WO2007123005A1 - 磁気カード読み取りシステム - Google Patents
磁気カード読み取りシステム Download PDFInfo
- Publication number
- WO2007123005A1 WO2007123005A1 PCT/JP2007/057734 JP2007057734W WO2007123005A1 WO 2007123005 A1 WO2007123005 A1 WO 2007123005A1 JP 2007057734 W JP2007057734 W JP 2007057734W WO 2007123005 A1 WO2007123005 A1 WO 2007123005A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- computer
- key
- digital
- magnetic card
- central processing
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/08—Methods or arrangements for sensing record carriers, e.g. for reading patterns by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes
- G06K7/081—Methods or arrangements for sensing record carriers, e.g. for reading patterns by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes electrostatic, e.g. by detecting the charge of capacitance between electrodes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
- G06F21/445—Program or device authentication by mutual authentication, e.g. between devices or programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/08—Methods or arrangements for sensing record carriers, e.g. for reading patterns by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes
- G06K7/082—Methods or arrangements for sensing record carriers, e.g. for reading patterns by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes using inductive or magnetic sensors
- G06K7/083—Methods or arrangements for sensing record carriers, e.g. for reading patterns by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes using inductive or magnetic sensors inductive
- G06K7/084—Methods or arrangements for sensing record carriers, e.g. for reading patterns by means detecting the change of an electrostatic or magnetic field, e.g. by detecting change of capacitance between electrodes using inductive or magnetic sensors inductive sensing magnetic material by relative movement detecting flux changes without altering its magnetised state
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
- G06Q20/40975—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0873—Details of the card reader
- G07F7/0893—Details of the card reader the card reader reading the card in a contactless manner
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B17/00—Guiding record carriers not specifically of filamentary or web form, or of supports therefor
- G11B17/02—Details
- G11B17/04—Feeding or guiding single record carrier to or from transducer unit
- G11B17/0408—Feeding or guiding single record carrier to or from transducer unit of non-disc record carrier, e.g. card
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B25/00—Apparatus characterised by the shape of record carrier employed but not specific to the method of recording or reproducing, e.g. dictating apparatus; Combinations of such apparatus
- G11B25/04—Apparatus characterised by the shape of record carrier employed but not specific to the method of recording or reproducing, e.g. dictating apparatus; Combinations of such apparatus using flat record carriers, e.g. disc, card
- G11B25/046—Apparatus characterised by the shape of record carrier employed but not specific to the method of recording or reproducing, e.g. dictating apparatus; Combinations of such apparatus using flat record carriers, e.g. disc, card using stationary discs, or cards provided with a circular recording area
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
- H04L9/0844—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/12—Transmitting and receiving encryption devices synchronised or initially set up in a particular manner
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B2220/00—Record carriers by type
- G11B2220/17—Card-like record carriers
Definitions
- the present invention relates to a magnetic card reading system that reads data stored in a magnetic card.
- the magnetic head is formed of a head body that reads data stored in a magnetic card, and a control unit that converts an analog signal read by the head body into a digital signal and encrypts the digital signal using a one-way function. It has been.
- the head body and the control unit are accommodated in the head container.
- the control unit of the magnetic head encrypts the digital signal using the key stored in the RAM, and transmits the encrypted digital signal to the computer.
- the control unit of the computer decrypts the encrypted digital signal using the key stored therein.
- the control unit of the computer instructs the control unit of the magnetic head to change the key.
- the key change procedure in this system is as follows.
- the control unit of the computer When the digital signal received from the magnetic head is decrypted, the control unit of the computer newly generates a key and transmits the generated key to the control unit of the magnetic head.
- the control unit of the magnetic head changes the existing key stored in the RAM to a newly transmitted key.
- the computer control section transmits the function change instruction and the new function to the magnetic head control section.
- the control unit of the magnetic head changes the existing function to the newly transmitted function.
- Patent Document 1 Japanese Patent Laid-Open No. 2001-143213
- a magnetic head and a computer are Mutual authentication cannot be performed between each other, so it is impossible to judge each other's legitimacy, even if a fake computer is connected to a magnetic head or a fake magnetic head is connected to a computer. I can't see it. Therefore, in this system, a third party illegally enters the system using a fake computer or a fake magnetic head and steals card data such as a magnetic force card number, personal identification number, user ID, and password. be able to.
- the computer control unit sends a newly generated key to the magnetic head control unit, the key may be illegally obtained by a third party during the key transmission process, and the third party obtains the key.
- the premise of the present invention to solve the above problems is formed from a magnetic card reader having a magnetic card force for reading predetermined data and a magnetic head for reading the data, and a computer connected to the magnetic card reader. Magnetic card reading system.
- the magnetic head has a core including a coil that converts data stored in the magnetic card into an analog signal, and is connected to the coil to convert the analog signal into a digital signal.
- a conversion chip and a digital IC connected to the AZD conversion chip are formed, and the computer and digital IC have mutual authentication means for mutual authentication, and the computer and digital IC are mutual authentication means.
- the decoding means for decoding the digital signal thus obtained is executed.
- a computer and a digital IC are configured to encrypt and decrypt a digital signal in synchronization with each other each time a digital signal encrypted by encryption means is input to the computer.
- the key generation means for sequentially generating the same new 2nd to nth keys necessary for encryption is executed, and the digital signal encrypted and the encrypted digital signal using the generated 2nd to nth keys are executed. Is decrypted.
- a hash output value obtained by hashing a predetermined initial value with a predetermined one-way hash function is used for the second key generated by the key generation unit.
- a hash output value obtained by further hashing the hash output value that is the previous key hashed by the one-way hash function by the one-way hash function is used. Yes.
- the computer and the digital IC synchronize with each other using the same and finite regression counter values preliminarily stored in the computer and the digital IC.
- the hash output values that are generated in order and become the 2nd to nth keys include the hash output values obtained by hashing the regression counter values.
- the computer determines that the decryption using the key generated by the key generation unit is impossible, the computer executes the mutual authentication unit again with the digital IC, and After determining that the mutual authentication result by the mutual authentication means is valid, the digital IC resets the regression counter value to the initial value and synchronizes again.
- the magnetic head includes a housing that encloses the outer periphery thereof, and the core, the AZD conversion chip, and the digital IC are accommodated in the housing.
- an AZD conversion chip and a digital IC are fixed to the housing by a solid substance filled inside the housing.
- a computer and a digital IC are connected.
- mutual authentication means it is possible to determine the validity of each other, so even if a fake computer is connected to a magnetic head or a fake magnetic head is connected to a computer, I can see through.
- the system prevents third parties from entering the system using a fake computer or fake magnetic head, and prevents theft of card data such as the card number and password of the magnetic card and the key. .
- the digital IC executes the encryption means and the transmission means, and the computer executes the decryption means.
- the card data stored on the magnetic card can be surely prevented from being stolen, and unauthorized copying of the magnetic card by a third party can be prevented. it can.
- a third party who has stolen card data performs a so-called “spoofing” act of creating a fake site on a bank or credit card company site, and conducts fraudulent transactions with the bank or credit card company.
- this system cannot create a fake site because the third party cannot steal the card data of the magnetic card, and can prevent “spoofing” by the third party.
- a magnetic card reading system in which a computer and a digital IC synchronize with each other to sequentially generate the same second to n-th keys necessary for encryption and decryption of a digital signal is provided between a computer and a digital IC. Since the 2nd to nth keys are individually generated, it is possible to prevent unauthorized acquisition of keys during the key transmission process that does not require the transmission of keys from the computer to the digital IC. In this system, the digital IC always uses another key for encryption, and the computer always uses another key for decryption, so even if the key is obtained by a third party. However, the card data stored in the magnetic card cannot be decrypted, and illegal copying of the magnetic card by a third party and “spoofing” by a third party can be effectively prevented.
- the generated second key is a hash output value obtained by hashing the initial value with a one-way hash function
- the generated third to n-th keys are the previous key hashed with a one-way hash function.
- the hash output value is further hashed with a one-way hash function. Since the magnetic card reading system that is the hash output value uses a hash value as a key, even if the key is obtained by a third party illegally However, the key cannot be decrypted. The use of the key by the person can be surely prevented. This system cannot decrypt the card data even if the card data key of the magnetic card is obtained by a third party. It can effectively prevent “spoofing”.
- a magnetic card reading system that sequentially generates the second to n-th keys while the computer and the digital IC synchronize with each other using the same and finite regression counter value, the computer generated key and the digital IC are It is possible to match the key to be generated, and it is possible to prevent the inability to decrypt the digital signal due to the mismatch of the generated key. Since the hash output values that are the hash values of the regression counters are included in the hash output values that are the 2nd to nth keys, even if a third party enters the system illegally, The counter value cannot be deciphered, and it cannot be determined which counter value is used by the computer and the digital IC to synchronize.
- This system cannot decrypt the stolen card data because the key generated by the computer cannot match the key generated by the digital IC even if a third party enters the system illegally. It is not possible to effectively prevent unauthorized duplication of magnetic cards by third parties and “spoofing” by third parties.
- the mutual authentication means is executed again with the digital IC, and the computer and the digital IC return after the authentication result is determined to be valid.
- a magnetic card reader system that resets the counter value to the initial value and synchronizes again. Even if the generated key does not match, the computer and digital IC can reset the regression counter value to the initial value and synchronize again. Therefore, the key generated by the computer and the key generated by the digital IC can be matched again, and the inability to decrypt the force data due to the mismatch of the generated keys can be prevented.
- a magnetic card reading system in which a core, an AZD conversion chip, and a digital IC are housed in a housing that encloses the outer periphery of the magnetic head is converted into an analog signal or a digital signal unless the magnetic head itself is disassembled.
- the card data stored on the magnetic card can be reliably prevented from being stolen, and unauthorized copying of the magnetic card by a third party or “spoofing” by a third party can be prevented. Can be effectively prevented.
- the AZD conversion chip and the digital IC are fixed inside the housing with a synthetic resin.
- the synthetic resin In the magnetic card reading system, the synthetic resin must be removed when disassembling the magnetic head, and the AZD conversion chip and the digital IC are destroyed when the synthetic resin is removed. This prevents installation of data theft devices, and effectively prevents unauthorized duplication of magnetic cards by third parties and “spoofing” by third parties.
- FIG. 1 is a hardware configuration diagram of a magnetic card reading system shown as an example.
- FIG. 2 Schott al.
- FIG. 3 is a partially broken perspective view of a magnetic head.
- FIG. 4 is a block diagram showing an example of processing performed by the system.
- FIG. 5 is a ladder diagram showing an example of external authentication.
- FIG. 6 Ladder diagram showing an example of internal authentication.
- FIG. 7 is a ladder diagram showing an example of main processing in the system.
- FIG. 8 is a diagram for explaining generation of keys used for encryption key and decryption key.
- FIG. 9 is a diagram for explaining generation of keys used for encryption key and decryption key.
- FIG. 10 is a diagram for explaining generation of keys used for encryption key and decryption key.
- FIG. 11 is a diagram for explaining generation of keys used for encryption key and decryption key.
- FIG. 12 is a diagram for explaining generation of keys used for encryption key and decryption key.
- FIG. 13 is a diagram for explaining generation of keys used for encryption key and decryption key.
- FIGS. 1 and 2 are a hardware configuration diagram of a magnetic card reading system 10 shown as an example, and a schematic diagram of an internal structure of a magnetic card reader 12 shown as an example.
- FIGS. 3 and 4 are a partially broken perspective view of the magnetic head 17 shown by cutting a part of the housing 23, and a block diagram showing an example of processing performed by the system 10.
- FIG. 3 the tip 27 of the core 24 is in contact with the surface of the magnetic card 11, and the synthetic resin 28 (solid substance) filled in the housing 23 is partially omitted.
- the magnetic card reading system 10 includes a magnetic card reader 12 that converts card data stored in the magnetic layer 31 of the magnetic card 11 into an electric signal, and a host computer 13.
- the card reader 12 and the computer 13 are connected via an interface (wired or wireless).
- Card data includes card numbers, PINs, user IDs, passwords, personal information of cardholders, and details of commercial transactions.
- the magnetic card reader 12 is of an insertion electric type and has a built-in controller (not shown).
- the card reader 12 has a card insertion opening 14 formed at the front end, a force card discharge opening 15 formed at the rear end, and a card guide rail 16 connected from the card slot inlet 14 to the card discharge opening 15.
- a magnetic head 17 to be described later is attached to the center of the card reader 12.
- the discharge port 15, and the magnetic head 17, optical sensors 18, 19, and 20 for detecting the position of the magnetic card 11 that moves the guide rail 16 are attached.
- the magnetic card 11 When the magnetic card 11 is inserted from the insertion slot 14, the card 11 automatically moves along the guide rail 16 and is ejected from the ejection slot 15.
- the movement of the card 11 on the guide rail 16 is performed by a belt 21 mounted in the card reader 12.
- the belt 21 is driven by a motor 22 installed in the card reader 12.
- the magnetic head 17, the sensors 18, 19, 20 and the motor 22 are connected to the controller of the card reader 12.
- the controller is connected to the computer 13 and drives and stops the motor 22 by turning the switch ON / OFF, and outputs a card data reading start command and a card data reading stop command to the magnetic head 17.
- the magnetic head 17 is provided with a housing 23 covering its outer peripheral surface and a coil (not shown) for converting card data stored in the magnetic card 11 into an analog signal.
- the microprocessor 26 has a central processing unit and a storage unit (flash memory or EEROM).
- the AZD conversion chip 24 is connected to the core 25, and the microprocessor 26 is connected to the AZD conversion chip 24 and the computer 13.
- the central processing unit of the microprocessor 26 starts a program stored in the storage unit based on control by the operating system, and executes mutual authentication means, encryption means, and transmission means described later according to the program.
- the magnetic head 17 ⁇ is replaced with the microprocessor 26, and a digital IC of one of the gate array, field programmable gate array, and dedicated hardware is installed!
- the core 24, the AZD conversion chip 25, and the microprocessor 26 are accommodated in the housing 23. It should be noted that the lower end force of the housing 23 is also exposed to the outside at the front end portion 27 of the core 24.
- the entire AZD conversion chip 25 and the microprocessor 26 are fixed to the housing 23 by a synthetic resin 28 (solid substance) filled in the housing 23.
- a synthetic resin 28 solid substance
- the synthetic resin 28 it is preferable to use a thermosetting synthetic resin, but in addition to the thermosetting synthetic resin, a thermoplastic synthetic resin can also be used.
- inorganic compounds such as ceramics (solid substances) having high resistance to chemical solvents can also be used.
- the magnetic card 11 is arranged in the order of a color printing layer 29, a base layer 30, a magnetic layer 31, a shielding layer 32, and a printing layer 33 from the bottom surface.
- the magnetic layer 31 is made of a ferromagnetic material
- the base layer 30 is made of polyethylene terephthalate.
- the host computer 13 has a central processing unit and a storage device, and incorporates a large capacity node disk.
- the computer 13 includes a display (display device 34) for displaying various data, a keyboard (input device 35) and a mouse (input device 35) for adding and changing data, and a printer (output device for printing data).
- Output device 35 And power interface (wired or wireless).
- the central processing unit of the computer 13 starts a program stored in the instruction file of the storage device based on control by the operating system, and executes mutual authentication means, decryption means, output means, and storage means to be described later according to the program. To do.
- the card reader 12 is connected to the computer 13, the display device 34, and the input / output device 35 through the wiring.
- the central processing unit of the computer 13 and the central processing unit of the microprocessor 26 perform an initial test (S-10). In the initial test, a memory test (S 11) and a code signing (S-12) are performed. Code signing determines whether the object code of the firmware has been rewritten.
- the central processing unit of the computer 13 and the central processing unit of the microprocessor 26 perform mutual authentication to determine their validity (mutual authentication means) (S-13). ). In mutual authentication, after the computer 13 performs external authentication (S—14) for authenticating the validity of the magnetic head 17, the magnetic head 17 performs internal authentication (S—15) for authenticating the validity of the computer 13. .
- the magnetic card reader 12 can read the magnetic card 11.
- the main process (S-16) is performed between the computer 13 and the microprocessor 26.
- the card reader 12 cannot read the magnetic card 11 and unreadable information appears on the display 34 of the computer 13. Indicated.
- Mutual authentication is performed each time the system 10 is started, and when the system 10 is continuously operated, it is performed on a daily, weekly, or monthly basis. This also occurs when the synchronization between the processing unit and the central processing unit of the microprocessor 26 becomes inconsistent.
- FIG. 5 is a ladder diagram showing an example of external authentication
- FIG. 6 is a ladder diagram showing an example of internal authentication.
- the authentication procedure in external authentication is as follows.
- the central processing unit of the host computer 13 generates a random number (authenticator) in the central processing unit of the microprocessor 26. And transmission are requested (S-20).
- the central processing unit of the microprocessor 26 generates a 64-bit random number according to the command of the computer 13 and transmits the generated random number to the central processing unit of the computer 13 (S-21).
- the central processing unit of the computer 13 that acquired the 64-bit random number uses the authentication key stored in the storage device, encrypts the random number with Triple DES (Triple Data Encryption Standard), and then encrypts the random number.
- Triple DES Triple Data Encryption Standard
- the central processing unit of the microprocessor 26 uses the authentication key stored in the storage unit to decrypt the random number encrypted by Triple DES (S-23).
- the central processing unit of the microprocessor 26 compares the generated random number with the decrypted random number, and determines that the authentication result is valid if both are the same, and the authentication result valid data is processed by the central processing of the computer 13.
- Send to device On the other hand, if the generated random number is different from the decrypted random number, the authentication result is determined to be invalid, and the authentication result invalid data and the magnetic card unreadable data are transmitted to the central processing unit of the computer 13.
- the computer 13 acquires the external authentication result from the microprocessor 26 (S-24).
- Triple DES reinforces cryptographic strength by reducing key expansion and algorithm bias by repeating single data encryption standard (DES) three times.
- Triple DES includes 3-Key Triple DES, which has three different keys, and 2-Key Triple DES, which uses the same key for the first and third time.
- Triple DES running on system 10 can be either 3—Key Triple DES or 2—Key Triple DES.
- the DES executed in the system 10 may be a single DES that is not a triple DES.
- the authentication procedure in the internal authentication is as follows.
- the central processing unit of the computer 13 generates a 64-bit random number (authenticator) and sends it to the central processing unit of the microprocessor 26 (S-25).
- the central processing unit of the microprocessor 26 that has acquired the 64-bit random number uses the authentication key stored in the storage unit, encrypts the random number with triple DES, and then encrypts the random number into the central part of the computer 13. It is sent to the processing device (S-26).
- the central processing unit of the computer 13 uses the authentication key stored in the storage device and decrypts the random number encrypted by triple DES (S-27).
- the central processing unit compares the generated random number with the decrypted random number, and if the two are the same, determines that the authentication result is valid. I refuse. On the other hand, if the generated random number is different from the decrypted random number, the authentication result is determined to be invalid, and the card reader 12 cannot read the magnetic card 11.
- FIG. 7 is a ladder diagram showing an example of main processing in the system 10.
- 8 to 13 are diagrams for explaining generation of keys used for encryption key and decryption key.
- the magnetically magnetized magnetic layer 31 of the magnetic card 11 passes through the tip 27 (gap of the core 24) of the core 24 of the magnetic head 17, a magnetic flux is generated in the core 24, and is linked to the magnetic flux.
- An electromotive force is generated and current flows through the coil.
- the value of the current flowing through the coil varies with the change in magnetic flux.
- the card data stored in the magnetic layer 31 of the magnetic card 11 is taken out as an analog signal by the coil and input to the AZD conversion chip 25 connected to the coil.
- the AZD conversion chip 25 converts an analog signal, in which the coil force is also input, into a digital signal.
- the digital signal is input from the AZD conversion chip 25 to the microprocessor 26 and stored in the storage unit of the microprocessor 26.
- the central processing unit of the computer 13 When the central processing unit of the computer 13 receives the data holding information or the data non-holding information, it uses the information transmission / reception key to decrypt the data holding information or the data non-holding information by triple DES. When the central processing unit receives the data non-retention information, it sends an encrypted data confirmation command to the microprocessor 26 again at a predetermined interval, and inquires of the microprocessor 26 whether there is card data to be processed in the storage unit. (Data confirmation command). When receiving the data holding information, the central processing unit requests the microprocessor 26 to transmit the card data stored in the storage unit of the microprocessor 26 (data transmission command).
- the central processing unit of the microprocessor 26 takes out the digital signal (card data) and the encryption key from the storage unit, and encrypts the digital signal using the key to obtain encrypted data (encryption data). (S-33).
- the central processing unit transmits the B note data to the host computer 13 (transmission means).
- the host computer 13 has an amplification circuit (not shown) that amplifies the encrypted data, takes out a decryption key from the storage device, and decrypts the encrypted data amplified by the amplification circuit using the key (decryption). (S-34).
- the central processing unit extracts the first key corresponding to the counter table power 1 corresponding to the counter value 1, and uses the first key to encrypt the digital signal and the counter value 1 by triple DES (3-Key Triple DES).
- the encrypted data (encryption means) is transmitted to the central processing unit of the computer 13 (transmission means). After sending the encrypted data to the computer 13, the central processing unit changes the regression counter value from 1 to 2, The counter value 2 is stored in the storage unit and the first digital signal (card data) is deleted from the storage unit.
Abstract
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
BRPI0709520-1A BRPI0709520A2 (pt) | 2006-04-19 | 2007-04-06 | sistema de leitura de cartão magnético |
MX2008013452A MX2008013452A (es) | 2006-04-19 | 2007-04-06 | Sistema lector de tarjetas magneticas. |
EP07741170A EP2009635A4 (en) | 2006-04-19 | 2007-04-06 | MAGNETIC CARD READING SYSTEM |
CN200780013769.5A CN101421790B (zh) | 2006-04-19 | 2007-04-06 | 磁卡读取器系统 |
US12/225,886 US7997488B2 (en) | 2006-04-19 | 2007-04-06 | Magnetic card reader system |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2006115297A JP4919690B2 (ja) | 2006-04-19 | 2006-04-19 | 磁気カード読み取りシステム |
JP2006-115297 | 2006-04-19 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2007123005A1 true WO2007123005A1 (ja) | 2007-11-01 |
Family
ID=38624911
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2007/057734 WO2007123005A1 (ja) | 2006-04-19 | 2007-04-06 | 磁気カード読み取りシステム |
Country Status (7)
Country | Link |
---|---|
US (1) | US7997488B2 (ja) |
EP (1) | EP2009635A4 (ja) |
JP (1) | JP4919690B2 (ja) |
CN (1) | CN101421790B (ja) |
BR (1) | BRPI0709520A2 (ja) |
MX (1) | MX2008013452A (ja) |
WO (1) | WO2007123005A1 (ja) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2009157611A (ja) * | 2007-12-26 | 2009-07-16 | Cis Electronica Industria & Comercio Ltda | 磁気ヘッド |
JP5648170B2 (ja) * | 2008-09-30 | 2015-01-07 | 日本電産サンキョー株式会社 | 磁気ヘッド及びそれを備えた磁気カードリーダ |
CN101635920B (zh) * | 2009-08-19 | 2012-07-04 | 中兴通讯股份有限公司 | 服务提供客户端、无线终端以及实现绑定的方法 |
JP2011101192A (ja) * | 2009-11-05 | 2011-05-19 | Nippon Telegr & Teleph Corp <Ntt> | 伝送装置及び伝送方法 |
DE102010039845A1 (de) * | 2010-08-26 | 2012-03-01 | Robert Bosch Gmbh | Verfahren zum Übertragen von Sensordaten |
US8925817B2 (en) | 2012-11-04 | 2015-01-06 | Id Tech | Card reader and method of use thereof |
JP6453202B2 (ja) * | 2015-10-30 | 2019-01-16 | 日本電産サンキョー株式会社 | 相互認証装置及び相互認証方法 |
JP2017118312A (ja) * | 2015-12-24 | 2017-06-29 | 日本電気株式会社 | 無線通信システム、サーバ、端末、無線通信方法、および、プログラム |
JP7160443B2 (ja) * | 2020-04-24 | 2022-10-25 | 日本電気株式会社 | 無線通信システム、サーバ、端末、無線通信方法、および、プログラム |
US20230046788A1 (en) * | 2021-08-16 | 2023-02-16 | Capital One Services, Llc | Systems and methods for resetting an authentication counter |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001143213A (ja) | 1999-08-30 | 2001-05-25 | Anritsu Corp | 磁気ヘッドおよびそれを用いた端末機器 |
JP2005267031A (ja) * | 2004-03-17 | 2005-09-29 | Matsushita Electric Ind Co Ltd | カードリーダおよび決済端末および決済処理システム |
Family Cites Families (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS5979417A (ja) * | 1982-10-28 | 1984-05-08 | Sony Corp | 磁気ヘツド装置 |
JPH0610826B2 (ja) * | 1987-04-27 | 1994-02-09 | 東急車輌製造株式会社 | デ−タ読み取り装置 |
JP2821306B2 (ja) * | 1992-03-06 | 1998-11-05 | 三菱電機株式会社 | Icカードと端末機との間の認証方法およびそのシステム |
JPH0997313A (ja) * | 1995-10-02 | 1997-04-08 | Nippon Conlux Co Ltd | 情報記録再生装置 |
JPH09149025A (ja) * | 1995-11-24 | 1997-06-06 | Sezon Joho Syst:Kk | 暗号通信方法及び暗号通信システム |
US6128391A (en) * | 1997-09-22 | 2000-10-03 | Visa International Service Association | Method and apparatus for asymetric key management in a cryptographic system |
US6088800A (en) * | 1998-02-27 | 2000-07-11 | Mosaid Technologies, Incorporated | Encryption processor with shared memory interconnect |
JP4261724B2 (ja) * | 1999-03-10 | 2009-04-30 | キヤノン株式会社 | 署名データ生成装置及び画像検証装置 |
SE517460C2 (sv) * | 2000-03-24 | 2002-06-11 | Imp Internat Ab | Metod och system för kryptering och autentisiering |
JP2003317202A (ja) * | 2002-04-11 | 2003-11-07 | Cis Electronica Industria & Comercio Ltda | 磁気読み取り装置の磁気ヘッド |
AU2004201807A1 (en) * | 2003-05-09 | 2004-11-25 | Nor Azman Bin Abu | Method and apparatus for the generation of public key based on a user-defined ID in a cryptosystem |
-
2006
- 2006-04-19 JP JP2006115297A patent/JP4919690B2/ja not_active Expired - Fee Related
-
2007
- 2007-04-06 MX MX2008013452A patent/MX2008013452A/es active IP Right Grant
- 2007-04-06 WO PCT/JP2007/057734 patent/WO2007123005A1/ja active Application Filing
- 2007-04-06 US US12/225,886 patent/US7997488B2/en not_active Expired - Fee Related
- 2007-04-06 CN CN200780013769.5A patent/CN101421790B/zh not_active Expired - Fee Related
- 2007-04-06 EP EP07741170A patent/EP2009635A4/en not_active Withdrawn
- 2007-04-06 BR BRPI0709520-1A patent/BRPI0709520A2/pt not_active Application Discontinuation
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2001143213A (ja) | 1999-08-30 | 2001-05-25 | Anritsu Corp | 磁気ヘッドおよびそれを用いた端末機器 |
JP3496022B2 (ja) * | 1999-08-30 | 2004-02-09 | Necインフロンティア株式会社 | 磁気ヘッドおよびそれを用いた端末機器 |
JP2005267031A (ja) * | 2004-03-17 | 2005-09-29 | Matsushita Electric Ind Co Ltd | カードリーダおよび決済端末および決済処理システム |
Non-Patent Citations (1)
Title |
---|
SCHNEIER B.: "Applied Cryptography", vol. 2ND ED., 1996, JOHN WILEY & SONS, INC., pages: 203 - 206, XP002410249 * |
Also Published As
Publication number | Publication date |
---|---|
CN101421790A (zh) | 2009-04-29 |
BRPI0709520A2 (pt) | 2011-07-19 |
CN101421790B (zh) | 2011-01-19 |
MX2008013452A (es) | 2009-02-11 |
US7997488B2 (en) | 2011-08-16 |
US20090114724A1 (en) | 2009-05-07 |
EP2009635A1 (en) | 2008-12-31 |
EP2009635A4 (en) | 2012-01-18 |
JP2007287003A (ja) | 2007-11-01 |
JP4919690B2 (ja) | 2012-04-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP4919690B2 (ja) | 磁気カード読み取りシステム | |
US7703676B2 (en) | Encrypting the output of a card reader in a card authentication system | |
EP1855281B1 (en) | Apparatus for writing data to a medium | |
JP3902440B2 (ja) | 暗号通信装置 | |
EP1349034A2 (en) | Service providing system in which services are provided from service provider apparatus to service user apparatus via network | |
WO2010095703A1 (ja) | センサモジュールおよびセンサモジュールの製造方法 | |
WO2001054099A1 (fr) | Systeme d'authentification de donnees | |
CN102932143B (zh) | 数字审讯设备中的认证、加密解密与防篡改方法 | |
JP2005157930A (ja) | 機密情報処理システムおよびlsi | |
WO2009081896A1 (ja) | 磁気ヘッド | |
JP2009157611A5 (ja) | ||
WO2013025091A1 (en) | Mobile access control system involving a quantum random number generator | |
JP4104801B2 (ja) | Icカード読取装置及びicカードシステム | |
WO2007128418A1 (en) | Apparatus for writing data to a medium | |
TWI337032B (en) | System and method for code authentication | |
JP2008046906A (ja) | Icカード、及び生体情報登録及び認証システム | |
JP2001134738A (ja) | Icカード、及びicカード読取装置 | |
JP2000148939A (ja) | Idカードセキュリティシステムとその装置と方法 | |
JPH10255005A (ja) | 利用者認証方式 | |
KR20020055544A (ko) | 일회성 암호화 방식을 이용한 인증 시스템 및 방법 | |
AU718248B2 (en) | Device and method for authenticating and certifying printed documents | |
JP2003174442A (ja) | 暗号鍵生成処理方法 | |
JP4363796B2 (ja) | 復号装置 | |
JP2007249629A (ja) | 生体情報登録システム | |
KR101470053B1 (ko) | 일반모드 및 보안모드를 지원하는 rfid 태그, 인터로게이터, 및 그의 동작 방법 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07741170 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 12225886 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 200780013769.5 Country of ref document: CN Ref document number: MX/A/2008/013452 Country of ref document: MX |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2007741170 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: PI0709520 Country of ref document: BR Kind code of ref document: A2 Effective date: 20081016 |