AnonAccess/en
Aus LaborWiki
This page is still under construction
Inhaltsverzeichnis |
[Bearbeiten] Summary
This page introduces the Labor's access system.
The access system replaces the conventional key-lock combination to open the door with an electronic magnetic stripe card based system.
Security and anonymity is one of our main focuses and shall be guaranteed by cryptographic mechanisms.
[Bearbeiten] Components
The composition of system components is roughly as follows:
- Master Unit
- Ticket Database
- Flag-Modifying Database
- QPort-tiny
- Real-time clock
- Panel
- Card reader
- User Input Devices
- User Output Devices
- QPort-tiny
- Chipcard
[Bearbeiten] The Chipcard
The chipcard is a pure memory device which is interfaced via the I²C-bus.
The card contains a so-called AuthBlock, which contains all data necessary for authentication.
| Name | Length | Description |
|---|---|---|
| UID | 2 Byte | temporary user identifier which tells the memory location of the ticket in the internal database |
| Ticket | 32 Byte | encrypted timestamp |
| rKey | 32 Byte | random key to encrypt rID |
| rID | 32 Byte | encrypted identifier |
| HMAC | 32 Byte | HMAC over the test of the AuthBlock |
| Name | Length | Description |
|---|---|---|
| UID | 2 Byte | random |
| Ticket | 32 Byte | enc(key_timestamp, 24Byte Random | 8Byte Timestamp) |
| rKey | 32 Byte | random |
| rID | 32 Byte | enc(key_rid, enc(rKey, hmac(key_nick, nickname))) |
| HMAC | 32 Byte | hmac(key_absign, UID | Ticket | rKey | rID) |
[Bearbeiten] Inner Workings
to be done
[Bearbeiten] Used Primitives
The following are used as cryptographic primitives:
- Hash: SHA256
- HMAC: HMAC-SHA256
- Blockcipher: Shabea256
- Pseudo-Random-Number-Generator: Selfmade based on SHA256
