78 results about "Smart card security" patented technology

A smart card, system, and method for securely authorizing a user or user device using the smart card is provided. The smart card is configured to provide, upon initialization or a request for authentication, a public key to the user input device such that the PIN or password entered by the user is encrypted before transmission to the smart card via a smart card reader. The smart card then decrypts the PIN or password to authorize the user. Preferably, the smart card is configured to provide both a public key and a nonce to the user input device, which then encrypts a concatenation or other combination of the nonce and the user-input PIN or password before transmission to the smart card. The smart card reader thus never receives a copy of the PIN or password in the clear, allowing the smart card to be used with untrusted smart card readers.

The invention provides a ticket buying and checking method and a movie ticket service system, belonging to the field of NFC (near field communication) technology application, wherein the ticket buying method comprises the following steps: receiving movie inquiring request information sent by a handheld device; returning movie information corresponding to the request information; receiving movie ticket buying information sent by the handheld device; generating movie ticket order information according to the movie ticket buying information and returning an order number; receiving movie ticket paying request information sent by the handheld device; and treating the paying request and sending movie ticket data to the handheld device after payment. Compared with the traditional ticket buying and checking method, the ticket buying and checking method provided by the invention can very conveniently buy and check a ticket so as to effectively save time, moreover, the movie ticket data are stored in a smart card safety zone, so that the data are ensured to be whole and are prevented from being distorted or copied, and the safety of the system can be enhanced.

A memory card with a smart card function including a flash memory unit, a data processing control unit, and a power control unit is provided. The data processing control unit is coupled to the flash memory unit. The data processing control unit controls the flash memory unit and encrypts, decrypts and stores smart card security data. The power control unit receives at least one of a first power input and a second power input. The power control unit selects the first power input or the second power input and provides the selected one to the data processing control unit according to at least one control signal. An output terminal of the power control unit is coupled to the first power input. Furthermore, a power control method and a power control circuit of the forgoing memory card are also provided.

A method for conducting smart card transactions is provided that includes causing a computer to recognize communications from a mobile device as communications from a smart card reader containing a smart card, and conducting a smart card transaction in accordance with smart card security techniques with the mobile device.

The invention discloses a safety certification method of a vehicular adhoc network based on an intelligent card. The user identity certification method is based on a one-way hash function and a simple bitwise XOR operation, and is small in calculation amount and suitable for achieving the intelligent card. The method is used for verifying the identity legality of a vehicle user. The method has the advantages of being capable of resisting the attack from the losing of the intelligent card, resisting the attack of off-line password guessing, resisting replay attacks, resisting the attack of base station capturing, and being low in calculation cost and communication cost.

The invention designs an RSA (Ron Rivest, Adi Shamir and Leonard Adleman) algorithm digital signature method which realizes a 1408-bit RSA private key operation technology based on a 1024-bit hardware coprocessor and is mainly applied to the field of safety calculation of smart cards. A parameter in a large-bit-length RSA private key operation is calculated by utilizing a modular multiplier with small bit length, for example, a parameter in 1408-bit or 2048-bit RSA private key operation is calculated by utilizing a modular multiplier of 1024 bits. The RSA private key operation utilizes a Chinese remainder theorem and can be used for reducing the operation length of a main operation-modular exponentiation, but an operation of a key parameter, such as C mod P, C mod Q and a multiply operation, wherein the C represents a plain text, the length of the C is double the lengths of the P and the Q; and the multiply operation is accelerated by utilizing the modular multiplier, and a final result is also over the calculation capability of the modular multiplier. In the technology of the invention, the C is split into two numbers with the small bit lengths to calculate the C mod P by mainly utilizing the algorithm deformation of modular arithmetic; and the multiply operation larger than the length of the modular multiplier is calculated through a quarter multiply operation.

The invention discloses a method for generating a secrete key of a smart card. When the secrete key of a security domain of the smart card is generated, a management platform generates random numbers for the security domain of the smart card and generates the distributed parameters of the security domain of the smart card by using the random numbers; and the distributed parameters and seed keys of the management platform are used as the parameters of a decentralized algorithm, so the secrete key of the security domain of the smart card is generated by using the decentralized algorithm. The method for generating the secrete key of the smart card solves the problem that the secrete key of the security domain of the smart card is difficult to update.

The invention provides an access method, device and system for an intelligent card. The access method for the intelligent card comprises the steps that a terminal detects a secure storage region of the intelligent card, and if the terminal detects and is informed that the secure storage region is in the dismounting status, the terminal sends a mounting request to the intelligent card; the secure storage region is invisible in the dismounting status for the terminal; after the terminal successfully passes through the authentication process of the intelligent card, the terminal has access to the secure storage region; after the intelligent card conducts authentication on the mounting request, and the mounting request passes through the authentication of the intelligent card, the secure storage region is set to be in the mounting status, and the secure storage region is visible in the mounting status for the terminal. According to the access method, device and system for the intelligent card, the real-time mounting control over the secure storage region of the intelligent card is achieved, and safety of access of the intelligent card is improved.

The invention relates to a smart card SM4 calculation based DPA attack and secret key restoring method and a smart card SM4 calculation based DPA attack and secret key restoring system, and belongs to the field of smart card safety. The smart card SM4 calculation based DPA attack and secret key restoring method includes, step 1, performing DPA attack to the first four rounds in SM4 calculation encrypting process to acquire sub keys of the first four rounds; step 2, utilizing the acquired sub keys of the first four rounds to restore SM4 secret keys. With the DPA attack and secret key restoring method and the DPA attack and secret key restoring system, DPA attack to the SM4 calculation of smart cards, restoration of SM4 encrypted secret keys and verification of anti-attack capacity of SM4 calculation of smart cards can be realized.

Wireless communication technologies, a dynamic transaction card, and a mobile application may be utilized to facilitate multi-factor authentication and secure electronic checkout of any website. A wireless connection between a dynamic transaction card and a user device may be utilized to authenticate a user. A user device application may be triggered to call, via an application programming interface (API), an account provider system, and this unique pairing may automatically facilitate payment to a merchant system associated with the electronic check out page. The account provider system may send a push notification to a browser extension associated with the checkout page to prompt the browser extension to populate fields on the electronic checkout page using user account information transmitted from the account provider system, providing a novel digital authentication framework that utilizes digital authentication techniques enables by user devices and dynamic transaction cards to seamlessly facilitate electronic checkout.

The invention relates to a method for generating a security file system of a smart card. The method comprises the following steps: 1, after the smart card receives a pre-initializing command, performing initial checking on a smart card data storage unit area, and determining the numbers of to-be-created directory control items and file control items according to parameters of the command; 2, creating the relative numbers of empty directory control items and empty file control items, and constructing independent empty directory control item chain tables and empty file control item chain tables; 3, based on the empty directory control item chain tables and the empty file control item chain tables, creating directories and files, constructing a membership relation between a directory and another directory and a relationship that the files are subordinate to the directories, and constructing specifically applied directory control item chain tables and file control item chain tables; and 4, performing corresponding directory and file selection and cancel. According to the method for generating the security file system of the smart card, the utilization rate of a data storage unit and the access control speed of the file system are increased, and meanwhile, the safety and the robustness of the file system are enhanced.

The invention discloses a multi-chip packaging (MCP) memory module. The MCP memory module of the invention not only packages a plurality of types of memorizers for memory but also packages an interface conversion controller and a smart card chip; wherein, the smart card chip can realize relevant safety business of the smart card chip; the interface conversion controller can realize interface specification conversion when the outer part interacts with a plurality of types of memorizers and the smart card chip through an external interface so that the MCP memory module is not limited to the memory function but realizes functional extension. Moreover, the interface conversion controller can realize interface specification conversion, so the external interface arranged on the MCP memory module of the invention can correspond to a plurality of types of memorizers and the smart card chip one by one. Preferably, less external interfaces are needed, e.g. one or two, so that the number of external interface pins of the MCP memory module can be reduced.

The invention provides a method for checking operating authority of a smart card. The method comprises steps as follows: when an operation of the smart card needs to be performed, current safety state identification of the smart card must be obtained and judged whether the safety state identification is within the valid identification range of the preset safety state of the smart card; if so, theoperation is executed, and the safety state identification is updated according to a preset transfer rule corresponding to the current operation. The invention can precisely and effectively control the safety state of the smart card, and improves the safety of the smart card.

The present invention relates to modifying rights to a security domain for a smartcard, and more specifically, to a server for managing modification of rights to a security domain, a smartcard for modifying the rights to the security domain, a terminal which is loaded with the smartcard, and to a method for modifying the rights.