Password Management for the RFID card

A customer asked me to add the read/write function for the rfidcard (previously, it only needed the 6-byte ID number of the card). This is only the first step, he will certainly ask for card encryption. He will encounter problems when issuing cards in the future. In addition, another customer also asked for the password import function. Therefore, I think it is necessary to sort out the rfidcard password management knowledge.

 

From the perspective of rfidcard password management, there are two methods: one is to directly manage the card password; the other is to not directly use the managed password as the card password, instead, someAlgorithmGenerate a card password using the managed password;

 

In the first case, the simplest way is to store the card password directly in the application.ProgramIs relatively safe, the password is not stored in the application, during use, manually enter the password. This situation is generally used for applications that do not require security, such as attendance.

 

In the second case, take the PSAM card of the public transport industry as an example. Generally, an encryption algorithm is used to generate a unique card password based on the unique ID of the key and card. When reading a card, read the card ID, generate a card password based on the algorithm and key, and then use the password to read the card content or even write the card. The PSAM card is essentially a single-chip program and E2PROM file system. If you do not use the PSAM card, you can also use software to implement this process.

 

Although the implementation of passwords for different businesses is different, from the design of the rfidcard, it has only two keys: Keya and keyb; we can think that there are only two permissions.

 

RFID has four types of operations: read, write, add, and subtract; for bus cards, read operations are used to query the balance; deduct operations are used to deduct money consumption; and add operations are used to save money; write operations are rarely used, and are generally used for card issuance. Fee deduction and card reading can be considered as a type of permission; card saving and card writing can be considered as a type of permission.

 

For general applications, read can be considered as a type of permission; write can be considered as a type of permission.

 

Keya has a higher level than keyb.

 

Currently, for money-related users, PSAM cards are generally used offline, and networks are generally used for online verification on servers.

 

 

Specific to the Huayu Industrial Control Platform, if the PSAM card is used, the password-related part is implemented in the microcontroller part. If the PSAM card is not used, the Java implementation is more appropriate.