Cixi Xinshi Electronics Co. Ltd.
Add : 299#，Shuntai Road,KanXi
With the non-contact logic encryption card application process, shortcomings of the non-contact logic encryption card technology is also increasingly exposed, it is difficult to meet the higher security and much more complex applications demand. Especially in October 2008, the Internet announced the crack MIFARECLASSICIC chip (hereinafter referred to as M1 chip) password, criminals use this method can very low economic cost to use all kinds of the chip card, access control IC card for illegally prepaid or copy, bring a lot of social security. Therefore, non-contact CPU card technology is becoming a kind of technical renewal choice.
Key management system (KeyManagementSystem), also referred to as KMS, is the core of the IC project safety. How to carry out the safety management of the key, runs through the whole life cycle of IC card application.
1, non contact logic encryption IC card security authentication relies on the calibration of each sector independent KEYA and KEYB can by Sector control word of KEYA KEYB different safe combination, achieve a sector of data read and write security control. The non-contact logic encryption card personalization is relatively simple, mainly including KEYA, KEYB and data sectors during the update, all sensitive data including KEYA and KEYB are directly in plaintext form update.
The check mechanism of KEYA and KEYB, can only solve the card to the terminal authentication, and can not solve the authentication of the card terminal, which are commonly called "pseudo card" risk.
The non-contact logic encryption IC card key is a prespecified fixed password, no matter what method is used to computing key. Finally there must be, and originally written to the fixed password, you can read and write operations on the protected data. So whether it is a card of a dense system or unity of the password system, after the break can realize the non-contact logic encryption and decryption of the IC card. A lot of people think as long as it is the use of a card of a dense, real-time online system or the non-contact logic encryption IC card ID number will be able to avoid the key is decrypted, in fact, the non-contact logic IC card encryption and decryption means that M1 card can be copied, using an online system as much as possible to avoid being illegally prepaid, but can not guarantee illegal consumption, namely copy a piece of the same ID number of the M1 card, illegal consumption can be made. Now you can use FPGA to complete replication technology. Based on this principle, the M1 card is not secure.