AnonAccess/en: Unterschied zwischen den Versionen

Aus LaborWiki
Wechseln zu: Navigation, Suche
(Die Seite wurde neu angelegt: „{{Grundkasten|param='''This page is still under construction'''}}<!-- keine Inhalte vor diesem Kommentar! (Kopf-Banner) --> right =...“)
 
 
(Eine dazwischenliegende Version desselben Benutzers wird nicht angezeigt)
Zeile 30: Zeile 30:


=== The Chipcard ===
=== The Chipcard ===
The chipcard is a pure memory device which is interfaced to via the I²C-bus.
The chipcard is a pure memory device which is interfaced via the I²C-bus.


The card contains a so-called AuthBlock, which contains all data necessary for authentication.
The card contains a so-called AuthBlock, which contains all data necessary for authentication.


{| {{Prettytable}}
{| {{Prettytable}}
|+ Authblock structure
|+ '''Authblock structure'''
! Name !! Length !! Description
! Name !! Length !! Description
|-
|-
Zeile 48: Zeile 49:
| HMAC || 32 Byte || HMAC over the test of the AuthBlock
| HMAC || 32 Byte || HMAC over the test of the AuthBlock
|}
|}


{| {{Prettytable}}
{| {{Prettytable}}
|+ Authblock creation
|+ '''Authblock creation'''
! Name !! Length !! Description
! Name !! Length !! Description
|-
|-
Zeile 63: Zeile 65:
| HMAC || 32 Byte || |hmac(key_absign, UID | Ticket | rKey | rID)
| HMAC || 32 Byte || |hmac(key_absign, UID | Ticket | rKey | rID)
|}
|}


== Inner Workings ==
== Inner Workings ==

Aktuelle Version vom 6. Mai 2009, 23:29 Uhr

This page is still under construction
AnonAccessLogo.png


Summary[Bearbeiten | Quelltext bearbeiten]

This page introduces the Labor's access system.

The access system replaces the conventional key-lock combination to open the door with an electronic magnetic stripe card based system.

Security and anonymity is one of our main focuses and shall be guaranteed by cryptographic mechanisms.


Components[Bearbeiten | Quelltext bearbeiten]

The composition of system components is roughly as follows:

  • Master Unit
    • Ticket Database
    • Flag-Modifying Database
    • QPort-tiny
    • Real-time clock
  • Panel
    • Card reader
    • User Input Devices
    • User Output Devices
    • QPort-tiny
  • Chipcard


The Chipcard[Bearbeiten | Quelltext bearbeiten]

The chipcard is a pure memory device which is interfaced via the I²C-bus.

The card contains a so-called AuthBlock, which contains all data necessary for authentication.


Authblock structure
Name Length Description
UID 2 Byte temporary user identifier which tells the memory location of the ticket in the internal database
Ticket 32 Byte encrypted timestamp
rKey 32 Byte random key to encrypt rID
rID 32 Byte encrypted identifier
HMAC 32 Byte HMAC over the test of the AuthBlock


Authblock creation
Name Length Description
UID 2 Byte random
Ticket 32 Byte enc(key_timestamp, 24Byte Random | 8Byte Timestamp)
rKey 32 Byte random
rID 32 Byte enc(key_rid, enc(rKey, hmac(key_nick, nickname)))
HMAC 32 Byte hmac(key_absign, UID | Ticket | rKey | rID)

Inner Workings[Bearbeiten | Quelltext bearbeiten]

to be done


Used Primitives[Bearbeiten | Quelltext bearbeiten]

The following are used as cryptographic primitives:

  • Hash: SHA256
  • HMAC: HMAC-SHA256
  • Blockcipher: Shabea256
  • Pseudo-Random-Number-Generator: Selfmade based on SHA256


Implementation[Bearbeiten | Quelltext bearbeiten]

SVN