电能表预付费系统-标准传输规范(STS)(20)
6.5 Security functions 安全功能
6.5.1 General requirements
With the exception of DITK values, VendingKey and DecoderKey values shall only be generated by a device responsible for token generation, such as a POS that is certified as STS-compliant and which is subject to an STS-certified KeyManagementSystem (see Clause 9). This subclause describes the key generation methods used by such devices and is applicable to manufacturers of these devices.
除DITK值外,VendingKey和DecoderKey值只能由负责令牌生成的设备生成,例如经sts认证的符合sts认证并受sts认证的密钥管理系统约束的POS(见第9条)。本款描述了此类设备使用的密钥生成方法,适用于这些设备的制造商。
6.5.2 Key attributes and key changes (Key属性和Key更改)
6.5.2.1 Key change requirements (Key关键变更要求)
With the exception of DITK values, STS key values shall only be introduced or changed in a payment meter from a device responsible for key management, such as a POS that is certified as STS-compliant, and which is subject to STS key management. This subclause describes the STS key change method used between such devices and payment meters, and is applicable to manufacturers of these devices and payment meters.
除DITK值外,STS密钥值只能在负责密钥管理的设备上引入或更改,例如认证为STS兼容的POS,并受STS密钥管理的约束。本款描述了此类设备和支付仪表之间使用的STS密钥变更方法,适用于这些设备和支付仪表的制造商。
An STS key change provides the mechanism for changing the DecoderKey present in a decoder from its current value to a new value. This process may be initiated by several events or circumstances, including the following:
STS键改变提供了一种机制,可以将解码器中的解码器键从当前值更改为新值。这一过程可能由以下几个事件或情况发起:
• a new or repaired payment meter that contains a manufacturer's DITK value shall be changed before leaving the manufacturing or repair premises to contain the appropriate value of manufacturer’s default (DDTK) or utility’s DecoderKey (DUTK or DCTK) depending on the SupplyGroup to which the payment meter has been allocated;
- 包含制造商DITK值的新的或已修复的付款仪表应在离开制造或维修场所之前进行更改,以包含制造商默认值(DDTK)或公用工程解码器键(DUTK或DCTK)的适当值,具体取决于已分配付款仪表的供应组;
• a SupplyGroup's VendingKey has either expired or been compromised, and is replaced by a new VendingKey revision and, as a result, each DecoderKey within the SupplyGroup shall be changed from its current DecoderKey value to the DecoderKey value that corresponds to the new VendingKey value;
- 供应组的VendingKey已过期或被泄露,并被新的VendingKey修订版本取代,因此,供应组内的每个DecoderKey应从其当前的DecoderKey值更改为与新的VendingKey值相对应的DecoderKey值;
• a payment meter is re-allocated from one SupplyGroup to another SupplyGroup and, as a result, its DecoderKey shall be changed from its current value generated from the previous SupplyGroup VendingKey to the new value generated from its new SupplyGroup VendingKey; or
- 付款计价器从一个供应组重新分配到另一个供应组,因此,其解码器键应从其从上一个供应组VendingKey生成的当前值更改为从其新的供应组VendingKey生成的新值;或
• the TI for a payment meter is changed and, as a result, its DecoderKey shall be changed from its current value (that corresponds to the previous TI) to the new value (that corresponds to the new TI).
- 支付计价器的TI发生改变,其解码密钥应从当前值(对应于前一个TI)更改为新值(对应于新TI)。
The key change token set effects an STS key change. This meter-specific management token set transfers the following information from the POS to the payment meter, encrypted under the current DecoderKey:
• the value of the new DecoderKey;
• the KEN;
• the KRN;
• the KT;
• the SGC (only in the case of the three-token set and the four-token set);
• the TI.
密钥更改令牌集影响STS密钥更改。这个meter专用的管理令牌集将以下信息从POS机传输到支付meter,并在当前的DecoderKey下加密:
- 新DecoderKey的值;
- KEN;
- KRN;
- KT;
- SGC(仅适用于3个令牌集合和4个令牌集合);
- TI
An STS key change process for a payment meter shall be initiated whenever any one of the following attributes of the VendingKey changes in value:
• the value of the VendingKey;
• the value of BDT;
• the value of the SGC;
• the value of the TI;
• the value of the KEN;
• the value of the KRN;
• the value of the KT;
• the value of the DKGA.
当VendingKey的以下任何一个属性的值发生变化时,应启动支付计价器的STS键更改流程:
- • VendingKey;
- •BDT;
- SGC;
- TI;
- KEN;
- KRN;
- KT;
- DKGA.
NOTE See 6.1 .1 for detailed specifications on the data elements in the APDU and 6.5.3 for DKGA requirements.
APDU中数据元素的详细规范请参见6.1,DKGA要求请参见6.5.3。
A particular SGC may be associated with more than one VendingKey at the same time during its operational life, in which case each VendingKey shall be identified by its associated KRN.
一个特定的SGC在其运行寿命期间可能同时与一个以上的VendingKey关联,在这种情况下,每个VendingKey应由其关联的KRN识别。
Key change tokens shall not be generated in the case where the destination key's KEN relative to BDT is in the past (according to the system clock).
如果目标密钥相对于BDT的KEN在过去(根据系统时钟),则不生成密钥更改令牌。
Key change tokens shall not be generated where the BaseDate associated with the destination VendingKey/DecoderKey is earlier than the BaseDate associated with the source VendingKey/DecoderKey.
如果与目标VendingKey/DecoderKey关联的BaseDate早于与源VendingKey/DecoderKey关联的BaseDate,则不应生成密钥更改令牌。
A POS may optionally generate and issue key change tokens automatically or manually, but this shall be specified in the purchase agreement between the manufacturer and the utility.
POS可选择自动或手动生成并发放密钥更改令牌,但这应在制造商和公用事业公司之间的购买协议中指定。