Design of embedded network encryption security system based on smart card

Abstract: Aiming at the problem of low efficiency and poor security of traditional user-level network communication in C/S mode, the overall security and confidentiality performance of the system is comprehensively considered, and a core 22-layer implementation scheme is proposed. The encryption system is designed and implemented based on MicrowindowsGUI and TinyWidgets control set under the hardware support of smart card and embedded uClmux platform, adopting customer identity authentication, data integrity verification, and transmission information encryption security strategy.

introduction

The financial security payment system is a software and hardware platform that is specifically designed for the application needs of the financial field and realizes miniaturized, convenient, and secure self-service transactions. It can provide high-speed and secure services for a variety of applications, solve various security issues that exist in the transmission of current transaction information, and realize secure transactions of financial information. The network security encryption system based on this embedded system is to ensure that some important data information of the client can be safely transmitted during the communication process with the bank server .

1 Smart Card Basics

1.1 Internal structure and features

Smart card is also called IC card, and its English name is SMART card or Integrated Circuit Card. According to the different integrated circuits used in the card, it can be divided into memory card, logic encryption card, CPU card and radio frequency card . Since the CPU card integrates the microprocessor CPU, storage unit (including random access memory RAM, program memory ROM ( FLASH ), user data memory EEPROM) and chip operating system COS (chip operating system), it constitutes a complete computer system.

It not only has the function of data storage, but also has the functions of command processing and data security protection, so its security is greatly enhanced, and it has been widely used and has become the mainstream product in smart cards. The CPU card used in this system has a chip core implemented by ASIC hardware, which is very safe and complies with the ISO/IEC 7816 smart card standard and the "China Financial Integrated Circuit (IC) Card Specification". Its internal structure (as shown in Figure 1) has the following characteristics: ① Its own physical security mechanism and COS security system provide double security guarantees for the CPU card; ② The CPU card with its own operating system has low requirements for the computer network system and can realize offline operation; ③ It can realize multiple applications in one card in the true sense, and each application is independent of each other and controlled by its own key management system; ④ It has a large storage capacity and can provide 1K~64K bytes of data storage space; ⑤ It has a long service life and the data storage time can reach more than 10 years.

1.2 Main functions

Smart cards have the following functions: ① Identity authentication: Authentication of the legal identities of the cardholder, the card terminal and the card; ② Payment and settlement tools : Electronic wallets and electronic passbooks can avoid the inconvenience of carrying large amounts of cash and making change, thus improving transaction efficiency; ③ Security module: Use the corresponding keys to achieve encryption, decryption and transaction processing, thereby completing security authentication with the user card; ④ Data carrier: The CPU card can be used as a secure carrier for personal files or important data, and the data can be stored for at least 10 years.

1.3 Working Principle

Smart card security system consists of three parts: security status, security attributes and security mechanism. Security status refers to the current security level of the smart card, that is, the value of the current security status register. Security attributes are also called access rights, that is, what value of the security status register is required when performing a certain operation. Security mechanism refers to various security modes supported by the card in a broad sense, and in a narrow sense, it refers to the methods and means used to achieve the transfer of security status. A security state is transferred to another state through the above security mechanism. The security state is compared with a security attribute. If they are consistent, it means that the command corresponding to the attribute can be executed; if they are inconsistent, the relevant command cannot be executed, thereby achieving the purpose of security control. This is the basic working principle of the smart card security system.

The smart card is mainly used to encrypt information sent by the client and decrypt information sent by the server. The smart card supports multiple symmetric cryptographic systems. It also stores the client master key and client ID number, which can be used to encrypt various sensitive information generated during file transfer and authenticate the user's identity to ensure the security and integrity of the information.

In terms of key management, the smart card generates the client master key using the Diversify key diversification algorithm based on the client ID number injected into it. When communicating with the password server, the server obtains its ID number and also uses the key diversification algorithm to generate the client master key. The client master key is then used to encrypt the check-in response message with the working key and sent back to the client. The client's smart card decrypts the working key and uses the working key to call the corresponding algorithm to complete encryption and decryption and message integrity verification.

2 Design Principles

To design a network security encryption system, the following aspects should be considered:

(1) Standardization and modular design principles. In the design process of product software and hardware, the modular design principle is followed. Each functional module is relatively independent, and the interfaces between modules are clearly defined . Follow the standardized design route, follow the PBOC* specifications of the People's Bank of China (except algorithms), use standard interfaces, and provide standardized security services;

[page]

(2) Adaptability and scalability principles. The overall design is closely integrated with actual applications, and can adapt to complex application environments and their communication lines, multiple operating system platforms, Web service platforms, browser platforms, and support various popular development environments. In addition, it is scalable, can adapt to future changes in demand, can respond to new security risks brought about by changes in security threats, and ensure the security of the system throughout its life cycle;

(3) Reasonable key management. The security control and management of keys is the key to system design. On the basis of ensuring system security, the design of the key management system should be as simple and practical as possible;

(4) The key sensitive fields in the transmission message should be encrypted and protected at the appropriate place in the system. If encryption is performed at a low level, the underlying system elements will be overly trusted, and these are too far away from the user layer. Even if they are replaced, they will not attract the user's attention, which introduces vulnerability; if the encryption module is too close to the user, the user's frequent intervention will easily introduce errors, which is not suitable for normal use. Based on the above considerations, a network security encryption system must ensure security while ensuring the system's operating efficiency and ease of use. Therefore, the encryption system designed in this article embodies the following principles:

(1) Ease of use. Whether on the client or server side, users do not need to worry about encryption and decryption operations. All encryption and decryption operations and user identity authentication operations are automatically completed by the security module;

(2) Security. A variety of security mechanisms are adopted. The encryption chip itself has identity authentication and a strong physical anti-analysis mechanism, and the use of keys is protected by user passwords. A three-level key management system is set up, a key management center is established, a unified security management strategy is formulated, and unified security monitoring and management of the use of cryptographic devices across the entire network are carried out;

(3) High efficiency of the system. The encryption system does not occupy too much memory and tries to use various caches in the system to ensure that the overall efficiency of the system is not greatly affected;

(4) Minimize the impact on other parts of the embedded operating system. The encryption system does not interfere with the execution of other parts of the operating system, and the security module is independent.

3 Implementation

In the traditional user layer implementation (as shown in Figure 2), the security module is placed in the user layer. When the application program wants to write a file, the data must enter the system core layer from the user layer application program through the system call. The core layer needs to hand over the data to the security module of the application layer for processing. After the security module has processed the data, it enters the system kernel layer through the system call. Finally, the core layer sends the data to the remote server. Data is exchanged multiple times between the user layer and the core layer, and the application program also needs to switch multiple times between the core space and the user space. Data needs to be cached in both the user space and the core space, which will inevitably reduce the efficiency of the system. In addition, the security module running in the application layer is very vulnerable to threats. For example, a process running in the kernel space can access the memory of the application layer without any restrictions, and thus can also access the memory space of the security module, resulting in the leakage of confidential information. However, this implementation has the advantages of good system compatibility, simple implementation, and small changes to the system, and can be easily transplanted on different operating systems.

The core layer implementation method we adopted (as shown in Figure 3) puts the security module into the core layer for implementation. In this way, data only needs to enter the core layer through system calls from the user space where the application is located, and is processed by the security module of the core layer. There is no switching of multiple space levels, and the efficiency of the system is greatly improved. At the same time, the system code is solidified in FLASH , and the write operation to the system storage area is not supported. Therefore, general network * or Trojans cannot be implanted in the executable code storage area of ​​the system. This solidification feature makes it very difficult to attack the Web server through the client. In addition, when generating the operating system running code, only the 8080 browsing port is opened, and other unnecessary network service ports are disabled. It is also not easy to log in to the client through network means and then attack the Web server with a legitimate identity. Intermediate attacks on the line are difficult to implement because of encryption, and if the Web server is not attacked, the browsing of the secure Web server will generally not be attacked. Therefore, the security enhancement measures such as system solidification, disabling services, and key configuration settings adopted by the core layer implementation method have greatly improved the security and reliability of the system.

4 Design and implementation of network security encryption system

[page]

4.1 Microwindows and TinyWidgets Basics

Microwindows (as shown in Figure 4) is a well-known open source embedded GUI software that aims to introduce a graphical window environment to small devices and platforms running Linux. As an alternative to XWindow, Microwindows can provide similar functions to XWindow using less RAM and file storage space (100K~600K). Microwindows allows designers to easily add various display devices, mice, touch screens , keyboards, etc.

Microwindows is very portable and is basically implemented in C language, with only some key codes using assembly to increase speed. Microwindows supports Intel 16-bit, 32-bit CPUs, MIPS R4000 and ARM chips. Although Microwindows fully supports Linux, its internal portable structure is based on a relatively simple screen device interface and can run on many different RTOS and bare metal. The Microwindows system supports the simulation target platform on the host platform in a graphical way. In this way, Microwindows applications designed for Linux can be written and developed on a desktop computer without cross-compilation, can be tested and run, and can run directly on the target platform.

MicroWindows is a GUI system based on a typical client/server architecture, which is basically divided into three layers. The bottom layer is the driver for graphics output and keyboard, mouse or touch screen; the middle layer provides an abstract interface for the underlying hardware and performs window management; the top layer provides APIs compatible with X. Window and WindowsCE (win32 subset). However, since Microwindows does not implement window management, the system needs to provide a plug-in set for window management. TinyWidget is such a control set for programmers to call. TinyWidget~ is a c control set based on Microwindows, which provides some relatively basic control objects, such as windows, buttons, labels, text input boxes, list boxes and combo boxes.

4.2 uClinux and its file system construction plan

The embedded operating system uClinux (micro.control.Linux) is a modular, simplified version of Linux. It has the characteristics of being customizable, configurable, highly secure, portable and extensible. It is easy to upgrade and adapt to new applications.

uClinux system uses romfs file system, which requires less space than general ext2 file system. The space saving comes from two aspects. First, the kernel needs less code to support romfs file system than ext2 file system. Second, romfs file system is relatively simple and requires less storage space to establish file system superblock. Romfs file system does not support dynamic erasing and saving. For data that needs to be dynamically saved by the system, virtual ram disk is used for processing. Ram disk will use ext2 (second extended file system) or jffs2 (journal flash file system).

Therefore, considering the availability of storage space, we can mix romfs and jffs2 file systems. Using romfs file system can save more space and run faster, while using jfs2 file system can provide users with read-write space, making it convenient for users to add their own personal files and data. Romfs file system is the root file system of uClinux, and jffs2 file system can be mounted to the /home directory of romfs for users to read and write.

4.3 Specific implementation

We use Microwindows as the interface and implement encryption and decryption of information by calling smart card commands under uClinux. The specific implementation includes: ① identity authentication to ensure the validity of the identities of both parties in communication; ② use high-intensity encryption algorithms to encrypt and decrypt communication data. When uploading, the relevant data is encrypted. When receiving, the relevant data is first decrypted and then processed separately; ⑧ secure message transmission to ensure the reliability, integrity and authentication of the sender.

4-3.1 Identity Authentication

The identity of the client is determined by the security module. Each security module has a unique ID number. Before the actual transaction, the client sends a sign-in message to upload the ID number to the server. The server first verifies the legitimacy of the ID. If it passes, it will issue an encrypted working key. If the client can decrypt the working key and continue the transaction, it means that the identity of the server is legal, thereby completing the entity authentication of the client. After the sign-in is completed, the server requires the user to enter the user name and password, and verifies the ID number, user name, and password to complete the customer's identity authentication.

4.3.2 Encryption and Decryption

Encryption and decryption use a high-strength symmetric encryption algorithm that has been burned into the smart card and a 128-bit data encryption key to encrypt key sensitive fields in the transmitted message.

(1) Data encryption steps

Step 1: Use LD to represent the length of the plaintext data, and add LD before the plaintext data to generate a new data block;

[page]

Step 2: Decompose the data block generated in step 1 into 8-byte data blocks, labeled D, D, D, etc. The length of the last data block may be less than 8 bits;

Step 3: If the length of the last (or only) data block is equal to 8 bytes, go to step 4; if it is less than 8 bytes, add the hexadecimal number "80" to the right. If the length has reached 8 bytes, go to step 4; otherwise, add a 1-byte hexadecimal number "0" to the right until the length reaches 8 bytes;

Step 4: Encrypt each data block with the corresponding key;

Step 5: After the calculation is completed, all encrypted data blocks are concatenated together in the original order (encrypted D, encrypted D:, etc.), and the resulting data block is inserted into the command data field.

(2) Data decryption steps

Step 1: Decompose the data block in the command data field into 8-byte data blocks, labeled D, D, D4, etc., and decrypt them using the same key as the encryption key;

Step 2: After the calculation is completed, all decrypted data blocks are linked together in order (decrypted D., decrypted D, etc.). The data block consists of LD, plaintext data, and padding characters;

Step 3: Since LD indicates the length of the plaintext data, it is used to recover the plaintext data.

4-3-3 Secure message transmission

Data integrity and authentication of the sender are achieved by using a message authentication code (MAC). MAC is a public function of the message content and the key, and its output is a short data block of fixed length: MAC=C(M, K). Where M is the message content, K is the key shared by both communicating parties, and C is the algorithm for generating the MAC value. Algorithm C requires that M1 and C(M1.K) are known, and it is impossible to construct a message M2 that satisfies C(M2, K)=C(M1, K), so MAC can uniquely identify the original message. The message authentication key (MAK) uses the 3DES algorithm to calculate the MAC value of the transaction information for message authentication. By performing message authentication operations on the message, it ensures that the message has not been tampered with.

(1) 3DES algorithm: The 3DES algorithm uses a 16-byte key K = (KL, KR) to encrypt an 8-byte plaintext data block into an 8-byte ciphertext data block, as shown below: Y = DES (KL) [DES. 1 (KR) [DES (KL [x])]]. The decryption method is as follows: x = DES. 1 (KL) [DES (KR) [DES. 1 (KL [Y])]].

(2) Message authentication algorithm: extract the key sensitive fields in the transmission message, divide them into several data blocks in units of 8 bytes, and add OX00 when the length of the last data block is less than 8 bytes. After the division is completed, each data block is used as a data block (D) participating in the operation, and the initial value is 8 bytes of hexadecimal 0. The final MAC value is the calculation result. The 4-byte hexadecimal number obtained on the left. The algorithm flow is shown in Figure 5.

5 Conclusion

This system adopts a variety of security measures to meet the security and confidentiality requirements of the client network access open structure, realizes the transmission encryption protection and message authentication of key fields of transaction information, ensures the security of transaction information and its encryption equipment, and has strong network adaptability. Because the system uses an open source operating system, it is possible to integrate various communication applications and can adapt well to the development of future financial communications.

In future work, we still need to strengthen the system's anti-attack capabilities in terms of hardware, stability, and usage environment.