GM/T 0096-2020 English PDF (GMT0096-2020)
GM/T 0096-2020 English PDF (GMT0096-2020)
Regular price
$440.00 USD
Regular price
Sale price
$440.00 USD
Unit price
/
per
Delivery: 3 seconds. Download true-PDF + Invoice.
Get QUOTATION in 1-minute: Click GM/T 0096-2020
Historical versions: GM/T 0096-2020
Preview True-PDF (Reload/Scroll if blank)
GM/T 0096-2020: Guide for RFID anti-counterfeiting cipher application
GM/T 0096-2020
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
CCS L 80
Guide for RFID Anti-counterfeiting Cipher Application
ISSUED ON: DECEMBER 28, 2020
IMPLEMENTED ON: JULY 1, 2021
Issued by: State Cryptography Administration
Table of Contents
Foreword ... 4
1 Scope ... 5
2 Normative References ... 5
3 Terms and Definitions ... 6
4 Abbreviations ... 7
5 Overview ... 8
6 Security Category ... 9
6.1 Security Level ... 9
6.2 Category-A System ... 9
6.3 Category-B System ... 10
7 Category-A System Planning and Implementation ... 10
7.1 System Planning ... 10
7.1.1 System architecture ... 10
7.1.2 Tag issuance system ... 11
7.1.3 Anti-counterfeiting authentication system ... 11
7.1.4 Information processing system ... 12
7.1.5 Key management system ... 12
7.2 Product Selection ... 12
7.2.1 RFID electronic tag ... 12
7.2.2 RF reader ... 14
7.2.3 Security gateway ... 15
7.2.4 Cryptographic machine ... 15
7.3 Implementation Suggestions ... 15
7.3.1 Information processing system ... 15
7.3.2 Middleware ... 15
7.3.3 Key management system ... 16
7.3.4 Requirements for transparent transmission channel - reader ... 16
7.4 Application Scheme ... 17
8 Category-B System Planning and Implementation ... 17
8.1 System Planning ... 17
8.1.1 System architecture ... 17
8.1.2 Tag issuance system ... 18
8.1.3 Anti-counterfeiting authentication system ... 18
8.1.4 Information processing system ... 19
8.1.5 Key management system ... 19
8.1.6 Certificate issuance and identity authentication system ... 19
8.2 Product Selection ... 20
8.2.1 RFID electronic tag ... 20
8.2.2 RF reader ... 21
8.2.3 Security gateway ... 23
8.2.4 Cryptographic machine ... 23
8.3 Implementation Suggestions ... 23
8.3.1 Information processing system ... 23
8.3.2 Middleware ... 23
8.3.3 CA and key management system ... 23
8.3.4 Requirements for transparent transmission channel - reader ... 25
8.4 Application Scheme ... 25
Appendix A (informative) Bidirectional Authentication Realization Mode ... 26
Appendix B (informative) Category-A RFID Anti-counterfeiting Cryptographic
Application Scheme ... 27
Appendix C (informative) Category-B RFID Anti-counterfeiting Cryptographic
Application Scheme ... 39
Guide for RFID Anti-counterfeiting Cipher Application
1 Scope
This Standard specifies the security category, system planning and implementation of
RFID anti-counterfeiting application.
This Standard is applicable to cryptographic security scheme design, cryptographic
product selection and system implementation in RFID anti-counterfeiting application.
2 Normative References
The content of the following documents constitutes indispensable clauses of this
document through normative references in the text. In terms of references with a
specified date, only versions with a specified date are applicable to this document. In
terms of references without a specified date, the latest version (including all the
modifications) is applicable to this document.
GB/T 28925 Information Technology - Radio Frequency Identification - Air Interface
Protocol at 2.45 GHz
GB/T 29768 Information Technology - Radio Frequency Identification - Air Interface
Protocol at 800/900 MHz
GB/T 32915 Information Security Technology - Binary Sequence Randomness
Detection Method
GB/T 37033.1-2018 Information Security Technology - Technical Requirements for
Cryptographic Application for Radio Frequency Identification Systems - Part 1:
Cryptographic Protection Framework and Security Levels
GB/T 37033.2-2018 Information Security Technology - Technical Requirements for
Cryptographic Application for Radio Frequency Identification Systems - Part 2:
Technical Requirements for Cryptographic Application for RF Tag, Reader and
Communication
GB/T 37033.3-2018 Information Security Technology - Technical Requirements for
Cryptographic Application for Radio Frequency Identification Systems - Part 3:
Technical Requirements for Key Management
GB/T 37092 Information Security Technology - Security Requirements for
Cryptographic Modules
GM/T 0008 Cryptography Test Criteria for Security IC
7.1.4 Information processing system
Information processing system is a processing system that includes multiple types of
information, such as: commodity production, storage, transportation and sales, etc.
7.1.5 Key management system
Key management system is responsible for the key management functions (such as:
generation, dispersion and storage of keys) in the entire system. It is the core of
security of the entire system. In order to ensure the security of the system, the key
management system is deployed in an independent key management center, which is
physically separated from other parts (including information processing system, anti-
counterfeiting authentication system and tag issuance system) of the commodity
traceability and anti-counterfeiting application system. The keys generated by the key
management system are distributed to other parts of the commodity traceability and
anti-counterfeiting application system through security measures, for example, key
card.
7.2 Product Selection
7.2.1 RFID electronic tag
7.2.1.1 Cryptographic security requirements
The RFID electronic tag used in Category-A system shall satisfy the following
cryptographic security requirements.
a) Comply with Type-I or Type-II test requirements specified in GM/T 0040-2015.
b) Identity authentication: it shall support the reader to conduct identity
authentication of the electronic tag. The mode, in which, the reader realizes
identity authentication of the electronic tag is shown in 8.3.2.2 in GB/T
37033.2-2018.
c) Access control: it shall support access control function and ensure that the
stored information is accessed under controlled permissions. The mode, in
which, the access control of the electronic tag is realized, is shown in 6.1.5 of
GB/T 37033.2-2018. The test of access control of electronic tags is shown in
6.5 of GM/T 0040-2015.
d) Cryptographic algorithm: the cryptographic algorithm approved by the national
cryptographic management department shall be adopted.
e) Cryptographic products approved by the national cryptographic management
department should be selected.
7.2.1.2 Optional cryptographic security requirements
7.2.2 RF reader
7.2.2.1 Cryptographic security requirements
The RF reader of cryptographic security functions used in Category-A system may
satisfy the following cryptographic security requirements.
a) The SAM chip used by the reader shall comply with the test requirements of
not lower than the second level specified in GM/T 0008.
b) Identity authentication: it shall support the identity authentication of the
electronic tag by the reader. The mode, in which, the identity authentication of
the electronic tag by the reader is realized, is shown in 8.3.2.2 of GB/T
37033.2-2018.
c) It shall support access control function. The mode, in which, reader access
control is realized, is shown in 6.2.5 of GB/T 37033.2-2018.
d) Cryptographic algorithm: the cryptographic algorithm approved by the national
cryptographic management department that is compatible with the
cryptographic algorithm in the electronic tag shall be adopted.
e) Cryptographic products approved by the national cryptographic management
Get QUOTATION in 1-minute: Click GM/T 0096-2020
Historical versions: GM/T 0096-2020
Preview True-PDF (Reload/Scroll if blank)
GM/T 0096-2020: Guide for RFID anti-counterfeiting cipher application
GM/T 0096-2020
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
CCS L 80
Guide for RFID Anti-counterfeiting Cipher Application
ISSUED ON: DECEMBER 28, 2020
IMPLEMENTED ON: JULY 1, 2021
Issued by: State Cryptography Administration
Table of Contents
Foreword ... 4
1 Scope ... 5
2 Normative References ... 5
3 Terms and Definitions ... 6
4 Abbreviations ... 7
5 Overview ... 8
6 Security Category ... 9
6.1 Security Level ... 9
6.2 Category-A System ... 9
6.3 Category-B System ... 10
7 Category-A System Planning and Implementation ... 10
7.1 System Planning ... 10
7.1.1 System architecture ... 10
7.1.2 Tag issuance system ... 11
7.1.3 Anti-counterfeiting authentication system ... 11
7.1.4 Information processing system ... 12
7.1.5 Key management system ... 12
7.2 Product Selection ... 12
7.2.1 RFID electronic tag ... 12
7.2.2 RF reader ... 14
7.2.3 Security gateway ... 15
7.2.4 Cryptographic machine ... 15
7.3 Implementation Suggestions ... 15
7.3.1 Information processing system ... 15
7.3.2 Middleware ... 15
7.3.3 Key management system ... 16
7.3.4 Requirements for transparent transmission channel - reader ... 16
7.4 Application Scheme ... 17
8 Category-B System Planning and Implementation ... 17
8.1 System Planning ... 17
8.1.1 System architecture ... 17
8.1.2 Tag issuance system ... 18
8.1.3 Anti-counterfeiting authentication system ... 18
8.1.4 Information processing system ... 19
8.1.5 Key management system ... 19
8.1.6 Certificate issuance and identity authentication system ... 19
8.2 Product Selection ... 20
8.2.1 RFID electronic tag ... 20
8.2.2 RF reader ... 21
8.2.3 Security gateway ... 23
8.2.4 Cryptographic machine ... 23
8.3 Implementation Suggestions ... 23
8.3.1 Information processing system ... 23
8.3.2 Middleware ... 23
8.3.3 CA and key management system ... 23
8.3.4 Requirements for transparent transmission channel - reader ... 25
8.4 Application Scheme ... 25
Appendix A (informative) Bidirectional Authentication Realization Mode ... 26
Appendix B (informative) Category-A RFID Anti-counterfeiting Cryptographic
Application Scheme ... 27
Appendix C (informative) Category-B RFID Anti-counterfeiting Cryptographic
Application Scheme ... 39
Guide for RFID Anti-counterfeiting Cipher Application
1 Scope
This Standard specifies the security category, system planning and implementation of
RFID anti-counterfeiting application.
This Standard is applicable to cryptographic security scheme design, cryptographic
product selection and system implementation in RFID anti-counterfeiting application.
2 Normative References
The content of the following documents constitutes indispensable clauses of this
document through normative references in the text. In terms of references with a
specified date, only versions with a specified date are applicable to this document. In
terms of references without a specified date, the latest version (including all the
modifications) is applicable to this document.
GB/T 28925 Information Technology - Radio Frequency Identification - Air Interface
Protocol at 2.45 GHz
GB/T 29768 Information Technology - Radio Frequency Identification - Air Interface
Protocol at 800/900 MHz
GB/T 32915 Information Security Technology - Binary Sequence Randomness
Detection Method
GB/T 37033.1-2018 Information Security Technology - Technical Requirements for
Cryptographic Application for Radio Frequency Identification Systems - Part 1:
Cryptographic Protection Framework and Security Levels
GB/T 37033.2-2018 Information Security Technology - Technical Requirements for
Cryptographic Application for Radio Frequency Identification Systems - Part 2:
Technical Requirements for Cryptographic Application for RF Tag, Reader and
Communication
GB/T 37033.3-2018 Information Security Technology - Technical Requirements for
Cryptographic Application for Radio Frequency Identification Systems - Part 3:
Technical Requirements for Key Management
GB/T 37092 Information Security Technology - Security Requirements for
Cryptographic Modules
GM/T 0008 Cryptography Test Criteria for Security IC
7.1.4 Information processing system
Information processing system is a processing system that includes multiple types of
information, such as: commodity production, storage, transportation and sales, etc.
7.1.5 Key management system
Key management system is responsible for the key management functions (such as:
generation, dispersion and storage of keys) in the entire system. It is the core of
security of the entire system. In order to ensure the security of the system, the key
management system is deployed in an independent key management center, which is
physically separated from other parts (including information processing system, anti-
counterfeiting authentication system and tag issuance system) of the commodity
traceability and anti-counterfeiting application system. The keys generated by the key
management system are distributed to other parts of the commodity traceability and
anti-counterfeiting application system through security measures, for example, key
card.
7.2 Product Selection
7.2.1 RFID electronic tag
7.2.1.1 Cryptographic security requirements
The RFID electronic tag used in Category-A system shall satisfy the following
cryptographic security requirements.
a) Comply with Type-I or Type-II test requirements specified in GM/T 0040-2015.
b) Identity authentication: it shall support the reader to conduct identity
authentication of the electronic tag. The mode, in which, the reader realizes
identity authentication of the electronic tag is shown in 8.3.2.2 in GB/T
37033.2-2018.
c) Access control: it shall support access control function and ensure that the
stored information is accessed under controlled permissions. The mode, in
which, the access control of the electronic tag is realized, is shown in 6.1.5 of
GB/T 37033.2-2018. The test of access control of electronic tags is shown in
6.5 of GM/T 0040-2015.
d) Cryptographic algorithm: the cryptographic algorithm approved by the national
cryptographic management department shall be adopted.
e) Cryptographic products approved by the national cryptographic management
department should be selected.
7.2.1.2 Optional cryptographic security requirements
7.2.2 RF reader
7.2.2.1 Cryptographic security requirements
The RF reader of cryptographic security functions used in Category-A system may
satisfy the following cryptographic security requirements.
a) The SAM chip used by the reader shall comply with the test requirements of
not lower than the second level specified in GM/T 0008.
b) Identity authentication: it shall support the identity authentication of the
electronic tag by the reader. The mode, in which, the identity authentication of
the electronic tag by the reader is realized, is shown in 8.3.2.2 of GB/T
37033.2-2018.
c) It shall support access control function. The mode, in which, reader access
control is realized, is shown in 6.2.5 of GB/T 37033.2-2018.
d) Cryptographic algorithm: the cryptographic algorithm approved by the national
cryptographic management department that is compatible with the
cryptographic algorithm in the electronic tag shall be adopted.
e) Cryptographic products approved by the national cryptographic management