GM/T 0097-2020 PDF in English
GM/T 0097-2020 (GM/T0097-2020, GMT 0097-2020, GMT0097-2020)
Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Name of Chinese Standard | Status |
GM/T 0097-2020 | English | 335 |
Add to Cart
|
0-9 seconds. Auto-delivery.
|
Security technical specifications for unified name resolution service of RFID
| Valid |
Standards related to (historical): GM/T 0097-2020
PDF Preview
GM/T 0097-2020: PDF in English (GMT 0097-2020) GM/T 0097-2020
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Security Technical Specifications for Unified Name
Resolution Service of RFID
ISSUED ON: DECEMBER 28, 2020
IMPLEMENTED ON: JULY 1, 2021
Issued by: State Cryptography Administration
Table of Contents
Foreword ... 4
1 Scope ... 5
2 Normative References ... 5
3 Terms and Definitions ... 5
4 Symbols and Abbreviations ... 6
4.1 Symbols ... 6
4.2 Abbreviations ... 7
5 Coding of Electronic Tags ... 8
6 ONS System Architecture ... 8
7 Key Business Process of ONS System ... 9
7.1 ONS Server Registration ... 9
7.2 Security Query Processing ... 10
8 Security Requirements ... 11
8.1 Cryptographic Algorithm ... 11
8.2 Random Number Security ... 11
8.3 Key Management Security ... 11
8.3.1 General requirements ... 11
8.3.2 Types and purposes of keys ... 11
8.3.3 Key structure ... 12
8.3.4 Key generation ... 13
8.3.5 Key distribution ... 13
8.3.6 Key storage ... 13
8.3.7 Key update ... 13
8.3.8 Key backup and recovery ... 14
8.3.9 Key destruction ... 14
8.4 Hardware Security ... 14
8.5 Software Security ... 14
Appendix A (informative) Unified Coding Rules of RFID Electronic Tags ... 15
Appendix B (normative) ONS Server Registration Process ... 16
Appendix C (normative) Message Protocol Specifications ... 18
Appendix D (normative) Processing Process of Security Query ... 24
Security Technical Specifications for Unified Name
Resolution Service of RFID
1 Scope
This Standard specifies the system architecture, key business process and security
requirements for unified name resolution service of RFID; defines the registration
process of name resolution server, the security query process of electronic product
code and corresponding information message format.
This Standard is applicable to the development and application of unified name
resolution service system of RFID.
2 Normative References
The following documents are indispensable to the application of this document. In
terms of references with a specified date, only versions with a specified date are
applicable to this document. In terms of references without a specified date, the latest
version (including all the modifications) is applicable to this document.
GB/T 17901.1 Information Technology - Security Techniques - Key Management - Part
1: Framework
GB/T 32905 Information Security Techniques - SM3 Cryptographic Hash Algorithm
GB/T 32907 Information Security Technology - SM4 Block Cipher Algorithm
GB/T 32915 Information Security Technology - Randomness Test Methods for Binary
Sequence
GB/T 32918 (all parts) Information Security Technology - Public Key Cryptographic
Algorithm SM2 Based on Elliptic Curves
GB/T 35276-2017 Information Security Technology - SM2 Cryptographic Algorithm
Usage Specification
GM/Z 4001-2013 Cryptology Terminology (TRANSLATOR NOTE: it should be GM/Z
0001-2013)
3 Terms and Definitions
What is defined in GM/Z 4001-2013 (TRANSLATOR NOTE: it should be GM/Z 0001-
ip_A: address of server A
ip_EPCIS: address of EPCIS server
k_AB: session key of server A and server B
k1_AB: session key of symmetric encryption of server A and server B
k2_AB: session key of message authentication code verification of server A and server
MAC_A: message authentication code generated by server A
PCODE: electronic product code
pri_A: device private key of server A
prf(): key derivation function
prf(msg): key derivation function to perform data digest operation on message msg
pub_A: device public key of server A
rand_A: random number generated by server A
SIG_A: signature data generated by server A
SM2_Enc (pub_key, msg): use SM2 asymmetric algorithm; use pub_key as private key
to encrypt input message msg
SM2_Sign (pri_key, msg): use SM2 asymmetric algorithm; use pri_key as private key
to digitally sign msg
SM4_Enc (key, msg): use SM4 symmetric algorithm (CBC pattern); use key as private
key to encrypt message msg
u_AB: work key of server A and server B
u1_AB: work key of symmetric encryption of server A and server B
u2_AB: work key of message authentication code verification of server A and server B
[x]: x is optional
xy: x and y are concatenated
4.2 Abbreviations
The following abbreviations are applicable to this document.
ONS server. Meanwhile, this key uses the session key generated through negotiation
during the registration of the inferior ONS server for encryption and protection, and
queries and distributes messages through the local ONS server to the inferior ONS
server. During the communication between the local ONS server and the inferior ONS
server, this key (including the key used for data encryption and the key used to
calculate message authentication code) is used to perform security protection of the
confidentiality, integrity and data source validity verification for ONS query messages.
The interactive process of query messages is shown in Appendix D. The
communication protocol is shown in Appendix C.
8 Security Requirements
8.1 Cryptographic Algorithm
The cryptographic algorithm used by the ONS system shall comply with the
requirements of national and industry standards on cryptography.
The public key cryptographic algorithm adopts public key cryptographic algorithm SM2
based on elliptic curves, which shall comply with GB/T 32918.
The symmetric cryptographic algorithm adopts SM4 block cipher algorithm, which shall
comply with GB/T 32907.
The cryptographic hash algorithm adopts SM3 cryptographic hash algorithm, which
shall comply with GB/T 32905.
8.2 Random Number Security
The random number used by the ONS system shall comply with the requirements of
national and industry standards on cryptography.
The inspection of random number shall comply with the requirements of GB/T 32915.
8.3 Key Management Security
8.3.1 General requirements
The ONS system shall be equipped with complete key management measures. The
contents of key generation, storage, distribution, backup, update and destruction shall
comply with the relevant requirements of GB/T 17901.1.
8.3.2 Types and purposes of keys
The ONS system shall comply with the principle “exclusive keys for exclusive
purposes”. In accordance with the types and purposes, keys are divided into device
keys, session keys and work keys. The types of keys are shown in Table 1.
8.3.4 Key generation
The device key, which is generated by each ONS server itself, includes device private
key and device certificate.
The session key is generated through negotiation during the registration of ONS server.
See the negotiation process in Appendix B.
The work key is generated by the superior ONS server. See the generation process in
Appendix D.
8.3.5 Key distribution
The device public key of the ONS servers at all levels shall be able to be exported. It
is imported into the device after the key management system issues the device
certificate. The device private key does not need to be distributed.
After the session key is generated, there is no need to distribute it.
After the work key is generated by the superior ONS server, it is protected by the
session key of the inferior ONS server and distributed to the inferior ONS server and
the local ONS server. The distribution process is shown in Appendix D.
8.3.6 Key storage
The device key shall be stored in the non-volatile storage unit of the device, in which,
the device private key shall have security protection measures, and cannot appear
outside the device in plain text under any circumstances.
The session key and work key are stored in the volatile storage unit of the device and
shall be lost when the power is off. There shall be security measures to protect the
security during the key storage period.
8.3.7 Key update
Generally speaking, the validity period of the device certificate is not more than 5 years.
Before the device certificate expires, the device certificate shall be re-issued by the
digital certificate system in advance.
The validity period of the session key is not more than 24 h. Before the session key
expires, the inferior ONS server shall re-register and negotiate a new session key.
The validity period of the work key is not more than 1 h. After the current query expires,
and in the next query, the superior ONS server shall re-generate and distribute the
work key.
a) Server L generates a random number rand_L, with a length of 6 bytes; uses
server R device public key for SM2 encryption protection to obtain random
number rand_L cipher text;
b) Server L sends a registration request message to server R, including the
random number rand_L cipher text and server L device certificate; uses the
device private key to SM2 sign the request message;
c) After server R receives the request message, firstly, it shall verify the
legitimacy of the device certificate identity of server L and verify whether the
message signature is valid. If the verification fails, then, the registration fails;
d) Server R uses the device private key to SM2 decrypt the random number
rand_L cipher text and obtain the plain text rand_L;
e) Server R generates a random number rand_R;
f) Server R uses the random numbers rand_L and rand_R as key materials to
generate the session key k_LA;
g) In accordance with the requirements of B.2.3, server R returns a registration
response message to server L.
B.2.3 Step 2 - server R returns a registration response
The processing process is as follows:
a) Server R uses the device public key of server L to perform SM2 encryption
protection, and obtains random number rand_R cipher text;
b) Server R sends a registration response message to server L, including the
random number rand_R cipher text; uses the device private key to SM2 sign
the response message;
c) After server L receives the response message, it uses the device certificate
of server R to verify whether the signature is valid. If the verification fails, then,
the registration fails;
d) Server L uses the device private key to SM2 decrypt the random number
rand_R cipher text and obtain the plain text rand_R;
e) Server L uses the random numbers rand_L and rand_R as key materials to
generate the session key.
of D.2.3, it will initiate a query request to server R.
D.2.3 Step 2 - server L sends a query request message to server R
The processing process is as follows:
a) Server L uses the session key k1_LR to symmetrically encrypt the electronic
product code, and obtains the cipher text of the electronic product code;
b) Server L sends a query request message to server R, including the cipher text
of the electronic product code; uses the session key k2_LR to generate the
message authentication code;
c) After server R receives the request message, it uses the session key k2_LR
to verify the integrity of the message authentication code and the validity of
the data source. If the verification result is invalid, then, the query fails;
d) Server R uses the session key k1_LR to symmetrically decrypt the cipher text
of the electronic product code, and obtains the plain text of the electronic
product code;
e) In accordance with the requirements of D.2.4, server R returns the query
result to server L.
D.2.4 Step 3 - server R returns query response message to server L
The processing process is as follows:
a) Server R queries the Level-2 ONS server corresponding to the electronic
product code, assuming it is server A;
b) Server R generates the inferior work key u_LA for server L and the inferior
server A;
c) Server R uses the session key k1_LR of server L for symmetric encryption
and obtains the inferior server A address and the inferior work key cipher text:
SM4_Enc(k1_LR, ip_Au_LA);
d) Server R uses the session key k1_AR of the inferior server A for symmetric
encryption protection and obtains the inferior work key cipher text:
SM4_Enc(k1_AR, u_LA);
e) Server R returns a response message to server L, including the cipher text
SM4_Enc(k1_LR, ip_Au_LA) and SM4_Enc(k1_AR, u_LA); uses the session
key k2_LR to generate the message authentication code;
f) After receiving the response message, server L uses the session key k2_LR
to verify the integrity of the message authentication code and the validity of
cipher text: SM4_Enc(u1_LA, ip_Cu_LC);
d) Server A uses the session key k1_CA of the inferior server C for symmetric
encryption protection, and obtains the inferior work key cipher text:
SM4_Enc(k1_CA, u_LC);
e) Server A returns query response message to server L, including the cipher
text SM4_Enc(u1_LA, ip_Cu_LC) and the cipher text SM4_Enc(k1_CA,
u_LC); uses the session key u2_LA to generate the message authentication
code;
f) After receiving the response message, server L uses the work key u2_LA to
verify the integrity of the message authentication code and the validity of the
data source. If the verification result is invalid, then, the query fails;
g) Server L uses the work key u1_LA to decrypt the cipher text SM4_Enc(u1_LA,
ip_Cu_LC), and obtains the inferior server C address and the inferior work
key u_LC;
h) In accordance with the requirements of D.2.7, server L sends a query request
to server C.
D.2.7 Step 6 - server L sends query request message to server C
The processing process is as follows:
a) Server L uses the work key u1_LC for symmetric encryption protection, and
obtains the cipher text of the electronic product code;
b) Server L sends a query request message to server C, including the cipher text
of the electronic product code and the work key cipher text SM4_Enc(k1_CA,
u_LC) distributed by the superior server A; uses the work key u2_LC to
generate the message authentication code;
c) After receiving the request message, server C uses the session key k1_CA to
decrypt the work key cipher text SM4_Enc(k1_CA, u_LC), and obtains the
work key plain text u_LC;
d) Server C uses the work key u2_LC to verify the integrity of the message
authentication code and the validity of the data source. If the verification result
is invalid, then, the query fails;
e) Server C uses the work key u1_LC to symmetrically decrypt the cipher text of
the electronic product code, and obtains the plain text of the electronic product
code;
f) In accordance with the requirements of D.2.8, server C returns the query
result to server L.
...... Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.
|