provides a terminal for exchanging data with a smart chip, the input unit for receiving a smart chip identifier; transmitting an encrypted text to the smart chip, receiving a decrypted text from the smart chip A terminal transceiver; An encryption unit for encrypting the smart chip identifier to generate the cipher text; And an authenticator configured to determine whether the decrypted text is generated from the received smart chip identifier, and to authenticate the smart chip, wherein the decrypted text is decrypted by the smart chip using the secret key.
  • Generated by the smart chip identifier is a public key corresponding to the secret key.
  • the terminal further comprises a terminal storage unit for storing the common factor
  • the authentication provides a smart chip authentication terminal, characterized in that for generating a decryption factor using the common factor and the authentication key.
  • the present invention provides a method for authenticating a smart chip that exchanges data with a terminal, the method comprising: storing a secret key; Receiving a cipher text generated by encrypting a smart chip identifier from the terminal; Generating a decrypted text by decrypting the cipher text using the secret key; And transmitting the decrypted text to the terminal, wherein the smart chip identifier is a public key corresponding to the secret key, and is stored in the smart chip and transmitted to the terminal or directly input to the terminal. It provides a smart chip authentication method.
  • the present invention provides a smart chip for exchanging data with a terminal, a smart chip storage unit for storing a secret key; smart receiving a cipher text from the terminal and transmitting a decryption text to the terminal Chip transceiver; And a decryption unit received from the terminal to generate the decrypted text by decrypting the cipher text generated by encrypting the smart chip identifier using the secret key, wherein the smart chip identifier corresponds to the secret key. It is a public key, and is stored in the smart chip storage unit is provided to the smart chip, characterized in that sent to the terminal or directly input to the terminal.
  • the present invention can easily verify the authenticity of the product through the authentication between the wireless terminal and the IC chip, and further has the effect of preventing forgery of the product.
  • the present invention has an effect of improving the safety of the transaction by checking whether the user has a medium in the on-line transaction.
  • the present invention has the effect of preventing the leakage of personal information, including smart cards by authenticating using only public data.
  • FIG. 1 is a view showing a schematic diagram of smart chip authentication according to an embodiment of the present invention.
  • FIG. 2 is a view showing the configuration of the smart chip authentication apparatus according to an embodiment of the present invention.
  • FIG. 3 is a diagram illustrating an overall flowchart of a smart chip authentication apparatus according to an embodiment of the present invention.
  • FIG. 4 is a flowchart illustrating an encryption parameter generation method according to an exemplary embodiment of the present invention.
  • FIG. 5 is a diagram illustrating a flowchart in which encryption parameters are issued to a smart chip according to an exemplary embodiment of the present invention.
  • FIG. 6 is a diagram illustrating a detailed flowchart of smart chip authentication of a terminal according to an exemplary embodiment of the present invention.
  • FIG. 7 is a diagram illustrating a smart chip authentication flowchart of a smart chip according to an embodiment of the present invention.
  • FIG. 8 is a diagram illustrating a smart chip authentication flowchart of a terminal according to an exemplary embodiment of the present invention.
  • FIG. 9 is a diagram illustrating an example of a table for verifying an authentication scheme according to an exemplary embodiment of the present invention.
  • FIG. 10 is a diagram illustrating an exemplary diagram of a smart chip identifier according to an exemplary embodiment of the present invention.
  • FIG. 11 is a diagram illustrating an example of a data transmission method performed between a smart chip and a terminal according to an exemplary embodiment of the present invention.
  • FIG. 12 is a diagram illustrating an example of a method in which a terminal receives a smart chip identifier according to an exemplary embodiment of the present invention.
  • FIG. 1 is a view showing a schematic diagram of smart chip authentication according to an embodiment of the present invention.
  • smart chip authentication includes a smart card including a terminal 220 and a smart chip 220 represented by a smart phone.
  • the authentication process is schematically illustrated when a smartphone user makes an online transaction using a smart card.
  • the smart phone reads or receives the smart chip identifier from the smart card to perform the payment (S101).
  • the smart phone generates a public key with the smart chip identifier (S102).
  • the smart phone generates a random number using the smart chip identifier and generates a cipher text using the random number and the public key (S103).
  • the smart phone transmits the cipher text to the smart card (S104).
  • the smart chip of the smart card decrypts the cipher text to generate a decrypted text (S105).
  • the smart card transmits the decrypted text to the smart phone (S106).
  • the smart phone performs authentication on the smart card (S107).
  • the smart chip authentication of the present invention includes a terminal that performs authentication on a smart card including a smart chip, and can identify basic data and smart chips stored in the smart chip, and authenticate with only data that may be leaked. By doing this, it has the effect of going through only a simple authentication procedure.
  • the present invention is effective because it is possible to check the authenticity through the product certification number check because the data can be disclosed.
  • FIG. 2 is a view showing the configuration of the smart chip authentication apparatus according to an embodiment of the present invention.
  • the smart chip authentication device 200 includes a smart chip 210 and a terminal 220.
  • the smart chip 210 and the terminal 220 are connected by a network.
  • the smart chip 210 performs data communication with the terminal 220.
  • the network includes both a wired communication network and a wireless communication network, and is not limited thereto, and may be another communication network capable of transmitting and receiving data.
  • the wireless communication network includes all types of communication networks using radio waves, and includes a local area network, a mobile communication network or a broadband communication network.
  • the network between the smart chip 210 and the terminal 220 may be a local area network such as Near Field Communication (NFC).
  • NFC Near Field Communication
  • the smart chip 210 stores the common factor n, the individual factor s, and the card identifier.
  • the smart chip 210 generates a decrypted text using the cipher text generated using the smart chip identifier, transmits the decrypted text to the terminal 220, and the terminal 220 uses the authentication key generated from the smart chip identifier.
  • the terminal 220 uses the authentication key generated from the smart chip identifier.
  • authentication information about the smart chip 210 is received from the terminal 220.
  • the common factor n is a factor commonly used in all smart cards and is an element that is stored in the terminal 220 as well as the smart chip 210 and used in the encryption, decryption, and authentication steps.
  • the individual factor s is a factor uniquely used in each smart card and is stored only in the smart chip 210 and is an element used when the smart chip 210 decrypts the cipher text.
  • the smart chip identifier ID is a factor including information for identifying each smart card user and is stored only in the smart chip 210.
  • the smart chip identifier (ID) is an element used in the process of generating a cipher text and the process of authenticating at the terminal 220.
  • the smart chip identifier ID may be in a form that can be recognized by the user from the outside rather than existing inside the smart chip or the smart card. That is, the smart chip identifier ID may be disclosed to the outside.
  • the smart chip identifier ID may be formed by modifying the card identification number CIN or may be the card identification number CIN itself. A process of generating the smart chip identifier ID from the card identification number CIN will be described later with reference to FIG. 5.
  • the smart chip identifier ID When the smart chip identifier ID is formed by modifying the card identification number CIN, the smart chip identifier ID may be any serial number.
  • the same smart chip identifier ID as the card identification number CIN may include any one of a card number, a card number, and an expiration date.
  • the smart chip identifier (ID) is not limited thereto, and the smart chip unique number and banking ID, social security number, name, telephone number or other randomly set by the user can be identified. It can be the identifier itself.
  • the smart chip identifier forms the basis of an individual factor (s) corresponding to a private key and a public factor (e) corresponding to a public key.
  • the terminal 220 generates a cipher text using the smart chip identifier.
  • the terminal 220 stores the common factor n.
  • the terminal 220 receives the smart chip identifier from the smart chip 210 and authenticates the smart chip 210 using an authentication key generated from the smart chip identifier.
  • the smart chip 210 includes a smart chip transceiver 211, a smart chip storage 212, and a decoder 213.
  • the smart chip transceiver 211 transmits or receives data with the terminal 220 through a network.
  • the smart chip transceiver 211 is connected to an antenna provided in a smart card or a smart medium on which the smart chip 210 is mounted to process transmission and reception of various information or data between the terminal 220 and the terminal 220.
  • the smart chip storage unit 212 stores a smart chip identifier ID, a secret key derived from the smart chip identifier ID, and a common factor n.
  • the smart chip storage unit 212 may store a smart chip unique number and a secret key derived from the smart chip unique number of the smart chip 210 corresponding to the smart chip identifier (ID).
  • the decryption unit 213 uses a secret key stored in the storage unit 233, that is, an individual factor s, as a decryption key value at the request of the terminal 220, from the terminal 220 through the smart chip transceiver 211.
  • the decrypted text S is generated by decrypting the received cipher text C.
  • the decoder 213 transmits the decrypted text S to the terminal 220 through the smart chip transceiver 211.
  • the decryption unit 213 receives a cipher text C generated using a smart chip identifier ID, decrypts the cipher text C, and generates a decrypted text S.
  • the decrypted text S This terminal 220 is to be transmitted.
  • the decryption algorithm through the decryption unit 213 may be implemented as a general public key based algorithm configured in pairs with the encryption algorithm through the encryption unit 224 of the terminal 220.
  • the terminal 220 includes a terminal transceiver 221, a terminal storage unit 222, a random number generator 223, an encryption unit 224, an authentication unit 225, and an input unit 226.
  • the terminal transceiver 221 transmits or receives data with the smart chip 210 through a network.
  • the terminal storage unit 222 stores the public key derived from the common factor n and the smart chip identifier ID.
  • the terminal storage unit 222 may store not only the public key derived from the smart chip unique number corresponding to the smart chip identifier ID, but also the cipher text C generated from the public key.
  • the random number generator 223 generates a random number (M).
  • the method for generating the random number (M) may use any one or more of the conventional various random number generation method.
  • the encryption unit 224 generates a public key e using a smart chip unique number received from the terminal transceiver unit 221, that is, a smart chip identifier ID, and uses the public key e as an encryption key value. By encrypting the random number (M) generated by the random number generation unit 223.
  • the encryption processing algorithm of the encryption unit 224 may be paired with the decryption algorithm of the smart chip 210 and may be implemented as a general public key based algorithm.
  • the authentication unit 225 generates an authentication key from the smart chip identifier.
  • the authentication unit 225 generates an authentication key u for authentication by using the received smart chip identifier ID.
  • the authentication unit 225 generates an authentication key using a card identifier ID and a hash function.
  • the authentication unit 225 performs authentication using a cipher text C, a decrypted text S, a common factor n, and an authentication key u.
  • Authentication of the authentication unit 225 is a method of authenticating the decrypted text (S).
  • Authentication of the decrypted text S may use a method of directly comparing the decrypted text S with a random number M and determining whether the decrypted text S matches.
  • the authentication of the decrypted text (S) may use the method presented by the public key based algorithm applied to the present invention using the decrypted text (S), cipher text (C) and random number (M) as input factors.
  • the public key based algorithm is IBE from Weil Pairing (D.Boneh-M.Frankin, 2001)
  • a method of directly comparing the decrypted text (S) and the random number (M) can be applied, and the Mediated RSA (D.Boneh) can be applied.
  • -X.Ding-G.Tsudik, 2002) a method of checking whether the mathematically calculated value of the decrypted text (S) and cipher text (C) matches the random number (M) may be applied.
  • the input unit 226 may receive a smart chip identifier ID from the outside.
  • the terminal 220 generally receives a smart chip identifier from the smart chip 210 through the terminal transceiver 221, but may be input by a user through a smart phone or a card terminal. This will be explained later.
  • each component may be implemented in the form of a program or an application.
  • FIG. 3 is a diagram illustrating an overall flowchart of a smart chip authentication apparatus according to an embodiment of the present invention.
  • FIG. 3 an overall flow of a method of authenticating the smart chip by the smart chip authentication device 200 is illustrated.
  • step S301 the common factor n, the individual factor s, and the smart chip identifier ID are stored in the smart chip storage unit 212, and the terminal storage unit 222 is commonly used in all smart cards.
  • the argument n is stored.
  • the common factor n does not necessarily need to be stored in the terminal storage unit 222.
  • the terminal transceiver 221 may receive not only the smart chip identifier ID, but also the common factor n from the smart chip 210. Receiving the common factor n stored in the smart chip 210 is more efficient in terms of saving storage space and authentication processing time than the terminal 220 stores and reads the data directly.
  • step S303 the terminal transceiver 221 reads the smart chip identifier ID from the smart chip 210.
  • the terminal transceiver 221 may directly receive the common factor n in the smart chip storage unit 212.
  • the terminal transceiver 221 sends the smart chip identifier (ID) request data
  • the smart chip transceiver 211 calls the smart chip identifier (ID) stored in the smart chip storage unit 212 to the terminal transceiver 221. Send.
  • the smart chip identifier ID transmitted from the smart chip 210 is stored in the terminal storage unit 222.
  • the random number generation unit 223 of the terminal 220 generates a random number using the card identifier ID.
  • the random number generator 223 encodes a random number by applying a smart chip identifier (ID) to an OAEP (Optimal Asymmetric Encryption Padding) algorithm.
  • ID smart chip identifier
  • OAEP Optimal Asymmetric Encryption Padding
  • step S309 the encryption unit 224 generates a public key (e) by using a smart chip identifier (ID).
  • the encryption unit 224 generates the cipher text C using the public key e.
  • the cipher text C is stored in the terminal storage unit 222.
  • step S315 the terminal transceiver 221 reads the cipher text C stored in the terminal storage unit 222 and transmits the encrypted text C to the smart chip 210 for decryption.
  • the decryption unit 213 decrypts the cipher text C and generates a decrypted text S using the individual factors s and the common factors n corresponding to the secret key.
  • the smart chip transceiver 211 transmits the decoded decrypted text S to the terminal transceiver 221.
  • step S321 the terminal transceiver 221 receives the decrypted text S, and the decrypted text S is stored in the terminal storage 222.
  • the authentication unit 225 reads the stored decrypted text S, the encrypted text C, and the smart chip identifier ID for the smart chip 210 to perform authentication.
  • FIG. 4 is a flowchart illustrating an encryption parameter generation method according to an exemplary embodiment of the present invention.
  • a flow of a method of generating a common factor n stored in the smart chip 210 and the terminal 220 is illustrated.
  • the generation of the common factor n is one of the issuing processes, and the issuing process includes generating an encryption parameter including the common factor n and issuing the card of the encryption parameter.
  • the issuing process is not a gist of the present invention, but is described to aid in understanding the overall process.
  • initial prime numbers p ′ and q ′ of different prime numbers are generated.
  • step S405 it is determined whether the intermediate factors p and q are prime numbers, and if not, the initial factors p ′ and q ′ which are different prime numbers are generated again.
  • step S407 if the intermediate factors p and q are few, the common factor n and the secret key generation factor phi are generated and disclosed.
  • FIG. 5 is a diagram illustrating a flowchart in which encryption parameters are issued to a smart chip according to an exemplary embodiment of the present invention.
  • an individual factor (s) and a smart chip identifier included in the encryption parameter are issued and stored in a card.
  • the smart chip identifier ID is generated through the card identification number CIN and the hash function H.
  • the card identification number (CIN) may include a card number, card number and expiration date, smart chip serial number and smart chip unique number.
  • a banking ID or social security number may also be used as the card identification number (CIN).
  • the smart chip identifier ID is used to generate a public key e.
  • the public key e is generated so as not to be a multiple of four by padding 1.
  • step S505 the public key (e) and the secret key generation factor (phi) is used to generate a secret key (d).
  • the secret key d is an RSA-based secret key.
  • the authentication key u is generated from the smart chip identifier ID and the hash function, and the individual factor s is generated from the secret key d and the authentication key u.
  • step S509 the common factor n, the individual factor s, and the smart chip identifier ID are issued to the smart card including the smart chip.
  • FIG. 6 is a diagram illustrating a detailed flowchart of smart chip authentication of the terminal 220 authentication unit 225 according to an embodiment of the present invention.
  • FIG. 6 a detailed flow of a process in which a terminal authenticates a smart chip is illustrated.
  • the authenticator 225 reads the decrypted text S, the cipher text C, and the smart chip identifier ID from the terminal storage 222.
  • step S603 the authentication unit 225 generates the authentication key u using the hash function and the smart chip identifier ID.
  • the algorithm for generating the authentication key u is the same as that used in the process of issuing encryption parameters to the smart card.
  • the authentication unit 225 In operation S605, the authentication unit 225 generates the decryption factor U using the cipher text C, the common factor n, and the authentication key u.
  • the authentication unit 225 In operation S607, the authentication unit 225 generates an authentication random number M ′ by applying the decryption factor U and the common factor n to the decryption statement S.
  • the authenticator 225 OAEP decodes the authentication random number M ′.
  • the authenticator 225 compares the smart chip identifier ID stored in the terminal storage unit 222 with the smart chip identifier after decoding the authentication random number M ′.
  • step S613 the authentication unit 225 generates the authorization information indicating that the smart card containing the smart chip is legal when the smart chip identifier after decoding the smart chip identifier ID and the authentication random number M ′ match. If the smart chip identifier after decoding the smart chip identifier ID and the authentication random number M 'does not match, unauthorized information indicating that the smart card containing the smart chip is illegal is generated.
  • step S615 the authentication unit 225 generates authentication information including the approval information or the unauthorized information.
  • the terminal transceiver 221 transmits the authentication information to the smart chip 210.
  • FIG. 7 is a diagram illustrating a smart chip authentication flowchart of a smart chip according to an embodiment of the present invention.
  • the common factor n, the individual factor s, and the smart chip identifier ID that are initially issued are stored in the smart chip storage unit 212 (S701).
  • the smart chip 210 receives the cipher text C generated using the smart chip identifier ID from the terminal 220 through the smart chip transceiver 211 (S703).
  • the ciphertext C is stored in the smart chip storage unit 212 (S705).
  • the decryption unit 213 partially decrypts the cipher text C to generate a decrypted text S (S707).
  • the smart chip transceiver 211 transmits the decrypted text S to the terminal 220 (S709).
  • FIG. 8 is a diagram illustrating a smart chip authentication flowchart of a terminal according to an exemplary embodiment of the present invention.
  • the terminal transceiver 221 receives a smart chip identifier (ID) from the smart chip 210 or receives the input from the outside through the input unit 226 (S801).
  • the smart chip identifier is stored in the terminal storage unit 222 (S803).
  • the encryption unit 224 generates the cipher text C and the cipher text C is stored in the terminal storage unit 222 (S805).
  • the cipher text (C) is transmitted to the smart chip 210, the terminal transceiver 221 receives the decrypted text (S) generated by the cipher text (C), the received decrypted text (S) is the terminal storage unit 222 ) Is stored (S807).
  • the authentication unit 225 performs authentication using the cipher text C, the decryption text S, and the smart chip identifier ID, and generates authentication information (S809).
  • FIG. 9 is a diagram illustrating an example of a table for verifying an authentication scheme according to an exemplary embodiment of the present invention.
  • Data stored in the terminal 220 means data stored for authentication, and the data is represented by the number of cases where the public key e, the individual factor s, and the card identifier ID are various. Referring to the authentication result of the terminal 220 of this table, the individual factor s and the smart chip identifier (ID) except for the common factor (n) must be the same to be authenticated with a legitimate smart chip (smart card), and common It is shown that the individual factor s and the smart chip identifier ID except for the factor n are not all authorized for the same smart card.
  • a smart card having a valid smart chip identifier (ID) without a procedure for retrieving or separately storing a value other than the common factor n for authentication in the terminal 220 ( Smart chip) has the advantage of being able to authenticate.
  • FIG. 10 is a diagram illustrating an exemplary diagram of a smart chip identifier according to an exemplary embodiment of the present invention.
  • the smart chip identifier ID may be at least one of letters, numbers, and symbols indicating who the user is.
  • the smart chip identifier (ID) is one of the serial number 1011 of the credit card, the name of the credit card name 1012 and the CVS number 1013 on the back of the credit card. It can be at least one.
  • the smart chip identifier ID of the credit card 1010 may be directly recognized by the user from the outside.
  • the existing public key is stored in the smart chip 210 or the terminal 220, and thus cannot be directly recognized from the outside.
  • the present invention performs authentication by using an externally recognized smart chip identifier (ID) as a public key. .
  • FIG. 11 is a diagram illustrating an example of a data transmission method performed between a smart chip and a terminal according to an exemplary embodiment of the present invention.
  • the data transmission method of the smart chip 210 and the terminal 220 may be a direct connection using a connector as well as a wired and wireless network.
  • 11 illustrates an embodiment of a data transmission method between the credit card 1010 and the terminal 220 shown as a smart phone using the connector 1110.
  • the credit card 1010 and the terminal 220 transmit and receive the smart chip identifier ID, the cipher text C, the decrypted text S, and other data to the terminal 220 using the connector 1110.
  • FIG. 12 is a diagram illustrating an example of a method in which a terminal receives a smart chip identifier according to an exemplary embodiment of the present invention.
  • the terminal 220 receives a smart chip identifier ID directly from a user.
  • the terminal 220 reads or receives the card identifier ID from the smart chip 210 (or a smart card including the smart chip), but may directly receive the smart chip identifier ID from the outside.
  • the terminal 220 receives the credit card serial number 1011 from the input unit 226 by the user and displays the credit card serial number 1011 on the screen.
  • the terminal 220 generates a cipher text using the credit card serial number 1011 as the smart chip identifier ID and performs the steps of FIG. 8.
  • the flow of the smart chip authentication device 200 of FIG. 3 causes the terminal 220 to receive the smart chip identifier (ID) (S403). Receiving a smart chip identifier (ID).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé d'authentification d'une puce intelligente par un terminal qui échange des données avec la puce intelligente. Elle concerne un procédé d'authentification d'une puce intelligente qui consiste à: recevoir ou comporter un identifiant de puce intelligente provenant de la puce intelligente; générer une phrase de passe par chiffrement de l'identifiant de puce intelligente, et transmettre la phrase de passe à la puce intelligente; recevoir une phrase de déchiffrement générée par la puce intelligente qui déchiffre la phrase de passe au moyen d'une clé privée; et authentifier la puce intelligente en déterminant si la phrase de déchiffrement est générée par l'identifiant de puce intelligente reçu, l'identifiant de puce intelligente étant une clé publique correspondant à la clé privée. Le procédé de l'invention présente ainsi l'avantage, d'une part de confirmer facilement l'authenticité d'un produit par une authentification qui s'effectue entre un terminal sans fil et une puce de circuit intégré, d'autre part d'empêcher la falsification ou l'altération d'un produit.
PCT/KR2014/008379 2013-09-11 2014-09-05 Dispositif et procédé d'authentification de puce intelligente Ceased WO2015037886A1 (fr)

Applications Claiming Priority (8)

Application Number Priority Date Filing Date Title
KR20130108780 2013-09-11
KR10-2013-0108781 2013-09-11
KR20130108781 2013-09-11
KR20130108779 2013-09-11
KR10-2013-0108779 2013-09-11
KR10-2013-0108780 2013-09-11
KR10-2014-0093838 2014-07-24
KR1020140093838A KR101901414B1 (ko) 2013-09-11 2014-07-24 스마트 칩 인증 장치 및 그 방법

Publications (1)

Publication Number Publication Date
WO2015037886A1 true WO2015037886A1 (fr) 2015-03-19

Family

ID=52665932

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2014/008379 Ceased WO2015037886A1 (fr) 2013-09-11 2014-09-05 Dispositif et procédé d'authentification de puce intelligente

Country Status (1)

Country Link
WO (1) WO2015037886A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115941360A (zh) * 2023-02-10 2023-04-07 杭州堃博生物科技有限公司 数据交互的安全验证方法、装置、存储介质以及电子设备

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20120037314A (ko) * 2010-10-11 2012-04-19 서정훈 본인 인증장치를 활용한 온라인 신용카드 발급 시스템 및 방법
KR20120121429A (ko) * 2011-04-26 2012-11-06 숭실대학교산학협력단 가변길이 인증코드를 사용하는 무선 통신 단말간 세션키 공유 방법
US20130019102A1 (en) * 2005-07-29 2013-01-17 Research In Motion Limited System and method for encrypted smart card pin entry
KR20130019358A (ko) * 2011-08-16 2013-02-26 (주) 아이씨티케이 사물지능통신에서 puf에 기반한 장치간 보안 인증 장치 및 방법
KR20130059054A (ko) * 2011-11-28 2013-06-05 주식회사 쓰리제이 Rfid 액세스 단말기 및 rfid 태그 정보 인증 방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130019102A1 (en) * 2005-07-29 2013-01-17 Research In Motion Limited System and method for encrypted smart card pin entry
KR20120037314A (ko) * 2010-10-11 2012-04-19 서정훈 본인 인증장치를 활용한 온라인 신용카드 발급 시스템 및 방법
KR20120121429A (ko) * 2011-04-26 2012-11-06 숭실대학교산학협력단 가변길이 인증코드를 사용하는 무선 통신 단말간 세션키 공유 방법
KR20130019358A (ko) * 2011-08-16 2013-02-26 (주) 아이씨티케이 사물지능통신에서 puf에 기반한 장치간 보안 인증 장치 및 방법
KR20130059054A (ko) * 2011-11-28 2013-06-05 주식회사 쓰리제이 Rfid 액세스 단말기 및 rfid 태그 정보 인증 방법

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115941360A (zh) * 2023-02-10 2023-04-07 杭州堃博生物科技有限公司 数据交互的安全验证方法、装置、存储介质以及电子设备

Similar Documents

Publication Publication Date Title
JP4866863B2 (ja) セキュリティコード生成方法及びユーザ装置
WO2015037887A1 (fr) Serveur et procédé d'authentification de puce intelligente
JP5885178B2 (ja) 機器真贋判定システム、機器真贋判定方法、および半導体チップが搭載された組み込み機器
CN104322003B (zh) 借助实时加密进行的密码认证和识别方法
WO2014139343A1 (fr) Procédé de téléchargement de clé, procédé de gestion, procédé de gestion de téléchargement, appareil et système
WO2017119564A1 (fr) Système et procédé de transmission d'informations sécurisées pour une authentification d'identité personnelle
CN104393993B (zh) 一种用于售电终端的安全芯片及其实现方法
CN102986161B (zh) 用于对应用进行密码保护的方法和系统
US8397281B2 (en) Service assisted secret provisioning
CN109474419A (zh) 一种活体人像照片加密、解密方法及加解密系统
CN108323230B (zh) 一种传输密钥的方法、接收终端和分发终端
US20070074027A1 (en) Methods of verifying, signing, encrypting, and decrypting data and file
CN106027254B (zh) 一种身份证认证系统中身份证读卡终端使用密钥的方法
CN108667801A (zh) 一种物联网接入身份安全认证方法及系统
CN111541708B (zh) 一种基于电力配电的身份认证方法
CN106027474B (zh) 一种身份证认证系统中的身份证读卡终端
WO2020054951A1 (fr) Procédé, appareil et système de transmission et de réception d'informations à l'aide d'un code qr
JP2003298574A (ja) 電子機器、認証局、電子機器認証システム、電子機器の認証方法
CN1783777B (zh) 固定通信安全、数据加密方法和系统及固定终端鉴权方法
CN108323231B (zh) 一种传输密钥的方法、接收终端和分发终端
WO2015037886A1 (fr) Dispositif et procédé d'authentification de puce intelligente
KR101118424B1 (ko) 인증서 자동갱신 처리 시스템
KR101933090B1 (ko) 전자 서명 제공 방법 및 그 서버
JP4198509B2 (ja) 相互認証方法
EP3035589A1 (fr) Système de gestion de sécurité permettant d'authentifier un jeton par un serveur de fournisseur de services

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14843953

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC

122 Ep: pct application non-entry in european phase

Ref document number: 14843953

Country of ref document: EP

Kind code of ref document: A1