英文翻译

智能饮水机控制器设计 智能卡:针对电子舞弊的一种符合 成本效益的解决 方法 快递客服问题件处理详细方法山木方法pdf计算方法pdf华与华方法下载八字理论方法下载 摘要 智能卡有很大的优势,对自己的磁力线,能在自身的内部电路执行加密算法。这意味着用户的秘密(关键的代码或寄存数据)从来没有离开过特制硅芯片,从而最大限度地保障了整个系统的卡保密性。 智能卡控制专用控制芯片,内置自我规划和记忆的防伪特征,其目的在于使恶意攻击的成本远远高于该芯片的成本。本文是调查智能卡现有的组成部分,并试图把他们的申请做一些变化。 1 1 什么是智能卡 与旧方法相比,现在的矽产业的想法是把智能卡加入到晶片塑胶卡,第一个专利离现在有21年的历史,但实际应用只出现在八年前,因为受限于存储和处理能力,以及过去的电路技术。硅加工的完善和新的几何方法将使新一代卡和无线通讯等应用更加发展;如(GSM)、收费电视、接触控制。 国家的大公司和政府机构在过去四年的里对智能卡需求也不断增加,如电话、银行和保险机构。家庭网络和因特网的普及,使一个全新的市场蓬勃发展起来。 传统智能卡是塑料的矩形,可印制有关申请或者发行商广告,以及含有卡持有人(如有效日期、照片)等相关资料。这也支持了带有磁性条纹或条码标签。按照IS07816 标准 excel标准偏差excel标准偏差函数exl标准差函数国标检验抽样标准表免费下载红头文件格式标准下载 建立的8位接触模型模块,通常只有6位是常用接触的芯片,其位置是不固定的。引脚为交流电源供应器(VCC,VPP)、地、时钟、重新定序和数据通信链路(俗称I/O). 其规格是考虑各方的标准的要求(经两次无压的转换,建立了第二次I/O衔接I2C等)。 到现在为止,智能卡中央处理器为8位,最常见的控制芯片的核心是摩托罗拉、英特尔68HC05的80C51,但新的32位装置已经开始出现。其能力(一般从76到512字节)非常有限的物理限制卡。程序在生产阶段写在具有存储器卡的微处理器里,不能以任何方式改变。这就保证了生产的密码是严格保密的。储存用户数据,实现一人一卡,第一代非挥发性记忆可擦写可编程只读存储器需要额外使用“高”电压电源(通常从15V到25V)。最近只需要一个包含需要电源5V的EEPROM (扩展的微处理器),可以书写或删除数据在很短的时间内。有时,根据持卡人的需要,可以输入可执行程序的卡的EEPROM。EEPROM大小的一个关键问 题 快递公司问题件快递公司问题件货款处理关于圆的周长面积重点题型关于解方程组的题及答案关于南海问题 是在设计公共钥匙申请(如键比较大)。因此,智能卡编程经常采用典型的优化技术,例如重新生成的公用钥匙的秘密——钥匙在必要时重新生成的密钥——钥匙由短字节构成,避免大型重点计划(例如菲亚特-沙米)、或者执行压缩算法的多余数据(文本、用户数据等)及EEPROM垃圾收集机制。真实、完整的经营系统,其目的是为一些厂家服务。最后,沟通接口(循序异步连接)之间的信息交换和控制数据卡与外界的联系资料。其优点是共同的速度要快得多,通常的字节是9600点,但更快的通常用于接口(多达19200至115200位元/秒)完全符合ISO7816标准。 首先是安全 规则 编码规则下载淘宝规则下载天猫规则下载麻将竞赛规则pdf麻将竞赛规则pdf 搜集所有这些因素为单一芯片。如果不这样做,外部电线连接到一个芯片时,另一个可能的渗透路线可能是非法获取(或使用)的卡。具体标准ISO卡 承受能力是有一定的机械压力的。芯片容量的大小是有限,因此,目前的制约是记忆能力和加密,主要是这两点的限制。 目前的智能卡芯片,大多数厂商都提供非常可靠的电源保证芯片的性能能够使用十年或更长时间。标准ISO卡是必须能免受机械、电子、化工攻击。但目前大多数卡是因为使用很长时间,变得过时损坏。著名的例子是法国的电话卡,不合格率是每1万件少于3件。 附件1列举一些当今最常见的芯片以及其特征(如时钟=最大时钟速度以MHz, 8位EEPROM可擦写可编程只读存储器、记忆存储(如发现被删除异常EEPROM)、时钟频率、温度、电压异常(VPP) 根据传感器曝光,钝化。这些资料的安全和扰乱探测器的抵御能力,往往难以取得明显的安全效果)。 一般的智能卡随时可以满足携带物品安全的需要,尤其是在需要的外部世界的数据与实际值不知道的情况下。智能卡加上公共密钥加密,一般都提供足够的安全,可以应对每天出现的安全问题。 2 智能卡通讯和指挥方式 沟通智能卡是根据(上面提到的)ISO标准7816/3。目前这一标准规定只有两个议定书(字节型T=0和阻挠型T=1),尽管有多达14个预留(T=14非常罕见,就是沟通议定书专利)。因此,各级电源错误使用频率以及对某一特定的硬件“外扩”,这是一个相当复杂的过程,UART提供更多功能。硬件的起码要求,必须包括:机械接口:连接。 电子介面: 连接器。 一个包含两个因素:智能卡阅读(或只是“读”)。 最简单的读差不多只调制解调器和管理的ISO交流互动,议定书((智能))操作系统的卡。他们被称为((读透明)),应(但实际上可能)有经营智能卡供应商,完全符合ISO 标准。 最先进卡能读可编列的数据和应用逻辑(例如RSA或DSA钥匙),及程式档案。可以执行加密功能,完全取代了个人电脑,有键盘、大头针或台显示器或一般用的特定的程序语言,并且不支持各种智能卡,即使能符合ISO标准(因为他们通常是把指令针对某一特定的卡)。 操作卡时,读者需要采取以下四项工作: (1)开/关卡。 (2)复位卡。 (3)从卡上读取数据(输入指令) 。 (4)写数据卡(输出指令)。 输入输出数据,包括字头(实际上一个功能代码包括5字节,其中有CLS,INS, P1,P2,Len)根据这些数据卡来确定数据。获取一个数据和字节(Sw1和SW2)在发送(后)指挥各个执行。 3 卡的基本规律 虽然卡制造的周期,有许多不同的来源 说明 关于失联党员情况说明岗位说明总经理岗位说明书会计岗位说明书行政主管岗位说明书 ,我们特别推荐伯杰优良概况。 智能卡的设计与制造从卡操作系统及应用软件开始,原则上适用于任何使用软件应用的安全。这本身就是一个任务,但至少可在智能卡芯片存储比较小的范围内,形成最终规模的软件。要有核对,其规格与操作系统的特征也没有被包括在内。 逻辑存储器的操作系统则交给芯片制造商, 在一批芯片制造前,他们将返回执行的代码交叉检查。这本身就是一种有用的方法,通常需要一个完整的检查,但显然的这是保密的密码,因此应严格控制其分发. 此外,该公司也将负责所有密码,其中,由于故障率的出现,则必须予以摧毁。否则, 发动任何形式原始攻击都会使芯片不安全的运行。 这批发出的芯片,智能卡公司的任务是制造成塑胶卡芯片的。塑胶的作用联系客户与服务他们之间联系。最起码要在发行前测试完成IC卡业务,以确保其作用的实现。在某些情况下,卡满足发行的要求。 4 应用 4.1 付费电视 最早的应用是微控制型智能卡收费电视。卡似乎象征了一个理想的身份(相关的用户)和效率的提高。 大多数收费电视申请(两个最有名的例子欧洲加密与录像加密)节目提供节目定期(一般每100至500豪秒)加密的控制字(临时关键),那么形象就是加密。使用唯一有效的卡,即可提取图像了。这个控制字的数据流,把它用解码器进行解码。 第二个是营销模式((计费观点))。在此背景下,观众购买前,卡上已写满时间的长短(总时间为每个节目相关系数)。 最后,卡也似乎成为一个有效的工具。一般的问题之一免费卡只能在某一特定事件(例如一个球赛)使用分配。广播将只取卡(自由)所有权。 4.2 移动通信 GSM是基于安全的智能卡(SIM卡更名为单元的标准特性=订户)。每个SIM卡伴随着一系列秘密和公开的参数(IMSI、Ki、PIN、PUK等),让经营者找到手机、电话线和数字信息(短讯服务)。 智能卡的安全构成了严重的消极影响和花费成本在识别代码上。诈骗(主要是卡遗失或密码透露)欺诈造成的损失远远低于密码窃听非防伪系统。 4.3 电子现金 认证或微记忆卡可用于存储或代表法定货币几种方式: (1)卡可以双向联系卡持有人,其银行帐户。在这种情况下,可以检查卡的各种真正的密码议定书(主要依靠终端和卡的权力,各自计算)。 (2)卡也可作为电子钱包,在商店EEPROM余额可转换或从卡的POS(销售点)、银行终端购入。 花费可以使用匿名议定书(保存用户的隐私像纸钱一样)或审计(正如定期检查帐户)。智能卡业者认为,在今后10年,银行业将是卡的一个主要的应用领域。 4.4 其他应用 智能卡也应用在安全领域,电子版权(一般软件保护)、博彩、身体确认控制、互联网安全等诸多领域。 珙加认为,最好的方法是客户恰当的需求可能包括向最终用户端提供一个空白,这就是存储器包含的一般用途的高级别操作系统,放在每个用户卡上,可以加上他自己(自制)申请或准备使用购买的节目,这些可以下载一个软件进行编辑。 在这种情况下,该卡自然损坏的能力,加上公共密钥加密的能力,似乎是一个消极和积极的两方面解决软件保护。 译文: Smart-cards: A cost-effective solution against electronic fraud ABSTRACT Smart-cards have the tremendous advantage, over their magnetic stripe ancestors, of being able to execute cryptographic algorithms locally in their internal circuitry. This means that the user's secrets (be these PIN codes or keys) never have to leave the boundaries of the tamper-resistant silicon chip, thus bringing maximum security to the overall system in which the cards participate. Smart-cards contain special-purpose microcontrollers with built-in self-programmable memory and tamper-resistant features intended to make the cost of a malevolent attack far superior to the benefits. This paper is both a survey of the existing components, their applications and an attempt to describe some of their possible evolutions. 1 What is a smart-card? In the time-scale of the silicon industry, the idea of inserting a chip into a plastic card is rather old : the first patents are now twenty year's old but practical applications emerged only a eight years ago due to limitations in storage and processing capacities of past circuit technology. New silicon geometries and processing refinements lead the industry to new generations of cards and more ambitious applications such as wireless communications; (GSM), pay-TV, loyalty and physical access-control. Over the last four years there has been an increasing demand for smart-cards from national administrations and large companies such as telephone operators, banks and insurance corporations. More recently, another market opened up with the increasing popularity of home networking and Internet. The physical support of a conventional smart-card is a plastic rectangle on which can be printed information concerning the application or the issuer (even advertising) as well as readable information about the card-holder (as for instance, a validity date or a photograph). This support can also carry a magnetic stripe or a bar code label. An array of eight contacts is located on the micro module in accordance with the IS0 7816 standard but only six of these contacts are actually connected to the chip, which is (usually) not visible. The contacts are assigned to power supplies (Vcc,Vpp), ground, clock, reset and a serial data communication link (commonly called I /O) . Their specification part in the standard is currently reconsidered upon requests from various parties (suppression of the two useless contacts, creation of a second I/O port, I2C bridging etc.). For the time being, card CPUs are still 8 bit microcontrollers and the most common cores are Motorola's 68HC05 and Intel's 80C51 but new 32-bit devices will soon begin to appear. RAM capacities (typically ranging from 76 to 512 bytes) are very limited by the physical constraints of the card. The program executed by the card's microprocessor is written in ROM at the mask-producing stage and cannot be modified in any way. This guarantees that the code is strictly controlled by the manufacturer. For storing user-specific data, individual to each card, the first generation of non-volatile memories used EPROM which required an extra "high" voltage power supply (typically from 15 V to 25 V). Recent components only contain EEPROM which requires a single 5 V power supply (frequently that of the microprocessor) and can be written and erased thousands of times (cycles). Sometimes, it is possible to import executable programs into the card's EEPROM according to the needs of the card holder. EEPROM size is a critical issue in the design of public-key applications (where keys are relatively large). Consequently, smart-card programmers frequently adopt typical optimization techniques such as re-generating the public-keys from the secret-keys when needed, re-generating the secret-keys from shorter seeds, avoiding large-key schemes(for instance Fiat-Shamir) or implementing compression algorithms for redundant data (text, user data, etc.) and EEPROM garbage collection mechanisms. Real and complete operating systems have been developed for t his purpose by several manufacturers. Finally, a communication port (serial via an asynchronous link) for exchanging data and control information between the card and the external world is available. A common bit rate is 9600 bit& but much faster interfaces are commonly being used (from 19,200 up to 115,200bits/s) in full accordance with ISO 7816. A first rule of security is to gather all these elements into a single chip. If this is not done, the external wires, linking one chip to another could represent a possible penetration route for illegal access (or use) of the card. ISO standards specify the ability of a card to withstand a given set of mechanical stresses. The size of the chip is consequently limited and present constraints (especially memory and cryptographic capabilities) mainly follow from this limitation. Smart-card chips are very reliable and most manufacturers guarantee the electrical properties of their chips for ten years or more. ISO standards specify how a card must be protected against mechanical, electrical or chemical aggressions but for most existing applications, a card is far obsolete before it becomes damaged. A well known example is the French phone card where the failure rate is less than three per 10,000pieces. Annex 1lists some of today's most common chips as well as their characteristics (where 0 = maximal clock rate given in MHz, 8 = EEPROM, U =EPROM, Witness cell (detects if the EEPROM was erased abnormally), Clock Frequency., Temperature, Abnormal V oltage (vpp), Light exposure and passivity sensor. Information about such security detectors and tamper-resistance capabilities is usually rather hard to obtain from the manufacturers for obvious security reasons). In general, smart-cards can help whenever secure portable objects are needed, and in particular whenever the external world H needs to work with data without knowing its actual value. The card's tamperproof ness, combined with public-key cryptography (secret less terminals), generally provide adequate solutions to many everyday security problems. 2 Smart-card communication and command format Communication with smart-cards is ruled by the (previously-mentioned) ISO standard 7816/3. Only two protocols are currently defined in this standard (byte-oriented T = 0 and block-oriented T = 1) although up to 14 are reserved (T = 14 is very rare, and means that the communication protocol is proprietary). Thus the electrical levels and error handshakes as well as the frequency used impose a specific hardware on the<< external side>>which is the equivalent of a UART with more sophisticated functions. This minimal hardware, needed to operate a card, consists of: * A mechanical interface: the connector * An electronic interface: the coupler * And a box containing the above two elements: the smart-card reader (or simply<< reader >>) The simplest readers are quite similar to modems and manage only the ISO communication protocol without interacting ((intelligently)) with the operating system of the card. They are called ((transparent readers)) and should (but in practice may...) operate with any smart-card from any vendor which complies with the ISO standard. The most sophisticated readers can be programmed with parts of the application logic and contain data (for instance RSA or DSA public keys), files and programs. They can execute cryptographic functions, replace completely a PC, have keyboards, pin-pads or displays and generally use a specific programming language and do not support all types of smart-cards even if they comply with the ISO standard (because they often integrate particular commands dedicated to a given card). To operate a card, the reader needs to implement the following four functions: (1)Power on/off the card (2)Reset the card (3) Read data from the card (get commands) (4) Write data to the card (put commands). Get and put commands contain a header (actually a function code consisting of 5 bytes designated by CLA, INS, P1, P2 and LEN) according to which the card processes the incoming data. An acknowledge byte and a couple of status bytes (SW1and SW2) are sent during (and after) the execution of each command. 3 Card lifecycle Although the card lifecycle and manufacturing are described in many different sources, we particularly recommend Fuchs Berger & al’s excellent overview. Smart-card manufacturing starts with the design of the card operating system and the application software, following the principles applying to any software for use in security applications. This is in itself a nontrivial task but at least the memory available in smart card chips is relatively small which limits the eventual size of the software. There have to be checks that the operating system meets its specification and also that no unintended features have been included. The ROM mask of the operating system is then given to the chip manufacturer, who will return an implementation of the code for cross-checking before manufacturing the batch of chips. This is in itself a useful integrity check but clearly one normally requires this code to be kept confidential and therefore its distribution should be carefully controlled. Furthermore, the manufacturer has to be accountable for all chips made, some of which, due to yield failures, will need to be destroyed. Otherwise, an attacker may obtain raw chips to mount any form of counterfeit operation. The batch of chips is distributed to the fabricator [smart-card manufacturer] whose task it is to embed the chips into the plastic cards? The role of the fabricator varies considerably between customers and their services. As a very minimum the fabricator must test the complete IC card to ensure its operational state. In some cases the fabricator completely personalizes the card to the requirements of the issuer. 4 Applications 4.1 Pay-TV One of the first applications of micro-controller-based smart-cards was pay-TV. The card appears to be both an ideal identification token (associated to the subscriber) and an efficient loyalty: support. In most pay-TV applications (the two best-known examples are most probably Euro crypt and Video crypt), the program provider broadcasts periodically (typically each 100 to 500 ms) an encrypted control-word (temporary key) under which the image is encrypted. Only valid cards can extract. this control-word from the data stream, decrypt and send it to the decoder. A second interesting marketing model is ((pay-per-view)). In this setting, the viewer buys a pre-loaded card and spends progressively the loaded amount (In general, a time coefficient is associated to each program). Finally, cards also appear to an efficient sponsoring tool. In general, the sponsor issues free cards, valid only during a given event (for instance a base-ball match) and distributes them. The broadcast will then be only (freely) accessible by the card-owners. 4.2 Mobile communications GSM security is essentially based on the tamperproof ness of the smart-card (renamed SIM =Subscriber Identity Module in the standard).Each SIM is associated with a set of secret and public parameters (IMSI, Ki, PIN, PUK etc) that allow the operator to locate the mobile phone, route calls and digital messages (Short Message Services). Smart-cards present major security and cost advantages over passive code identification. Fraud (mainly due to card lost or password disclosure) is far lower than fraud losses due to password eavesdropping in non-tamper-resistant systems. 4.3 Electronic cash Microcontroller or authenticated-memory cards can be used for storing or representing legal-tender in several ways: (1) The smart-card can be a bi-directional link between the card-holder and his bank account. In such a case, terminals may check the genuine of the card by diverse cryptographic protocols (mainly depending on the terminal and card’s respective computational powers). (2) The card can also act as an electronic purse and store in EEPROM a balance that can be converted or transferred from the card to the POS (Point of Sale) terminal and the bank. Payment protocols can be anonymous (preserve the user’s privacy exactly as usual paper money) or auditable (just as a regular check account). The smart-card industry considers that the banking sector will be one of the main card application fields during the coming decade. 4.4 Other applications Smart-cards are also used in loyalty applications, electronic copyright (typically software protection), gaming, physical access control, Internet security and many other areas. Gem plus considers that, on the loon-term, the best way of fitting to the clielnts needs will probably consist in providing to the end-user with a blank curd which ROM mask contains a general purpose high- level operating system, on the top of which each user will either add his own (home-made) applications or ready-to-use programs bought and downloaded from a software editor. In this scenario, the card’s natural tamper-resistance, combined with public-key cryptography capabilities, appears to be a very natural solution to passive and active software protection.