CN119272260B

CN119272260B - Anti-copying RFID smart card initialization and dynamic encryption method and system

Info

Publication number: CN119272260B
Application number: CN202411803858.1A
Authority: CN
Inventors: 颜炳军; 崔涛
Original assignee: SHENZHEN CARDY INTELLIGENT TECHNOLOGY CO LTD
Current assignee: SHENZHEN CARDY INTELLIGENT TECHNOLOGY CO LTD
Priority date: 2024-12-10
Filing date: 2024-12-10
Publication date: 2025-03-04
Anticipated expiration: 2044-12-10
Also published as: CN120217342A; CN119272260A

Abstract

The invention relates to the technical field of RFID smart cards, solves the problem that the prior art cannot reduce the deployment cost and effectively avoids the condition of batch copying after a secret key is broken, and provides an anti-copying RFID smart card initialization and dynamic encryption method and system. The method comprises the steps of comparing a real-time encryption factor with an initial encryption factor, obtaining a unique identifier if the real-time encryption factor and the initial encryption factor are the same, processing the real-time encryption factor and the unique identifier according to a first encryption function to obtain a first key and a first sector address, processing the first sector address and the unique identifier according to a second encryption function to determine a target encryption factor, writing the target encryption factor into a sector, processing the target encryption factor and the unique identifier according to the first encryption function to determine a second key and a second sector address, and writing card number data into the sector where the second sector address is located. The invention can effectively avoid the condition of batch copying after the key is broken.

Description

Anti-copying RFID smart card initialization and dynamic encryption method and system

Technical Field

The invention relates to the technical field of RFID smart cards, in particular to an anti-copying RFID smart card initialization and dynamic encryption method and system.

Background

At present, the RFID smart card based on Mifare 1K has been widely used in various application scenarios such as access control systems, public transportation payment systems, campus cards, etc. because of its low cost and basic security, the storage space of the Mifare 1K card is divided into 16 sectors, each sector has 4 blocks, each block has a length of 16 bytes, wherein the last block of each sector is used to store the key of the sector, and the read/write permission of the sector is controlled by the key, and the conventional application form is to allocate a certain or more sectors to a specific application, for example, the access control system uses the sector No.2 to store the application data of the system, and secure the secure access of the data by setting a specific key.

However, as the encryption algorithm of Mifare 1K is cracked, the secret key applied by an access control system and the like can be easily obtained by an attacker through a simple and cheap tool, so that the security of the system is greatly reduced, the attacker can copy the RFID smart card and perform illegal card swiping operation, thereby obtaining improper access rights and causing potential safety hazards. This problem makes Mifare 1K cards a great risk in some application scenarios where security requirements are high, especially when the card key is broken, the security of the whole system is almost completely broken.

In order to improve the security of the RFID smart card, the existing solutions are mainly implemented by upgrading to chips with higher security levels, such as CPU cards, however, although the chips with higher security levels can effectively resist cracking and copying attacks, the cost is high, so that the deployment and maintenance cost of the whole application system is greatly increased, which makes many application scenarios, such as access control systems, parking lot management, and the like, face the trade-off problem between cost and security.

The prior China patent CN106529651A discloses a radio frequency card adopting a double encryption algorithm, wherein the radio frequency card adopts a double encryption mode, a first re-encryption mode is to encrypt a card ID number by adopting an encryption key 1, obtain a card read-write password, wherein the password is 32 bits, the 32-bit password is written into a storage block7, and a second re-encryption mode is to adopt an encryption key 2 different from the first re-encryption key, obtain a data password by adopting the encryption algorithm 2, encrypt user data into exchange data by adopting the data password and then write the exchange data into the card data storage blocks 1-6. The above patent discloses that although the read-write password is obtained by encrypting the ID number of the radio frequency card, and the password of each card is generated based on the unique ID number, the password of each card is different, but the encryption of the card ID number is static in nature, that is, once the ID number is cracked or revealed, an attacker can deduce the corresponding password according to the ID of the card, and if the attacker obtains the ID number of a certain card and the related information of the encryption algorithm 1, such as the key 1 and the encryption algorithm, the same algorithm can be used for cracking, thereby avoiding the resetting of the password or the additional encryption step during batch copying.

Therefore, how to effectively avoid the situation of batch copying after the key is broken while reducing the deployment cost is a problem to be solved.

Disclosure of Invention

In view of the above, the invention provides an anti-copy RFID smart card initialization and dynamic encryption method and system, which are used for solving the problem that the prior art cannot effectively avoid the situation of batch copying after the key is broken while reducing the deployment cost.

The technical scheme adopted by the invention is as follows:

In a first aspect, the present invention provides an anti-duplication method for initializing an RFID smart card, where the RFID smart card includes a plurality of sectors, where each sector is used to access encryption factors or card number data, each sector includes a key block, where the key block is used to access a key for accessing the sector, the encryption factors are character strings generated by encryption, and are used to calculate a sector address where the card number data is accessed, and the method includes:

acquiring a preset initial encryption factor;

Writing the initial encryption factor into a preset sector, and acquiring a unique identifier of the RFID smart card;

and according to a first encryption function, carrying out encryption processing on the unique identifier and the initial encryption factor in the preset sector, and determining an initial sector address and an initial key for storing card number data.

Preferably, the encrypting the unique identifier and the initial encryption factor in the preset sector according to the first encryption function, and determining the initial sector address and the initial key for storing the card number data includes:

Performing exclusive OR operation on the unique identifier and the initial encryption factor to determine a first character string;

Performing exclusive OR operation on the characters at the first preset position in the unique identifier and the characters at the second preset position in the initial encryption factor to determine a second character string;

combining the first character string and the second character string to determine the initial key;

Performing exclusive OR operation on the character at the third preset position in the unique identifier and the character at the third preset position in the initial encryption factor to determine a third character string;

and determining the initial sector address according to the third character string.

In a second aspect, the present invention provides a method for dynamically encrypting an anti-duplication RFID smart card, where the RFID smart card is initialized by using the method for initializing an RFID smart card as described above, and the method for dynamically encrypting the RFID smart card includes:

Reading a real-time encryption factor in the preset sector, and comparing the real-time encryption factor with the initial encryption factor;

if the initial encryption factor is the same as the real-time encryption factor, the card is swiped for the first time, and a unique identifier of the RFID smart card is obtained;

encrypting the real-time encryption factor and the unique identifier according to the first encryption function to obtain a first key and a first sector address of card number data access;

reading card number data according to the first secret key and the first sector address;

when the card number data is successfully read, carrying out encryption processing on the first sector address and the unique identifier according to a second encryption function, and determining a new target encryption factor;

Writing a target encryption factor into a sector where the real-time encryption factor is located, carrying out encryption processing on the target encryption factor and the unique identifier according to the first encryption function, and determining a second key and a second sector address where card number data are stored;

And deleting the card number data of the first sector address, and writing the card number data into a new sector corresponding to the second sector address according to the second sector address.

Preferably, after the reading of the real-time encryption factor, the comparing of the real-time encryption factor with the initial encryption factor further includes:

if the initial encryption factor is different from the real-time encryption factor, comparing the real-time encryption factor with the historical encryption factor, and comparing the unique identifier of the current RFID smart card with the historical identifier;

When the real-time encryption factor is the same as the historical encryption factor and the unique identifier is the same as the historical identifier, according to a first encryption function, encrypting the real-time encryption factor and the unique identifier to obtain a first key and a first sector address where card number data are stored;

replacing the original historical encryption factor with the target encryption factor, and carrying out encryption processing on the target encryption factor and the unique identifier according to the first encryption function to determine a second key and a second sector address where the card number data are stored;

Preferably, when the card number data is successfully read, the encrypting the first sector address and the unique identifier according to a second encrypting function, and determining the new target encrypting factor includes:

Multiplying the first sector address and the unique identifier to determine a fourth character string;

and extracting the character at a fourth preset position in the fourth character string, and taking the extraction result as the target encryption factor.

Preferably, after the RFID smart card is completely duplicated, it includes:

Reading copy data on a copy card, wherein the copy data includes a first copy encryption factor and a copy identifier;

Comparing the copied data with the historical data in the card reader, and if the copied data is consistent with the historical data, verifying the first swipe of the copied card, wherein the historical data comprises the target encryption factor and the unique identifier;

encrypting the first copy encryption factor and the copy identifier according to a first encryption function, and determining a copy key and a copy sector address of card number data access;

Reading the card number data according to the copy key and the copy sector address;

when the card number data is successfully read, carrying out encryption processing on the copy identifier and the copy sector address according to a second encryption function, determining a second copy encryption factor, and replacing the target encryption factor with the second copy encryption factor;

And when the legal original RFID smart card swipes the card, comparing the target encryption factor with the second copy encryption factor to determine that the original RFID smart card is an illegal card.

Preferably, after the replacing the original historical encryption factor with the target encryption factor and performing encryption processing on the target encryption factor and the unique identifier according to the first encryption function, determining the second key and the second sector address where the card number data is stored further includes:

acquiring target reading frequencies of the sectors corresponding to the second sector address according to the second sector address, and acquiring the reading frequencies corresponding to the remaining sectors and a preset frequency threshold value;

Calculating the average value of the reading frequencies of all the sectors according to the target reading frequency and the reading frequency corresponding to each remaining sector;

If the target reading frequency is smaller than the average value and the target reading frequency is smaller than the frequency threshold, deleting the card number data of the first sector address, and writing the card number data into a new sector corresponding to the second sector address according to the second sector address;

If the target reading frequency is greater than or equal to the average value and/or the target reading frequency is greater than or equal to the frequency threshold, updating the second sector address through a hash function and a pseudo-random algorithm to determine a third sector address where card number data are stored;

And deleting the card number data of the first sector address, and writing the card number data into a new sector corresponding to the third sector address according to the third sector address.

Preferably, if the target reading frequency is greater than or equal to the average value or the target reading frequency is greater than or equal to the frequency threshold, updating the second sector address through a hash function and a pseudo-random algorithm, and determining a third sector address where the card number data is stored includes:

combining the unique identifier and the target encryption factor to determine a target character string;

Processing the target character string through a hash function to determine a hash value;

Performing standardized processing on the hash value, and converting the hash value into a hash integer value;

mapping the hash integer value into a sector address interval according to the hash integer value and a preset sector address interval, and determining a target sector address;

and determining the third sector address according to the hash integer value, the first sector address, the sector address interval and the target sector address and combining the pseudo-random number generation algorithm.

Preferably, said determining said third sector address according to said hash integer value, said first sector address, said sector address interval, and said target sector address in conjunction with said pseudo-random number generation algorithm comprises:

initializing a preset pseudo-random number generator according to the hash integer value;

inputting the first sector address into a pseudo-random number generator after initialization processing for processing, and determining a pseudo-random number;

Performing modular processing on the pseudo random number according to the sector address interval to determine an offset, wherein the offset is in the sector address interval;

And carrying out addition calculation and modulo processing on the offset and the target sector address to determine the third sector address.

In a third aspect, the embodiment of the invention further provides an anti-duplication RFID smart card initializing and dynamic encrypting system, the dynamic encrypting system comprises an RFID smart card and a card reader, the RFID smart card is initialized by the RFID smart card initializing method, and the card reader dynamically encrypts the RFID smart card by the RFID smart card dynamic encrypting method.

In summary, the beneficial effects of the invention are as follows:

The invention provides an anti-copying RFID smart card initialization and dynamic encryption method and system, wherein the method comprises the steps of reading a real-time encryption factor in a preset sector, comparing the real-time encryption factor with the initial encryption factor, if the initial encryption factor is the same as the real-time encryption factor, swiping the card for the first time to obtain a unique identifier of the RFID smart card, conducting encryption processing on the real-time encryption factor and the unique identifier according to a first encryption function to obtain a first secret key and a first sector address for card number data access, reading card number data according to the first secret key and the first sector address, conducting encryption processing on the first sector address and the unique identifier according to a second encryption function when the card number data is successfully read, determining a new target encryption factor, writing the target encryption factor into the sector where the real-time encryption factor is located, conducting encryption processing on the target encryption factor and the unique identifier according to the first encryption function to determine a second secret key and a second sector address for card number data access, and writing the second sector address corresponding to the second sector address for the second sector data. On one hand, the invention effectively solves the problem of batch copying after the encryption factors and dynamic access addresses are introduced into the mechanism that the encryption factors of the RFID intelligent card are broken, in the scheme, the encryption factors of each card can change when a card is swiped each time, so that the sector addresses and the encryption keys accessed by the card numbers change, even if the card is swiped successfully by the UID and the encryption keys of the copy legal card, the next card swiping is carried out, the sector addresses accessed by the card numbers are not matched any more due to the change of the encryption factors, so that the copy card cannot access legal data stored in a new position, thereby invalidating the legal data.

Drawings

In order to more clearly illustrate the technical solution of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described, and it is within the scope of the present invention to obtain other drawings according to these drawings without inventive effort for a person skilled in the art.

FIG. 1 is a schematic flow chart of the whole operation of the anti-duplication RFID smart card initialization method in embodiment 1 of the present invention;

FIG. 2 is a flow chart of determining an initial sector address and an initial key for storing card number data in embodiment 1 of the present invention;

FIG. 3 is a schematic diagram of the overall operation of the legal card in embodiment 2 of the present invention when the legal card swipes for the first time;

FIG. 4 is a schematic diagram of the overall operation of the embodiment 2 of the present invention when a legal card is swiped later;

FIG. 5 is a flowchart illustrating the determination of a new target encryption factor according to embodiment 2 of the present invention;

FIG. 6 is a schematic diagram of the overall operation of the copying card swiping in embodiment 2 of the present invention;

FIG. 7 is a flow chart of determining sector addresses for card number data access according to the reading frequency of each sector in embodiment 2 of the present invention;

FIG. 8 is a flow chart of determining a third sector address where card number data is stored by updating the second sector address through a hash function and a pseudo-random algorithm in embodiment 2 of the present invention;

FIG. 9 is a flowchart of determining the third sector address according to the hash integer value, the first sector address, the sector address interval, and the target sector address in combination with the pseudo-random number generation algorithm in embodiment 2 of the present invention;

fig. 10 is a schematic structural diagram of an anti-duplication RFID smart card initialization and dynamic encryption system in embodiment 3 of the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. In the description of the present application, it should be understood that the terms "center," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," and the like indicate orientations or positional relationships based on the orientation or positional relationships shown in the drawings, merely to facilitate describing the present application and simplify the description, and do not indicate or imply that the devices or elements referred to must have a specific orientation, be configured and operated in a specific orientation, and thus should not be construed as limiting the present application. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising" does not exclude the presence of additional identical elements in a process, method, article, or apparatus that comprises the element. If not conflicting, the embodiments of the present application and the features of the embodiments may be combined with each other, which are all within the protection scope of the present application.

Example 1

Referring to fig. 1, embodiment 1 of the present invention discloses an initialization method of an anti-duplication RFID smart card, where the RFID smart card includes a plurality of sectors, each of the sectors is used for accessing encryption factors or card number data, each of the sectors includes a key block, the key block is used for accessing a key of the sector, the encryption factors are character strings generated by encryption and are used for calculating a sector address for accessing the card number data, and specifically, the RFID smart card includes a plurality of sectors, where the key block is a last block of each sector and is used for storing key information required for accessing the current sector, each key block can store two sets of keys, i.e., keyA and KeyB, and a length of each set of keys is 6 bytes, so as to ensure that data access to a specific sector is controlled. The encryption factor is a random character string generated by an encryption algorithm, the character string length can be selected from 1 to 16 bytes according to the requirement, the main function of the encryption factor is to dynamically calculate the access sector address of the card number data according to the algorithm, so that the access position of the card number data is continuously changed, the access safety is ensured, the partial sector is used for storing the card number data, the sector accessed by the card number data and the sector accessed by the encryption factor can be the same or different, and the card number data is fixed content and is used for authentication control process in an access control system or other applications. The sector key where the card number data is located is encrypted in a card-to-card-secret mode, namely, a unique encryption key is used for each sector where the card number data is located, and safety is ensured. According to the design requirement, when the card is swiped each time, the encryption factor can be regenerated and stored in the sector, and meanwhile, the new card number data access sector address is calculated through an algorithm, so that the dynamic change of the card number access position is ensured, and the data is effectively prevented from being easily cracked and copied.

The method comprises the following steps:

acquiring a preset initial encryption factor;

Specifically, in the initialization stage of the RFID smart card, to ensure the consistency and security of the encryption process of the card, a default initial encryption factor is preset, where the initial encryption factor is a string of fixed characters, for example, 16F, used as an initial encryption base, and the encryption factor corresponds to a default security mark, and provides a basic encryption value for encryption calculation when the card is first activated, and ensures the consistency of the initial encryption environment and an encryption starting point convenient to operate.

Specifically, before writing an initial encryption factor, a sector address, for example, the 1 st block of the 0 st sector is designated as an encryption factor access area, and the initial encryption factor is written into the sector, and the encryption factor access position is fixed in each card, ensuring that the factor can be located and accessed quickly in any read-write device. Meanwhile, the unique identifier of the RFID smart card is obtained and is a hardware-level unique serial number, and the unique identifier is combined with an initial encryption factor in the encryption process of the RFID smart card, so that the anti-copying property and the security of the card are enhanced.

Specifically, a first encryption function is called to combine the UID of the card and an initial encryption factor in a preset sector, and the design of the first encryption function supports multiple encryption algorithms, such as DES or AES, to generate a dedicated initial key and an initial sector address for card number data access. The first encryption function takes the UID and the initial encryption factor as input parameters, performs encryption operations such as exclusive OR operation and hash generation to generate 6 bytes of initial data for protecting the read-write authority of the card number data, and calculates the storage sector address of the card number data according to the UID and the encryption factor. The method improves the anti-cracking capability of each RFID smart card.

In an embodiment, referring to fig. 2, the encrypting the unique identifier and the initial encryption factor in the preset sector according to the first encryption function, determining the initial sector address and the initial key of the card number data storage includes:

specifically, in the first step of the encryption process, in order to generate intermediate data for card encryption, an exclusive or operation is performed on the unique identifier UID of the RFID smart card and the initial encryption factor, and this operation performs bit-by-bit comparison and conversion on each bit of the unique identifier UID and the encryption factor to output a new character string, i.e., a first character string S1, as a basis for subsequent key calculation, for example, assuming that UID is 0x1A2B3C4D and the initial encryption factor is 0x1F2F3F4F, 0x1A2B3C4D and 0x1F2F3F4F perform an exclusive or operation, i.e., s1= 0x1A2B3C4D xor 0x1F2F3F4F =0x 05040302, resulting in a calculation result, i.e., a first character string 0x05040302.

Specifically, in order to further improve the security of the key generation, the exclusive-or operation is performed on the character extracted from the first preset position in the unique identifier and the character extracted from the second preset position in the initial encryption factor, so as to generate a second character string S2. For example, the first two characters 0x1A2B are extracted from UID, that is, 0x1A2B3C4D, the last two bytes 0x3F4F are extracted from the initial encryption factor, that is, 0x1F2F3F4F, and an exclusive-or operation is performed, that is, s2= 0x1A2B xor 0x3F4F =0x2564, and the result 0x2564 obtained by this exclusive-or operation is used as the second character string.

Specifically, the first character string S1 and the second character string S2 are combined in sequence to generate an initial key S3, for example, the first character string is placed in front, the second character string is placed behind to form an initial key S3 with the length of 0x050403022564 and the length of 6 bytes, the key requirement of the Mifare 1K card is met, the combined initial key S3 is used for encrypting and controlling the read-write access authority of a sector, and the unpredictability of the initial key S3 is greatly enhanced the security of the card because the initial key S3 is related to the UID and the initial encryption factor of the RFID smart card, so that unauthorized access is effectively prevented.

Specifically, the characters at the third preset position are extracted from the UID and the initial encryption factor respectively for exclusive-or operation, so as to generate a third character string SecAdr, which is used for determining the specific sector address of the access card number data. For example, assuming that the first byte of the UID is 0x1A and the first byte of the encryption factor is 0x1F, the exclusive-or operation is performed to obtain a third string 0x05. By this operation, the generated third character string SecAdr is used as the basis of the sector address of the subsequent card number data access, and the dynamic change and the uniqueness of the sector address of the card number data access are ensured.

Specifically, the specific position of the initial sector address is determined according to the last 1 bit of the third character string, if the last 1 bit of SecAdr is 0, the initial sector address is set to 15, so that the special state of the 0 address is avoided, for example, the current SecAdr calculation result is 0x05, the card number data is stored in the 5 th sector, and thus the fixed storage of the card number data is effectively prevented by dynamically distributing the sector address, and the safety and the anti-cracking capability of the card are further improved.

Example 2

Referring to fig. 3, embodiment 2 of the present invention discloses a method for dynamically encrypting an anti-copy RFID smart card, wherein the initialization method of the RFID smart card according to embodiment 1 is used for initializing the RFID smart card, and the method for dynamically encrypting the RFID smart card comprises:

Specifically, when the RFID smart card enters the radio frequency signal range of the card reader, the card reader reads the real-time encryption factor data stored in the preset sector of the RFID card, for example, the 0 sector 1 block, the encryption factor is usually a character string of 16 bytes, the real-time encryption factor is compared with the initial encryption factor, if the read real-time encryption factor value is a preset initial default value, for example, 0xFFFFFFFFFFFFFFFF, the current RFID smart card is judged to be the first card swiping, and if the read real-time encryption factor value is not the preset initial default value, the current RFID smart card is judged to be used.

Specifically, if the initial encryption factor is the same as the real-time encryption factor, the unique identifier UID of the card is obtained from the RFID smart card for the first time, where the UID is unique data of each RFID smart card, and is typically a unique serial number of 4 bytes or 7 bytes. The UID is used as an input parameter together with a real-time encryption factor in encryption calculation to generate a secret key specific to the card and a sector address for card number data access, so that the card number data storage address and the secret key of each card are unique.

Specifically, a real-time encryption factor and a UID are taken as inputs, and a first encryption function is used for carrying out encryption processing on the real-time encryption factor and the unique identifier to generate a first key and a first sector address of card number data access. By this encryption process, a unique 6 byte first key is derived for encrypting the access rights of the card and determining a first sector address for the card number data access. The calculation ensures that the key and the card number data access positions of each card are different, thereby effectively avoiding the safety risk of repeated use.

Specifically, after the first key and the first sector address are obtained, the first key is used for accessing the card number data in the sector corresponding to the first sector address, the first key controls the data access authority of the sector, and the first sector address controls the address for reading the card number data, so that the card number data can be successfully read only when the key and the sector address are correct.

Specifically, according to the first key and the first sector address, after the card number data is successfully read, in order to further improve the data security, according to a second encryption function, the first sector address and the UID are processed to generate a new target encryption factor. The operation ensures that the encryption factors are changed after each card swiping, so that the card presents a new data access rule when being used next time, and the dynamic updating mechanism can effectively prevent security holes caused by fixed encryption factors and enhance the flexibility of card access control.

Specifically, after generating a new target encryption factor, writing the new target encryption factor back to a preset sector position, such as a 0 sector 1 block, replacing the original real-time encryption factor, then, using the first encryption function again, and taking the updated target encryption factor and UID as inputs to calculate a new storage position of the second key and the card number data, namely a second sector address. This operation ensures that the sector address and encryption key of each swipe are different, thereby further improving the anti-counterfeit and security performance of the card.

Specifically, after updating the key and the sector address, the card number data originally stored in the first sector address is deleted to avoid the security risk caused by repeated storage, and then the card number data is rewritten into the corresponding sector of the second sector address. Through the operation, the dynamic migration of the data is realized, the repeated access to the same sector is effectively prevented, and meanwhile, the storage positions of the card number data are ensured to be different when the card is swiped each time, so that the data safety and the use flexibility of the card are further enhanced.

In an embodiment, the deleting the card number data of the first sector address, and writing the card number data into the new sector corresponding to the second sector address according to the second sector address further includes:

Deleting the card number data of the first sector address, carrying out standardized processing on the card number data to be written, and determining standard card number data;

Specifically, a low-level storage interface, such as a direct sector access command, is used to locate a first sector address, and a data erasure operation is performed, wherein the erasure mode comprises an overlay mode of overlaying data of the first sector with all zeros (0 x 00) or all ones (0 xFF), a marking mode of marking the first sector as invalid to prevent the data from being recovered, and a verification of whether the first sector is empty after erasure is completed. Assuming that the card number data is originally stored in the first sector of the address 0x0010, after the erasing operation is performed, the original data cannot be read, and the sensitive data is cleared, so that the data leakage caused by misuse or attack is prevented. The card number data to be written is collected and format checked (e.g., length, character set). A normalization operation is performed on the data to ensure that the data conforms to a uniform format, for example, if the card number is less than 16 bits long, zero padding, or converting all data to a capital letter or a specified encoding format,

After the standardized card number data is determined, the verification information is recorded for subsequent verification, for example, the original card number data 1234-5678-90 is standardized to 1234567890000000, and MD5 verification values are recorded, so that the unified format of different data sources is ensured, writing failure is avoided, and meanwhile, data errors or omission caused by non-standard formats is reduced.

Splitting the standard card number data by using a splitting function to determine a plurality of parts of card number data;

Specifically, the standardized card number data is divided into a number of fixed-size parts, typically based on the size of the memory sector, such as 512 bytes, in a manner including string splitting by number of characters, binary splitting by number of bytes directly into blocks, generating independent metadata, such as an index number or an identifier, for each part of the card number data, e.g., standardized card number data 1234567890000000, into two parts, 12345678 (first part) and 90000000 (second part). On one hand, the segmented data is easier to store in a scattered way, which is beneficial to data security, and on the other hand, part of the data can be stored in different areas, so that the risk of data loss is reduced.

Determining a plurality of preset associated sector addresses corresponding to the second sector address according to the second sector address;

Specifically, the associated sector address is derived based on the second sector address using a preset mapping table, for example, by simple incremental or hash calculation, wherein the second sector address is 0x0020, the associated sector addresses are 0x0030 and 0x0040, and meanwhile, the mapping relation table is periodically and dynamically updated to ensure that the subsequent data can be accurately positioned, for example, the second sector address 0x0020 determines the associated addresses to be 0x0030 and 0x0040 through the mapping relation table.

And writing each part of card number data into each associated sector address according to the mapping relation between the preset card number data and the sector address.

The method comprises the steps of traversing each part of card number data, executing data writing operation according to the corresponding associated sector address, checking whether the associated sector is idle, if not, firstly erasing old data, writing each part of data into the corresponding sector in sequence, and generating index information to mark the storage position of each part of data after the data writing is completed. For example, the first portion of data 12345678 is written to address 0x0030 and the second portion of data 90000000 is written to address 0x0040. Through the scattered storage mode, the risk of single point failure can be reduced, and meanwhile, the layout of the associated sector can be dynamically adjusted to adapt to different storage requirements.

In one embodiment, referring to fig. 4, after the reading the real-time encryption factor, comparing the real-time encryption factor with the initial encryption factor further includes:

Specifically, after the initial encryption factor and the real-time encryption factor are read and compared, if the two are different, the current RFID smart card is not used for first card swiping, the current read real-time encryption factor is further compared with the historical encryption factor stored in the read head EEPROM of the card reader, whether the current encryption factor is the same as the last used historical encryption factor is judged, and in addition, the current unique identifier of the RFID card is compared with the historical identifier recorded in the EEPROM to confirm the identity of the RFID smart card, so that the validity of the card is verified, and the security risk caused by fake card or data tampering is avoided.

specifically, if the real-time encryption factor is consistent with the historical encryption factor and the unique identifier is consistent with the historical identifier, the RFID smart card is confirmed to be a card which is not swiped for the first time. Next, using a first encryption function, a first key of the card and a deposit address of card number data, i.e., a first sector address, are generated with the real-time encryption factor and the unique identifier as input parameters. The first key is used to unlock the card data to ensure access security of the card information, and the first sector address indicates the card number data storage location of the card.

specifically, after the first key and the first sector address are obtained, the first key is used for accessing the corresponding address of the first sector address to read the card number data stored in the first sector address, the first key controls the access authority of the first sector, so that the data can be successfully read only under the condition that the key verification is passed, and the identity authentication information of the card can be correctly accessed for subsequent encryption updating operation.

Specifically, when the card number data is successfully read, the current RFID smart card is verified to pass, encryption operation is performed on the first sector address and the unique identifier according to a second encryption function, and a new target encryption factor is generated, and the new target encryption factor aims to replace the existing historical encryption factor and the existing real-time encryption factor so as to ensure that the encryption factor and the card number data access address after each card swiping are different. The generation of the new target encryption factor can further improve the safety of card information, prevent potential safety hazards caused by repeated use of the fixed factor, and strengthen the dynamics and flexibility of the card swiping process.

In an embodiment, referring to fig. 5, when the card number data is successfully read, the encrypting the first sector address and the unique identifier according to the second encryption function, and determining the new target encryption factor includes:

Specifically, when the card number data is successfully read, that is, the verification of the current RFID smart card is passed, the unique identifier of the current RFID smart card is multiplied by the obtained first sector address, a new target encryption factor is determined according to the calculation result, and a temporary character string, that is, a fourth character string, for example, a fourth character string kn=0x1a2b3c4d, 0x05=0x68d82 is generated by the result of the multiplication of the unique identifier and the obtained first sector address. By combining the unique identifier of the RFID smart card and the first sector address of the card number data access, the new target encryption factor and the sector address of the card number data access are ensured to be unique, so that the data security is improved and the encryption factor is prevented from being reused.

Specifically, the character at the fourth preset position is extracted from the calculated fourth character string and is used as a new target encryption factor, for example, the last 4 bytes of the fourth character string are extracted as the target encryption factor, which ensures that the generated target encryption factor is within a certain length and has higher uniqueness. By extracting the character at the specified fourth preset position, an encryption factor with sufficient complexity can be obtained for replacing the old factor. The new target encryption factor can be stored in a specific sector and used in the next verification, so that the security and the dynamic property of card information protection are further improved.

specifically, after a new target encryption factor is determined, the historical encryption factor stored in the EEPROM of the reader head is replaced by the target encryption factor, the new target encryption factor and the unique identifier are processed through a first encryption function, and a new second key and a second sector address where card number data are stored are generated. The second secret key is used for accessing the new card number data storage address, so that the safety of card data is enhanced, the safety risk generated by copying the card for swiping the card can be effectively avoided by using the dynamic target encryption factor, and meanwhile, the storage position of the card number data can be dynamically adjusted by the generated second sector address, so that the protection capability of the card is further improved.

Specifically, first, card number data is deleted from the sector corresponding to the old first sector address to prevent the card data from being read repeatedly or from having a problem of data leakage, and then, the card number data is written to a position designated by the second sector address. The operation changes the storage position of the card number data after each card swiping, increases the data security, and further improves the effects of protecting and verifying the card data by matching with a dynamic updating mechanism of the secret key.

In one embodiment, referring to fig. 6, after the RFID smart card is completely duplicated, it includes:

Specifically, when the duplicate card enters the radio frequency signal range of the card reader, the card reader reads the duplicate data on the duplicate card, especially the sensitive information related to encryption, including the first duplicate encryption factor and the duplicate identifier of the duplicate card, and the duplicate data is used for verifying whether the card is a legal card in the subsequent steps.

Specifically, the first copy encryption factor and the copy identifier of the read copy card are compared with the historical data stored in the EEPROM of the reader head of the card reader, and the step is mainly used for detecting whether the card data are consistent with legal information recorded before.

Specifically, according to a first encryption function, a first copy encryption factor and a copy identifier of a copy card are encrypted to generate a copy key and a copy sector address, and as the first copy encryption factor and the copy identifier are consistent with historical data stored in a read head EEPROM of a card reader, the calculated copy key is consistent with a second key, and the copy sector address of card number data access is consistent with a second sector address of card number data storage.

Specifically, when the card number data of the copy card is successfully read, the copy identifier and the copy sector address are subjected to encryption operation according to a second encryption function, a second copy encryption factor is generated, and the new second encryption factor is used for replacing the target encryption factor and is stored in the EEPROM of the reader head through replacement operation. The design purpose of this step is to update the unique second duplicate encryption factor to a new verification signature after the duplicate card has been first swiped.

After the first swipe of the duplicate card, the reader has stored the newly generated second duplicate encryption factor in its EEPROM as an identification flag, but the encryption factor inside the duplicate card itself remains the original first duplicate encryption factor because it cannot be dynamically changed. This means that when the duplicate card swipes the card again, the encryption factor on the duplicate card read by the card reader, i.e. the first duplicate encryption factor, does not match the second duplicate encryption factor stored in the EEPROM, although the duplicate card is identical to the UID of the original RFID smart card, resulting in a verification failure. The mechanism ensures that the copy card can only pass through for the first time and cannot repeatedly pass through, thereby effectively avoiding the situation of batch copy of cards after the secret key is cracked.

Specifically, when a legal original RFID smart card is swiped, the target encryption factor of the original RFID smart card is read and compared with the second copy encryption factor, and the target encryption factor is replaced by the second copy encryption factor when the copy card is swiped for the first time, so that the original RFID smart card is not matched any more when swiped, the mismatch is identified as illegal card behavior, and warning information is recorded in the background or a prompt is sent to the original card holder. In this way, it is possible to prevent normal access to the original card and alert the original card holder after detecting the activity of the duplicate card, improving security and preventing further unauthorized access.

In an embodiment, referring to fig. 7, after the replacing the original historical encryption factor with the target encryption factor and performing encryption processing on the target encryption factor and the unique identifier according to the first encryption function, determining the second key and the second sector address where the card number data is stored further includes:

Specifically, the target reading frequency of the sector corresponding to the second sector address, that is, the number of times that the sector is accessed by the card reader and the reading frequency of the remaining sectors are compared, and these frequency data are compared with preset frequency thresholds, where the preset frequency thresholds are limit values set by a security management, different values can be set according to different actual security management needs, and the preset frequency thresholds are used for judging whether the access frequency of a certain sector exceeds the security range, for example, the reading frequency of the second sector is obtained for 5 times, the reading frequency of other sectors is respectively 2,4 and 6 times, and the frequency threshold is set to 10 times. By acquiring and comparing the reading frequency information and the threshold value, the access position of the card number data is dynamically adjusted, so that risk exposure and RFID smart card damage caused by frequent access to a certain sector are avoided, and the safety and balanced reading distribution of the data are ensured.

Specifically, according to the reading frequency of all the sectors, including the target sector and the remaining sectors, an average value of the reading frequency is calculated and used as a reference for whether to migrate data, for example, if the reading frequency of each sector is 2, 4,5 and 6 times respectively, the average value is 2+4+5+6/4=4.25 times, and the calculation of the average reading frequency helps to judge the access distribution condition of the card number data in each sector, prevent the access of a specific sector from being too concentrated, ensure the balanced distribution of the card data among a plurality of sectors, and improve the security and the anti-attack capability.

Specifically, comparing the target reading frequency, the average value and the frequency threshold value, if the target reading frequency is smaller than the average value and the target reading frequency is smaller than the frequency threshold value, considering that the data access frequency of the new sector corresponding to the second sector address is safe, deleting the card number data of the sector corresponding to the first sector address and migrating the card number data to the new sector corresponding to the second sector address, and storing the data into the sector with lower reading frequency to disperse risks. For example, the target read frequency is 3 times, 4.25 times below the average value and 10 times below the frequency threshold, then the card number data of the first sector will be deleted and written to the second sector.

And the service life of the card is prolonged by balancing the reading frequency of each sector.

Specifically, if the target reading frequency is greater than or equal to the average value and/or the target reading frequency is greater than or equal to the frequency threshold, the sector address is recalculated by adopting a hash function and a pseudo-random algorithm to determine a new card number data access position, namely the third sector address. A new address which is not easy to predict is calculated through a hash and pseudo-random algorithm to store card number data, so that the data position is prevented from being predicted.

Assuming a target read frequency of 8 times, exceeding the average value of 4.25 or approaching the threshold 10 times, the third sector address will be regenerated, e.g. sector 8 is calculated as the new storage address. By dynamically updating the sector address, the storage positions after each read-write operation are different, so that the unpredictability of data access is enhanced, the safety of data is greatly improved, and potential targeted attacks are effectively prevented. Meanwhile, the scheme of determining the third sector address through the hash function and the pseudo-random algorithm can effectively generate the sector address which is uniformly distributed, the risk that a certain fixed sector is frequently accessed is avoided, the hash function can generate an address which is difficult to predict and is uniformly distributed according to input, the generation of the address is not dependent on a specific rule, the possibility of being cracked is reduced, the use of the pseudo-random algorithm is matched, the patterned distribution is further broken, the result generated by each address calculation is different, the centralized access to a single sector is avoided, and the method has the advantages that the reading frequency of each sector is balanced, the physical loss caused by the frequent access to the same sector is reduced, the service life of a card is effectively prolonged, and the safety and the data anti-interference capability are improved.

In an embodiment, referring to fig. 8, if the target reading frequency is greater than or equal to the average value or the target reading frequency is greater than or equal to the frequency threshold, updating the second sector address through a hash function and a pseudo-random algorithm, and determining a third sector address where the card number data is stored includes:

Specifically, the unique identifier and the target encryption factor are serially connected or combined in other rules to form a unique target character string, for example, the unique identifier is 0x1A2B3C4D, the target encryption factor is 0x123456, the two values are combined into 0x1A2B3C4D123456 according to a certain sequence, the uniqueness and the dynamics of the input are guaranteed by the combination, and the target character string generated each time is different, so that a diversified input is provided for the subsequent hash operation.

Specifically, a hash value of a fixed length is generated by a hash function such as SHA-256 or MD5, taking the target string as input. For example, the hash value generated by processing 0x1A2B3C4D123456 through SHA-256 is 5e884898da28047151D0e56f8dc6292773603dcfc e004a6bbcbaf D6a8, and the hash value has the main advantages of being irreversible, unique and unpredictable, can ensure the safety and uniqueness of an output result, and provides a random and uniformly distributed data base for subsequent mapping.

the generated hash value needs to be standardized, namely the hash value is converted into a digital form so as to be convenient for operation, for example, the first 8 characters of the hash value are intercepted, and are converted into a 16-system integer or a decimal integer, so that the complex hash value 5e884898 is converted into an integer 1581254296, subsequent calculation is simplified through the hash integer after the standardized processing, and a foundation is laid for mapping to a specific sector address interval.

Specifically, by mapping the standardized hash integer value to the sector address interval of the card, dynamic positioning of the sectors is achieved, for example, in a range of 16 sectors, modulo the hash integer value pair 16 to obtain the sector number includes performing a remainder operation on the standardized hash integer value and 16, that is, calculating the remainder of dividing the integer value by 16, and since the address range of 16 sectors is 0 to 15, by modulo the hash integer value, it can be ensured that the result is always between 0 and 15, thereby obtaining a valid sector number. For example, if the hash integer value is 1581254296, the remainder is 8 after the 1581254296 divided by 16 operation, which means that the hash value is mapped to the 8 th sector. By the method, even mapping of the hash value and the specific sector is realized, so that frequent access of certain sectors is avoided, the storage load is dispersed, the stability and durability of the storage system are improved, different sector addresses generated each time are ensured, all available sectors can be covered, frequent access of a certain fixed sector is avoided, and the risk of physical loss of a card is reduced.

Specifically, finally, a final third sector address is generated by integrating the hash integer value, the first sector address and the target sector address and combining a pseudo-random algorithm, and the introduction of the pseudo-random algorithm can further disturb on the basis of the target sector address generated by the basic hash, so that a single mapping rule is broken. For example, by generating an offset and adding to the target sector address, a third sector address is finally obtained. The process further improves the distribution randomness of the access sector, avoids potential safety hazards caused by specific rules, realizes scattered storage distribution, reduces the risk of centralized reading of the card, and effectively prolongs the service life of the card.

In an embodiment, referring to fig. 9, the determining the third sector address according to the hash integer value, the first sector address, the sector address interval, and the target sector address in combination with the pseudo-random number generation algorithm includes:

specifically, the hash integer value is used as a seed to be input into a preset pseudo-random number generator, so that the generated pseudo-random number sequence is guaranteed to be closely related to the hash integer value, the pseudo-random number generator can generate different random number sequences through different initial seed values, the same seed value can generate the same sequence, and consistency and predictability are guaranteed to be maintained in different environments. The method is helpful for improving the data security and avoiding repeated sector addresses generated by different cards.

Specifically, the unpredictability of the random number is further enhanced by using the first sector address, e.g., 0x05, as input data, which is combined with the seed value, i.e., the hash integer value, the pseudorandom number generator calculates and generates a new pseudorandom number. This process ensures that the access data and offset for each card is unique, and even if the cards use the same hash value, variations in the first sector address will affect the resulting pseudo-random number. For example, the hash integer value 1581254296 is input as a seed to the pseudorandom number generator, and the generated random number sequence will always be associated with the seed value, and if the first sector address is 0x05, the generated pseudorandom number will depend on the combination of this address and the previously generated random number sequence, and the core of the pseudorandom number generator is to recursively generate the pseudorandom number by a mathematical algorithm, such as a linear congruence method, so as to ensure that each access to the card has certain variability and security.

Specifically, the pseudo random number is subjected to modulo processing on a preset sector address interval to ensure that the offset is always in a valid sector address interval, the sector address interval is usually 0 to 15, and the generated offset can be ensured to be in the interval by performing modulo operation on the pseudo random number corresponding to 16 sectors of the RFID smart card. For example, assuming that the generated pseudo random number is 35, the result is 3 after modulo 16, meaning that the offset is 3.

Specifically, the final third sector address where the card number data is stored is determined by adding the offset and the target sector address and performing modulo processing again on the result, the addition calculation ensures that the target sector address changes under the influence of the offset, and the modulo operation keeps the result within the legal sector address interval. Assuming that the target sector address is 5 and the offset is 3, the addition result is 8, and then modulo 16 is performed on 8, so as to finally obtain the third sector address of 8. The design makes the sector position of data storage more flexible, can effectively avoid excessive access of a certain sector, and lightens the burden of storage equipment.

Specifically, in order to ensure the update of data and the security of card number data, old data in the first sector is first deleted, and then the card number data is written into the new address according to the newly calculated third sector address. The operation ensures that the data is always in an updated state, and avoids the risk of card damage or storage performance degradation caused by long-term concentration of the stored data in a certain sector. Through distributing the memory card number data among different sectors, the service life of the card can be effectively prolonged, and meanwhile, the reading efficiency and the safety are improved.

Example 3

The embodiment 3 of the invention discloses an anti-copying RFID smart card initializing and dynamic encrypting system, which comprises an RFID smart card and a card reader, wherein the RFID smart card is initialized by the RFID smart card initializing method according to the embodiment 1, and the card reader dynamically encrypts the RFID smart card by the RFID smart card dynamic encrypting method according to the embodiment 2.

Specifically, the anti-copying RFID smart card initialization and dynamic encryption system provided by the embodiment of the invention comprises an RFID smart card and a card reader, wherein the RFID smart card is initialized by the RFID smart card initialization method described in the embodiment 1, and the card reader dynamically encrypts the RFID smart card by the RFID smart card dynamic encryption method described in the embodiment 2. On one hand, the system effectively solves the problem of batch copying after the RFID intelligent card key is broken by introducing an encryption factor and a dynamic access address mechanism, in the scheme, the encryption factor of each card can change when the card is swiped each time, so that the sector address and the key of the card number access are also changed, even if the copy card successfully swipes the card through the UID and the key of the copy legal card, the next time of card swiping is performed, the sector address of the card number access is not matched any more due to the change of the encryption factor, so that the copy card cannot access legal data stored in a new position, and the copy card is invalid; in addition, because the key and the storage address of each card are dynamic calculation results based on UIDs and encryption factors, the encryption mode of each card is different, which means that even if an attacker breaks the key of a certain card, other cards cannot be copied in batches, because each card has independent access addresses and keys, the long-term use of the copy card is effectively prevented through the design of dynamic encryption and address change, the potential safety hazard caused by batch copying is avoided, thereby obviously enhancing the safety, ensuring that the access rights of legal users are not tampered or imitated by illegal cards, and on the other hand, because the system does not need to independently configure a physical key for each card, but generates the dynamic key and the storage address through an algorithm, and the hardware deployment cost is reduced.

In summary, the embodiment of the invention provides a method and a system for initializing and dynamically encrypting an anti-copy RFID smart card.

It should be understood that the invention is not limited to the particular arrangements and instrumentality described above and shown in the drawings. For the sake of brevity, a detailed description of known methods is omitted here. In the above embodiments, several specific steps are described and shown as examples. The method processes of the present invention are not limited to the specific steps described and shown, but various changes, modifications and additions, or the order between steps may be made by those skilled in the art after appreciating the spirit of the present invention.

The functional blocks shown in the above-described structural block diagrams may be implemented in hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, a plug-in, a function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine readable medium or transmitted over transmission media or communication links by a data signal carried in a carrier wave. A "machine-readable medium" may include any medium that can store or transfer information. Examples of machine-readable media include electronic circuitry, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio Frequency (RF) links, and the like. The code segments may be downloaded via computer networks such as the internet, intranets, etc.

The user information (including but not limited to user equipment information, user personal information and the like) and the data (including but not limited to data for analysis, stored data, presented data and the like) related to the application are information and data authorized by a user or fully authorized by all parties, and the collection, the use and the processing of related data need to comply with related laws and regulations and standards of related places, and are provided with corresponding operation entrances for users to select authorization or rejection.

It should also be noted that the exemplary embodiments mentioned in this disclosure describe some methods or systems based on a series of steps or devices. The present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, or may be performed in a different order from the order in the embodiments, or several steps may be performed simultaneously.

In the foregoing, only the specific embodiments of the present invention are described, and it will be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, which are not repeated herein. It should be understood that the scope of the present invention is not limited thereto, and any equivalent modifications or substitutions can be easily made by those skilled in the art within the technical scope of the present invention, and they should be included in the scope of the present invention.

Claims

1. A copy-proof RFID smart card dynamic encryption method, characterized in that the RFID smart card includes a plurality of sectors, the sectors are used to access encryption factors or card number data, each sector includes a key block, the key block is used to access the key for accessing the sector, the encryption factor is an encrypted string, used to calculate the sector address for accessing the card number data, the RFID smart card is initialized by an RFID smart card initialization method, the initialization method includes:

Obtain a preset initial encryption factor;

Writing the initial encryption factor into a preset sector and obtaining a unique identifier of the RFID smart card;

According to the first encryption function, the unique identifier and the initial encryption factor in the preset sector are encrypted to determine the initial sector address and initial key where the card number data is stored;

The dynamic encryption method comprises:

Reading the real-time encryption factor in the preset sector, and comparing the real-time encryption factor with the initial encryption factor;

If the initial encryption factor is the same as the real-time encryption factor, it is the first time to swipe the card, and the unique identifier of the RFID smart card is obtained;

According to the first encryption function, the real-time encryption factor and the unique identifier are encrypted to obtain a first sector address for accessing a first key and card number data;

Reading the card number data according to the first key and the first sector address;

When the card number data is successfully read, the first sector address and the unique identifier are encrypted according to a second encryption function to determine a new target encryption factor;

Writing the target encryption factor into the sector where the real-time encryption factor is located, encrypting the target encryption factor and the unique identifier according to the first encryption function, and determining the second sector address where the second key and the card number data are stored;

The card number data at the first sector address is deleted, and the card number data is written into a new sector corresponding to the second sector address according to the second sector address.

2. The anti-copying RFID smart card dynamic encryption method according to claim 1, characterized in that the encrypting process of the unique identifier and the initial encryption factor in the preset sector according to the first encryption function to determine the initial sector address and the initial key for storing the card number data comprises:

Performing an XOR operation on the unique identifier and the initial encryption factor to determine a first character string;

Performing an XOR operation on the character at the first preset position in the unique identifier and the character at the second preset position in the initial encryption factor to determine a second character string;

Performing an XOR operation on the character at the third preset position in the unique identifier and the character at the third preset position in the initial encryption factor to determine a third character string;

The initial sector address is determined according to the third character string.

3. The dynamic encryption method according to claim 1, characterized in that after reading the real-time encryption factor in the preset sector and comparing the real-time encryption factor with the initial encryption factor, it also includes:

If the initial encryption factor is different from the real-time encryption factor, the real-time encryption factor is compared with the historical encryption factor, and the unique identifier of the current RFID smart card is compared with the historical identifier;

When the real-time encryption factor is the same as the historical encryption factor and the unique identifier is the same as the historical identifier, encrypting the real-time encryption factor and the unique identifier according to a first encryption function to obtain a first sector address where a first key and card number data are stored;

Replacing the original historical encryption factor with the target encryption factor, encrypting the target encryption factor and the unique identifier according to the first encryption function, and determining a second sector address where the second key and the card number data are stored;

4. The dynamic encryption method according to claim 1, wherein when the card number data is successfully read, the first sector address and the unique identifier are encrypted according to a second encryption function, and determining a new target encryption factor comprises:

performing multiplication calculation on the first sector address and the unique identifier to determine a fourth character string;

The characters at the fourth preset position in the fourth character string are extracted, and the extraction result is used as the target encryption factor.

5. The RFID smart card dynamic encryption method according to claim 1, after completely copying the RFID smart card, comprises:

reading the copy data on the copy card, wherein the copy data includes a first copy encryption factor and a copy identifier;

Compare the copied data with the historical data in the card reader, if the copied data is consistent with the historical data, the first swipe of the copied card passes the verification, wherein the historical data includes the target encryption factor and the unique identifier;

According to a first encryption function, the first copy encryption factor and the copy identifier are encrypted to determine a copy sector address for accessing the copy key and the card number data;

When the card number data is successfully read, the copy identifier and the copy sector address are encrypted according to a second encryption function, a second copy encryption factor is determined, and the target encryption factor is replaced with the second copy encryption factor;

When a legitimate original RFID smart card is swiped, the target encryption factor is compared with the second duplicate encryption factor to determine that the original RFID smart card is an illegal card.

6. The dynamic encryption method according to claim 3, characterized in that after replacing the original historical encryption factor with the target encryption factor, encrypting the target encryption factor and the unique identifier according to the first encryption function, and determining the second sector address where the second key and the card number data are stored, it also includes:

According to the second sector address, obtaining a target read frequency of the sector corresponding to the second sector address, and obtaining read frequencies and preset frequency thresholds corresponding to the remaining sectors respectively;

Calculating an average value of the reading frequencies of each sector according to the target reading frequency and the reading frequencies corresponding to each of the remaining sectors;

If the target reading frequency is less than the average value and the target reading frequency is less than the frequency threshold, the card number data at the first sector address is deleted, and the card number data is written into a new sector corresponding to the second sector address according to the second sector address;

If the target reading frequency is greater than or equal to the average value and/or the target reading frequency is greater than or equal to the frequency threshold, the second sector address is updated by a hash function and a pseudo-random algorithm to determine a third sector address where the card number data is stored;

The card number data at the first sector address is deleted, and according to the third sector address, the card number data is written into a new sector corresponding to the third sector address.

7. The dynamic encryption method according to claim 6, characterized in that if the target reading frequency is greater than or equal to the average value or the target reading frequency is greater than or equal to the frequency threshold, the second sector address is updated by a hash function and a pseudo-random algorithm, and determining the third sector address where the card number data is stored comprises:

Processing the target string through a hash function to determine a hash value;

Performing standardization processing on the hash value to convert the hash value into a hash integer value;

According to the hash integer value and a preset sector address interval, the hash integer value is mapped to the sector address interval to determine a target sector address;

The third sector address is determined according to the hash integer value, the first sector address, the sector address interval and the target sector address in combination with the pseudo-random algorithm.

8. The dynamic encryption method according to claim 7, wherein determining the third sector address according to the hash integer value, the first sector address, the sector address interval and the target sector address in combination with the pseudo-random algorithm comprises:

Inputting the first sector address into the initialized pseudo-random number generator to determine a pseudo-random number;

According to the sector address interval, performing modulo processing on the pseudo-random number to determine an offset, wherein the offset is within the sector address interval;

The offset and the target sector address are added and modulo processed to determine the third sector address.

9. An anti-copying RFID smart card initialization and dynamic encryption system, characterized in that the dynamic encryption system includes an RFID smart card and a card reader, and the card reader initializes and dynamically encrypts the RFID smart card using the RFID smart card dynamic encryption method described in any one of claims 1 to 8.