1. Logical Security Overview
mPOS end product uses Katherine's Microelectronics Technology Hengda MH1902 security chip , terminal logical security function is mainly done by the security CPU.
2. Physical Security Module Description
1) The chip security module comprising
1, hardware DES \ RSA \ state secret encryption algorithm;
2, environmental monitoring mode;
3, trigger detection module;
4, random number generator.
2) trigger detection module
A trigger detection module is mainly used to attack detection system can detect a voltage, temperature, and four external trigger pin state detector , upon detection system is attacked,
All stored in a battery protection zone data will be cleared.
3) Random number generator
A random number generator, the random number generator using the CPU, CPU random number generator for generating random numbers required for the program. When generating random numbers with some
Other random factor, date and time, address, and the timer value of remaining time, a random factor, and the generated random number using the 3DES algorithm and then treated as inputs
The factor, so that the data of the random number generator generates more random.
4) measures for the safe handling software logic
In addition to the physical security provided by the chip security module, in software logic, MPOS terminal uses a variety of security schemes to ensure the security of sensitive data to prevent data
It has been tampered with.
1, using the CPU boot security checking mechanism to download boot of control;
2, using RSA2048, SHA-256 algorithm to ensure the legitimacy and integrity of the firmware upgrade and run the program;
3, using the download key RSA2048 algorithm used during transmission to an encryption key and an authentication key;
4, using a random number generator MMK, ELRCK using NV SRAM storage area MMK, ELRCK to encrypt keys stored in the machine and
Certification system after being attacked MMK, ELRCK lost, and the key will be lost;
5, if the machine is not operated, then 3 minutes, will automatically shut down in the case without the foreign, to conduct an inspection of all keys each power , to check whether the key
It has been tampered with;
6, every 24 hours restart of the firmware integrity, validity check, and to conduct an inspection for all keys;
7, to read the secret key to check in real time, preventing the use of keys has been tampered with.
3. Safety CPU file signature format
1) RSA certificate format
1, the public key certificate format
version |
ASC |
8B |
PK 1 |
Public key, behind if less than 0 |
Issuer |
ASC |
16B |
TRENDS |
Behind if less than 0 |
serial number |
ASC |
32B |
1234567890 |
Behind if less than 0 |
Signature algorithm identifier |
ASC |
8B |
RSA |
Behind if less than 0 |
Validity |
BCD |
8B |
2010010120110101 |
Behind if less than 0 |
Public information |
HEX |
164B |
|
With a random number (2048) |
spare |
HEX |
720B |
0 |
|
CA's digital signature plaintext |
HEX |
20B |
|
|
CA's digital signature ciphertext |
HEX |
24B |
|
Filling certificated 0 |
2, the private key certificate format
version |
ASC |
8B |
SK1 |
Private, behind if less than 0 |
Issuer |
ASC |
16B |
TRENDS |
Behind if less than 0 |
serial number |
ASC |
32B |
1234567890 |
Behind if less than 0 |
Signature algorithm identifier |
ASC |
8B |
RSA |
Behind if less than 0 |
Validity |
BCD |
8B |
2010010120110101 |
Behind if less than 0 |
Private information |
HEX |
580B |
|
With a random number (2048) |
spare |
HEX |
2104B |
0 |
|
CA's digital signature plaintext |
HEX |
20B |
|
|
CA's digital signature ciphertext |
HEX |
24B |
|
Filling certificated 0 |
4. Security CPU security and key management
1) key storage
1, MMK, ELRCK chip stored in the battery protection register areas
Key encryption key MMK, ELRCK dryice module stored in the battery protection register DRY_SKR
2、DRY_SKR:DryIce Security Key Register(DRY_SKR0 to DRY_SKR7)
3, MMK: all keys stored in POS be encrypted
ELRCK: POS of keys stored in the verification MAC for encrypting
. 4, DRY_SKR register values corresponding to Table 3
Register |
Data |
Remark |
---|---|---|
DRY_SKR 0,1,2,3, |
MMK |
16bytes |
DRY_SKR4,5,6,7 |
ELRCK |
16bytes |
2) application key storage
1, MK: master key
PINK: PIN encryption key work
MACK: MAC encryption work key
TDK: track data encryption work key
FIXEDK: fixed key
BPK: authentication key that is used to download work key
2, MK, PINK, MACK, TDK, FIXEDK, BPK storage structure shown below (each occupying 32 bytes of the key space):
typedef struct _PCIAPPKEY
{
u8 keytype;
u8 keyindex;
u8 keylen;
u8 keydata[24]; //使用MMK对密钥加密后的数据
u8 keylrc[5]; //对上面的信息算校验MAC,然后使用ELRCK加密
}PCIAPPKEY;
In the above structure is stored (group number) .key file, as shown in FIG.
3) storing key encryption method
1、将要保存的密钥的keytype、Keyindex、keylen、keydata填入到结构体中相应的数据段中
tmpappkey.keytype = keytype;
tmpappkey.keyindex = keyindex;
tmpappkey.keylen = keylen;
memset(tmpappkey.keydata,0xff,sizeof(tmpappkey.keydata));
memcpy(tmpappkey.keydata,keydata,keylen);
2、使用MMK对密钥明文使用3DES进行加密
ret = pcikeymanage_keyprocessusingMMK (ENCRYPT,tmpappkey.keydata,24);
if(ret != PCI_PROCESSCMD_SUCCESS)
{
DEBUG("\r\n pcidrv_keyprocess_usingMMK ret = %d \r\n",ret);
return ret;
}
3、计算密钥密文的XOR校验值
k = pcikeymanage_CalculateLRCCheckvalue (tmpappkey.keydata,24);
4、组织密钥信息校验MAC
elrckdata[0] = k;
elrckdata[1] = tmpappkey.keytype;
elrckdata[2] = tmpappkey.keyindex;
elrckdata[3] = tmpappkey.keylen;
elrckdata[4] = 0;
elrckdata[5] = 0;
elrckdata[6] = 0;
elrckdata[7] = 0;
5、使用ELRCK对密钥信息校验MAC进行DES加密
ret = pcikeymanage_keyprocessusingELRCK (elrckdata,8);
if(ret != PCI_PROCESSCMD_SUCCESS)
{
return ret;
}
6、比较已保存的密钥中是否有一样的密钥
ret = pcikeymanage_checkallappkey (groupindex,keytype,keyindex,tmpappkey.keydata);
if(ret != PCI_PROCESSCMD_SUCCESS)
{
return ret;
}
7、将最后的结构体数据保存到密钥文件中
pcikeymanage_saveappkey();
5. 密钥擦除
POS运行过程中,24小时检测运行程序时检查到运行程序被篡改,MMK 、ELRCK校验不正确或保存在SPI FLASH中的密钥被
篡改了,会先清除MMK 、ELRCK,再擦除外部FLASH中的密钥数据。这时候终端被锁,提示"系统安全已触发"。
void pcitamper_manage_selfcheck_securitylocked(u8 type)
{
dev_dryice_writeramdata(); //清除MMK、ELRCK
pcikeymanage_initkeydata(); //清除所有密钥
gPCITamperManage.gTamperCurrentValue = 0xFFFFFFFF;
pcitamper_manage_savetamper(gPCITamperManage.gTamperCurrentValue); //保存触发状态
dev_smc_systemsoftreset(); //机器重启
}