Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This standard is developed in accordance with the rules given in GB/T 1.1-2009.
Attention is drawn to the possibility that some of the elements of this standard may be the subject of patent rights; the issuing body of this document shall not be held responsible for identifying any or all such patent rights.
This standard was proposed by and is under the jurisdiction of the Ministry of Public Security of the People's Republic of China.
Security Technical Requirement for the Electronic Identification of Motor Vehicles
1 Scope
This standard specifies general requirements for security of electronic identification of motor vehicle and its existence period security.
This standard is applicable to the design, production, test and application of electronic identification of motor vehicle.
2 Normative References
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 35789.1-2017 General Specification for Electronic Identification of Motor Vehicles - Part 1: Automobile
GM/T 0035.1-2014 Specification for Cryptographic Application of Radio Frequency Identification System - Part 1: Cryptographic Security Protection Framework and Security Level
GM/T 0035.5 Specification for Cryptographic Application of Radio Frequency Identification System - Part 5: Requirements for Key Management Technology
3 Terms and Definitions
For the purposes of this document, the terms and definitions given in GB/T 35789.1-2017 and the following apply.
3.1
identity authentication
procedure of declaring identity for confirming electronic identification of motor vehicle or read-write equipment
3.2
ciphertext
the encrypted data
[Definition 2.60 in GM/Z 0001-2013]
3.3
key
critical information or parameter that controls the operation of cryptographic algorithm
[Definition 2.63 in GM/Z 0001-2013]
3.4
initial key
critical information or parameter written during production of electronic identification of motor vehicle and used for identity authentication between electronic identification and read-write equipment
3.5
initialization
procedure of writing the initial information and key into electronic identification of motor vehicle by issuing body as required
3.6
personalization
procedure of writing the motor vehicle registration information into electronic identification of motor vehicle as required
4 General Requirements
4.1 Security level
Security level shall meet the requirements of 6.2.2 in GM/T 0035.1-2014.
4.2 Cryptographic algorithm
Cryptographic algorithm approved by national cryptogram management department shall be adopted.
4.3 Key
4.3.1 Key length is 128-bit; keys stored in electronic identification of motor vehicle shall not be read.
4.3.2 Key management shall meet the following requirements:
a) Generation, dispersal, distribution, injection, storage, backup, verification, update, destruction and application of key shall meet the requirements specified in GM/T 0035.5;
b) Access key to chip identifier data bank and vehicle registration data bank shall be in the charge of the institution authorized by public security organ;
c) Access key to user data bank shall be in the charge of the competent department of application industry.
4.4 Identity authentication
Authenticity authentication of read-write equipment identity shall be realized through cryptographic algorithm; bidirectional identity authentication shall be carried out between electronic identification of motor vehicle and read-write equipment; electronic identification of motor vehicle shall not response to the unauthorized access command of read-write equipment.
4.5 Confidentiality
Information stored in the vehicle registration data bank shall be protected through encryption; information stored in the user data bank should be protected through encryption and written into designated storage area with authorized read-write equipment.
4.6 Security access control
Security mechanisms of identity authentication and password verification shall be adopted for the access authority control of all storage partitions; see Table 1 for the access control privileges.
Foreword i
1 Scope
2 Normative References
3 Terms and Definitions
4 General Requirements
5 Existence Period Security
Bibliography
Codeofchina.com is in charge of this English translation. In case of any doubt about the English translation, the Chinese original shall be considered authoritative.
This standard is developed in accordance with the rules given in GB/T 1.1-2009.
Attention is drawn to the possibility that some of the elements of this standard may be the subject of patent rights; the issuing body of this document shall not be held responsible for identifying any or all such patent rights.
This standard was proposed by and is under the jurisdiction of the Ministry of Public Security of the People's Republic of China.
Security Technical Requirement for the Electronic Identification of Motor Vehicles
1 Scope
This standard specifies general requirements for security of electronic identification of motor vehicle and its existence period security.
This standard is applicable to the design, production, test and application of electronic identification of motor vehicle.
2 Normative References
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 35789.1-2017 General Specification for Electronic Identification of Motor Vehicles - Part 1: Automobile
GM/T 0035.1-2014 Specification for Cryptographic Application of Radio Frequency Identification System - Part 1: Cryptographic Security Protection Framework and Security Level
GM/T 0035.5 Specification for Cryptographic Application of Radio Frequency Identification System - Part 5: Requirements for Key Management Technology
3 Terms and Definitions
For the purposes of this document, the terms and definitions given in GB/T 35789.1-2017 and the following apply.
3.1
identity authentication
procedure of declaring identity for confirming electronic identification of motor vehicle or read-write equipment
3.2
ciphertext
the encrypted data
[Definition 2.60 in GM/Z 0001-2013]
3.3
key
critical information or parameter that controls the operation of cryptographic algorithm
[Definition 2.63 in GM/Z 0001-2013]
3.4
initial key
critical information or parameter written during production of electronic identification of motor vehicle and used for identity authentication between electronic identification and read-write equipment
3.5
initialization
procedure of writing the initial information and key into electronic identification of motor vehicle by issuing body as required
3.6
personalization
procedure of writing the motor vehicle registration information into electronic identification of motor vehicle as required
4 General Requirements
4.1 Security level
Security level shall meet the requirements of 6.2.2 in GM/T 0035.1-2014.
4.2 Cryptographic algorithm
Cryptographic algorithm approved by national cryptogram management department shall be adopted.
4.3 Key
4.3.1 Key length is 128-bit; keys stored in electronic identification of motor vehicle shall not be read.
4.3.2 Key management shall meet the following requirements:
a) Generation, dispersal, distribution, injection, storage, backup, verification, update, destruction and application of key shall meet the requirements specified in GM/T 0035.5;
b) Access key to chip identifier data bank and vehicle registration data bank shall be in the charge of the institution authorized by public security organ;
c) Access key to user data bank shall be in the charge of the competent department of application industry.
4.4 Identity authentication
Authenticity authentication of read-write equipment identity shall be realized through cryptographic algorithm; bidirectional identity authentication shall be carried out between electronic identification of motor vehicle and read-write equipment; electronic identification of motor vehicle shall not response to the unauthorized access command of read-write equipment.
4.5 Confidentiality
Information stored in the vehicle registration data bank shall be protected through encryption; information stored in the user data bank should be protected through encryption and written into designated storage area with authorized read-write equipment.
4.6 Security access control
Security mechanisms of identity authentication and password verification shall be adopted for the access authority control of all storage partitions; see Table 1 for the access control privileges.
Contents of GB/T 35788-2017
Foreword i
1 Scope
2 Normative References
3 Terms and Definitions
4 General Requirements
5 Existence Period Security
Bibliography