1 Introduction
At present, dynamic passwords are mainly based on three implementations of event, time and challenge code [1]. The existing dynamic password terminals mainly include scratch cards, tokens, smart cards and card readers, and SIM cards. The scratch card is a plastic or paper card. In addition to the card number, each card prints 30 to 45 single-use passwords. Each password is printed with a serial number for guiding the user. Each password is printed. The scratch film is separately covered, which is used to record the dynamic password calculated by the background virtual dynamic password device. The user will open a new password according to the system prompt every time the user authenticates. A token is also a device that generates and displays dynamic passwords. Although the security of these two methods is higher than the static password, it requires terminal cost. Depending on the terminal, the cost is different and the number of uses is limited [2]. The combination of the smart card and the card reader means that when the user logs in, the smart card must be inserted into the card reader to collect the living fingerprint, and if the matching is successful, the operation is allowed. This method is not flexible, and the user must have a card reader [3] every time he logs in. The SIM-based dynamic password refers to a password that is generated by the mobile terminal by means of the telecom smart card USIM or PIM card, and is calculated according to a certain encryption algorithm with a certain dynamic parameter (such as time, event, etc.) [4] ]. This solution can integrate the dynamic password into the SIM card. Although the shortcomings of the first three terminals are solved, the user needs to replace the original SIM card. The hundreds of millions of SIM cards currently in use need to be replaced with STK's dynamic password next-generation cards, and the promotion of a large number of new application services requires a lot of money; users are not willing to spend money to replace STK applications. A USIM card or PIM card with a dynamic password with a single function or a non-urgent demand, so the promotion of this card changing mode is difficult [5].
In view of the defects of the above terminals, this paper uses the standard SIM card interface of each mobile phone to extend the STK function of the mobile phone, and designs an ultra-thin ARM7 smart card chip attached to the SIM card of the mobile phone, and implements the dynamic password by using the STK menu. Terminal operation. This solution provides a safe, convenient and unified hardware platform for mobile phone application software, and realizes the barrier-free expansion of STK dynamic password application functions of different mobile phones. The mobile phone user does not need to change the mobile phone or SIM card, and can also change the machine number. Just put the smart card directly on the SIM card and insert the mobile phone card slot to use the dynamic password function of the STK menu, without affecting the original service and function of the mobile phone. At the same time, the smart card can be replaced by the over-the-air (OTA) over-the-air (OTA) PIN code to build an open dynamic password application platform on the user's mobile phone. The smart card internally solves the security problem of user data transmission through hardware encryption, and meets the requirements of dynamic password security applications. The terminal implementation mode has a friendly human-machine interface, low input cost, easy promotion, and broad application prospects.
2 ARM7 smart card hardware platform design
The dynamic password hardware implementation platform uses ARM's 32-bit ARM7 contact smart IC chip, which is aimed at high-end GSM telecom cards, 3G SIM cards and JAVA card applications. Built-in 256K bytes of programmable ROM, 64K bytes of data ROM, 8K bytes of static RAM, integrated timer, interrupt controller, system control, DES, RSA hardware encryption coprocessor, security detection control and hardware 7816 interface module Suitable for STK function expansion design of SIM card. The smart card hardware platform electrically connects the SIM card and the internal line of the mobile phone, and the overall thickness is less than 0.7 mm. The length and width are the same as the original SIM card, and all the interface standards of the SIM card are followed, and the original interaction function between the mobile phone and the SIM card is maintained. Change, interact with the mobile phone through the SIM card slot of the mobile phone, so that the display screen and keyboard of the mobile phone become the human-machine interface of the smart card user. A card operating system (referred to as COS) is installed inside the smart card, and the COS supports three functions of the SIM card general function, the extended function and the over-the-air download. The general function refers to the implementation of the communication layer and command protocol stack of the ISO 7816 hardware interface and the GSM 11.11 part, which is the basis for realizing the communication between the smart card and the SIM card and the mobile phone; the extended function refers to the GSM11.14 protocol stack. Implementation is the basis for implementing STK applications. The OTA menu download is implemented by means of the STK function and the data short message channel. The COS supporting the over-the-air download provides a feasible human-machine interface for the user to initiate the download application. The OTA application download server will respond to the user request in the form of data short message. The service content is sent to the user's mobile phone, and the downloaded data is transparently transmitted to the ARM smart card chip. The COS parses the downloaded short message content through two-way authentication, and re-organizes the bytecode data stream of the STK menu to implement corresponding STK menu management. For mobile phones, the ARM7 smart card is equivalent to the SIM card and shields the hardware and software features of its microprocessor and related circuits. For the SIM card, the ARM7 smart card is equivalent to the mobile phone and shields its microprocessor and related circuits. Software and hardware features. On this basis, the ARM7 smart card is extended to the STK function of the SIM card, and the SIM cards of different specifications are integrated into an open STK application platform. The overall hardware structure logic functional block diagram and the ARM7 smart card hardware interface are shown in the following figures (1) and (2):
.jpg)
In the hardware interface of the ARM7 smart card, VDD, GND, RST, and CLK are respectively connected to the corresponding interfaces of the mobile phone and the SIM card, and the line between the mobile phone and the SIM card is kept connected, IO1 is connected to the IO port of the mobile phone, and IO2 is connected to the IO port of the SIM card. Two interfaces enable communication between the ARM7 smart card, mobile phone and SIM card.
3 dynamic password implementation
3.1 Dynamic Password Implementation Process
The dynamic password authentication system terminal based on ARM7 smart card adopts two-factor authentication mode. Firstly, the dynamic password is protected by PIN code, and the user needs to input the correct PIN code to generate a dynamic password. Using the STK menu function of the mobile phone, use the Get Input command to enter the numeric PIN code. In addition to entering the correct PIN code, the user also needs to synchronize with the counter of the authentication server to get the correct operation password.
The process of implementing dynamic passwords includes provisioning services, data synchronization, and password acquisition. The provisioning service mainly includes two parts: key distribution and data encryption. The smart card and the authentication server pre-store 10 sets of the same master key. At the time of opening, the smart card selects one of the groups (16 bytes) by using a randomly generated key index (KID for short), and uses the PBOC algorithm to decentralize the key to obtain the session key KC for data encryption, and then uses the KC pair card number. And the randomly generated password encryption key (deskey) is encrypted by the Triple Data Encryption Standard Algorithm (3DES), and then the encryption result is sent to the authentication server together with the key index in the form of data short message, and after the authentication server receives the data, Using the key index to retrieve the same master key, the PBOC key is also dispersed for the master key to obtain the decryption key KC, and then the KCC is used to solve the ICCID and deskey of the corresponding smart card, and the synchronization counter is also cleared to zero. Card-side synchronization. Data synchronization is mainly used to prevent the smart card counter and the authentication server counter from regaining synchronization information when an abnormality occurs.
The process of obtaining a password mainly includes three parts. First, the card serial number (referred to as ICCID) and the counter counter are encrypted by using the deskey generated by the authentication server and then randomly generated by the authentication server, and then the encryption result is SHA1-HASH processed to obtain a 20-byte ciphertext. Digitize the HASH results. The implementation process is shown in Figure (3) below:
.jpg)
The digitization is to dynamically extract 4 bytes of data from the 20-byte (160-bit) data of the HASH result, and convert the 4-byte data into 8-bit decimal numbers.
3.2 Dynamic Password STK Menu Implementation
The user identification application development tool SIM TOOL KIT (referred to as STK) is a SIM card interactive operating system derived from the original SIM card passive operating system. The principle is to provide a byte stream conforming to the GSM11.14 specification for the user interface (referred to as UI) of the mobile phone through the SIM card interface of the mobile phone, and the mobile phone UI parses these byte streams into recognizable menu elements, thereby constructing a menu with the mobile phone. A consistent application menu for the system. This application menu is different from the mobile phone menu. After the user selects the menu, the mobile phone passes this information directly to the ARM7 smart card instead of the operating system of the mobile phone. The output of the dynamic password is displayed on the screen of the mobile phone using the STK menu. In order to implement the STK operation process, the dynamic password encryption algorithm needs to be encapsulated into a byte code (Byte Code) to perform operations inside the smart card operating system, and finally the display of the STK is used. The command displays the result on the mobile terminal. In the specific STK menu design process, the STK menu of the dynamic password was simulated by the self-designed “STK Function Simulator†tool. The dynamic password STK menu was implemented on the mobile phone as shown in the following figure (4). :
.jpg)
The STK menu mode is used inside the ARM7 smart card to implement the dynamic password token function. The password is generated internally by the smart card and displayed in the STK menu form through the screen of the mobile phone. Passwords are dynamically generated and change with time or number of times, and are unpredictable. The password has a short life cycle and is effective once. It can overcome the weakness of static password reuse and easy to leak, effectively resist password stealing and replay attack behavior, and has a friendly menu operation interface. Since the user password update phase is completed at the mobile terminal, it is also possible to prevent denial of service attacks and password guessing attacks.
4 Conclusion
This article uses the mobile terminal STK function extension technology to implement the dynamic password client STK menu design using the ARM7 smart card hardware platform, which solves the problem that the dynamic password terminal USIM card or PIM card needs to be replaced with the user SIM card or because of scratch card and token due to high terminal cost. The shortcomings are solved by using the hardware encryption algorithm inside the smart card and the friendly interface provided by the STK menu, which solves the problem of security and data encryption of dynamic password information exchange. The dynamic password terminal system designed and implemented in this paper will be applied and promoted in various network platforms, and will be widely used in more and more commercial occasions. It is estimated that the ARM7 smart card with dynamic password function used by mobile phone users in the whole project will reach more than 1 million pieces within 5 years, resulting in economic benefits of more than 15 million yuan.
Auto Open and Close Folding Umbrella is most innovative technology in the modern umbrella world. Imaging suddenly, it started to rain heavily, people got soaked so much because they were struggling to open an umbrella while their hands were full. This is when auto open and close umbrella come in handy. Just one push, an umbrella is open without any hassle. Our selection of auto open and close Folding Umbrella includes double canopy for ventilation umbrella, single canopy, and oversized rain umbrella. They are various in sizes and weights. All of them with excellent quality and beautiful appearance.
No matter you are a wholesaler,
retailer or small business owner, our premier quality Auto Open and Close Folding
Umbrella is the best product to enhance your product line and increase your
business scale.
Auto Open And Close Folding Umbrella is a must have item for E-commence business, for example, Amazon private label, eBay and online store because of it is compact in packed size and light weight to save up transportation expense.
Material and Quality:
Our Auto Open and Close Folding Umbrella is using specialized waterproof and water-repelling coated fabric from Japan, Taiwan and China. There are various colors and styles for fabric selection. There is an alternative of super water-repelling fabric for fast drying.
As compact and packable as it is, the frame (hardware) is made with sturdy and innovative material (fiberglass, carbon, aluminum or iron).
More Auto Open And Close Folding Umbrella Frame styles for your selection. Contact us today!
We provide a wild range of handle selection in Auto Open and Close Folding Umbrella as we believe handle is the first impression of all. They are made by wood, leather, or plastic. Logo can be printed or embossed on the handle.
OEM and Order Quantity:
We have been OEM for the high-end and designers` brands in the world, as well as International Corporation for over 30 years.
We provide customization of your design and logo in the Auto Open and Close Folding Umbrella. It is the great opportunity to present your company reputation in style.
Flexible in order volume, orders can be done in LCL or full container, MOQ can be discussed accordingly.
Packaging:
Each auto open and close folding umbrella is packed with clear poly bag. 10pcs per inner carton. 3 to 5 inner cartons per Standard export carton.
Order Procedure:
Auto Open and Close Folding Umbrella
Auto Open And Close Folding Umbrella,Auto Open And Close Umbrella,Auto Folding Umbrella,Fashion Folding Umbrella
Hyades Umbrella Co., Ltd. , https://www.hyadesumbrella.com