T-700 Series Readers Secure Sector Readers - PowerPoint PPT Presentation

1 / 19
About This Presentation
Title:

T-700 Series Readers Secure Sector Readers

Description:

General Electric Company 2004 ... Secure Sector Readers Contents History of Card Technology Trends Card Technology Trade Offs Customer Profiles Fixed Sector Keys and ... – PowerPoint PPT presentation

Number of Views:144
Avg rating:3.0/5.0
Slides: 20
Provided by: utcfssecur
Category:

less

Transcript and Presenter's Notes

Title: T-700 Series Readers Secure Sector Readers


1
T-700 Series ReadersSecure Sector Readers
2
Contents
  • History of Card Technology
  • Trends
  • Card Technology Trade Offs
  • Customer Profiles
  • Fixed Sector Keys and how they work
  • Diversified Sector Keys and how they work
  • T-7XX Reader Series Information

3
Long History of Card / Reader Technologies
Historically there have been two key
considerations when choosing a reader 1) What
cards it reads, and 2) how it talks to the
controller.
  • How it talks
  • Reader Communications Output
  • 20ma Current Loop
  • Proprietary
  • Strobed Clock Data
  • F2F
  • Wiegand
  • Supervised F2F
  • RS-485
  • RS-232
  • What it reads
  • Card and Reader Technology
  • Barium Ferrite
  • Bar Code
  • Magstripe
  • Wiegand
  • 125 kHz Proximity
  • Mixed technologies

4
News Trends in the Market
Newer influencers affecting choice of reader
card technology
  • HSPD-12
  • FIPS 201
  • TWIC
  • Convergence of Logical Physical Access
  • Federated Identity
  • PKI Certificates
  • Strong Passwords
  • Secure Sectors
  • Mifare ISO 14443
  • Vicinity ISO 15693
  • DESFIRE
  • Biometrics
  • Hacking Smart Cards

5
Major 13.56 MHz TechnologiesTwo major ISO
standards for Smart Cards
  • Mifare
  • ISO 14443
  • Developed by Philips, now NXP
  • Wide install base
  • Public Transit, IDs
  • Up to 4K Bytes storage
  • Vicinity
  • ISO 15693
  • my-d chips from Infineon
  • Used for the the development of Smart Labels
  • Longer read range
  • Typically storage - 2K Bits
  • HID iClass Inside Contactless

Different Stds, However, T-Readers Read Both
6
Card/Tech Tradeoffs
Cost Ease of Use Security IT Functions
Legend ? Low? Mid? High ? Simple? Mid? Diff ? Low? Mid? High ? Strong? Mid? Limited
Mifare 1 K ? ? ? ?
Mifare 4K ? ? ? ?
Mifare DESFIRE 4K ? ? ? ?
Mifare DESFIRE EV-1 ? ? ? ?
Vicinity ? ? ? ?
Contactless Cards ? ? ? ?
Contact Cards ? ? ? ?
Multiple Technology Cards ? ? ? ?
Hybrid Cards Single Chip, Multiple Interfaces ? ? ? ?
UID (Unique ID) ? ? ? ?
Fixed Key Secure Sector ? ? ? ?
Diversified Key Secure Sector ? ? ? ?
Card Type
Tech
7
Mapping Options Out
Limited sources, Customer is locked to source
due to complexity of manufacturing and encoding
processes
Hybrid Dual interface PKI
Manufacturer controls Key, Credentials from
reader manufacturer
Higher Cost
Mifare DESFIRE EV-1 Diversified Key
Manufacturer controls Key, Credentials from
reader manufacturer
Mifare DESFIRE EV-1 Fixed Key
Wiegand
T-7XX Series
Mifare / Vicinity Diversified Key
Mifare Fixed Key
Customer controls Key, generally selects paired
card and reader source
125 kHz Prox
Mifare / Vicinity UID
Customer controls Key, generally selects paired
card and reader source
MagStripe
Customer can have multiple sources
Lower Cost
BarCode
Lower Security
Higher Security
8
Which Reader can work with which Card Technology?
Technology Technology 125 kHz Prox 125 kHz Prox 125 kHz Prox MultiTech Readers125 kHz 13.56 MHz MultiTech Readers125 kHz 13.56 MHz Smart Card Readers13.56 MHz Smart Card Readers13.56 MHz Smart Card Readers13.56 MHz
Reader Type Reader Type GE Prox Perfect GE T-100 HID Prox GE T-5xx HID RP Readers GE T-200 HID iClass GE T-7xx
What is Read? GE Security Prox ? ? ?
What is Read? HID Prox ? ? ? ?
What is Read? Mifare CSN ? ? ? ? ?
What is Read? Mifare Sector Fixed Key ? ? ?
What is Read? Mifare Sector Diversified Key ? ?
What is Read? Vicinity CSN ? ? ? ? ?
What is Read? Vicinity Sector Fixed Key ? ?
What is Read? Vicinity Sector Diversified key ? ?
What is Read? HID iClass CSN ? ? ? ?
What is Read? HID iClass Sector ? ?
What is Read? PIV FASC-N ? ? ? ?
How does it communicate S Supervised F2F W Wiegand S, W W W S, W W W W W
9
Typical Customer Profile for Secure Sector Smart
Cards
  • Ideal customers for Smart Cards
  • Customers Seeking Multi-purse Capabilities
  • Cashless Environments
  • Library / Lending
  • Tool Crib
  • Cashless Vending
  • Copying With Usage Tracking / Billing
  • Environments Requiring More Secure Controls
  • To Prevent Credential Sniffing and
  • To Prevent Counterfeiting.
  • Corporate or Educational Campus
  • Any Environment Desiring Ability To Tie The
    Existing Identity Infrastructure to Any Other
    Task or Function

10
What are Fixed Sector Keys?
1
Non-encoded Smart Card Credentials
2
Card Serial Number- 2 Card Serial Number- 2 Card Serial Number- 2
Sector Key User Data
1
2

32
Credential Encoder
Card Serial Number- 1 Card Serial Number- 1 Card Serial Number- 1
Sector Key User Data
1
2

32
BID Data Data-1 Data-2 Data-3 . . Data - n
Secret Key
Sector
Card Serial Number- 1 Card Serial Number- 1 Card Serial Number- 1
Sector Secret Key Data- 1
Encoded Smart Card Credentials
3
Card Serial Number- 2 Card Serial Number- 2 Card Serial Number- 2
Sector Secret Key Data- 2
Card Serial Number- 2 Card Serial Number- 2 Card Serial Number- 2
Sector Key User Data
1 Secret Key Data- 2
2

32
Card Serial Number- 1 Card Serial Number- 1 Card Serial Number- 1
Sector Key User Data
1 Secret Key Data- 1
2

32
Secret Key is up to 128 bits
  • Step 1 GE provides encoded cards utilizing
    customers Fixed Key. (Note A fixed key
    credential encoder is planned for Facility
    Commander Wnx 7.6 and Picture Perfect 4.1
    allowing customer more choice in card providers.)
  • Step 2 Encoding Cards -- Blank Smart Cards
    are presented to Credential Encoder. The encoder
    writes a secret key to the specified sector and
    writes the badge ID data to the user field for
    that sector.
  • Step 3 The output is an encoded credential
    with both a secret key and the badge data stored
    on the credential. Other sectors are
    available for other datavending, library, etc.
    These steps are repeated for each subsequent card.

11
Fixed Sector Key Use Transaction
Data sent to Controller
4
3
Reader Reader
Sector Secret Key
1
Card Serial Number- 1 Card Serial Number- 1 Card Serial Number- 1
Sector Key User Data
1 Secret Key Data- 1
2

32
2
  • Step 1 Card approaches the reader
  • Step 2 Conversation between the reader and
    the card ensues. Reader starts by transmitting
    the secret key for a particular sector on the
    card.
  • Step 3 The card compares the secret key
    provided by the reader to the secret key on the
    card. If they match, then and only then, does
    the card release the user data for that
    particular sector.
  • Step 4 The reader reads the user data and
    transmits the information to the controller, in
    this case, to be used in the access control
    decision. This process is repeated every time a
    card approaches the reader.
  • Note In the case of FIXED keys, every card
    uses the same secret key

12
What are Diversified Sector Keys?
1
Non-encoded Smart Card Credentials
2
Card Serial Number- 4 Card Serial Number- 4 Card Serial Number- 4
Sector Key User Data
1
2

32
Credential Encoder
Card Serial Number- 3 Card Serial Number- 3 Card Serial Number- 3
Sector Key User Data
1
2

32
BID Data Data-1 Data-2 Data-3 . . Data - n
Secret Key
Algorithm
Encoded Smart Card Credentials
Result- 3 Data- 3
3
Card Serial Number- 4 Card Serial Number- 4 Card Serial Number- 4
Sector Key User Data
1 Result 4 Data- 4
2

32
Result- 4 Data- 4
Card Serial Number- 3 Card Serial Number- 3 Card Serial Number- 3
Sector Key User Data
1 Result 3 Data- 3
2

32
Secret Key is up to 128 bits
  • Step 1 GE provides encoded cards utilizing
    GEs Diversified Key. (Note A Diversified Key
    is only available directly from GE. There is
    no field encoding of Diversified Keys.)
  • Step 2 Encoding Cards -- Blank Smart Cards
    are presented to Credential Encoder. The encoder
    contains an algorithm that
  • requires two data inputs1) a secret key and 2)
    a card serial number. The algorithm outputs a
    unique number or key for each credential and
    writes a unique secret key to the specified
    sector and then writes the badge ID data to the
    user data field for that sector.
  • Step 3 The output is an encoded credential
    with a unique secret key and the user badge data
    stored on the credential. Other sectors are
    available for other datavending, library, etc.
    These steps are repeated for each subsequent card.

13
Diversified Sector Key Use Transaction
Data sent to Controller
5
4
Reader Reader Reader
Secret Key Algorithm Card Serial Number- 3
Result- 3 Result- 3 Result- 3
1
2
Card Serial Number- 3 Card Serial Number- 3 Card Serial Number- 3
Sector Key User Data
1 Result 3 Data- 3
2

32
3
  • Step 1 Card approaches the reader. The
    reader has both the algorithm and the GE secret
    key stored in it. Therefore, it can
  • calculate the result key for each card.
    Conversation between the reader and the card
    ensues. Reader starts by transmitting the card
    serial number for a particular sector on the
    card.
  • Step 2 The reader runs the algorithm
  • Step 3 The reader transmits a unique result
    key for each card sector.
  • Step 4 The card compares the result key
    provided by the reader to the sector key on the
    card. If they match, then and only then, does
    the card release the user data for that
    particular sector.
  • Step 5 The reader reads the user data and
    transmits the information to the controller, in
    this case, to be used in the access control
    decision. This process is repeated every time a
    card approaches the reader.
  • Note In the case of DIVERSIFIED keys, a
    UNIQUE result key is calculated for each card.
    In the unlikely event that a card is
    compromised, only that particular card is subject
    to counterfeiting. All others remain secure.

14
New T-7xx Series Readers
  • 13.56 MHz Readers Secure Sector
  • Wiegand Output
  • RS-485 Output
  • GE Diversified Key or Fixed Key
  • T-700 - Mullion
  • T-720 - Mid-Range
  • T-725 - Mid Range with Keypad

15
Four Modes of Operation, Select One
Mode of Operation Readers Command Cards Required Smart Card Type
GE Diversified Key Mode Default T-7xx Readers None Any GE Security Stock Smart Card
GE Diversified Key Mode Default T-7xx Readers None Custom Smart Card with option GE Diversified Key
Fixed Key Mode Default T-7xx Readers Order OESM Fixed Key Command Cards (PN 521XCC01-________) Required to complete Fix Key Request Form Customs Card Only Must have Fixed Key Option that matches Fixed Key Request Form for OESM Command Card
UID Mode Default T-7xx Readers Order T-5xx Emulation Mode Command Cards (PN 521308001) Any Mifare or my-d Smart Card will have UID which can be read
PIV Mode Default T-7xx Readers Order PIV Command Cards(PN 521307001) Customer supplied PIV cards
16
New Card Offerings
Option Option Attribute Mifare 1K Mifare 4K Reader Config Card Comments
Sector Security GE Diversified Key ? ? Only available from GE, cards will have BID encoded
Sector Security Customer Defined Fixed Key ? ? ? GE can encode for customer Customer can encode in via Imaging System (Upgrades to FC Wnx and PP underway)
Sector Security None ? ? ? CSN only or if customer is local encoding
Badge ID Encoding GE Standard - 5502 ? ? Unique 16 digit BID
Badge ID Encoding 26 Bit ? ? For legacy systems
Badge ID Encoding None ? ? For CSN only or if customer is local encoding Fixed Key
17
Stocked Smart CardsCompatible with T-7XX Series
to Read Encoded ID
  • All GE Stock Smart Cards Have
  • GE Diversified Sector Key
  • ISO Thickness
  • Composite Material
  • Front White Glossy
  • Back White Glossy
  • Size CR-80
  • No External ID
  • No Slot Punch (dots are visible for where slot
    punch is permitted)
  • No Magnetic Stripe

Part Number Description
700300001 Mifare 1K Badge ID Encoded with 2601
700300002 Mifare 1K Badge ID Encoded with 5502
700300003 Mifare 4K Badge ID Encoded with 2601
700300004 Mifare 4K Badge ID Encoded with 5502
700300005 My-D 10k bits Badge ID Encoded with 2601
700300006 My-D 10k bits Badge ID Encoded with 5502
18
Custom Smart Card Ordering
  • Custom Smart Card Attributes
  • External ID
  • External ID Print Type
  • External ID Print Position
  • Tab Run
  • Sector Encoding Options
  • Badge ID Formatting Options
  • Slot Punch Options
  • Custom Artwork Printing

Part Number Description
700310001 Mifare 1K
700310002 Mifare 1K With magstripe
700310003 Mifare 4K
700310004 Mifare 4K With magstripe
700310005 My-D 10k bits
700310006 My-D 10k bits With magstripe
All custom card orders must be accompanied by Custom Card Order Checklist All custom card orders must be accompanied by Custom Card Order Checklist
19
Who To Call For Assistance
If you have additional questions or
needassistance answering technical questions
for customers, please contact PreSalesEngineerin
g to speak with a specifically trained
representative on this subject
Write a Comment
User Comments (0)
About PowerShow.com