Primers
The interconnection of smart cards is an old topic. It has recently been widely mentioned by the media because it has organized the National One-Card National Interconnection Conference. Whether it is necessary for China Unicom to achieve national interconnection and interoperability, whether it can truly realize interconnection and interoperability and what kind of methods it should use. We will not comment here. Only a brief summary of some of the keys involved in interworking.
The key function of the smart card is to use its data encryption and decryption and data security storage capabilities to achieve identity authentication between the card and the terminal (background) and establish a secure channel for data interaction to complete a variety of applications. Defined transaction process.
In addition, the so-called interconnection refers to off-line transactions, which may be inter-regional interconnection and inter-industry interconnection. For on-line transactions, at any time, it is possible to connect to the background of the card-issuing main body through the network, without geographical influence, and there is no problem of interconnection and intercommunication.
Symmetric keys and their dispersion
For symmetric keys, the encryption and decryption keys are the same. In other words, if you want to operate a smart card and use a smart card to implement certain transactions, then the external terminal or background must clearly know what the key stored in the smart card is. Of course, the easiest way is that everyone uses the same key. Each card, each terminal, and each back office use this key, and various transactions can be successfully completed. The problem is that there is a risk of doing so, as long as the key of any card is cracked and the entire system is destroyed. Therefore, the concept of "one card and one secret" means that the key of each card is different. In order to ensure normal transactions, the background or terminal must store the keys of all cards in its own database. For an actual system, this is neither realistic nor safe, so key scatter is needed.
The principle of key scatter is to generate a master key first. The key of each card is calculated by using the card's own unique information (such as the card number or card number plus the code of the regional industry, etc.) and the master key, and finally To generate a new key, this new key has two characteristics: 1) The keys of each card are different to ensure one card is dense; 2) It is related to the unique information of the card, in other words, can be passed through the card. The only information in combination with the master key is to derive the key stored in the card. In this way, as long as the terminal or the background knows the master key, the key of each card can be derived from the unique information of the card. In the offline transaction terminal, the master key is saved by the SAM card, and can also be encrypted in the background. Machine to save.
In fact, if terminals and back-end systems all over the country store this master key, and cards distributed throughout the country are distributed based on this master key, then it is natural that the country is connected. Of course, it also involves the multi-level decentralization of settlement processing keys at the back office, and the actual situation will be much more complicated. However, if only from the perspective of a symmetric key, interconnection does not matter.
Asymmetric key interconnection
The security of the entire system in the above-mentioned symmetric key system is all placed on the master key, so there must also be strict procedures for controlling the issuance and management of the SAM card.
Asymmetric key algorithms use different keys for encryption and decryption. One of them can be publicly known as a public key, and the other must be confidentially called a private key. The characteristics of this asymmetric key algorithm are: 1) The public key and private key are strictly paired. Different public keys must correspond to different private keys, and vice versa. And the private key cannot be derived from the public key; 2) All people who know the public key can encrypt the data, but the encrypted information can only be decrypted by the person who has the private key; 3) All information that can be decrypted correctly using the public key , must be from the owner of the private key, has a non-repudiation attribute, the private key encrypted information is equivalent to the private key owner's signature (so the private key encryption process is also called "signature", the public key decryption process Called "Checking".
If the smart card uses an asymmetric key system, the card, terminal, and background do not need a unified master key to derive the key of each card. Each card can have its own public and private key pair, and the respective public key data. Open to the parties involved in the transaction can complete the normal transaction process. In order to ensure the smooth progress of the transaction, it must be ensured that the public keys presented by the parties involved in the transaction process are true and valid. There is a need for a CA to be responsible for issuing "stamped" certificates for the public keys of these participants, that is, to generate a signed public key certificate. This signature is completed by the authority's private key. Everyone can verify the authenticity of the signature by using its public key, thus verifying the authenticity of the signed public key, and thus ensuring the follow-up identity authentication can proceed smoothly. . The premise is that everyone trusts this authority and there is no objection to the authenticity of the authority's public key.
Then to achieve interoperability, as long as the card, terminal, and back-end store the public key of the authority and their respective public key certificates (the corresponding private keys are secretly stored respectively), and the respective public key certificates must pass the private key of the authority. Sign it. Before interacting with sensitive information, the public key certificates of each other are read out, and the signatures are verified. Then, it is possible to establish mutually reliable secure data channels and complete related transaction processes. Although the actual situation is not so simple, the basic principle is this.
postscript
In short, for the current city card or social security card, if all cities are based on the national unified key SAM card issued and the user card key dispersed, there is no doubt that can be directly connected to achieve interoperability. If A and B cities respectively issue SAM cards and distributed user card keys according to their own customized master keys, they need to install each other's SAM cards in their respective terminals in order to achieve interconnection and interoperability between the two.
The interconnection of smart cards is an old topic. It has recently been widely mentioned by the media because it has organized the National One-Card National Interconnection Conference. Whether it is necessary for China Unicom to achieve national interconnection and interoperability, whether it can truly realize interconnection and interoperability and what kind of methods it should use. We will not comment here. Only a brief summary of some of the keys involved in interworking.
The key function of the smart card is to use its data encryption and decryption and data security storage capabilities to achieve identity authentication between the card and the terminal (background) and establish a secure channel for data interaction to complete a variety of applications. Defined transaction process.
In addition, the so-called interconnection refers to off-line transactions, which may be inter-regional interconnection and inter-industry interconnection. For on-line transactions, at any time, it is possible to connect to the background of the card-issuing main body through the network, without geographical influence, and there is no problem of interconnection and intercommunication.
Symmetric keys and their dispersion
For symmetric keys, the encryption and decryption keys are the same. In other words, if you want to operate a smart card and use a smart card to implement certain transactions, then the external terminal or background must clearly know what the key stored in the smart card is. Of course, the easiest way is that everyone uses the same key. Each card, each terminal, and each back office use this key, and various transactions can be successfully completed. The problem is that there is a risk of doing so, as long as the key of any card is cracked and the entire system is destroyed. Therefore, the concept of "one card and one secret" means that the key of each card is different. In order to ensure normal transactions, the background or terminal must store the keys of all cards in its own database. For an actual system, this is neither realistic nor safe, so key scatter is needed.
The principle of key scatter is to generate a master key first. The key of each card is calculated by using the card's own unique information (such as the card number or card number plus the code of the regional industry, etc.) and the master key, and finally To generate a new key, this new key has two characteristics: 1) The keys of each card are different to ensure one card is dense; 2) It is related to the unique information of the card, in other words, can be passed through the card. The only information in combination with the master key is to derive the key stored in the card. In this way, as long as the terminal or the background knows the master key, the key of each card can be derived from the unique information of the card. In the offline transaction terminal, the master key is saved by the SAM card, and can also be encrypted in the background. Machine to save.
In fact, if terminals and back-end systems all over the country store this master key, and cards distributed throughout the country are distributed based on this master key, then it is natural that the country is connected. Of course, it also involves the multi-level decentralization of settlement processing keys at the back office, and the actual situation will be much more complicated. However, if only from the perspective of a symmetric key, interconnection does not matter.
Asymmetric key interconnection
The security of the entire system in the above-mentioned symmetric key system is all placed on the master key, so there must also be strict procedures for controlling the issuance and management of the SAM card.
Asymmetric key algorithms use different keys for encryption and decryption. One of them can be publicly known as a public key, and the other must be confidentially called a private key. The characteristics of this asymmetric key algorithm are: 1) The public key and private key are strictly paired. Different public keys must correspond to different private keys, and vice versa. And the private key cannot be derived from the public key; 2) All people who know the public key can encrypt the data, but the encrypted information can only be decrypted by the person who has the private key; 3) All information that can be decrypted correctly using the public key , must be from the owner of the private key, has a non-repudiation attribute, the private key encrypted information is equivalent to the private key owner's signature (so the private key encryption process is also called "signature", the public key decryption process Called "Checking".
If the smart card uses an asymmetric key system, the card, terminal, and background do not need a unified master key to derive the key of each card. Each card can have its own public and private key pair, and the respective public key data. Open to the parties involved in the transaction can complete the normal transaction process. In order to ensure the smooth progress of the transaction, it must be ensured that the public keys presented by the parties involved in the transaction process are true and valid. There is a need for a CA to be responsible for issuing "stamped" certificates for the public keys of these participants, that is, to generate a signed public key certificate. This signature is completed by the authority's private key. Everyone can verify the authenticity of the signature by using its public key, thus verifying the authenticity of the signed public key, and thus ensuring the follow-up identity authentication can proceed smoothly. . The premise is that everyone trusts this authority and there is no objection to the authenticity of the authority's public key.
Then to achieve interoperability, as long as the card, terminal, and back-end store the public key of the authority and their respective public key certificates (the corresponding private keys are secretly stored respectively), and the respective public key certificates must pass the private key of the authority. Sign it. Before interacting with sensitive information, the public key certificates of each other are read out, and the signatures are verified. Then, it is possible to establish mutually reliable secure data channels and complete related transaction processes. Although the actual situation is not so simple, the basic principle is this.
postscript
In short, for the current city card or social security card, if all cities are based on the national unified key SAM card issued and the user card key dispersed, there is no doubt that can be directly connected to achieve interoperability. If A and B cities respectively issue SAM cards and distributed user card keys according to their own customized master keys, they need to install each other's SAM cards in their respective terminals in order to achieve interconnection and interoperability between the two.
The 20V 2Ah 4Ah Cordless Plunge Cut Track Saw is Perfect for Cutting Wood, with High Precision, No burrs with good blade.
It is a Cordless wood cutting power tools that users feels much better, compared to Jig Saw or circular saw.
The Cordless Plunge Cut Saw with 30mm cutting depth without track.
The Cordless Plunge Track Saw With single speed, 4000rpm.
The 110mm Cordless Track Saw with Shaft Lock, for easy blade change.
Cordless Power Saw With a dust blower for max cut -line visibility.
Cordless Wood Cutting Power Tools with protection button for your safety, soft rubber handle for comfortable use.
The Cordless Tack Saw used with the Guide Rail or Track, to ensure the cutting straight ability for long distance work.
Plunge-Cut Circular Saw,Cordless Track Saw,Home Plunge Saw Cordless,Cordless Plunge Saws,Plunge Saws With Guide Rails
Ningbo Brace Power Tools Co., Ltd , https://www.bracepowertools.com