Security access control scheme based on M1 card upgrade CPU card technology

Overview and application status of IC card access control

IC card access control overview

System overview: Use IC card as the carrier to realize identity recognition and access control.

System composition:
Input device: card, access control reader
Control part: door controller
Execution part: access control equipment for channels such as electric locks, barriers, gates, etc.
Others: card issuer, door opening button, operating network environment, and related accessories

The induction IC card access control system has multiple functions such as place access control, real-time monitoring, security and anti-theft alarm, etc. It mainly facilitates the entry and exit of internal personnel and prevents outsiders from entering and exiting at will. It not only facilitates internal management, but also enhances internal security. Provide users with a safe and efficient working and living environment.

Current status of IC card access control applications

The access control system is based on the integrated wiring system and the computer network as the bridge, which realizes the communication and management automation in function.

As an advanced security and management method, the access control system has been widely used in government, enterprises, military, finance, industrial parks and other fields with its own advantages—active control instead of passive surveillance.

IC card security

Card security-challenges

At present, most of the access control cards used in existing access control systems are logical encryption cards or read-only cards (such as M1 cards, ID cards, and HID cards).

The “security door” incident of M1 card-the cracking and duplication of M1 card, as an important carrier of access control system identification, the security of IC card is facing huge challenges.

“Notice on Doing a Good Job in Responding to Serious Security Vulnerabilities in Some IC Cards”

The security of the card has attracted great attention from the relevant departments of the Chinese government and demanded that countermeasures be taken as soon as possible.

Card security-logical encryption card

Contactless IC cards can be divided into logical encryption cards and CPU cards.

The non-contact logic encryption card (typically M1 card) is operated and controlled by the encryption logic module. It receives external processing commands passively. The check value of the protection module is fixed. Most of the transmitted data is in plain text, which is prone to security risks. .

Card security-CPU card

Contactless IC cards can be divided into logical encryption cards and CPU cards.

The internal structure of the CPU card (Huicong security network with map)

The integrated circuits in the contactless CPU card include CPU, RAM, ROM, EEPROM, and the operating system COS solidified in the ROM. It can authenticate the card according to a certain encryption algorithm, and can transmit cipher text data, which greatly improves the card. Security.

Card security-comparison of the two

CPU card advantages and opportunities

The CPU card adopts the ISO14443 communication protocol, and the energy supply of the card is relatively stable. The card can be authenticated according to a certain encryption algorithm, and ciphertext data transmission can be carried out, which greatly improves the security of the card.

The CPU card uses a powerful and stable security controller to enhance the card’s security, and the non-contact transmission interface can meet the requirements of fast transactions.

The large-capacity storage space of the CPU card can meet the expansion needs of the system.

The CPU card is a smart card in the true sense, just like an ultra-small computer. It has the advantages of large amount of information, high security of anti-counterfeiting, offline operation, and multi-functional development. CPU cards can be widely used in fields such as identity recognition and financial transactions.

Advantages and features of Tongfang CPU card access control

Tongfang CPU card access control advantage

The Smart Card Company of Tongfang Co., Ltd. has been working with Tsinghua University since 2000 to develop and industrialize CPU cards, CPU card reading and writing equipment, CPU card COS system development and CPU card key management system research and development and industrialization of Tongfang’s independent domestic intellectual property rights. . At the same time, in order to cope with the current M1 card cracking problem, Tongfang Co., Ltd. launched a series of Tongfang CPU card security access control products that comply with the National Encryption Algorithm of the State Cryptography Administration at the end of 2008, and launched the original ID card or non-contact logic encryption card access control at the same time The system is upgraded to a more secure and reliable non-contact CPU card transformation program.

Tongfang CPU card access control features

Tongfang’s non-contact CPU card access control system uses a dynamic password, and it is the same non-contact CPU card with one password. The authentication password is different each time the card is swiped. It has an independent CPU processor and chip operating system, which can be changed. Flexible support for a variety of different application requirements, more securely design transaction processes, such as key management, transaction processes, PSAM cards and card personalization, etc.

Tongfang CPU card access control system upgrade program

Access control system CPU card upgrade program

1. Replace the access control card reader and use an access control card reader that supports CPU cards.

2. Transform the card issuing subsystem in the original system and replace the card reader to enable it to issue CPU cards. Since the software platforms of each access control manufacturer are different, this item needs the cooperation of the original access control system manufacturer.

3. If it is difficult to directly transform the card issuing system software, a new CPU card issuing subsystem can be developed to connect with the original system back-end database to realize CPU card issuing.

CPU Card Access Control Industry Opportunities

In summary, the cracking of the Mifare algorithm has sounded the alarm for the security of our access control products and the entire security industry. At present, it is imminent for domestic government agencies, military systems, military industrial systems, secret-related units, public security systems, and key national departments to replace the original ID card or logical encryption card access control system with a more secure CPU card access control product, which helps To continuously improve the level of my country’s IC card information security work, effectively prevent criminals from using illegal means to attack and destroy, and ensure that national interests are not lost.