GM/T 0035.5-2014 PDF EnglishUS$150.00 · In stock · Download in 9 seconds
GM/T 0035.5-2014: Specifications of Cryptographic Application for RFID Systems - Part 5: Specification for Key Management Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure Status: Valid
Similar standardsGM/T 0035.5-2014: Specifications of Cryptographic Application for RFID Systems - Part 5: Specification for Key Management---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GMT0035.5-2014 GM CRYPTOGRAPHY INDUSTRY STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Record No.. 44640-2014 Specifications of Cryptographic Application for RFID Systems – Part 5. Specification for Key Management Issued on: FEBRUARY 13, 2014 Implemented on: FEBRUARY 13, 2014 Issued by. State Cryptography Administration Table of ContentsForeword ... 3 1 Scope .. 4 2 Normative References ... 4 3 Terms and Definitions ... 4 4 Symbols and Abbreviation .. 4 5 Key Mechanism ... 5 5.1 Symmetric key mechanism .. 5 5.2 Asymmetric key mechanism ... 6 6 Symmetric Key Management Module .. 6 7 General Requirements for Symmetric Key Management ... 8 8 Use Requirements for Symmetric Key ... 8 8.1 ID authentication ... 8 8.2 Access control ... 9 8.3 Confidentiality .. 9 8.4 Integrity ... 9 Appendix A (Informative) Key Management Example of RFID System ... 10ForewordGM/T 0035 Specifications of Cryptographic Application for RFID Systems can be divided into 5 parts. --- Part 1. Cryptographic Protection Framework and Security Levels; --- Part 2. Specification of Cryptographic Application for RFID tag chip; --- Part 3. Specification of Cryptographic Application for RFID Reader; --- Part 4. Specification of Cryptographic Application for Communication between RFID Tag and Reader; --- Part 5. Specification for Key Management. This Part belongs to Part 5 of GM/T 0035. This Part shall be drafted as per the rules of GB/T 1.1-2009. This Part was proposed and under the jurisdiction of Cryptographic Industry Standardization Technical Committee. Drafting organizations of this Part. Xingtang Communication Technology Co., Ltd., Shanghai Hsic Application System Co., Ltd., Beijing Zhongdian Huada Electronic Design Co., Ltd., Shanghai Fudan Microelectronics Group Co., Ltd., Beijing Tongfang Micro-Electronics Co., Ltd., Fudan University, Aisino Co., Ltd., Shanghai Huahong Integrated Circuit Co., Ltd., and Beijing Huada Zhibao Electronic System Co., Ltd. Chief drafting staffs of this Part. Wang Junfeng, Dong Haoran, Chen Yue, Gu Zhen, Zhou Jiansuo, Liu Lina, Yu Jun, Wu Xingjun, Wang Yunsong, Xu Shumin, Xie Wenlu, Liang Shaofeng, Wang Junyu, Liu Xun, and Wang Huibo. Specifications of Cryptographic Application for RFID Systems – Part 5. Specification for Key Management1 ScopeThis Part of GM/T 0035 specifies RFID tag, RFID reader, their communication related key management requirements when RFID system adopts cryptographic mechanism. This Part is applicable to the design, realization and application for the key management of RFID system.2 Normative ReferencesThe following documents are essential to the application of this document. For the dated documents, only the versions with the dates indicated are applicable to this document; for the undated documents, only the latest version (including all the amendments) are applicable to this document. GM/T 0035.1-2014 Specifications of Cryptographic Application for RFID Systems. Part 1. Cryptographic Protection Framework and Security Levels3 Terms and DefinitionsThe terms and definitions stipulated in GM/T 0035.1-2014 are applicable to this document.4 Symbols and AbbreviationThe symbols and abbreviation stipulated in GM/T 0035.1-2014 are applicable to this document. Figure 2 -- Symmetric Key Management Module of RFID System In the Figure 2, key generation system finishes key generation and dispersion in the RFID system; key distribution system finishes distribution and entry of key in RFID tag and reader; key shall be used in the secure cryptographic device, which includes secure access module in RFID reader and RFID tag.7 General Requirements for Symmetric KeyManagement The system shall take necessary security protection measures; so that meet the requirements for protecting the key security. The symmetric key stored in the RFID tag shall not be read. The symmetric key stored in the RFID reader shall be stored in the secure access module and shall not be read. The following contents in the key management such as key generation, storage, dispersion, distribution, entry, backup, restoring, verification, use, update, filing, cancellation and destruction, etc. shall meet the relevant requirements for the competent department of national cryptographic management.8 Use Requirements for Symmetric Key8.1 ID authentication 8.1.1 UID authentication The RFID tag shall store the check code jointly established by UID of RFID tag and relevant application information; while the RFID reader shall store the key for generating such check code. 8.1.2 Challenge response authentication The key used for the challenge response authentication must have the uniqueness. The key used for the challenge response authentication and stored in RFID tag shall be generated through the dispersion of derivation key and UID of RFID tag. The RFID reader shall store the derivation key used for challenge response authentication; can dispersedly generate the key consistent with the key used for the challenge response authentication through reading the UID of the RFID tag; it is storedAppendix A(Informative) Key Management Example of RFID System This Appendix describes a key management example, which is applicable to the RFID system with security level of Level-3. A.1 Application requirements of system The key management requirements of this application are based on the following basic conditions. a) The system involves several RFID tag issuers (referring to the originators of the RFID tag information); each issuer has a unique code to distinguish (manufacturer ID); b) When leaving the factory, each RFID tag has a UID (chip UID); c) Perform secure access control to the two information memory areas (distinguished by tag information area 1 and tag information 2) in the RFID tag; each information memory area shall have independent access control permission; distinguish the writing from reading; d) The RFID tag has the special key memory area, which shall be written into once rather than being rewritten; e) The data stored in the information memory area of the RFID tag shall use special key to encrypt; f) The algorithm in the reader has. 1) The symmetric cryptographic algorithm SM7 is used for information encryption of two-way ID authentication with RFID tag, access control and transmission process; 2) The symmetric cryptographic algorithm SM1/SM4 is used for information storage encryption and key dispersion; 3) The asymmetric cryptographic algorithm SM2 is used for generating the digital signature of information, verifying the signature; 4) The cryptographic hash function SM3 is used for generating information summary. SKi) of the RFID reader itself. Such key pairs are generated in the RFID reader; the generated private key is securely stored in the RFID reader; the public key is uploaded to the cryptographic device of the key management center; the public key certificate is obtained by signifying the derivation private key; then enter into the RFID reader; namely, the form storage of the public key certificate (PubCerti) of the RFID reader. A.2.2 Key dispersion Adopt the key dispersion method to generate the whole keys entered into the RFID tag and partial key (with the writing permission) entered into the RFID reader. Since KW1 and KW2 respectively have writing permissions against RFID tag information area 1 and information area 2; the use of the writing permission is only limited to each tag’s issuer; thus, the two keys must be dispersed in two stages. The first-stage dispersion is performed in the key management center; use the manufacturer ID to disperse the derivation key; the dispersed key shall be distributed to each RFID tag’s issuer. The second-stage dispersion is performed when each tag’s issuer writes the key into RFID tag; use the chip UID to re-disperse the key after first-stage dispersion and generate the personalized key of the RFID tag; write it into the key area of the RFID tag. Since the user can read the RFID tag information issued by any tag’s issuer; thus, for KR1, KR2 and KD, they can use chip UID to disperse the derivation key once. Adopt SM1/SM4 cryptographic algorithm to perform key dispersion. Once dispersion method is as follows. KW1’ = Enc (manufacturer ID, KW1); KW2’ = Enc (manufacturer ID, KW2); KR1’ = Enc (tag UID, KR1); KR2’ = Enc (tag UID, KR2); KD’ = Enc (tag UID, KD). The KW1’ and KW2’ needs to perform the second dispersion, the method of which is as follows. KW1’’ = Enc (tag UID, KW1’); KW2’’ = Enc (tag UID, KW2’). Thereof, take manufacturer ID or chip UID for distinguishing the UID of manufacturer or chip as the dispersion factor; the l... ......Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al. Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of English version of GM/T 0035.5-2014 be delivered?Answer: The full copy PDF of English version of GM/T 0035.5-2014 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.Question 2: Can I share the purchased PDF of GM/T 0035.5-2014_English with my colleagues?Answer: Yes. The purchased PDF of GM/T 0035.5-2014_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. www.ChineseStandard.us -- GM/T 0035.5-2014 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.How to buy and download a true PDF of English version of GM/T 0035.5-2014?A step-by-step guide to download PDF of GM/T 0035.5-2014_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).Step 2: Search keyword "GM/T 0035.5-2014". Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart. Step 4: Select payment option (Via payment agents Stripe or PayPal). Step 5: Customize Tax Invoice -- Fill up your email etc. Step 6: Click "Checkout". Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively. Step 8: Optional -- Go to download PDF. Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice. See screenshots for above steps: Steps 1~3 Steps 4~6 Step 7 Step 8 Step 9 |
