1
/
of
8
PayPal, credit cards. Download editable-PDF & invoice in 1 second!
GM/T 0035.5-2014 English PDF (GMT0035.5-2014)
GM/T 0035.5-2014 English PDF (GMT0035.5-2014)
Regular price
$150.00 USD
Regular price
Sale price
$150.00 USD
Unit price
/
per
Shipping calculated at checkout.
Couldn't load pickup availability
Delivery: 3 seconds. Download true-PDF + Invoice.
Get QUOTATION in 1-minute: Click GM/T 0035.5-2014
Historical versions: GM/T 0035.5-2014
Preview True-PDF (Reload/Scroll if blank)
GM/T 0035.5-2014: Specifications of cryptographic application for RFID systems. Part 5: Specification for key management
GM/T 0035.5-2014
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Record No.. 44640-2014
Specifications of Cryptographic
Application for RFID Systems –
Part 5. Specification for Key Management
ISSUED ON. FEBRUARY 13, 2014
IMPLEMENTED ON. FEBRUARY 13, 2014
Issued by. State Cryptography Administration
Table of Contents
Foreword ... 3
1 Scope .. 4
2 Normative References ... 4
3 Terms and Definitions ... 4
4 Symbols and Abbreviation .. 4
5 Key Mechanism ... 5
5.1 Symmetric key mechanism .. 5
5.2 Asymmetric key mechanism ... 6
6 Symmetric Key Management Module .. 6
7 General Requirements for Symmetric Key Management ... 8
8 Use Requirements for Symmetric Key ... 8
8.1 ID authentication ... 8
8.2 Access control ... 9
8.3 Confidentiality .. 9
8.4 Integrity ... 9
Appendix A (Informative) Key Management Example of RFID System ... 10
Foreword
GM/T 0035 Specifications of Cryptographic Application for RFID Systems can be
divided into 5 parts.
--- Part 1. Cryptographic Protection Framework and Security Levels;
--- Part 2. Specification of Cryptographic Application for RFID tag chip;
--- Part 3. Specification of Cryptographic Application for RFID Reader;
--- Part 4. Specification of Cryptographic Application for Communication between
RFID Tag and Reader;
--- Part 5. Specification for Key Management.
This Part belongs to Part 5 of GM/T 0035.
This Part shall be drafted as per the rules of GB/T 1.1-2009.
This Part was proposed and under the jurisdiction of Cryptographic Industry
Standardization Technical Committee.
Drafting organizations of this Part. Xingtang Communication Technology Co., Ltd.,
Shanghai Hsic Application System Co., Ltd., Beijing Zhongdian Huada Electronic
Design Co., Ltd., Shanghai Fudan Microelectronics Group Co., Ltd., Beijing Tongfang
Micro-Electronics Co., Ltd., Fudan University, Aisino Co., Ltd., Shanghai Huahong
Integrated Circuit Co., Ltd., and Beijing Huada Zhibao Electronic System Co., Ltd.
Chief drafting staffs of this Part. Wang Junfeng, Dong Haoran, Chen Yue, Gu Zhen,
Zhou Jiansuo, Liu Lina, Yu Jun, Wu Xingjun, Wang Yunsong, Xu Shumin, Xie Wenlu,
Liang Shaofeng, Wang Junyu, Liu Xun, and Wang Huibo.
Specifications of Cryptographic
Application for RFID Systems –
Part 5. Specification for Key Management
1 Scope
This Part of GM/T 0035 specifies RFID tag, RFID reader, their communication related
key management requirements when RFID system adopts cryptographic mechanism.
This Part is applicable to the design, realization and application for the key
management of RFID system.
2 Normative References
The following documents are essential to the application of this document. For the
dated documents, only the versions with the dates indicated are applicable to this
document; for the undated documents, only the latest version (including all the
amendments) are applicable to this document.
GM/T 0035.1-2014 Specifications of Cryptographic Application for RFID Systems.
Part 1. Cryptographic Protection Framework and Security Levels
3 Terms and Definitions
The terms and definitions stipulated in GM/T 0035.1-2014 are applicable to this
document.
4 Symbols and Abbreviation
The symbols and abbreviation stipulated in GM/T 0035.1-2014 are applicable to this
document.
Figure 2 -- Symmetric Key Management Module of RFID System
In the Figure 2, key generation system finishes key generation and dispersion in the
RFID system; key distribution system finishes distribution and entry of key in RFID tag
and reader; key shall be used in the secure cryptographic device, which includes
secure access module in RFID reader and RFID tag.
7 General Requirements for Symmetric Key
Management
The system shall take necessary security protection measures; so that meet the
requirements for protecting the key security.
The symmetric key stored in the RFID tag shall not be read.
The symmetric key stored in the RFID reader shall be stored in the secure access
module and shall not be read.
The following contents in the key management such as key generation, storage,
dispersion, distribution, entry, backup, restoring, verification, use, update, filing,
cancellation and destruction, etc. shall meet the relevant requirements for the
competent department of national cryptographic management.
8 Use Requirements for Symmetric Key
8.1 ID authentication
8.1.1 UID authentication
The RFID tag shall store the check code jointly established by UID of RFID tag and
relevant application information; while the RFID reader shall store the key for
generating such check code.
8.1.2 Challenge response authentication
The key used for the challenge response authentication must have the uniqueness.
The key used for the challenge response authentication and stored in RFID tag shall
be generated through the dispersion of derivation key and UID of RFID tag.
The RFID reader shall store the derivation key used for challenge response
authentication; can dispersedly generate the key consistent with the key used for the
challenge response authentication through reading the UID of the RFID tag; it is stored
Appendix A
(Informative)
Key Management Example of RFID System
This Appendix describes a key management example, which is applicable to the RFID
system with security level of Level-3.
A.1 Application requirements of system
The key management requirements of this application are based on the following basic
conditions.
a) The system involves several RFID tag issuers (referring to the originators of the
RFID tag information); each issuer has a unique code to distinguish
(manufacturer ID);
b) When leaving the factory, each RFID tag has a UID (chip UID);
c) Perform secure access control to the two information memory areas
(distinguished by tag information area 1 and tag information 2) in the RFID tag;
each information memory area shall have independent access control
permission; distinguish the writing from reading;
d) The RFID tag has the special key memory area, which shall be written into once
rather than being rewritten;
e) The data stored in the information memory area of the RFID tag shall use special
key to encrypt;
f) The algorithm in the reader has.
1) The symmetric cryptographic algorithm SM7 is used for information encryption
of two-way ID authentication with RFID tag, access control and transmission
process;
2) The symmetric cryptographic algorithm SM1/SM4 is used for information
storage encryption and key dispersion;
3) The asymmetric cryptographic algorithm SM2 is used for generating the digital
signature of information, verifying the signature;
4) The cryptographic hash function SM3 is used for generating information
summary.
SKi) of the RFID reader itself. Such key pairs are generated in the RFID reader; the
generated private key is securely stored in the RFID reader; the public key is uploaded
to the cryptographic device of the key management center; the public key certificate is
obtained by signifying the derivation private key; then enter into the RFID reader;
namely, the form storage of the public key certificate (PubCerti) of the RFID reader.
A.2.2 Key dispersion
Adopt the key dispersion method to generate the whole keys entered into the RFID tag
and partial key (with the writing permission) entered into the RFID reader.
Since KW1 and KW2 respectively have writing permissions a...
Get QUOTATION in 1-minute: Click GM/T 0035.5-2014
Historical versions: GM/T 0035.5-2014
Preview True-PDF (Reload/Scroll if blank)
GM/T 0035.5-2014: Specifications of cryptographic application for RFID systems. Part 5: Specification for key management
GM/T 0035.5-2014
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
Record No.. 44640-2014
Specifications of Cryptographic
Application for RFID Systems –
Part 5. Specification for Key Management
ISSUED ON. FEBRUARY 13, 2014
IMPLEMENTED ON. FEBRUARY 13, 2014
Issued by. State Cryptography Administration
Table of Contents
Foreword ... 3
1 Scope .. 4
2 Normative References ... 4
3 Terms and Definitions ... 4
4 Symbols and Abbreviation .. 4
5 Key Mechanism ... 5
5.1 Symmetric key mechanism .. 5
5.2 Asymmetric key mechanism ... 6
6 Symmetric Key Management Module .. 6
7 General Requirements for Symmetric Key Management ... 8
8 Use Requirements for Symmetric Key ... 8
8.1 ID authentication ... 8
8.2 Access control ... 9
8.3 Confidentiality .. 9
8.4 Integrity ... 9
Appendix A (Informative) Key Management Example of RFID System ... 10
Foreword
GM/T 0035 Specifications of Cryptographic Application for RFID Systems can be
divided into 5 parts.
--- Part 1. Cryptographic Protection Framework and Security Levels;
--- Part 2. Specification of Cryptographic Application for RFID tag chip;
--- Part 3. Specification of Cryptographic Application for RFID Reader;
--- Part 4. Specification of Cryptographic Application for Communication between
RFID Tag and Reader;
--- Part 5. Specification for Key Management.
This Part belongs to Part 5 of GM/T 0035.
This Part shall be drafted as per the rules of GB/T 1.1-2009.
This Part was proposed and under the jurisdiction of Cryptographic Industry
Standardization Technical Committee.
Drafting organizations of this Part. Xingtang Communication Technology Co., Ltd.,
Shanghai Hsic Application System Co., Ltd., Beijing Zhongdian Huada Electronic
Design Co., Ltd., Shanghai Fudan Microelectronics Group Co., Ltd., Beijing Tongfang
Micro-Electronics Co., Ltd., Fudan University, Aisino Co., Ltd., Shanghai Huahong
Integrated Circuit Co., Ltd., and Beijing Huada Zhibao Electronic System Co., Ltd.
Chief drafting staffs of this Part. Wang Junfeng, Dong Haoran, Chen Yue, Gu Zhen,
Zhou Jiansuo, Liu Lina, Yu Jun, Wu Xingjun, Wang Yunsong, Xu Shumin, Xie Wenlu,
Liang Shaofeng, Wang Junyu, Liu Xun, and Wang Huibo.
Specifications of Cryptographic
Application for RFID Systems –
Part 5. Specification for Key Management
1 Scope
This Part of GM/T 0035 specifies RFID tag, RFID reader, their communication related
key management requirements when RFID system adopts cryptographic mechanism.
This Part is applicable to the design, realization and application for the key
management of RFID system.
2 Normative References
The following documents are essential to the application of this document. For the
dated documents, only the versions with the dates indicated are applicable to this
document; for the undated documents, only the latest version (including all the
amendments) are applicable to this document.
GM/T 0035.1-2014 Specifications of Cryptographic Application for RFID Systems.
Part 1. Cryptographic Protection Framework and Security Levels
3 Terms and Definitions
The terms and definitions stipulated in GM/T 0035.1-2014 are applicable to this
document.
4 Symbols and Abbreviation
The symbols and abbreviation stipulated in GM/T 0035.1-2014 are applicable to this
document.
Figure 2 -- Symmetric Key Management Module of RFID System
In the Figure 2, key generation system finishes key generation and dispersion in the
RFID system; key distribution system finishes distribution and entry of key in RFID tag
and reader; key shall be used in the secure cryptographic device, which includes
secure access module in RFID reader and RFID tag.
7 General Requirements for Symmetric Key
Management
The system shall take necessary security protection measures; so that meet the
requirements for protecting the key security.
The symmetric key stored in the RFID tag shall not be read.
The symmetric key stored in the RFID reader shall be stored in the secure access
module and shall not be read.
The following contents in the key management such as key generation, storage,
dispersion, distribution, entry, backup, restoring, verification, use, update, filing,
cancellation and destruction, etc. shall meet the relevant requirements for the
competent department of national cryptographic management.
8 Use Requirements for Symmetric Key
8.1 ID authentication
8.1.1 UID authentication
The RFID tag shall store the check code jointly established by UID of RFID tag and
relevant application information; while the RFID reader shall store the key for
generating such check code.
8.1.2 Challenge response authentication
The key used for the challenge response authentication must have the uniqueness.
The key used for the challenge response authentication and stored in RFID tag shall
be generated through the dispersion of derivation key and UID of RFID tag.
The RFID reader shall store the derivation key used for challenge response
authentication; can dispersedly generate the key consistent with the key used for the
challenge response authentication through reading the UID of the RFID tag; it is stored
Appendix A
(Informative)
Key Management Example of RFID System
This Appendix describes a key management example, which is applicable to the RFID
system with security level of Level-3.
A.1 Application requirements of system
The key management requirements of this application are based on the following basic
conditions.
a) The system involves several RFID tag issuers (referring to the originators of the
RFID tag information); each issuer has a unique code to distinguish
(manufacturer ID);
b) When leaving the factory, each RFID tag has a UID (chip UID);
c) Perform secure access control to the two information memory areas
(distinguished by tag information area 1 and tag information 2) in the RFID tag;
each information memory area shall have independent access control
permission; distinguish the writing from reading;
d) The RFID tag has the special key memory area, which shall be written into once
rather than being rewritten;
e) The data stored in the information memory area of the RFID tag shall use special
key to encrypt;
f) The algorithm in the reader has.
1) The symmetric cryptographic algorithm SM7 is used for information encryption
of two-way ID authentication with RFID tag, access control and transmission
process;
2) The symmetric cryptographic algorithm SM1/SM4 is used for information
storage encryption and key dispersion;
3) The asymmetric cryptographic algorithm SM2 is used for generating the digital
signature of information, verifying the signature;
4) The cryptographic hash function SM3 is used for generating information
summary.
SKi) of the RFID reader itself. Such key pairs are generated in the RFID reader; the
generated private key is securely stored in the RFID reader; the public key is uploaded
to the cryptographic device of the key management center; the public key certificate is
obtained by signifying the derivation private key; then enter into the RFID reader;
namely, the form storage of the public key certificate (PubCerti) of the RFID reader.
A.2.2 Key dispersion
Adopt the key dispersion method to generate the whole keys entered into the RFID tag
and partial key (with the writing permission) entered into the RFID reader.
Since KW1 and KW2 respectively have writing permissions a...
Share
