With its own superiority, smart cards have become the best client-side solution in internationally recognized commercial network security communications. However, it has not been a good solution to how to connect readers to each PC. . With the accumulation of its own IC card technology and active exploration of e-commerce, Winch Company has solved the combination of smart card and e-commerce very well. The IC card and the browser are seamlessly connected, and the certificate is stored on the smart card to authenticate the cardholder and sign the customer's digital signature directly at each purchase. The statement is as follows.
(1) The role of TimeCOS/PK
The smart card has a microprocessor (CPU) and a rewritable memory unit (EEPROM) inside, and has an operating system and a file management system. The company has been engaged in the research and development of smart cards for many years. It has the world's advanced and domestic first-class smart card technology and products. It has launched the RSA encryption algorithm implemented by the card hardware with independent property rights, which can complete the operations of signature, authentication, encryption and decryption at high speed. . The use of smart cards has the unique advantages of other methods:
1. Store important information of the user, including certificates, keys, passwords, personal information, etc. in the smart card;
2. The encryption process can be completed in the card, and the information such as the personal key used for encryption is not allowed to be read from the card, thereby maximizing the security of the communication;
3. The content stored in each smart card is unique, irreplaceable, and has the meaning of representing the user. Provide manageability for operational safety;
4. The owner of the smart card can conveniently carry it, and can complete the e-commerce operation on the computer connected to the reader at any place, which is not only safe but also more convenient than other methods;
5. In addition, it has the advantages of fast calculation speed, good confidentiality of the algorithm, and the same smart card can be used with a variety of communication software and application software.
(B), smart card security communication kit
1. Composition
The Network Client Security Communication Kit is a support system that can be used with Netscape or IE browser to enhance the security of the client. It assists in the implementation of network security communication based on international standard protocols such as SSL and S/MIME. It consists of the following parts:
1). The card reader is connected to the computer through a 9-pin serial interface or a keyboard jack;
2). Smart card, the company's TimeCOS/PK card with RSA coprocessor;
3). Connect the software, complete the interface of the smart card and the interface with the browser to complete the calculation, processing and operation tasks of the secure communication;
4) User tools, complete verification, modify user PIN, check the information stored in the smart card, automatically detect or manually set the card reader's connection port (COM port) and other functions;
5). Documentation and user manual.
2. The main features of the system are as follows:
Highly secure, supporting the use of the 1024/2048-bit RSA public key algorithm;
Fully implement the secure communication functions supported by the SSL and S/MIME protocols, including receiving and storing certificates, performing digital signature/authentication and data encryption/decryption processing;
The standard interface is used to realize seamless connection in the browser, and the original secure communication operation process of the browser is completely followed in the communication process;
Secure storage of the payment password (MAC) and user signature using an encrypted card reader;
This system is highly modular. Guarantee to support the upgrade of smart card products, support system customization according to user needs.
3. Working principle:
The suite's software is the core part of the system. It performs tasks such as operation of the reader, operation of the card, interface with the browser, and assisting the browser to perform various secure communications. The main tasks completed by this software module are:
Generate a user key pair or control card to generate a key internally, and store the 1024/2048 user key securely in the card;
Download, store, manage and use the user certificate in secure communication;
Signing and encrypting the RSA algorithm in the card using the user's private key;
RSA authentication and decryption calculations are performed using the user key;
Complete the check of the user's PIN password;
In the process of secure communication, the browser is used to perform other functions, such as an internal self-test process, detecting the status of the card, and giving information prompts in a timely manner.
(3) Secure card operating system TimeCOS/PK
In summary, due to the intervention of the smart card, the security of the network client has been transferred to the smart card. In addition to the management of the PIN password, it is the security strength of the card operating system.
TimeCOS/PK is based on the TimeCOS V2.X version, combined with the requirements of e-commerce, strengthens the application of the public key cryptosystem, makes full use of the coprocessor on the chip, and can quickly complete the signature, authentication, and encryption of the RSA algorithm. Decryption operation, with the key generation function in the card, while retaining the functions of the Chinese financial IC card technical specifications. The characteristics are as follows:
· Fully in line with China's financial IC specifications;
· Support asymmetric cryptographic algorithm, which can complete the signature, authentication, encryption and decryption operations of RSA and FAC algorithms in the card;
· The pairwise keys required to support the RSA and FAC algorithms are generated within the card;
· Support line encryption and line protection functions to prevent communication data from being illegally stolen or tampered with;
· Meet individual needs, this version of TimeCOS has the ability to delete, modify, add certain features according to the user's specific requirements;
· Support multiple different applications on one card, and up to three levels of directories can be established;
· Supports Single DES and Triple DES algorithms, and automatically selects the Single DES and Triple DES algorithms according to the length of the key;
· With anti-plug function, the card content can be automatically restored when the card is abnormally pulled out during the transaction process;
· Support e-wallet function, the size of the wallet can be set by the user;
· Support multiple file types, including binary files, fixed length record files, variable length record files, loop files, wallet files;
· Support ISO7816-3 T=0 (character transfer) and T=1 (block transfer) communication protocol;
· Support multiple rate selection, support different communication rates such as 9600bps, 19200bps, 38400bps, and 76800bps;
· Support multiple capacity options, 8K, 16K bytes of EEPROM space can be selected;
· High efficiency, TRIPLE DES calculation time 16ms, RSA algorithm signature time 268ms, RSA algorithm, authentication time 18ms, e-wallet transaction time 80ms, consumer transaction time 103ms.
(IV), application methods and prospects
In general, the application of the smart card-based network client suite can be divided into two categories: user autonomous use and organized use. User-autonomous use refers to the CA-Certificate Authorities and the object of selecting secure communication after the user purchases the kit.
Organized use refers to the center of an e-commerce center, banking service network, or secure communication network to provide TimeCOS/PK cards and kits to its own users. The certificate used may be issued by a certificate system established by the center according to its own policy, or a certificate issued by a third party CA. The user key can be pre-written to the card when needed. The user certificate can also be written to the card before being sent to the user.
The application of smart card and secure communication suite will further promote the development of e-commerce with its unique security and convenience, and contribute to the real and complete use and implementation of e-commerce.
We can do EVA Stamp, Rubber Stamp, self ink stamp, ring stamp...etc
OEM and ODM designs are welcome.
MOQ: normally 5000set/design, or we can further discuss.
Sampling: if we have samples available, we're glad to send you free sample as long as you can offer us your courier number.
Certificate: our art sets are able to pass EN71 part 1 to part 3, Phthalate free, ASTM D-4236, CPSIA HR4040...etc.
Delivery: usually 35-40 days after approval of pre-production sample.
Payment terms: 30% TT deposit prepaid, 70% TT balance against BL copy.
Stamp
Clear Stamp,Plastic Stamp,Rubber Stamp,Childrens Stamp
Ningbo Vinny International Trading Co., Ltd , http://www.vinnystationery.com