SAFE COMMUNICATION METHOD WITH CARD

摘要

Disclosed is a safe communication method with a card, comprising: conducting mutual authentication between a card and an entity other than the card; and after the authentication has passed, the entity other than the card sending a communication command of a corresponding security level, and the card executing a corresponding operation according to the corresponding security level, and then sending a communication success response to the entity other than the card. The method solves the problem that communication data may be monitored or intercepted.

主权项

1. A safe communication method of a card, characterized in that, said method comprises:
Step S1, generating a first data block, signing the first data block to obtain a first signature result, and sending an authentication command to an outside-card entity by the card; Step S2, receiving the authentication command and obtaining the first signature result from the authentication command by the outside-card entity, generating a second data block and signing the second data block to obtain a second signature result by the outside-card entity, and comparing the first signature result with the second signature result, if they are identical, going to Step S3; and if they are not identical, returning to Step S1; Step S3, generating a third data block and signing the third data block to obtain a third signature result by the outside-card entity, taking the obtained third signature result as a part of the authentication data, storing a current safety level, signing the authentication data to obtain an outside-card entity signature and sending an external authentication command to the card; Step S4, receiving the external authentication command, obtaining the authentication data and the outside-card entity signature from the external authentication command, and obtaining the third signature result from the authentication data by the card; generating a fourth data block and signing the fourth data block to obtain a fourth signature result by the card, and comparing the third signature result with the fourth signature result, if they are not identical, returning to Step S1; and if they are identical, going to Step S5; Step S5, signing the obtained authentication data to obtain a card signature by the card, comparing the outside-card entity signature with the card signature, if they are not identical, returning to Step S1; and if they are identical, going to Step S6; Step S6, storing the current safety level and sending an authentication success response to the outside-card entity by the card; Step S7, reading the current safety level and performing operation according to the safety level, and sending a communication command according to the safety level to the card by the outside-card entity; Step S8, performing operation according to the received communication command and sending a communication success response to the outside-card entity by the card; and Step S9, receiving the communication success response and determining whether the communication is continued by the outside-card entity, if yes, going to Step S7; otherwise, ending.