摘要
随着科技的进步,经济的发展,全球金融交易越来越频繁,而针对金融交易的安全事故也屡见不鲜。为了规范金融交易市场,国际上指定了一系列的标准和规范。在我国,中国人民银行基于国际EMV标准,制定了金融IC卡的标准和规范——PBOC标准。本文致力于研究基于目前我国最新的金融IC卡标准PBOC 3.0的安全体系,使用金融IC卡做验证,并给出相应的实验结果。在研究的过程中,本文从脱机数据认证着手,同时涉及到应用密文和发卡行验证、卡片的安全、密钥管理体系和安全机制。由静态数据认证出发,到标准动态数据认证,再到快速数据认证,层层推进。从最后设计出验证PBOC 3.0金融IC卡脱机数据认证的验证平台,并验证了一些IC卡的安全性。
With the development of the economic and technology, as the global financial trading is more and more popular, the incident with the financial trading become an important topic. In order to standard the financial trading market, there are a series of standard and specification come out in the world. People's Bank of China make up with the PBOC 3.0 as the Chinese financial specification base on EMV standard. This paper researched the secu-rity system of PBOC 3.0 and verify the security of the financial IC card. At last, the paper will give the security conclusion of the IC card. In the research, this paper will start with verification of off-line data, including verifying application cryptograph and card issuer, the security of the card, key manage system and security mechanism. The security will include three aspects: static data authentication (SDA), Dynamic data authentication (DDA) and quick Dynamic data authentication (QDDA). Finally, this paper will design a verification platform about IC financial off-line data.
出处
《软件》
2017年第10期50-55,共6页
Software
基金
云南省科技人才和平台计划-科技领军人才培养(项目编号:2017HA011)
