Some time ago, the information leaked by the card leaked out by the media. The user only needed to enter the card number above the card to find out the trip record on the official website of the municipal cartoon. This news immediately caused controversy, many netizens said, a card Leaving out of travel information makes people feel that privacy has been violated; there are also netizens saying that the card is not named and there is no need to worry about it. So leaking user travel information, allegedly infringing on the privacy of one card? This event led to reflections on how we should look at the security issues of the card.
According to the author's understanding, almost all the public transport cards on the market are MIFARE cards. The MIFARE card is a contactless IC card that was invented in 1994 by NXP Semiconductors of the Netherlands. It successfully combines radio frequency identification technology and IC card technology. The MIFARE card is an inductive smart IC card with the largest amount of usage, the most mature technology, stable performance, and large memory capacity. This kind of card is easy to operate. Because it adopts radio frequency wireless communication, it does not need to be inserted or removed during use, and it is not subject to the restrictions of direction and front and back. Therefore, it is very convenient for users to use. It takes only 0.1 second to complete a read/write operation, which greatly improves each use. The speed is suitable for both general and fast, high-traffic locations. Security and reliability are also relatively high. The serial number of each MIFARE card is globally unique and cannot be changed. When reading and writing, a three-way authentication mechanism is used between the card and the reader to verify the legitimacy of the use. All data in the communication process is encrypted and transmitted. In addition, each partition of the card has its own read-write password and access mechanism, and the security of the data in the card is effectively guaranteed. There is no mechanical contact between the MIFARE card and the reader, avoiding all kinds of failures caused by contact and reading and writing; and the chip and the sensing antenna in the card are completely sealed in the standard PVC, further improving the reliability of the application and the card. The service life.
Due to its storage structure and large capacity (16 partitions, 1024 bytes), the MIFARE card can be applied to different occasions or systems. It is especially suitable for parking management, identification and access control of schools, enterprises, and intelligent communities. , Attendance attendance, canteen dining, entertainment consumption, library management and other comprehensive applications, there is a strong system application scalability, can truly "a card with more use." Widespread use is also doomed to security issues will also become the topic of discussion, not only the industry has given great attention, while the government's promotion, the use of the IC card also has more understanding.
In the past few years, it was discovered that the MIFARE card had security holes that could be solved or copied. This caused the society to be in an uproar. Especially the government agencies, the city's public transportation card services and other departments gave high priority, and all departments have rectified vulnerabilities and upgraded system solutions. In fact, the MIFARE card is firstly a non-contact logical encryption IC card. The IC card can be divided into a memory card, a logical encryption card, and a CPU encryption card from the perspective of security. The read-write interface can be classified into contactless IC card and non-contact type. IC card. The CPU encryption card contains the CPU chip, which not only handles file management within the card, but also provides encryption algorithm processing, which greatly provides card security. Second, from the user's point of view, the security of the system depends not only on the security of the card. The IC card application system is composed of card and card data structures, reading and writing device and control software, network and server, and management software. The security of the system is the integration of various links. The security of MIFARE cards is not as good as that of CPU encryption cards, but it is not a problem for general applications. The risk of cracking MIFARE cards to obtain benefits is far greater than the benefits that can be obtained. On September 24, 2011, two network engineers of Qihoo Company used professional knowledge to crack the system passwords of the four municipal chip cards, and then maliciously recharged more than 2,600 yuan. This was illustrated by the fact that many credit card purchases were captured. Since the single card is currently anonymous, its possibility of exposing personal privacy is very small, and corresponding measures can be taken to further reduce the risk.
In short, with the continuous development of society, technology will change with each passing day. Therefore, we must correctly view the security issues of the card, handle the security risks resulting from this, and avoid causing major losses to the society.
According to the author's understanding, almost all the public transport cards on the market are MIFARE cards. The MIFARE card is a contactless IC card that was invented in 1994 by NXP Semiconductors of the Netherlands. It successfully combines radio frequency identification technology and IC card technology. The MIFARE card is an inductive smart IC card with the largest amount of usage, the most mature technology, stable performance, and large memory capacity. This kind of card is easy to operate. Because it adopts radio frequency wireless communication, it does not need to be inserted or removed during use, and it is not subject to the restrictions of direction and front and back. Therefore, it is very convenient for users to use. It takes only 0.1 second to complete a read/write operation, which greatly improves each use. The speed is suitable for both general and fast, high-traffic locations. Security and reliability are also relatively high. The serial number of each MIFARE card is globally unique and cannot be changed. When reading and writing, a three-way authentication mechanism is used between the card and the reader to verify the legitimacy of the use. All data in the communication process is encrypted and transmitted. In addition, each partition of the card has its own read-write password and access mechanism, and the security of the data in the card is effectively guaranteed. There is no mechanical contact between the MIFARE card and the reader, avoiding all kinds of failures caused by contact and reading and writing; and the chip and the sensing antenna in the card are completely sealed in the standard PVC, further improving the reliability of the application and the card. The service life.
Due to its storage structure and large capacity (16 partitions, 1024 bytes), the MIFARE card can be applied to different occasions or systems. It is especially suitable for parking management, identification and access control of schools, enterprises, and intelligent communities. , Attendance attendance, canteen dining, entertainment consumption, library management and other comprehensive applications, there is a strong system application scalability, can truly "a card with more use." Widespread use is also doomed to security issues will also become the topic of discussion, not only the industry has given great attention, while the government's promotion, the use of the IC card also has more understanding.
In the past few years, it was discovered that the MIFARE card had security holes that could be solved or copied. This caused the society to be in an uproar. Especially the government agencies, the city's public transportation card services and other departments gave high priority, and all departments have rectified vulnerabilities and upgraded system solutions. In fact, the MIFARE card is firstly a non-contact logical encryption IC card. The IC card can be divided into a memory card, a logical encryption card, and a CPU encryption card from the perspective of security. The read-write interface can be classified into contactless IC card and non-contact type. IC card. The CPU encryption card contains the CPU chip, which not only handles file management within the card, but also provides encryption algorithm processing, which greatly provides card security. Second, from the user's point of view, the security of the system depends not only on the security of the card. The IC card application system is composed of card and card data structures, reading and writing device and control software, network and server, and management software. The security of the system is the integration of various links. The security of MIFARE cards is not as good as that of CPU encryption cards, but it is not a problem for general applications. The risk of cracking MIFARE cards to obtain benefits is far greater than the benefits that can be obtained. On September 24, 2011, two network engineers of Qihoo Company used professional knowledge to crack the system passwords of the four municipal chip cards, and then maliciously recharged more than 2,600 yuan. This was illustrated by the fact that many credit card purchases were captured. Since the single card is currently anonymous, its possibility of exposing personal privacy is very small, and corresponding measures can be taken to further reduce the risk.
In short, with the continuous development of society, technology will change with each passing day. Therefore, we must correctly view the security issues of the card, handle the security risks resulting from this, and avoid causing major losses to the society.
B+Bolts,truck u bolts,spade bolts,screws and nut bolts
Ruian Chaoyang Standard Parts Co., Ltd. , https://www.cybzj.com