Identity authentication is the foundation of secure communications and information security. Through the identity authentication mechanism, various identities involved in network transactions can be identified, identity fraud can be prevented, and the authenticity of the parties involved in the communication can be ensured, thereby ensuring the normal operation of the network activity [1]. Therefore, identity authentication has always been a cutting-edge technology in the field of network security research. Password authentication is the most widely used authentication method, from the ordinary computer login system to the network mail system. However, password authentication is relatively low in security and is easily stolen by others. The biometric authentication method based on fingerprint and iris is the application of biotechnology in the field of information security. It has the characteristics of universality and uniqueness. However, based on the consideration of the cost of biometric equipment and the level of recognition technology, it is still difficult to obtain large-scale popularization. The smart card-based identity authentication method combines the advantages of hardware technology and identity authentication technology to provide a secure and reliable authentication method, which is a rapidly developing authentication method. This paper presents a design scheme for an identity-based smart card based on FPGA. The data encryption operation related to identity authentication is implemented inside the FPGA, and the encryption algorithm uses the 128 bit Rijndael algorithm. The related identity information and the constant data required for the encryption operation are stored in the FLASH memory, and the encrypted data is transmitted to the computer system through the PCI bus. 1 Identity System Overview Identity authentication means that both parties to the communication reliably verify the identity of the other party. The parties involved in identity authentication are referred to as the authenticator and the authenticated party respectively according to their functions. The authenticated party initiates the authentication request and submits its own identity information. The authenticator responds to the authentication request, checks the identity information submitted by the authenticated party, and returns the authentication result to the authenticated party. In this process, identity information is generally delivered over the network. Due to the open nature of the network, identity information may be leaked during the process of delivery. Therefore, the identity information of the authenticated party is generally not directly transmitted, and the identity information is encrypted and then transmitted, so that even if the encrypted information is intercepted by the attacker, the attacker cannot decrypt the information to obtain the identity information of the authenticated party. This requires a cryptographic algorithm used in authentication to have a sufficiently high security strength. The Rijndael algorithm is an Advanced Encryption Standard recommended by the National Institute of Standards and Technology (NIST) [2]. It is a block cipher algorithm that can use 128 bit, 192 bit and 256 bit depending on the encryption level. Three different packet lengths, with easy hardware and software implementation, good security, high efficiency and flexibility. The main arithmetic modules in the Rijndael algorithm are regular logical operations, such as permutation, cyclic shift, multiple rounds of iteration and modulo-2 addition, which are suitable for implementation in FPGAs with rich logic resources [3]. Taking ByteSub permutation as an example, this module is the only nonlinear transform component in the Rijndael algorithm and is the key to determining the security of the algorithm. The software implementation requires a large number of matrix operations, and in the FPGA, the address line decoding can be used to directly check the table in the LUT (Look Up Table) logic inside the FPGA. The main processes of smart card-based identity authentication system authentication are completed inside the smart card. The relevant identity information and intermediate operation results will not appear in the computer system. In order to prevent the smart card from being stolen by others, the smart card generally provides the user's personal identity information verification function, and the smart card can be used only by inputting the correct identity information code (PIN). Thus, even if the smart card is stolen, the smart card will not be available because the pirate does not know the correct identity code. The combination of smart card and password technology improves the security of smart card-based identity authentication systems. An identity authentication protocol using a shared key in a smart card-based identity authentication system. It is assumed that the authenticator and the authenticated party share a key K. The authentication process is as follows: (1) The authenticated party initiates an authentication request and provides its own IDi. (2) The authenticator first looks for the existence of IDi in the list of legitimate users. If it does not exist, it stops the following operation and returns an error message of the authenticated party. If IDi is present, the authenticator randomly generates a 128-bit random number N and passes N to the authenticated party. (3) After receiving the 128-bit random number N, the authenticated party sends N to the smart card input data register to issue an identity information encryption command. The smart card uses the shared key K stored in the hardware to use the Rijndael algorithm for the random number N. Encryption is performed and the encrypted result is stored in the output data register. (4) The authenticated party obtains the encrypted data from the smart card output data register and transmits it to the authenticator. The authenticator also encrypts the random number N by the shared key K through the smart card. If the encryption result is consistent with the data transmitted by the authenticated party, the identity of the authenticated party is recognized, otherwise the identity of the authenticated party is not recognized. This process implements one-way authentication of the authenticated party by the authenticator. In the case where some parties need to authenticate each other, the two parties exchange roles and complete the same operation process to complete the two-way authentication. Since the random numbers selected by each authentication are different, it is possible to prevent an attacker from using the intercepted encrypted identity information for a replay attack. 2 smart card hardware structure Figure 1 identity authentication smart card hardware structure FPGA mainly implements the replacement, cyclic shift, multi-round iteration and modulo-2 addition operation modules in Rijndael algorithm, and provides data interface control logic and user identity information code verification module of PCI9054 and FLASH memory. PCI 9054 mainly implements data exchange between PCI bus and FPGA. The FLASH memory chip MX29LV800B is used to store the encryption key used in the identity authentication process and user identity information such as the ID value. E2PROM 93CS56 is the configuration chip of PCI 9054. EPCS4 is the configuration chip of Altera's Cyclone series FPGA EP1C12, which stores the configuration information of the corresponding chip. The FPGA implements data transmission and reception and command interpretation execution through the PCI interface. 3 smart card software structure Figure 2 identity authentication smart card software system structure 3.1 Certification System Top Level Application The application program at the top of the system mainly provides the user with a GUI interface interface, so that the user can perform identity authentication related operations directly through the GUI interface, thereby avoiding the user directly calling the underlying driver function, and facilitating the user to use the smart card. The top-level application calls the corresponding smart card driver interface, sends the corresponding instruction and obtains the encrypted data from the underlying hardware, and transmits it to the remote computer system through the network according to the data format and transmission order specified by the communication protocol. 3.2 PCI interface driver Under the Windows operating system, the application executing in the user mode cannot directly access the hardware, but must indirectly access the hardware resources by calling various services provided by the device driver executing in the core state to ensure the security of the system [4] ]. A device driver is a software interface that provides a hardware device to a computer system that allows a user application to access the hardware in a canonical manner, regardless of how the hardware is controlled. The WDM device driver model is the device driver model in the Windows environment. At present, common driver development software, such as NuMega's DriverStudio, provides a driver class library that encapsulates various general operations and a large number of reference codes [5], which is convenient for users to design WDM drivers, which effectively shortens the driver development cycle. 3.3 FPGA Encryption Module The FPGA is the core component of the identity authentication smart card. The data encryption of the identity authentication system, the user identity information code verification and the data interface control logic are all completed in the FPGA. The internal module structure of FPGA is shown in Figure 3: Figure 3 FPGA internal module structure The 128-bit random number N provided by the authenticator is decomposed into a 4×4 matrix by the State matrix generation module. After the data read/write module reads the 128-bit shared encryption key K and the S-box transformation matrix from the FLASH memory, the key expansion module first generates an extended key by using the 128-bit encryption key K according to the key expansion algorithm. Then select the round key for each round of operation from the extended key. Under the management of the iterative control module, the 128-bit random number N is iterated by the ByteSub module, the ShiftRow module, the MixColumn module, and the AddRoundKey module, and the encrypted ciphertext data is output from the AddRoundKey module after the last round of operations. The PCI 9054 interface module mainly implements data exchange between the FPGA chip and the PCI9054 local bus. The FLASH interface module converts user read and write operations into read and write operation timings of the FLASH memory. The data read/write module is responsible for sending data read/write and erase information to the FLASH interface module. The command interpretation module is connected to all other modules to complete the user command decoding work. All modules operate under the control of the finite state machine (FSM) of the Verilog HDL language design. 4 Summary The FPGA-based smart card provides a new way of identity authentication. The author's innovations are as follows: (1) An FPGA-based identity authentication smart card is designed. The identity information encryption operation is completed inside the smart card. The intermediate state values ​​of all the operations except the encryption result will not appear in the computer system, which effectively improves the security of the authentication system. (2) Using the Verilog HDL language to design a finite state machine to implement the 128 bit Rijndael algorithm in the FPGA. When the system clock frequency is 50 MHz, the smart card encryption speed is 962.03 Mbits/s, which is superior to the software encryption method in efficiency and speed, and can be easily extended to 192 bit or 256 bit keys, which is flexible in use. (3) Using PCI 9054 to achieve high-speed data transmission between the FPGA and the PCI bus, reducing the complexity of the PCI interface design and ensuring the performance of the system under a large number of concurrent authentication request services. In the smart card-based identity authentication system, both the authenticator and the authenticated party use the identity authentication smart card of the same hardware structure [6]. The FLASH internally stores the same set of keys, and the key can be flexibly selected as needed. In a system that requires multiple parties to perform identity authentication, multiple sets of keys can be stored in the FLASH at the same time. For different authentication operations, the corresponding encryption key is selected, and a smart card is used to complete multi-party identity authentication, which has broad application prospects. The FPGA-based identity authentication smart card has been applied in the logistics anti-counterfeiting system. The test results show that the identity authentication smart card is safe, reliable and efficient.
Yadea furniture factory are professional at making fabric Lounge Chair. Wool fabric, linen fabric are available for upholstery for the fabric lounge chair. These fabric lounge chairs are usually with a wood frame or stainless steel frame with modern and luxury look. Fabric lounge chair have various colors for choice and cheap than leather chairs. Fabric lounge chair is good for living room or hotel rooms. Fabric lounge chair can change the upholstery easily or keep clean with fabric covers for the fabric lounge chairs.
Fabric Lounge Chair,Modern Fabric Lounge Chair,Fabric Wooden Lounge Chairs,Fabric Round Lounge Chair DELO SOFA , https://www.mcmdeco.com
Currently used identity authentication technologies can be divided into three types: based on known, all, and personal biometric-based authentication. Authentication methods include password authentication, smart card authentication, and biometric authentication methods such as fingerprints and irises.
The identity authentication smart card mainly includes three parts: FPGA, PCI 9054 interface chip and FLASH memory, as well as peripheral devices such as power management, clock and configuration chip. The hardware structure of the PCI interface-based authentication smart card based on FPGA is shown in Figure 1.
The software structure of the identity authentication smart card mainly includes the top-level identity authentication system application, the PCI interface driver and the FPGA internal encryption algorithm module. Its structure is shown in Figure 2: