with the development of intelligent ic card technology, it has a higher requirement for the storage and encryption of the card itself. the traditional mifare 1 card has been gradually replaced by a higher encryption technology smart ic card, cpu card is one of the typical representative. the application of cpu card in the "one card" system can make the system have higher function expansibility, and also improve the security of the system. the card itself has a larger storage space and faster reading speed. then the existing system software upgrade, complete system and cpu card integration.
1, cpu card overview
cpu card, also known as smart card, is an ic card with a microprocessor chip. ic card is like a computer motherboard, integration of the central processing unit (cpu), eeprom, random access memory (ram), read-only memory (rom), a curing in read-only memory chip operating system, which is cos. some card chip also integrates the encryption coprocessor to improve security and speed.
cpu card user storage space similar to the computer operating system directory and file management, when the expansion of the function is more flexible, you can reasonably allocate the storage space. when the microprocessor of the card body runs with the operating system of the utility model, the encryption and decryption can be carried out by stages, and the user needs to carry out multiple password authentication when the card is operated, thereby improving the security of the system. whether it is from the storage capacity of the user space, or from the security encryption characteristics, cpu card can adapt to the current development needs. cpu card can be used in the fields of finance, insurance, police and government, has the characteristics of a multi-purpose card, and has been through the people's bank of china and national business secret commission certification.
2, mifare 1 card and cpu card characteristics comparison
for the cpu card, it makes up for many of the shortcomings of mifare 1, it has a difference with the mifare 1 card, then what advantage cpu card?:
(1) storage space and partition
mifare 1 card storage space is very limited, and take a fixed sector, block management.
cpu card storage space is mifare 1 card several times, now fully meet the storage needs, its use is similar to file storage operating system, the design is very flexible.
(two) key length
mifare 1 card with a 6 byte password, sector control.
the cpu card uses 16 byte key, and can set up multi-level partition according to the actual need, and realizes the combination control of the multi-level multi-level key.
(three) encryption authentication algorithm
mifare 1 card using a dedicated open hardware logic algorithm, has been cracked.
cpu card using universal software or hardware acceleration algorithm, and can be customized, and reached the financial standards.
(four) read and write security module
mifare 1 card uses the built-in key to send the algorithm, the authentication method for the card and the special base station chip authentication, this technology has been cracked.
cpu card using the universal read and write module transparent transmission, in conjunction with the sam key algorithm, the authentication in the internal side of the card, the use of encrypted random number in the transmission process, greatly improving the security of reading and writing.
(five) trading process
mifare 1 card transaction process is not simple, you need to customize the pull process.
cpu card with financial standards and specifications, but also flexible design by the user, the built-in anti pull process.
(six) access control
mifare 1 card is read-only, write only, read and write, addition and subtraction operation.
cpu card for different file types flexible design authentication mode.
(seven) the advantage of.cpu card
from the point of view of system security, ic card is also on the progress of security, cpu card on the security of its vitality is the most exuberant. cpu card can use a variety of security, and even can play a role in the protection of software systems. can use a variety of different applications, such as virtual mifare 1 card storage structure, that is, a multi-purpose card. the combination of cos and software system improves the flexibility of operation.
3, card system upgrade program
(a) the overall idea of system upgrade
a multi-purpose card is the smart card system should achieve the basic functions. that is, access control, consumer, medical, reimbursement systems and other systems set in a card, and set aside a variety of other systems and applications to expand the space, to achieve the true sense of a card in hand, convenient and worry free".
"smart card" system should realize the real intelligent centralized management function, namely the establishment of a unified centralized management center, namely access management system can carry out centralized issuing, centralized authorization, centralized and unified management, the loss of each subsystem, ensure the synchronous data of each subsystem and complete, realize the true meaning of the subsystems "resource sharing".
smart card system should establish a common database to achieve a unified data storage and data sharing. at the same time should be reserved for a variety of data interfaces, in order to connect with other intelligent information management system.
in addition to using the cpu card as a card system card in vitro, but also from two aspects to consider cpu card security access control upgrades, including cpu card key management system and cpu carmen card reader.
1.cpu card key management system
the key management is the foundation of the whole system, which is based on ic card. users can generate, distribute and update the key through the key management system, which is directly related to the security of the whole system. users can manage various types of keys to complete the card initialization, to ensure that users have the key to the management and distribution of the initiative.
the key data can be ab code, key seed, etc.. ab code is actually a form of key seed, it will be divided into two parts of the ab, respectively, by the control of two people, so as to improve security.
in the initialization phase of the cpu card, will complete the initialization of the card and the card key filling structure. in simple terms, first of all, we should establish the mf key file for the cpu card; secondly, according to the classification of the application, establish the corresponding ddf and adf key file; finally, establish the ef file in the application directory.
2.cpu card reader
cpu card reader will be the introduction of authentication security mechanism in the field of access control. using the cpu card reader, and the application of the security authentication read and write mechanism. a secure access module (sam) can be built inside the card reader, which establishes a complete and strict key management system with the cpu card. after the key is injected into the sam card, the external cannot be read. insert the sam card into the card reader, and the sam card and the cpu card. verification of the message is involved in the calculation of random factors, the same card in a device on the card, each time is not the same, to prevent the emergence of pseudo card.
(three) system function expansion
in order to make full use of the characteristics of cpu card with high safety storage, safety certification can be higher level objects stored on the card. there are more common in fingerprint authentication, access control and identification, the fingerprint authentication to quickly and accurately identify "witness identity", in order to prevent impersonation documents and forgery and other events.
the cpu card as the data storage carrier "card" system function expansion, can achieve attendance, patrol, migrant workers management, visitor management, conference attendance function, parking lot management, elevator management, energy management control even further implementation.
to sum up, due to the technical advantages of the cpu card, you can apply the cpu card "card" system can be successfully completed, security certification in place of the smart card system.
4, cpu card promotion challenges
for the current cpu card, card cost, compatibility with existing card system and ease of use is the main challenge for further applications.
at present, the general cpu card contactless ic card cost is higher than conventional twice, for transportation card, bank card etc. these relatively high-end applications can accept, and for the enterprises and institutions in the "one card" system, campus card, parking management system application, this high cost will limit its in these areas the development of.
at this stage, a large number of non-contact ic card system, especially the reading and writing devices, are basically built on the mifare technology system. for so many applications, the replacement of all infrastructure is obviously not very realistic, often resulting in increased costs. so, with a good compatibility of the cpu card upgrade program is the main thrust of the rapid development of cpu technology.
in the cpu card to expand very good areas, such as traffic card, finance and e-government, etc., because the application of the system's interactive requirements are very high, so there is a common standard and norms. so having a plug and play cpu card solution is particularly important for the rapid development of cpu technology in this field.
focusing on the above challenges, in the selection of the cpu card, we must pay attention to the card cost, compatibility, ease of use, the only way to effectively promote the application and development of cpu card technology in various fields.
5, concluding remarks
overall, the development of the card system will be more rapid, more abundant applications. security and integration will be the goal and direction of its development. it is imperative to upgrade and integrate the existing systems. because the cpu card has a good security encryption characteristics, so it is more suitable for security protection products. in particular, the characteristics of high storage capacity makes it more suitable for the "one card" system to achieve the goal of a multi-purpose card. at this stage, the use of cpu card as a card system upgrade card should be a good choice.