WO2010089673A2 - A data authentication technology - Google Patents

A data authentication technology Download PDF

Info

Publication number
WO2010089673A2
WO2010089673A2 PCT/IB2010/000669 IB2010000669W WO2010089673A2 WO 2010089673 A2 WO2010089673 A2 WO 2010089673A2 IB 2010000669 W IB2010000669 W IB 2010000669W WO 2010089673 A2 WO2010089673 A2 WO 2010089673A2
Authority
WO
WIPO (PCT)
Prior art keywords
data
authentication
medium
security
predefined
Prior art date
Application number
PCT/IB2010/000669
Other languages
French (fr)
Other versions
WO2010089673A3 (en
Inventor
Peter Samuel Atherton
Original Assignee
Mikoh Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mikoh Corporation filed Critical Mikoh Corporation
Publication of WO2010089673A2 publication Critical patent/WO2010089673A2/en
Publication of WO2010089673A3 publication Critical patent/WO2010089673A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan

Definitions

  • the present invention relates to processes and apparatus for authenticating information.
  • Some authentication techniques rely on placing an authenticating feature on or in the object to be authenticated.
  • Such authentication features can take various forms. Examples include:
  • ⁇ holographic or other optically variable tamper-indicating adhesive labels ⁇ microtaggant particles applied to the surface of the object;
  • security inks that are printed on the object, said security inks having authentication properties that are visually or machine detectable (e.g. thermochiomic inks, optically variable inks, etc).
  • a common disadvantage of these techniques is that they do not. uniquely identify each authenticated object, since for each application typically all instances of the authentication feature will be the same throughout the application. For example, all Visa card holograms for a particular batch of Visa cards will be the same throughout the batch. It is therefore impossible to differentiate or uniquely identify authenticated objects within the application on the basis of the authentication feature alone-
  • This disadvantage can be overcome by adopting an authentication method that involves measuring a feature, such as a random or pseudo-random feature, that is unique to each authenticated object
  • the authentication feature may be intrinsic to the object or may be deliberately introduced. Examples of authentication techniques that utilize this method include: • measuring intrinsic random irregularities in the surface of the object — this applies especially to paper, cardboard and other fibrous materials;
  • Some of the random (or pseudo-random) techniques are further enhanced by measuring the random (or pseudo-random) properties of the object at the start of the object's life or when the random (or pseudo-random) feature is first introduced, and recording the measurement results as authentication data.
  • the authentication data may then be stored in a database for later reference.
  • a disadvantage of this approach is that the database must be accessed in order to subsequently authenticate the object. Ia general it is advantageous to not have to refer to a remote database when carrying out an authentication process, since referring to a database - especially a remote database - requires a communications channel (which may not always be available), takes time, and exposes transmitted data to security risks.
  • the authentication data may be stored on the object, for example as a machine readable marking (such as a barcode or 2-dimensional barcode) or in an electronic memory.
  • the authentication data may be encrypted for added security, Authentication of the object can then be carried out locally, without reference to a remote database, by measuring the authentication properties and comparing the results with the authentication data stored on the object (if necessary after decrypting the stored authentication data).
  • an object will also store important predefined data - in other words, data that is not random or pseudo-random but instead is defined by a user or another process - and it is advantageous to be able to authenticate not only the object but also this stored predefined data. Examples include:
  • a current method for locally authenticating predefined data stored on an object is to record cither said predefined data or associated data on said object using restricted materials that have special ma ⁇ l ⁇ ne detectable properties.
  • a barcode maybe printed on an object in regular graphic ink (to be read using a standard barcode reader) and also in an ink with special optical properties that are machine detectable.
  • a disadvantage of current techniques is that they do not provide a means to locally authenticate both an object and predefined data stored on or in the object (where local authentication means authenticate without reference to a remote database) without the disadvantages of having to use, and machine read, a restricted material.
  • the object of the present invention is to overcome or substantially ameliorate at least one of the above disadvantages,
  • a method of preparing authenticated predefined data including the steps of; providing an information storage item to store the predefined data; providing one or more an authentication medium, each medium having identifiable features; using each medium to generate authentication data indicative of the features of the medium; combining the authentication data from each medium with the predefined data to produce combined data; processing at least part of the combined data to provide security date;
  • the step of processing includes a cryptographic hash function.
  • the step of storing the predefined data and encrypted security data is performed by a deterministic and reversible process.
  • said predefined data is encrypted data.
  • the step of using a medium includes machine reading the medium to generate the authentication data.
  • the features include biometric features.
  • the features include a plurality of microparticles.
  • the association between one or more of the authentication media and the item is tamper-indicating, with tampering of a tamper indicating authentication medium resulting in modification of the authentication data for said medium.
  • said item is an electronic device.
  • the medium is a surface to receive a printed image, with the stored data in a printed image applied to the surface.
  • said item is an RPID tag, having a memory portion with recognisable, readable, random electronically recorded features providing the authentication data.
  • a method to retrieve predefined data and authenticate the predefined data including the steps of: providing one or more authentication medium having identifiable features; using each medium to generate authentication data indicative of the features of the medium; providing a storage item having stored data including encrypted security data and the predefined data; retrieving the predefined data and combining the predefined data with the authentication data to provide retrieved combined data; processing at least part of the combined retrieved data to provide retrieved security data; retrieving the encrypted security data from the storage item; decrypting the encrypted security data to provide decrypted security data; and comparing the retrieved security data with the decrypted security data to generate data indicative of any match between the retrieved security data and the decrypted security data to determine a positive match between the retrieved security and the decrypted security data;
  • the method of claim 12, wherein the encrypted security data is a digital signature.
  • the method of claim 12 or 13 wherein the step of using the medium includes machine reading the medium to generate the authentication data.
  • the method of claims 12, 13 or 14, wherein the features include biometric features,
  • the method of claims 12, 13 or 14, wherein the features include a plurality of micropartioles.
  • each of said authentication media including unique authentication features that can be machine read in an authentication reading process, thereby generating unique authentication data indicative of specified properties of said unique authentication features, where said unique authentication features have
  • the encryption process for encrypting said security data to produce said encrypted security data and the corresponding decryption process for decrypting said encrypted security data to produce said decrypted security data, may be symmetric or asymmetric.
  • said encrypted security data and said predefined data may be recorded in said information storage medium in separate data fields.
  • said encrypted security data and said predefined data may be mixed or combined in a specified manner before being recorded into said information storage medium,
  • processing of said retrieved predefined data may include not outputting said retrieved predefined data unless said data comparison process produces a positive data match
  • processing of said retrieved predefined data may inch ie outputting said retrieved predefined data along with the result of said data comparison process, whether or not a positive data match is obtained.
  • Said authentication features for an authentication medium may in some embodiments include biometric features such as a fingerprint or retinal pattern.
  • Said authentication features for an authentication medium may in some preferred embodiments include a random array or pattern of features associated with said authentication medium, where said random array or pattern may be intrinsic to said authentication medium or may be introduced to said authentication medium via a random process,
  • Non-limiting examples of such authentication media and authentication features include: • a surface or volume with a random pattern of machine readable micro- particles;
  • Said information storage medium may include, without limitation) one or more of the following;
  • At least one of said authentication media may be associated with said information storage medium in a tamper-indicating manner, each of such authentication media being referred to herein as a tamper-indicating authentication medium, with each such tamper-indicating authentication medium being configured such that it is extremely difficult or impossible to remove said tamper-indicating authentication medium from said information storage medium without modifying said unique authentication features in said tamper-indicating authentication medium in a manner that is detectable in the corresponding said authentication reading process,
  • An advantage of including such tamper-indicating association is that a said positive data match then additionally indicates that said information storage medium is the same as used to record said predefined data.
  • At least one of said authentication media that is not tamper-indicating may be removable, thereby preventing said data comparison process from generating a positive said data match in the absence of said removable authentication media.
  • said predefined data may be configured so as to indicate to a data retrieval and authentication device that said predefined data is associated with encrypted security data and therefore that said data retrieval and authentication device should be able to find encrypted security data when reading said predefined data.
  • said information storage medium after recording, may include information that identifies to a reading device the memory locations of said encrypted security data and said predefined data, and may allow a reading device to retrieve said predefined data without going through the security and authentication processes described herein. This feature may be advantageous in that it could enable backwards compatibility with standard reading devices.
  • said predefined data may be previously encrypted, for additional security, by means of symmetric or asymmetric encryption.
  • the retrieved predefined data will be the original encrypted predefined data.
  • Encryption of said security data to generate said encrypted security data may be carried out remotely from said information storage medium, in which case said security data will be transmitted to the encryption device and said encrypted security data will be transmitted from said encryption device back to said information storage medium.
  • Remote encryption may be advantageous for security reasons.
  • Figure 1 is a schematic illustration outlining the key features of the data preparation and recording process and apparatus that is the subject of the present invention
  • Figure 2 is a schematic illustration outlining the key features of the data retrieval and authentication process and apparatus that is the subject of the present invention, Detailed Description of the Preferred Embodiments
  • Figure 1 is a schematic illustration of a method and apparatus for preparing and recording authenticated data.
  • the primary objective of the preferred forms of the present invention is to provide a means of recording predefined data (defined below) such that when said predefined data is subsequently read it can be authenticated locally at the point of reading, without having to refer to a remote database.
  • authenticating said predefined data means at least the following:
  • one or more authentication media are used to uniquety and securely authenticate the data recording and reading processes.
  • the embodiment illustrated in figure 1 uses two authentication media, 101 and 102, but it should be appreciated that a different number of authentication media may be used in other embodiments,
  • Each of the authentication media 101 and 102 includes unique authentication features that can be machine read by means of an authentication reading process, thereby generating unique authentication data indicative of specified properties of said unique authentication features, where said unique authentication features preferably have the characteristics that;
  • an authentication medium will determine the type of authentication reading process that is used to extract authentication data from the authentication medium. For exrample, an optical authentication medium will require an optically based authentication reading process; an electronic authentication medium will require an electronic authentication reading process, and so on.
  • an authentication reading process 101A appropriate to authentication medium 101 is used to generate unique authentication data 103 from authentication medium 101, while an authentication reading process 102 A appropriate to authentication medium 102 is used to generate unique authentication data 104 from authentication medium 102.
  • the data to be stored and authenticated using the technique described herein is the predefined data 105 .
  • the term predefined is used to designate that the predefined data 105 is determined outside (or prior to) the process described in relation to figure 1 and therefore is presented to the process in a predefined configuration.
  • the predefined data 105 is input to the present process.
  • the authentication data 103 and 104 and the predefined data 105 are combined in the data combining process 106 to form combined input data 107.
  • the combined input duta 107 is processed by the data processing function 108 to generate the security data 109,
  • the data processing function 1OS is a one-way data function that has the following properties:
  • the security data 109 is encrypted in the encryption process 11 OE to produce encrypted secxtrity data 111.
  • the encrypted security data 111 is in effect a digital signature corresponding to the combined input data 107.
  • the encrypted security data 111 and predefined data 105 are then combined in ' the data combining process 112 and the combined data 113 is recorded into the information recording medium 1 14.
  • the data combining process 112 must be deterministic and reversible., so that the encrypted security data 111 and predefined data 105 can be extracted separately from the information recording medium 114.
  • the encrypted security data 111 and the predefined data 105 may be recorded in said information storage medium 114 in separate data fields.
  • said encrypted security data 111 and said predefined data 105 may be mixed or integrated in a specified manner to generate the combined data 1 13 that is recorded in said information storage medium 114.
  • At least one of said authentication media 101 or 102 may be associated with the information storage medium 114 in a tamper-indicating manner.
  • Each such tamper-indicating authentication medium is configured such that it is extremely difficult or impossible to remove said tamper-indicating authentication medium from the information storage medium 114 without modifying the authentication features in said tamper-indicating authentication medium in a manner that is detectable in the corresponding authentication reading process.
  • An advantage of including such tamper-indicating association between at least one of the authentication media 101 and 102 and the information storage medium 114 is that authenticating a tamper-indicating authentication medium also then authenticates the information storage medium 114, thereby enabling confirmation during a reading operation that the information storage medium 114 is the same as was used to originally record said combined data 113.
  • authentication medium and “authentication reading process” are used herein in their most general sense, and should not be construed to imply any specific type of material or device.
  • the authentication medium may be a person.
  • at least one of the authentication media (101 and 102 of figure 1) that is not tamper-indicating may be removable,
  • One or more of the fixed or removable authentication media, and the corresponding authentication reading processes may in some embodiments be biometrically based, in which case the authentication data (103 or 104 in figure 1) may represent biometric features such as a fingerprint or retinal pattern or voice pattern, and authentication will provide an indication of the presence of a particular person.
  • each of one or more of the fixed or removable authentication media may include, a means to biometricaliy identify one or more specific authorized individuals, and upon biometricaliy identifying a specific authorized individual maybe configured to release a unique authentication code corresponding to said specific authorized individual, said unique authentication code forming the authentication data for that authentication medium.
  • one or more of the fixed or removable authentication media, and the corresponding authentication reading processes may be token based, m which case the authentication data (103 or 104 of figure 1) derived from a specific token will provide an indication of the presence of said token
  • a token is an electronic smart card.
  • one or more of the fixed or removable authentication media, and the corresponding authentication reading processes may be password based, in which case authentication data (103 or 104 of figure 1) corresponding to a specific password will provide an indication of the presence of a person with knowledge of said specific password,
  • the unique authentication features of an authentication medium may in some preferred embodiments include a random array or pattern of features associated with said authentication medium, where said random array or pattern may be intrinsic to said authentication medium or may be introduced to said authentication medium via a ⁇ andonl process.
  • Non-limiting examples of such authentication media and unique authentication features include: • a surface or volume with a random pattern o f machine readable micro- particles;
  • a surface or volume with an intrinsically random pattern or structure such as a paper or cardboard surface with an intrinsically random arrangement of paper fibers
  • an electronic device such as an integrated circuit "chip” (including a memory chip or a radio frequency identification chip) with intrinsic random electronic properties that can be electronically read.
  • the information storage medium 114 may be any one or more of a number of different types of information storage media, including by way of non-limiting example;
  • the information storage medium 114 after recording of the combined data 113, may include information that identifies to a reading device the memory locations of the encrypted security data 111 and the predefined data 105, thereby allowing the possibility of a reading device simply extracting said predefined data 105 without having to go through the security and authentication processes described herein.
  • the predefined data 105 recorded in the information storage medium 114 may be configured so as to indicate to a reading device that the predefined data 105 is associated with encrypted security data 111 and therefore that said reading device should be able to read encrypted security data 111 when reading the information storage medium 114.
  • Figure 2 is a schematic illustration of a process and apparatus for retrieving and authenticating data, such as the predefined data 105. from an information storage medium such as the information storage medium 114.
  • a key objective of the present invention is to provide a means of retrieving and authenticating said data locally at the point of reading, without having to refer to a remote database.
  • the data retrieval and authentication process described in relation to figure 2 is intended for use in conjunction with the process described in relation to figure 1 for preparing and recording authenticated data. Consequently, some of the processes and functions in the embodiment of figure 2 are the same as in the embodiment of figure 1. Specifically, the authentication reading processes 101 A and 102A, the data combining process 106, and the data processing function 108 of figure 1 are used in the embodiment of the data retrieval and authentication process described in relation of figure 2. In addition, the data retrieval and authentication process of figure 2 vises a decryption process 11OD that corresponds to the encryption process 11OE of figure 1 - i.e. data encrypted in the process 11OE can be decrypted using the process HOD,
  • two authentication media, 202 and 203 are used in the retrieval and authentication of predefined data that was previously recorded into an information storage medium 201 by means of the process described in relation to figure 1 .
  • the information storage medium 201 will be of a similar type to the information storage medium 114
  • the authentication media 202 and 203 will be of a similar type to the authentication media 101 and 102, respectively.
  • the number and types of authentication media used in the data retrieval and authentication process of figure 2 will preferably be the same as the number and types of authentication media used in the corresponding data preparation and recording process of figure 1.
  • the authentication reading process 101 A is used to read the authentication medium 202 machine readable identifiable feature and generate unique authentication data 204
  • the authentication reading process 102A is used to read the authentication medium 203 and generate unique authentication data 205.
  • the authentication media 202 and 203 may be the authentication media 101 and 102 of figure 1, but could also be other authentication media of types appropriate to the authentication reading processes 101 A and 102A. Since the authentication reading processes IQIA and 102A are the same as used in the data preparation and recording process of figure 1, it is evident that the authentication media 202 and 203 must be of the same types as the authentication media 101 and 102, respectively.
  • Combined data 200 is recorded in the information storage medium 201.
  • Predefined data 206 (analogous to the predefined data 105) is retrieved from the information storage medium 201,
  • the information storage medium 201 may be the information storage medium 114 of figure 1, but could also be another information storage medium of a similar type that has been recorded using the process described in relation to figure 1.
  • the unique authentication data 204 and 205 and the retrieved predefined data 206 are combined in the data combining process 106 to generate retrieved combined input data 207.
  • the retrieved combined input data 207 is processed by the data processing function 108 to generate the retrieved security data 208.
  • Encrypted security data 209 (analogous to the encrypted security data 111 of figure 1) is read from the information storage medium 201 , The retrieved encrypted security data 209 is decrypted in the decryption process 11OD to generate decrypted security data 210 A data comparison process 211 is used to compare the retrieved security data
  • a positive data match indicator 212 indicates that there is a data match between the retrieved security data 208 and the decrypted security data 210. It should be appreciated that if the data processing function 108 is a crypto graphic hash function and the encrypted security data 209 is therefore a digital signature, then the data processing function 108, decryption process 11OD and data comparison process 211 of figure 2 together provide a function that amounts to verification of the encrypted security data digital signature 209.
  • the information storage medium 201 is actually information Storage medium 114 recorded with combined data 113, as described in relation to figure 1, then the retrieval and authentication of predefined data 105 using the process described in relation to figure 2 will only be possible if the authentication media 202 and 203 are actually the authentication media 101 and 102 of figure 1, respectively. Otherwise, the authentication data 204 and 205 will not match Hie authentication data 103 and 104, respectively.
  • At least one of said authentication media 202 or 203 may be associated with the information storage medium 201 in a tamper-indicating manner.
  • Each such tamper-indicating authentication medium is configured such that it is extremely difficult or impossible to remove said tamper-indicating authentication medium from the information storage medium 201 without modifying the unique authentication features in said tamper- indicating authentication medium in a manner that is detectable in the corresponding authentication reading process.
  • the advantage of including such tamper-indicating association between at least one of the authentication media (202 and 203 of figure 2) and the information storage medium 201 is that a positive data match 212 (Le indicating a data match between the retrieved security data 2OS and the decrypted security data 210) then also authenticates the information storage medium 201 , ensuring that the information storage medium 201 is the same medium as used to record the combined data 200.
  • At least one of the authentication media (202 and 203 of figure 2) that is not tamper-indicating may be removable, thereby preventing the data comparison process 211 from being able to generate a positive data match 212 in the absence of said removable authentication media.
  • one or more of the fixed or removable authentication media, and the corresponding authentication reading processes may be biometrically based, in which case the authentication data (204 or 205 in figure 2) may represent biometric features such as a fingerprint or retinal pattern or voice pattern, and authentication will provide an indication of the presence of a particular person, In such an embodiment the data retrieval and authentication process of figure 2 will ensure that the same person is present during data retrieval and authentication as was present during the corresponding data preparation and storage operation (i e. the operation of figure 1).
  • each of one or more of the fixed or removable authentication media may include a means to biomefrically identify one or more specific authorized individuals, and upon biometrically identifying a specific authorized individual may be configured to release a unique authentication code corresponding to said specific authorized individual, said unique authentication code forming the authentication data (204 or 205 of figure 2) for that authentication medium.
  • the data retrieval and authentication process of figure 2 will ensure that the same person is present during data retrieval and authentication as was present during the corresponding data preparation and storage operation (i.e. the operation of figure 1).
  • one or more of the fixed or removable authentication media ) and the corresponding authentication reading processes may be token based, in which case the authentication data (204 or 205 of figure 2) derived from a specific token will provide an indication of the presence of said specific token.
  • a non-lirniting example of a token is an electronic smart card, In such an embodiment the data retrieval and authentication process of figure 2 will ensure that the same token is present during data retrieval and authentication as was present during the corresponding data preparation and storage operation (i.e. the operation of figure 1).
  • one or more of the fixed or removable authentication media, and the corresponding authentication reading processes may be password based, in which case authentication data (204 or 205 of figure 2) corresponding to a specific password will provide an indication of the presence of a person with l ⁇ owl edge of said specific password, and therefore the data retrieval and authentication process of figure 2 will ensure the presence of a person with knowledge of the same password as was used during the corresponding data preparation and storage operation (i.e. the operation of figure 1).
  • a positive data match indicator 212 always means that: o the same uniquely identified authentication media 202 and 203 were used in the data retrieval process as were used to originally record the predefined data - this can be concluded in particular due to the authentication properties of the authentication media and the properties of the data processing function 108; o the retrieved predefined data 206 has not been modified since it was recorded - this can be concluded in particular due to the properties of the data processing function 10S; o the predefined data 206 originated from an authorized source - this can be concluded in particular since the decryption process 11OD led to a positive data match, implying that a valid corresponding (secret) encryption key 11 OE was used to encrypt the security data during preparation and recording of the combined data 200.
  • a positive data match indicator 212 means that data is being retrieved from the original information storage medium (i.e, not from a copy or fake information storage medium), and said information storage medium can be uniquely identified - this can be concluded in particular from the unique authentication features and tamper-indication properties of said tamper-indicating authentication media,
  • a positive data match indicator 212 means that the data retrieval process is authorized, in that said removable authentication media must be present in order to retrieve and authenticate the predefined data 206. Specifically: o if at least one of the removable authentication processes is biometrically based, then a positive data match indicator 212 means that the same person is present during data retrieval as was present during data preparation and recording; o if at least one of the removable authentication processes is token based, then a positive data match indicator 212 means that the same token is used during data retrieval and authentication as was used during data preparation and recording; o if at least one of the removable authentication processes is password based, then a positive data match indicator 212 means that a person with knowledge of the password is present during both (i) the data preparation and recording process, and (ii) the data retrieval and authentication process.
  • the data match indicator 212 and the retrieved predefined data 206 are input to the data processing apparatus 213.
  • the output 214 of the data processing apparatus 213 will depend on the details of the specific embodiment of the present invention, but said output 214 may in some embodiments be determined by whether or not the data match signal 212 indicates a positive data match between the retrieved security data 208 and the decrypted security data 210, Two preferred embodiments of the functioning of the data processing apparatus 213 are now described, but it should be appreciated that numerous other embodiments are possible.
  • the output 214 of the data processing apparatus 213 may be the retrieved predefined data 206 and the data match indicator 212.
  • the data processing apparatus 213 maybe configured to output the retrieved predefined data 206 only if the data match indicator 212 indicates a data match between the retrieved security data 208 and the decrypted security data 210.
  • the data processing apparatus 213 may be advantageous for security reasons to integrate the functions 101A, 102A, 106, 1OS, HOD, 211 and 213 with the information storage medium 201 into a single integrated device that is both an information storage medium and data retrieval and authentication unit, requiring only input from the appropriate authentication media 202 and 203 in order .
  • said integrated device may be configured so as to not output the predefined data 206, but instead to generate and output a signal (e.g. a data signal or visual/audible indication) indicating that a valid authentication match was not obtained.
  • a signal e.g. a data signal or visual/audible indication
  • at least one of the authentication media maybe associated with the information, storage medium (201 in figure 2) in a tamper-indicating manner, while at least one of the authentication media may be removable, so that (i) said information storage medium is authenticated during data retrieval and (ii) said data retrieval is only possible if said removable authentication media are present and used in the data retrieval and authentication process.
  • the encryption process HOE and corresponding decryption process HOD may be symmetric or asymmetric.
  • the encryption process 110E and corresponding decryption process 11 OD may constitute a so-called public/private key encryption system.
  • the key used for the encryption process HOE may be a private key that should be kept secret, in which case the corresponding key used for the decryption process 11 OD will be a public key.
  • the key used for the encryption process 11 OE may be a public key, in which case the corresponding key used for the decryption process 11 OD will be a private key that should be kept secret.
  • the data retrieval and authentication process of figure 2 will be undertaken in a non-secure environment, while the encryption process 11OE can usually be maintained securely.
  • the encryption and decryption processes HOE and 110D it will usually be preferable for the encryption and decryption processes HOE and 110D to be asymmetric, with the encryption process 11OE using a secret private key and. the decryption process 110D rising the corresponding public key.
  • Successful decryption using said public key in the decryption process HOD then guarantees that the encryption process 11 OE was undertaken using the correct secret private key, thereby also guaranteeing that encryption was undertaken in an authorized procedure.
  • the combined data may include the public key value to be used in the decryption process HOD.
  • This public key value can then be read during data retrieval and may be matched against a number of "verified" public key values either stored in the data retrieval apparatus or accessible via a connection to a remote public key repository (e.g. via internet connection to a public key repository or certificate authority) in order to determine whether it is a genuine public key value and therefore whether it can be used for the data authentication process of figure 2.
  • said verified public key value may be associated with identification details of the originator of the encrypted security data 111 (figure 1) or 209 (figure 2):
  • the data processing function 108 serves the purpose of irreversibly mixing authentication data (103 and 104) derived from the various authentication media with the predefined data 105 to produce security data 109j such that the security data 109 cannot subsequently be processed to retrieve the various data components input to the data processing function 1 OS. Neither can other input data components be derived to produce specified security data 109, thereby preventing fraudulent authentication data being input so as to emulate valid authentication media in generating valid security data 109.
  • figure 1 could be undertaken without the data processing function 108 - for example, by separately encrypting each of the authentication data (103 and 104 of figure 1) and the predefined data 105 and then recording each of the encrypted data blocks into the information storage medium 114 along with the predefined data 105.
  • a key disadvantage of this approach is that a person acting fraudulently maybe able to determine which of the encrypted data in the information storage medium 114 corresponds to the predefined data 105, and then copy both the predefined data 105 and the corresponding encrypted data to another information storage medium, similar to information storage medium 114, along with authentication data derived from other authentication media, thereby creating a cloned information storage medium that would appear to be genuine.
  • the data processing function 108 prevents this possibility by irreversibly mixing the various authentication data (103 and 104 of figure 1) with the predefined data 105, thereby in effect tylng the specific authentication media used in the data preparation and recording process of figure 1 to the predefined data 105.
  • Another practical advantage of the data processing function 1 OS is that it generates a relatively short data string that after encryption takes up relatively little data storage capacity in the information storage medium 114.
  • the data preparation and storage functions described in relation to figure 1 will be carried out in an insecure environment,, which could risk exposing the encryption key used in the encryption process 11 OE.
  • the encryption process maybe carried out in. a secure environment that is remote from the other processes of figure 1.
  • the security data 109 may be transmitted from the insecure environment to a remote secure environment, where the encryption process 11OE is carried out and the enciypted security data 111 is transmitted back to the insecure environment for the remainder of the process described in relation to figure 1 .
  • the security data 109 may be transmitted via the internet to a remote secure encryption server, where the encryption process 11OE is carried out and the encrypted security data 111 is then transmitted back, again via the internet, for the remainder of the process in figure 1. In this way the encryption key is not exposed in the insecure environment.
  • a single secure encryption server may be used to encrypt security data 109 from a number of data preparation and recording operations (i.e. the operation represented in figure 1) being undertaken in a number of separate locations.
  • This procedure also has the advantage that it allows all encryption activities carried out with specific encryption keys to be monitored from a single source, which further enhances security and enables a degree of traceability. Security is enhanced because without knowing the encryption key it is impossible to emulate any of the information storage media 114 that are recorded with the use of that key, Encryption of Predefined Data
  • the predefined data 105 may be encrypted data, in order to protect it from being read and interpreted by unauthorized personnel.
  • an additional optional encryption/decryption process maybe introduced as indicated schematically in figures 1 and 2. It should be stressed that this is an optional step that is not central to the present invention, In the embodiment of figure 1 an additional encryption process 115E is introduced at the input, so that incoming unencrypted data 116 is encrypted via the encryption process 1 15E to produce the encrypted predefined data 105, with the rest of the process being as described above in relation to figure 1.
  • a corresponding decryption process 115D is then applied at the output of the data retrieval and authentication process of figure 2 to decrypt that portion of the data 214 that corresponds to retrieved predefined data 206, thereby retrieving the original unencrypted input data, which will form part of the output data 215.
  • the authentication medium is a surface (such as a paper or cardboard surface) to which is applied a random pattern of optically detectable micro-particles.
  • the small size and random placements of the particles makes such a pattern extremely difficult to copy or emulate.
  • the authentication reading process involves generating data indicative of the absolute or relative positions of at least a portion of said micro particles, in some cases combined with information regarding other specified properties of the optical feedback from each particle, said specified properties including (without limitation) optical intensity and optical wavelength.
  • the random pattern of micro particles is preferably applied to the surface in a tamper-indicating manner, such that it cannot be removed from said surface without the pattern of said micro particles being disrupted.
  • the information storage medium is the same surface to which the micro particles are applied, and the data 113 is applied to said surface in the form of a machine readable marking such as a barcode or 2-dimensional barcode printed or otherwise marked on said surface.
  • said micro particle patterns may be pre- applied at specified intervals along a paper or cardboard surface.
  • the security data 109 is generated locally and transmitted to a remote secure encryption device 11OE that generates the encrypted security data 111 and transmits it back to the apparatus of figure 1.
  • the data 113 is then generated and printed on said paper or cardboard in association with the corresponding micro particle, authentication pattern.
  • an asymmetric encryption process l lOE/11OD may be used, with the encryption process 11 OE using a secret private key and the decryption process HOD using the corresponding public key.
  • the private encryption key can be maintained securely in said remote secure encryption device 11OE, while the public decryption key would be stored in the data retrieval and authentication process described in relation to figure 2, which process maybe carried out in unsecured environments.
  • Knowledge of the public key does not present a security threat to the processes described herein - instead the public key essentially provides a means to confirm that an authentic private key was used in the encryption process, thereby confirming that an authorized encryption process was undertaken.
  • Variations on this embodiment may use as the authentication features other random properties mat are intrinsic or introduced to a surface or volume.
  • the random fiber pattern in an area of a paper surface may be used as an authentication feature
  • the information storage medium (114 of figure 1; 201 of figure 2) is an electronic memory device such as a USB drive,
  • the authentication medium is a surface or volume of the electronic memory device into which is applied a random pattern of optically detectable micro-particles. The small size and random placements of the particles makes such a pattern extremely difficult to copy or emulate.
  • the authentication reading process involves generating data indicative of the absolute or relative positions of at least a portion of said micro particles, in some cases combined with information regarding other specified properties of the optical feedback from each particle, said specified properties including (without limitation) optical intensity and optical wavelength.
  • the random pattern of micro particles is preferably applied to the electronic memory device in a tamper-indicating manner, such that it cannot be removed from said device without the pattern of said micro particles being disrupted.
  • the electronic memory device may be configured to interface to a computer, from which the predefined data 105 is derived.
  • the processes 101 A authentication reading
  • 106, 108, 11 OE, 110D, 112, 211 and 2l3 may be separate from said electronic memo ⁇ y device, such that said electronic memory device comprises only the information recording medium (114 of figure 1; 201 of figure 2) and associated tamper indicating authentication medium (in this example the random pattern of micro particles referred to above).
  • the processes 106, 108, 11OE, 110D, 112, 211 and 213 may be integrated into said electronic memory device, making it self contained except for the authentication reading process (101 A) for reading said micro particle pattern.
  • the processes 106, 108, 11 OD, 112, 211 and 213 maybe integrated into said electronic memory device, making it self contained except for the encryption process 11 OE and the authentication reading process (101 A) for reading said micro particle pattern.
  • the encryption process 11 OE may be carried out by a remote secure encryption device that accepts security data 109, generates encrypted security data 111 and transmits it back to said electronic memory device. The data 113 is then generated and recorded in said electronic memory device.
  • an asymmetric encryption process HOE/HOD may be used, with the encryption process l lOE using a secret private key and the decryption process HOD using a corresponding public key,
  • the private encryption key can be maintained securely in the remote secure encryption device, while the public decryption key would be stored in the data retrieval and authentication process described in relation to figure 2, which in this example maybe integrated into the electronic memory device.
  • Knowledge of the public key does not present a security threat to the processes described herein.
  • Connection to the remote secure encryption, device may for example be via the internet when said electronic memory device is connected to a computer. Ln a variation on this embodiments the authentication reading process 101 A may also be incorporated into said electronic memory device. It should be appreciated that other variations on the abovedescribed preferred embodiments are possible, based on the principles described herein. Specific Preferred Embodiment 3
  • This specific preferred embodiment is similar to specific preferred embodiment 2 described above.
  • the authentication medium is an electronic authentication medium integral to said electronic memory device, with the authentication features in one example being random electronic values intrinsic to said electronic authentication medium, said values being extremely difficult to copy or reproduce. Said random electronic values are readable using electronics that are either integrated into said electronic memory device or external to said electronic memory device. Techniques currently exist for generating and reading such random electronic values.
  • the processes 101 A authentication reading process for said random electronic values
  • 106, 105, 110E, 11 OD, 1 J 2, 211 and 213 may be external to said electronic memory device, such that said electronic memory device comprises only the information recording medium (114 of figure 1 ; 201 of figure 2) and associated electronic authentication medium (in this instance being random electronic values intrinsic to said electronic authentication medium),
  • the processes 101 A authentication reading process for said random electronic values
  • 106, 108 HOE, 1 10D, 112, 211 and 213 maybe integrated into said electronic memory device, making it self contained, including the authentication reading process 101 A that in this embodiment is an electronic process internal to said electronic memory device,
  • the processes 106, 108, 110D, 112, 211 and 213 may be integrated into said electronic memory device, making it self contained except for the authentication reading process 101 A and encryption process HOE.
  • the encryption process 11 OE may be carried out by a remote secure encryption device that accepts security data 109, generates encrypted security data 111 and transmits it back to said electronic memory device, The data 113 is then generated and recorded in said electronic memory device.
  • an asymmetric encryption process 11 OB/11OD may be used, with the encryption process HOE using a secret private key and the decryption process 11 OD using a corresponding public key.
  • connection to the remote secure encryption device maybe via the internet when said electronic memory device is connected to a computer.
  • a radio frequency identification (RPID) tag is used.
  • the RFID tag includes an RFID memory chip that incorporates random electronically readable features. These random electronically readable features then provide the authentication data.
  • the authentication medium 101 of figure 1 is the portion or function of the RFID chip that incorporates or generates the random electronically readable features
  • the authentication reading process 101A is carried out by an RFID reading device, and measured values of the random electronic features constitute the authentication data 103 of figure 1.
  • the information storage medium (1 14 in figure 1) is the electronic memory of the RFID chip.
  • Other functions described in relation to figures 1 and 2 may be integrated mto the RFID chip or may be external. If the RFID tag is active - i.e.
  • the RFID tag includes an on-board power source - then it is possible to incorporate some or all of the functions of figures 1 and 2 into the chip, ⁇ f the RFID tag is passive - i.e. does not include an on-board power source - then the various functions of figures I and 2 may be external to the RFID tag.
  • the functions required in the processes of figures 1 and 2 maybe housed in an RFID read/write device.
  • the processes 101 A, 106, 108, HOD, 112, 211 and 213 may be integrated into an RFID read/write device that communicates with said passive RFID tag.
  • the encryption process 1 IOE may be carried out by a remote secure encryption device that accepts security data 109 from said RFID read/write device, generates encrypted security data 111 and transmits it back to said RFID read/write device, which generates the combined data 113 and writes it to the memory of said passive RFID tag.
  • a remote secure encryption device that accepts security data 109 from said RFID read/write device, generates encrypted security data 111 and transmits it back to said RFID read/write device, which generates the combined data 113 and writes it to the memory of said passive RFID tag.
  • an asymmetric encryption process 110E./11OD may be used, with the encryption process 11 OE using a secret private key and the decryption process 11 OD using a corresponding public key, In this way the private encryption key can be maintained securely in the remote secure encryption device, while the public decryption key would be stored in said RFID read/write device for use in the data retrieval and authentication process described in relation to figure 2.
  • Connection to the remote secure encryption device maybe via a connection from said RFID read/
  • RFID chips with random electronically readable features are offered by a company called Verayo, which refers to such' random electronically readable features as Physical Unclonable Functions.
  • Embodiment 4 This specific preferred embodiment is similar to specific preferred embodiment 3 described above. The difference between the present preferred embodiment and embodiment 3 above is that in die present embodiment a second authentication medium (and authentication process) is used.
  • said second authentication process is a token based authentication process that involves deriving a unique authentication code from a removable token.
  • Said token may in one embodiment be an electronic "smart" card.
  • the token authentication code (the authentication data) is read from the token during the data preparation and recording process, as described in relation to figure 1, and the authentication data derived from this authentication reading process is used along with the intrinsic random electronic values described above in relation to specific preferred embodiment 3.
  • the processes 101 A and 102A (the two authentication reading processes), 106, 108, 110E, 110D, 112, 211 and 213 maybe external to said electronic memory device, such that said electronic memory device comprises only the information recording medium (114 of figure 1; 201 of figure 2) and associated electronic authentication medium (in this instance comprising the first of two authentication media and being random electronic values intrinsic to said electronic authentication medium),
  • the processes 101 A and 102A (the two authentication reading processes), 106, 108, 110E, 110D, 112, 21 1 aud 213 may be integrated into said electronic memory device, making it self contained except for the second token based authentication medium.
  • the processes 101 A and 102A, 106, 108, HOD, 112, 21 1 and 213 may be integrated into said electronic memory device, making it self contained except for the encryption process 110E and the second token based authentication medium.
  • the encryption process 110E may be carried out by a remote secure encryption device that accepts security data 109, generates encrypted security data 11 1 and transmits it back to said electronic memory device.
  • the data 113 is then generated and recorded in said electronic memory device,
  • an asymmetric encryption process 110E/110D may be used, with the encryption process 11OE using a secret private key and the decryption process 110D using a corresponding public key.
  • connection to the remote secure encryption device may be via the internet when said electronic memory device is connected to a computer, In this specific preferred embodiment it is evident that a valid data match 212 cannot be achieved unless:
  • the electronic memory device is authentic - i.e. is the same electronic memory device as was used to originally record the predefined data 206 - as verified by said electronic authentication medium integral to said electronic memory device;
  • the same token is used to retrieve and authenticate the predefined data 206 as was originally used during preparation and recording of the combined data 200. If the data processing apparatus 213 is configured to output the predefined data 206 only when a valid data match 212 is obtained, then it can also be concluded that retrieval of the predefined data 206 from the medium 201 is possible only with the use of the original token.
  • the combined input data 107 is kept in volatile memory only long enough to generate the security data 1.09, at which time the combined input data 107 is erased.
  • the retrieved combined input data 207 is retained only long enough to generate retrieved security data 208, after which time the retrieved combined input data 207 is erased.
  • the security data 109 it is not possible to reconstruct from retrieved security data 208 the corresponding retrieved combined input data 207, which retrieved combined input data 207 includes authentication data derived from said token, Consequently although the processes described herein use token based authentication processes they do not risk exposing the token authentication data.
  • This specific preferred embodiment is in the form of an adhesive label or tag, comprising at least:
  • a single authentication medium is used, in the form of a random pattern of machine readable authentication features applied in the transparent portion of the label or tag substrate - for example, between the substrate and an object to which said label or tag is applied (i.e. above, below, or within the adhesive layer),
  • the authentication features will have the general authentication properties as described above, An example would be a random pattern of micro particles applied to the bottom surface of the substrate, where the small size and random placements of the particles make such a pattern extremely difficult to copy or emulate. Other types of authentication media may be employed instead.
  • the authentication features may be intrinsic (e.g. surface texture of the substrate) or maybe deliberately introduced (e.g. a random pattern of applied micro particles).
  • the authentication features are applied in a tamper-indicating manner, such that if the label or tag is removed from a surface to which it has been applied the authentication features will be disrupted in a manner that is detectable in the authentication reading process for said authentication features,
  • the authentication reading process involves reading through the transparent portion of the substrate to generate unique authentication data indicative of at least the absolute or relative positions of at least a portion of said authentication features, in some cases combined with information regarding other specified properties of the authentication features.
  • the information storage medium is the substrate, and the data 113 is applied to the substrate in the form of a marked machine readable pattern such as a barcode or 2-dimensional barcode.
  • the marking may, for example, be printing on the top surface of the substrate or laser marking to an internal layer within the substrate, or some other marking process.
  • the substrate may be prepared, either previously die out or not, with the authentication features applied at specified positions on the bottom surface of the substrate in, the transparent areas of the substrate, along with a layer of adhesive.
  • the security data 109 is generated locally and transmitted to a remote secure encryption device 11OE that generates the encrypted security data 111 and transmits it back to the apparatus of figure 1.
  • the data 113 is then generated and marked on or in the substrate in association with the corresponding authentication features,
  • an asymmetric encryption process 11 OE/ 11 OD may be used, with the encryption process 11OE using a secret private key and the decryption process 11 OD using the corresponding public key.
  • the private encryption key can be maintained securely in the remote secure encryption device, while the public decryption key may be stored in the data retrieval and authentication process described in relation to figure 2.
  • Knowledge of the public key does not present a security threat to the processes described herein - instead the public key essentially provides a means to confirm that an authorized private key was used in the encryption process, thereby confirming that an authorized data preparation and data recording process was undertaken.

Abstract

Methods for preparing and authenticating data. The methods include combining unique authentication data 103, 104, 204 and 205 with predefined data on 105, 206 to form combined data. Part of this combined data is encrypted and stored with the predefined data of a medium.

Description

A DATA AUTHENTICATION TECHNOLOGY
Technical Field
The present invention relates to processes and apparatus for authenticating information.
- Background of the Invention
Various techniques are currently available for authenticating objects. Some authentication techniques rely on placing an authenticating feature on or in the object to be authenticated. Such authentication features can take various forms. Examples include:
● holographic or other optically variable tamper-indicating adhesive labels; ● microtaggant particles applied to the surface of the object;
● chemical taggants printed on the object or incorporated into a solid or liquid that is applied to the object;
● security inks that are printed on the object, said security inks having authentication properties that are visually or machine detectable (e.g. thermochiomic inks, optically variable inks, etc).
A common disadvantage of these techniques is that they do not. uniquely identify each authenticated object, since for each application typically all instances of the authentication feature will be the same throughout the application. For example, all Visa card holograms for a particular batch of Visa cards will be the same throughout the batch. It is therefore impossible to differentiate or uniquely identify authenticated objects within the application on the basis of the authentication feature alone- This disadvantage can be overcome by adopting an authentication method that involves measuring a feature, such as a random or pseudo-random feature, that is unique to each authenticated object The authentication feature may be intrinsic to the object or may be deliberately introduced. Examples of authentication techniques that utilize this method include: • measuring intrinsic random irregularities in the surface of the object — this applies especially to paper, cardboard and other fibrous materials;
• measuring the pattern of a random array of micro particles applied to a surface or volume; • measuring intrinsic random irregularities in the electromagnetic properties of an electronic or magnetic medium.
Some of the random (or pseudo-random) techniques are further enhanced by measuring the random (or pseudo-random) properties of the object at the start of the object's life or when the random (or pseudo-random) feature is first introduced, and recording the measurement results as authentication data. The authentication data may then be stored in a database for later reference. However, a disadvantage of this approach is that the database must be accessed in order to subsequently authenticate the object. Ia general it is advantageous to not have to refer to a remote database when carrying out an authentication process, since referring to a database - especially a remote database - requires a communications channel (which may not always be available), takes time, and exposes transmitted data to security risks.
Alternatively the authentication data (described above) may be stored on the object, for example as a machine readable marking (such as a barcode or 2-dimensional barcode) or in an electronic memory. When stored on the object, the authentication data may be encrypted for added security, Authentication of the object can then be carried out locally, without reference to a remote database, by measuring the authentication properties and comparing the results with the authentication data stored on the object (if necessary after decrypting the stored authentication data). However, in many applications an object will also store important predefined data - in other words, data that is not random or pseudo-random but instead is defined by a user or another process - and it is advantageous to be able to authenticate not only the object but also this stored predefined data. Examples include:
• products that must carry important product information such as product history or pedigree;
• classified documents - both the document and its information content must be authenticated;
• electronic data storage devices used to store and convey sensitive or classified information - both the device and the stored data must be authenticated before the sensitive or classified information can be acted on,
A current method for locally authenticating predefined data stored on an object is to record cither said predefined data or associated data on said object using restricted materials that have special maσlήne detectable properties. For example, a barcode maybe printed on an object in regular graphic ink (to be read using a standard barcode reader) and also in an ink with special optical properties that are machine detectable. By reading and matching both barcodes the predefined data and the object can be authenticated, A disadvantage of this approach is that the restricted materials must be maintained securely throughout their entire supply chain. If the restricted materials are stolen or copied this method is then completely compromised.
A disadvantage of current techniques, therefore, is that they do not provide a means to locally authenticate both an object and predefined data stored on or in the object (where local authentication means authenticate without reference to a remote database) without the disadvantages of having to use, and machine read, a restricted material.
Object of the Invention
The object of the present invention is to overcome or substantially ameliorate at least one of the above disadvantages,
Description of the Invention
There is disclosed herein a method of preparing authenticated predefined data, the method including the steps of; providing an information storage item to store the predefined data; providing one or more an authentication medium, each medium having identifiable features; using each medium to generate authentication data indicative of the features of the medium; combining the authentication data from each medium with the predefined data to produce combined data; processing at least part of the combined data to provide security date;
. encrypting the security data to provide encrypted security data; and storing the predefined data and encrypted security data in said storage item as stored data.
Preferably, wherein the step of processing includes a cryptographic hash function.
Preferably, the step of storing the predefined data and encrypted security data is performed by a deterministic and reversible process.
Preferably, said predefined data is encrypted data. Preferably, wherein the step of using a medium includes machine reading the medium to generate the authentication data.
Preferably, the features include biometric features.
Preferably, the features include a plurality of microparticles. Preferably, the association between one or more of the authentication media and the item is tamper-indicating, with tampering of a tamper indicating authentication medium resulting in modification of the authentication data for said medium.
Preferably, said item is an electronic device.
Preferably, the medium is a surface to receive a printed image, with the stored data in a printed image applied to the surface.
Preferably, said item is an RPID tag, having a memory portion with recognisable, readable, random electronically recorded features providing the authentication data.
Preferably, there is further disclosed herein a method to retrieve predefined data and authenticate the predefined data, the method including the steps of: providing one or more authentication medium having identifiable features; using each medium to generate authentication data indicative of the features of the medium; providing a storage item having stored data including encrypted security data and the predefined data; retrieving the predefined data and combining the predefined data with the authentication data to provide retrieved combined data; processing at least part of the combined retrieved data to provide retrieved security data; retrieving the encrypted security data from the storage item; decrypting the encrypted security data to provide decrypted security data; and comparing the retrieved security data with the decrypted security data to generate data indicative of any match between the retrieved security data and the decrypted security data to determine a positive match between the retrieved security and the decrypted security data;
Preferably, the method of claim 12, wherein the encrypted security data is a digital signature.
Preferably, the method of claim 12 or 13, wherein the step of using the medium includes machine reading the medium to generate the authentication data. Preferably, the method of claims 12, 13 or 14, wherein the features include biometric features,
Preferably, the method of claims 12, 13 or 14, wherein the features include a plurality of micropartioles.
5 Preferably, the method of any one of claims 13 to 16, wherein the association between one or more of the authentication media and the item is tamper-indicating with tampering of a tamper indicating authentication medium resulting in modification of the authentication data for said medium.
Preferably, the method of any one of claims 12 to 17, wherein the item is an 10 electronic device,
Preferably, the method of any one of claims 12 to 17, wherein the medium is a surface to receive a printed image, with the stored data in a printed image applied to the surface.
Preferably, the method of any one of claims 12 to 19, wherein said item is an 15 RFID tag having a memory portion with recognisable readable brand of electronic recorded features providing the authentication data,
In relation to the preferred forms of the present invention, there is disclosed herein a method and apparatus for preparing and recording authenticated data, * comprising: 20 • one or more authentication media;
• each of said authentication media including unique authentication features that can be machine read in an authentication reading process, thereby generating unique authentication data indicative of specified properties of said unique authentication features, where said unique authentication features have
25 the properties that (i) they are extremely difficult to copy, imitate or reproduce in a manner that would generate identical authentication data from said authentication reading process, and (ii) it is extremely difficult to modify the authentication features of an authentication medium so as to produce different, specified authentication data;
30 • said authentication media being associated with an information storage medium;
• machine reading each of said authentication media using said authentication reading process to generate said unique authentication data for each authentication medium; • accepting predefined data that is to be recorded in said information storage medium;
• combining said unique authentication data read from all said authentication media with said predefined data to produce combined input data; • processing said combined input data so as to produce security data, said processing function having the following properties: o it is a deterministic procedure that takes an arbitrary block of said combined input data and generates a block or string of said security data that is preferably of fixed size; • o a change to said combined input data will almost certainly result in a change in said security data; o it is easy to compute security data corresponding to any combined input data; o it is extremely difficult to construct combined input data that will generate (via said processing function) specified security dlita — i e. it is extremely difficult to operate said processing function in re/erse; o it is extremely difficult to modify said combined input datamthout changing the resulting security data; o it is extremely unlikely that two different combined input data will generate the same security data;
• encrypting said security data to produce encrypted security data;
• recording in said information storage medium at least said encrypted'security data and said predefined data.
Still further to the preferred forms of the present invention, there is further disclosed herein said method and apparatus for retrieving and authenticating data, comprising;
• using said authentication reading processes to read each authentication medium associated with a said information storage medium and thereby ' generate unique authentication data for each said authentication medium • reading said predefined data from said information storage medium to generate retrieved predefined data;
• combining said unique authentication data read from all said authenticatioi media with said retrieved predefined data to produce retrieved combined input data; ● processing said retrieved combined input data using the same processing function as used to generate said security data, so as to pri duce retrieved security data;
• reading encrypted security data from said information storage medium and decrypting it to produce decrypted security data;
• undertaking a data comparison process to compare said retreved security data and said decrypted security data according to a specified method or algorithm, .and generating a data match output indicative of whether or tot there is a data match between said retrieved security data and said decrypt^ security data, where a positive data match indicates at least the following, an may indicate more depending on the exac-t configuration of the apparatus, as escribed in more detail herein: o that the same authentication media were used in the data retrived process as were used to originally record the predefined datag o mat the retrieved predefined data has not been modified sinoe it was recorded: o that the predefined data originated from an authorized source;
• processing said retrieved predefined data according to the outcome of said data comparison process. The encryption process for encrypting said security data to produce said encrypted security data, and the corresponding decryption process for decrypting said encrypted security data to produce said decrypted security data, may be symmetric or asymmetric.
In some preferred embodiments said encrypted security data and said predefined data may be recorded in said information storage medium in separate data fields. in some preferred embodiments said encrypted security data and said predefined data may be mixed or combined in a specified manner before being recorded into said information storage medium,
In some embodiments processing of said retrieved predefined data may include not outputting said retrieved predefined data unless said data comparison process produces a positive data match,
In some embodiments processing of said retrieved predefined data may inch ie outputting said retrieved predefined data along with the result of said data comparison process, whether or not a positive data match is obtained. Said authentication features for an authentication medium may in some embodiments include biometric features such as a fingerprint or retinal pattern.
Said authentication features for an authentication medium may in some preferred embodiments include a random array or pattern of features associated with said authentication medium, where said random array or pattern may be intrinsic to said authentication medium or may be introduced to said authentication medium via a random process, Non-limiting examples of such authentication media and authentication features include: • a surface or volume with a random pattern of machine readable micro- particles;
• an electronic device such as an integrated circuit "chip", including a memory chip or a radio frequency identification chip, with intrinsic random electronic properties that can be electronically read. Said information storage medium may include, without limitation) one or more of the following;
• a surface to accept machine readable markings such as may be produced by printing, engraving, laser marking or some other marking process;
• an electronic information storage medium; • an optical information storage medium such as an optical data storage disc;
• a magnetic information storage medium.
Preferably at least one of said authentication media may be associated with said information storage medium in a tamper-indicating manner, each of such authentication media being referred to herein as a tamper-indicating authentication medium, with each such tamper-indicating authentication medium being configured such that it is extremely difficult or impossible to remove said tamper-indicating authentication medium from said information storage medium without modifying said unique authentication features in said tamper-indicating authentication medium in a manner that is detectable in the corresponding said authentication reading process, An advantage of including such tamper-indicating association is that a said positive data match then additionally indicates that said information storage medium is the same as used to record said predefined data.
In some of the embodiments that involve the use of more than one authentication medium, at least one of said authentication media that is not tamper-indicating may be removable, thereby preventing said data comparison process from generating a positive said data match in the absence of said removable authentication media.
In some preferred embodiments said predefined data may be configured so as to indicate to a data retrieval and authentication device that said predefined data is associated with encrypted security data and therefore that said data retrieval and authentication device should be able to find encrypted security data when reading said predefined data.
In some preferred embodiments said information storage medium, after recording, may include information that identifies to a reading device the memory locations of said encrypted security data and said predefined data, and may allow a reading device to retrieve said predefined data without going through the security and authentication processes described herein. This feature may be advantageous in that it could enable backwards compatibility with standard reading devices.
In some embodiments said predefined data may be previously encrypted, for additional security, by means of symmetric or asymmetric encryption. In this case the retrieved predefined data will be the original encrypted predefined data.
Encryption of said security data to generate said encrypted security data may be carried out remotely from said information storage medium, in which case said security data will be transmitted to the encryption device and said encrypted security data will be transmitted from said encryption device back to said information storage medium.
Remote encryption may be advantageous for security reasons.
Brief Description of the Drawings
Preferred embodiments of the present invention will now be described by way of non-limiting example with reference to the schematic illustrations of figures 1 and 2, wherein:
• Figure 1 is a schematic illustration outlining the key features of the data preparation and recording process and apparatus that is the subject of the present invention; • Figure 2 is a schematic illustration outlining the key features of the data retrieval and authentication process and apparatus that is the subject of the present invention, Detailed Description of the Preferred Embodiments
Figure 1 is a schematic illustration of a method and apparatus for preparing and recording authenticated data. As described herein, the primary objective of the preferred forms of the present invention is to provide a means of recording predefined data (defined below) such that when said predefined data is subsequently read it can be authenticated locally at the point of reading, without having to refer to a remote database. In the present context authenticating said predefined data means at least the following:
• confirming that the predefined data originated from an authorized source;
• confirming that the predefined data has not beer, modified since it was recorded.
In addition, depending on the configuration of the recording and reading • apparatus, it may be possible to confirm the following:
• that the predefined data is being read from the information storage medium into which it was originally recorded, and uniquely identify the information storage medium;
• that the predefined data reading process is authorized;
• that the person reading the predefined data is the same person as was responsible for recording the predefined data.
In the technique described herein one or more authentication media are used to uniquety and securely authenticate the data recording and reading processes. The embodiment illustrated in figure 1 uses two authentication media, 101 and 102, but it should be appreciated that a different number of authentication media may be used in other embodiments,
Each of the authentication media 101 and 102 includes unique authentication features that can be machine read by means of an authentication reading process, thereby generating unique authentication data indicative of specified properties of said unique authentication features, where said unique authentication features preferably have the characteristics that;
• they are extremely difficult to copy, imitate or reproduce in a manner that would generate identical authentication data from said authentication reading process; and
• it is extremely difficult to modify the authentication features of an authentication medium so as to produce different, pre-specified authentication data. It should be appreciated that the nature of an authentication medium will determine the type of authentication reading process that is used to extract authentication data from the authentication medium. For exrample, an optical authentication medium will require an optically based authentication reading process; an electronic authentication medium will require an electronic authentication reading process, and so on.
In the embodiment of figure 1, an authentication reading process 101A appropriate to authentication medium 101 is used to generate unique authentication data 103 from authentication medium 101, while an authentication reading process 102 A appropriate to authentication medium 102 is used to generate unique authentication data 104 from authentication medium 102.
The data to be stored and authenticated using the technique described herein is the predefined data 105 , The term predefined is used to designate that the predefined data 105 is determined outside (or prior to) the process described in relation to figure 1 and therefore is presented to the process in a predefined configuration. The predefined data 105 is input to the present process.
The authentication data 103 and 104 and the predefined data 105 are combined in the data combining process 106 to form combined input data 107.
The combined input duta 107 is processed by the data processing function 108 to generate the security data 109, The data processing function 1OS is a one-way data function that has the following properties:
• it is a deterministic procedure that takes an arbitrary block of combined input data 107 and generates a block or string of security d ata 109 that is preferably of fixed size;
• a change to the combined input data 107 will almost certainly result in a change in the security data 109;
• it is easy to compute the security data 109 corresponding to any combined input data 107;
• it is extremely difficult to construct a combined input data 107 that will generate a specified security data 109 - i.e. it is extremely difficult to operate the data processing function 108 in reverse;
• it is extremely difficult to modify the combined input data 107 without changing the security data 109;
• it is extremely Unlikely that two different combined input data 107 will generate the same security data 109. These requirements for the data processing function 108 are met by a known class of functions that are referred to as "cryptographic hash functions". Hence the data processing function 108 could be a cryptographic hash function, but other functions may also be suitable. The security data 109 is encrypted in the encryption process 11 OE to produce encrypted secxtrity data 111. Where the data processing function 1 OS is a cryptographic hash function, the encrypted security data 111 is in effect a digital signature corresponding to the combined input data 107.
The encrypted security data 111 and predefined data 105 are then combined in 'the data combining process 112 and the combined data 113 is recorded into the information recording medium 1 14.
The data combining process 112 must be deterministic and reversible., so that the encrypted security data 111 and predefined data 105 can be extracted separately from the information recording medium 114. In one embodiment the encrypted security data 111 and the predefined data 105 may be recorded in said information storage medium 114 in separate data fields. In another embodiment said encrypted security data 111 and said predefined data 105 may be mixed or integrated in a specified manner to generate the combined data 1 13 that is recorded in said information storage medium 114.
Preferably, but not necessarily, at least one of said authentication media 101 or 102 may be associated with the information storage medium 114 in a tamper-indicating manner. Each such tamper-indicating authentication medium is configured such that it is extremely difficult or impossible to remove said tamper-indicating authentication medium from the information storage medium 114 without modifying the authentication features in said tamper-indicating authentication medium in a manner that is detectable in the corresponding authentication reading process. An advantage of including such tamper-indicating association between at least one of the authentication media 101 and 102 and the information storage medium 114 is that authenticating a tamper-indicating authentication medium also then authenticates the information storage medium 114, thereby enabling confirmation during a reading operation that the information storage medium 114 is the same as was used to originally record said combined data 113.
It should be appreciated that the terms "authentication medium" and "authentication reading process" are used herein in their most general sense, and should not be construed to imply any specific type of material or device. For instance, in the case of a biornetric authentication process the authentication medium may be a person. In some, embodiments, at least one of the authentication media (101 and 102 of figure 1) that is not tamper-indicating may be removable,
One or more of the fixed or removable authentication media, and the corresponding authentication reading processes, may in some embodiments be biometrically based, in which case the authentication data (103 or 104 in figure 1) may represent biometric features such as a fingerprint or retinal pattern or voice pattern, and authentication will provide an indication of the presence of a particular person. In another embodiment, each of one or more of the fixed or removable authentication media may include, a means to biometricaliy identify one or more specific authorized individuals, and upon biometricaliy identifying a specific authorized individual maybe configured to release a unique authentication code corresponding to said specific authorized individual, said unique authentication code forming the authentication data for that authentication medium.
In another embodiment, one or more of the fixed or removable authentication media, and the corresponding authentication reading processes, may be token based, m which case the authentication data (103 or 104 of figure 1) derived from a specific token will provide an indication of the presence of said token A non-limiting example of a token is an electronic smart card.
In another embodiment, one or more of the fixed or removable authentication media, and the corresponding authentication reading processes, may be password based, in which case authentication data (103 or 104 of figure 1) corresponding to a specific password will provide an indication of the presence of a person with knowledge of said specific password,
The unique authentication features of an authentication medium may in some preferred embodiments include a random array or pattern of features associated with said authentication medium, where said random array or pattern may be intrinsic to said authentication medium or may be introduced to said authentication medium via aτandonl process. Non-limiting examples of such authentication media and unique authentication features include: • a surface or volume with a random pattern o f machine readable micro- particles;
• a surface or volume with an intrinsically random pattern or structure, such as a paper or cardboard surface with an intrinsically random arrangement of paper fibers; • an electronic device such as an integrated circuit "chip" (including a memory chip or a radio frequency identification chip) with intrinsic random electronic properties that can be electronically read.
The information storage medium 114 may be any one or more of a number of different types of information storage media, including by way of non-limiting example;
• a surface or volume to accept machine readable markings such as may be produced by printing, engraving, laser marking or some other marking process;
• an electronic information storage medium; • • an optical information storage medium such as an optical data storage disc;
• a magnetic information storage medium,
In some preferred embodiments the information storage medium 114, after recording of the combined data 113, may include information that identifies to a reading device the memory locations of the encrypted security data 111 and the predefined data 105, thereby allowing the possibility of a reading device simply extracting said predefined data 105 without having to go through the security and authentication processes described herein. In some situations it may be advantageous for a simple reading process to be able to easily extract the predefined data 105 - for example, this may be advantageous in providing backwards compatibility with existing standard reading devices. Extracting only the predefined data, however, does not provide any of the data authentication functions described herein,
In some preferred embodiments the predefined data 105 recorded in the information storage medium 114 may be configured so as to indicate to a reading device that the predefined data 105 is associated with encrypted security data 111 and therefore that said reading device should be able to read encrypted security data 111 when reading the information storage medium 114.
Figure 2 is a schematic illustration of a process and apparatus for retrieving and authenticating data, such as the predefined data 105. from an information storage medium such as the information storage medium 114. As described above, a key objective of the present invention is to provide a means of retrieving and authenticating said data locally at the point of reading, without having to refer to a remote database.
The data retrieval and authentication process described in relation to figure 2 is intended for use in conjunction with the process described in relation to figure 1 for preparing and recording authenticated data. Consequently, some of the processes and functions in the embodiment of figure 2 are the same as in the embodiment of figure 1. Specifically, the authentication reading processes 101 A and 102A, the data combining process 106, and the data processing function 108 of figure 1 are used in the embodiment of the data retrieval and authentication process described in relation of figure 2. In addition, the data retrieval and authentication process of figure 2 vises a decryption process 11OD that corresponds to the encryption process 11OE of figure 1 - i.e. data encrypted in the process 11OE can be decrypted using the process HOD,
In the data retrieval and authentication process of figure 2 two authentication media, 202 and 203, are used in the retrieval and authentication of predefined data that was previously recorded into an information storage medium 201 by means of the process described in relation to figure 1 , Hence the information storage medium 201 will be of a similar type to the information storage medium 114, and the authentication media 202 and 203 will be of a similar type to the authentication media 101 and 102, respectively. It should be appreciated that the number and types of authentication media used in the data retrieval and authentication process of figure 2 will preferably be the same as the number and types of authentication media used in the corresponding data preparation and recording process of figure 1.
In the embodiment of figure 2, the authentication reading process 101 A is used to read the authentication medium 202 machine readable identifiable feature and generate unique authentication data 204, while the authentication reading process 102A is used to read the authentication medium 203 and generate unique authentication data 205. The authentication media 202 and 203 may be the authentication media 101 and 102 of figure 1, but could also be other authentication media of types appropriate to the authentication reading processes 101 A and 102A. Since the authentication reading processes IQIA and 102A are the same as used in the data preparation and recording process of figure 1, it is evident that the authentication media 202 and 203 must be of the same types as the authentication media 101 and 102, respectively.
Combined data 200, similar in nature to the combined data 113, is recorded in the information storage medium 201. Predefined data 206 (analogous to the predefined data 105) is retrieved from the information storage medium 201, The information storage medium 201 may be the information storage medium 114 of figure 1, but could also be another information storage medium of a similar type that has been recorded using the process described in relation to figure 1. The unique authentication data 204 and 205 and the retrieved predefined data 206 are combined in the data combining process 106 to generate retrieved combined input data 207.
The retrieved combined input data 207 is processed by the data processing function 108 to generate the retrieved security data 208.
Encrypted security data 209 (analogous to the encrypted security data 111 of figure 1) is read from the information storage medium 201 , The retrieved encrypted security data 209 is decrypted in the decryption process 11OD to generate decrypted security data 210 A data comparison process 211 is used to compare the retrieved security data
20S and the decrypted security data 210 according to a specified method or algorithm, and generate a data match indicator 212 indicative of whether or not there is a data match between the retrieved security data 208 and the decrypted security data 210, In this description a positive data match indicator 212 indicates that there is a data match between the retrieved security data 208 and the decrypted security data 210. It should be appreciated that if the data processing function 108 is a crypto graphic hash function and the encrypted security data 209 is therefore a digital signature, then the data processing function 108, decryption process 11OD and data comparison process 211 of figure 2 together provide a function that amounts to verification of the encrypted security data digital signature 209.
It should also be appreciated that if the information storage medium 201 is actually information Storage medium 114 recorded with combined data 113, as described in relation to figure 1, then the retrieval and authentication of predefined data 105 using the process described in relation to figure 2 will only be possible if the authentication media 202 and 203 are actually the authentication media 101 and 102 of figure 1, respectively. Otherwise, the authentication data 204 and 205 will not match Hie authentication data 103 and 104, respectively.
As described above in relation to the embodiment of figure 1, preferably at least one of said authentication media 202 or 203 may be associated with the information storage medium 201 in a tamper-indicating manner. Each such tamper-indicating authentication medium is configured such that it is extremely difficult or impossible to remove said tamper-indicating authentication medium from the information storage medium 201 without modifying the unique authentication features in said tamper- indicating authentication medium in a manner that is detectable in the corresponding authentication reading process. The advantage of including such tamper-indicating association between at least one of the authentication media (202 and 203 of figure 2) and the information storage medium 201 is that a positive data match 212 (Le indicating a data match between the retrieved security data 2OS and the decrypted security data 210) then also authenticates the information storage medium 201 , ensuring that the information storage medium 201 is the same medium as used to record the combined data 200.
In some embodiments, at least one of the authentication media (202 and 203 of figure 2) that is not tamper-indicating may be removable, thereby preventing the data comparison process 211 from being able to generate a positive data match 212 in the absence of said removable authentication media. ϊn one embodiment one or more of the fixed or removable authentication media, and the corresponding authentication reading processes, may be biometrically based, in which case the authentication data (204 or 205 in figure 2) may represent biometric features such as a fingerprint or retinal pattern or voice pattern, and authentication will provide an indication of the presence of a particular person, In such an embodiment the data retrieval and authentication process of figure 2 will ensure that the same person is present during data retrieval and authentication as was present during the corresponding data preparation and storage operation (i e. the operation of figure 1).
In another embodiment, each of one or more of the fixed or removable authentication media may include a means to biomefrically identify one or more specific authorized individuals, and upon biometrically identifying a specific authorized individual may be configured to release a unique authentication code corresponding to said specific authorized individual, said unique authentication code forming the authentication data (204 or 205 of figure 2) for that authentication medium. Kn such an embodiment the data retrieval and authentication process of figure 2 will ensure that the same person is present during data retrieval and authentication as was present during the corresponding data preparation and storage operation (i.e. the operation of figure 1).
In another embodiment, one or more of the fixed or removable authentication media) and the corresponding authentication reading processes, may be token based, in which case the authentication data (204 or 205 of figure 2) derived from a specific token will provide an indication of the presence of said specific token. A non-lirniting example of a token is an electronic smart card, In such an embodiment the data retrieval and authentication process of figure 2 will ensure that the same token is present during data retrieval and authentication as was present during the corresponding data preparation and storage operation (i.e. the operation of figure 1).
In another embodiment, one or more of the fixed or removable authentication media, and the corresponding authentication reading processes, may be password based, in which case authentication data (204 or 205 of figure 2) corresponding to a specific password will provide an indication of the presence of a person with lααowl edge of said specific password, and therefore the data retrieval and authentication process of figure 2 will ensure the presence of a person with knowledge of the same password as was used during the corresponding data preparation and storage operation (i.e. the operation of figure 1).
Different conclusions can be drawn from a positive data match indicator 212, depending On the details of the implementation of the embodiment of figure 2. A summary of the key conclusions is now presented.
• A positive data match indicator 212 always means that: o the same uniquely identified authentication media 202 and 203 were used in the data retrieval process as were used to originally record the predefined data - this can be concluded in particular due to the authentication properties of the authentication media and the properties of the data processing function 108; o the retrieved predefined data 206 has not been modified since it was recorded - this can be concluded in particular due to the properties of the data processing function 10S; o the predefined data 206 originated from an authorized source - this can be concluded in particular since the decryption process 11OD led to a positive data match, implying that a valid corresponding (secret) encryption key 11 OE was used to encrypt the security data during preparation and recording of the combined data 200.
• If at least one of the authentication media (202 and 203 of figure 2) is associated with the information storage medium 201 in a tamper-indicating manner, then a positive data match indicator 212 means that data is being retrieved from the original information storage medium (i.e, not from a copy or fake information storage medium), and said information storage medium can be uniquely identified - this can be concluded in particular from the unique authentication features and tamper-indication properties of said tamper-indicating authentication media,
• If at least one of the authentication media is removable and is retained securely when removed, then a positive data match indicator 212 means that the data retrieval process is authorized, in that said removable authentication media must be present in order to retrieve and authenticate the predefined data 206. Specifically: o if at least one of the removable authentication processes is biometrically based, then a positive data match indicator 212 means that the same person is present during data retrieval as was present during data preparation and recording; o if at least one of the removable authentication processes is token based, then a positive data match indicator 212 means that the same token is used during data retrieval and authentication as was used during data preparation and recording; o if at least one of the removable authentication processes is password based, then a positive data match indicator 212 means that a person with knowledge of the password is present during both (i) the data preparation and recording process, and (ii) the data retrieval and authentication process.
Preferably the data match indicator 212 and the retrieved predefined data 206 are input to the data processing apparatus 213. The output 214 of the data processing apparatus 213 will depend on the details of the specific embodiment of the present invention, but said output 214 may in some embodiments be determined by whether or not the data match signal 212 indicates a positive data match between the retrieved security data 208 and the decrypted security data 210, Two preferred embodiments of the functioning of the data processing apparatus 213 are now described, but it should be appreciated that numerous other embodiments are possible.
• In one embodiment the output 214 of the data processing apparatus 213 may be the retrieved predefined data 206 and the data match indicator 212.
• In another embodiment the data processing apparatus 213 maybe configured to output the retrieved predefined data 206 only if the data match indicator 212 indicates a data match between the retrieved security data 208 and the decrypted security data 210. In some embodiments, and especially those in which the data processing apparatus 213 is configured to output the retrieved predefined data 206 only if the data match indicator 212 indicates a data match between the retrieved security data 208 and the decrypted security data 210, it may be advantageous for security reasons to integrate the functions 101A, 102A, 106, 1OS, HOD, 211 and 213 with the information storage medium 201 into a single integrated device that is both an information storage medium and data retrieval and authentication unit, requiring only input from the appropriate authentication media 202 and 203 in order.to output the predefined data 206 mat is stored in the information storage medium 201. If the wrong authentication media 202 and 203 are presented, said integrated device may be configured so as to not output the predefined data 206, but instead to generate and output a signal (e.g. a data signal or visual/audible indication) indicating that a valid authentication match was not obtained. In a specific variant of such embodiments, at least one of the authentication media maybe associated with the information, storage medium (201 in figure 2) in a tamper-indicating manner, while at least one of the authentication media may be removable, so that (i) said information storage medium is authenticated during data retrieval and (ii) said data retrieval is only possible if said removable authentication media are present and used in the data retrieval and authentication process.
The encryption process HOE and corresponding decryption process HOD may be symmetric or asymmetric.
• If symmetric, the encryption key for the encryption process 11 OE and corresponding decryption key for the decryption process HOD are the same, and said key should be kept secret.
• If asymmetric, the encryption process 110E and corresponding decryption process 11 OD may constitute a so-called public/private key encryption system. In one such embodiment the key used for the encryption process HOE may be a private key that should be kept secret, in which case the corresponding key used for the decryption process 11 OD will be a public key. In another such embodiment the key used for the encryption process 11 OE may be a public key, in which case the corresponding key used for the decryption process 11 OD will be a private key that should be kept secret. Generally speaking the data retrieval and authentication process of figure 2 will be undertaken in a non-secure environment, while the encryption process 11OE can usually be maintained securely. Consequently it will usually be preferable for the encryption and decryption processes HOE and 110D to be asymmetric, with the encryption process 11OE using a secret private key and. the decryption process 110D rising the corresponding public key. Successful decryption using said public key in the decryption process HOD then guarantees that the encryption process 11 OE was undertaken using the correct secret private key, thereby also guaranteeing that encryption was undertaken in an authorized procedure.
In one embodiment the combined data (e.g. data 113 of figure 1, data 200 of figure 2) may include the public key value to be used in the decryption process HOD. This public key value can then be read during data retrieval and may be matched against a number of "verified" public key values either stored in the data retrieval apparatus or accessible via a connection to a remote public key repository (e.g. via internet connection to a public key repository or certificate authority) in order to determine whether it is a genuine public key value and therefore whether it can be used for the data authentication process of figure 2. Furthermore, said verified public key value may be associated with identification details of the originator of the encrypted security data 111 (figure 1) or 209 (figure 2):
Advantages of Using the Data Processing Function 108
In the data preparation process of figure 1, the data processing function 108 serves the purpose of irreversibly mixing authentication data (103 and 104) derived from the various authentication media with the predefined data 105 to produce security data 109j such that the security data 109 cannot subsequently be processed to retrieve the various data components input to the data processing function 1 OS. Neither can other input data components be derived to produce specified security data 109, thereby preventing fraudulent authentication data being input so as to emulate valid authentication media in generating valid security data 109.
It might be argued that the process of figure 1 could be undertaken without the data processing function 108 - for example, by separately encrypting each of the authentication data (103 and 104 of figure 1) and the predefined data 105 and then recording each of the encrypted data blocks into the information storage medium 114 along with the predefined data 105. A key disadvantage of this approach is that a person acting fraudulently maybe able to determine which of the encrypted data in the information storage medium 114 corresponds to the predefined data 105, and then copy both the predefined data 105 and the corresponding encrypted data to another information storage medium, similar to information storage medium 114, along with authentication data derived from other authentication media, thereby creating a cloned information storage medium that would appear to be genuine. The data processing function 108 prevents this possibility by irreversibly mixing the various authentication data (103 and 104 of figure 1) with the predefined data 105, thereby in effect tylng the specific authentication media used in the data preparation and recording process of figure 1 to the predefined data 105.
Another practical advantage of the data processing function 1 OS is that it generates a relatively short data string that after encryption takes up relatively little data storage capacity in the information storage medium 114.
Protecting the Encryption Key
In some implementations the data preparation and storage functions described in relation to figure 1 will be carried out in an insecure environment,, which could risk exposing the encryption key used in the encryption process 11 OE. In such cases the encryption process maybe carried out in. a secure environment that is remote from the other processes of figure 1. For example, the security data 109 may be transmitted from the insecure environment to a remote secure environment, where the encryption process 11OE is carried out and the enciypted security data 111 is transmitted back to the insecure environment for the remainder of the process described in relation to figure 1 , In a more specific example, the security data 109 may be transmitted via the internet to a remote secure encryption server, where the encryption process 11OE is carried out and the encrypted security data 111 is then transmitted back, again via the internet, for the remainder of the process in figure 1. In this way the encryption key is not exposed in the insecure environment. A single secure encryption server may be used to encrypt security data 109 from a number of data preparation and recording operations (i.e. the operation represented in figure 1) being undertaken in a number of separate locations. This procedure also has the advantage that it allows all encryption activities carried out with specific encryption keys to be monitored from a single source, which further enhances security and enables a degree of traceability. Security is enhanced because without knowing the encryption key it is impossible to emulate any of the information storage media 114 that are recorded with the use of that key, Encryption of Predefined Data
Ia some applications it may be advantageous for the predefined data 105 to be encrypted data, in order to protect it from being read and interpreted by unauthorized personnel. In such cases an additional optional encryption/decryption process maybe introduced as indicated schematically in figures 1 and 2. It should be stressed that this is an optional step that is not central to the present invention, In the embodiment of figure 1 an additional encryption process 115E is introduced at the input, so that incoming unencrypted data 116 is encrypted via the encryption process 1 15E to produce the encrypted predefined data 105, with the rest of the process being as described above in relation to figure 1. A corresponding decryption process 115D is then applied at the output of the data retrieval and authentication process of figure 2 to decrypt that portion of the data 214 that corresponds to retrieved predefined data 206, thereby retrieving the original unencrypted input data, which will form part of the output data 215.
Examples of Specific Preferred Embodiments
The following are specific preferred embodiments of the present invention. It should be appreciated to someone skilled in the art that numerous other embodiments are possible, based on the principles, methods and apparatus described herein.
Specific Preferred Embodiment 1
In this embodiment a single authentication medium is used. The authentication medium is a surface (such as a paper or cardboard surface) to which is applied a random pattern of optically detectable micro-particles. The small size and random placements of the particles makes such a pattern extremely difficult to copy or emulate, The authentication reading process involves generating data indicative of the absolute or relative positions of at least a portion of said micro particles, in some cases combined with information regarding other specified properties of the optical feedback from each particle, said specified properties including (without limitation) optical intensity and optical wavelength. The random pattern of micro particles is preferably applied to the surface in a tamper-indicating manner, such that it cannot be removed from said surface without the pattern of said micro particles being disrupted. In this embodiment the information storage medium is the same surface to which the micro particles are applied, and the data 113 is applied to said surface in the form of a machine readable marking such as a barcode or 2-dimensional barcode printed or otherwise marked on said surface. In one instance of this embodiment said micro particle patterns may be pre- applied at specified intervals along a paper or cardboard surface. As each micro particle pattern is presented to the process of figure 1, the security data 109 is generated locally and transmitted to a remote secure encryption device 11OE that generates the encrypted security data 111 and transmits it back to the apparatus of figure 1. The data 113 is then generated and printed on said paper or cardboard in association with the corresponding micro particle, authentication pattern. Preferably an asymmetric encryption process l lOE/11OD may be used, with the encryption process 11 OE using a secret private key and the decryption process HOD using the corresponding public key. In this way the private encryption key can be maintained securely in said remote secure encryption device 11OE, while the public decryption key would be stored in the data retrieval and authentication process described in relation to figure 2, which process maybe carried out in unsecured environments. Knowledge of the public key does not present a security threat to the processes described herein - instead the public key essentially provides a means to confirm that an authentic private key was used in the encryption process, thereby confirming that an authorized encryption process was undertaken.
Variations on this embodiment may use as the authentication features other random properties mat are intrinsic or introduced to a surface or volume. For example, the random fiber pattern in an area of a paper surface may be used as an authentication feature,
Spøcific Preferred Embodiment 2
In this embodiment a single authentication medium is used. The information storage medium (114 of figure 1; 201 of figure 2) is an electronic memory device such as a USB drive, The authentication medium is a surface or volume of the electronic memory device into which is applied a random pattern of optically detectable micro-particles. The small size and random placements of the particles makes such a pattern extremely difficult to copy or emulate. The authentication reading process involves generating data indicative of the absolute or relative positions of at least a portion of said micro particles, in some cases combined with information regarding other specified properties of the optical feedback from each particle, said specified properties including (without limitation) optical intensity and optical wavelength. The random pattern of micro particles is preferably applied to the electronic memory device in a tamper-indicating manner, such that it cannot be removed from said device without the pattern of said micro particles being disrupted. The electronic memory device may be configured to interface to a computer, from which the predefined data 105 is derived.
In one instance of this embodiment the processes 101 A (authentication reading), 106, 108, 11 OE, 110D, 112, 211 and 2l3 may be separate from said electronic memoϊy device, such that said electronic memory device comprises only the information recording medium (114 of figure 1; 201 of figure 2) and associated tamper indicating authentication medium (in this example the random pattern of micro particles referred to above).
In another instance of this embodiment the processes 106, 108, 11OE, 110D, 112, 211 and 213 may be integrated into said electronic memory device, making it self contained except for the authentication reading process (101 A) for reading said micro particle pattern.
In another instance of this embodiment the processes 106, 108, 11 OD, 112, 211 and 213 maybe integrated into said electronic memory device, making it self contained except for the encryption process 11 OE and the authentication reading process (101 A) for reading said micro particle pattern. The encryption process 11 OE may be carried out by a remote secure encryption device that accepts security data 109, generates encrypted security data 111 and transmits it back to said electronic memory device. The data 113 is then generated and recorded in said electronic memory device. Preferably an asymmetric encryption process HOE/HOD may be used, with the encryption process l lOE using a secret private key and the decryption process HOD using a corresponding public key, In this way the private encryption key can be maintained securely in the remote secure encryption device, while the public decryption key would be stored in the data retrieval and authentication process described in relation to figure 2, which in this example maybe integrated into the electronic memory device. Knowledge of the public key does not present a security threat to the processes described herein. Connection to the remote secure encryption, device may for example be via the internet when said electronic memory device is connected to a computer. Ln a variation on this embodiments the authentication reading process 101 A may also be incorporated into said electronic memory device. It should be appreciated that other variations on the abovedescribed preferred embodiments are possible, based on the principles described herein. Specific Preferred Embodiment 3
This specific preferred embodiment is similar to specific preferred embodiment 2 described above. The only difference in this embodiment is that the authentication medium is an electronic authentication medium integral to said electronic memory device, with the authentication features in one example being random electronic values intrinsic to said electronic authentication medium, said values being extremely difficult to copy or reproduce. Said random electronic values are readable using electronics that are either integrated into said electronic memory device or external to said electronic memory device. Techniques currently exist for generating and reading such random electronic values.
In one instance of this embodiment the processes 101 A (authentication reading process for said random electronic values), 106, 105, 110E, 11 OD, 1 J 2, 211 and 213 may be external to said electronic memory device, such that said electronic memory device comprises only the information recording medium (114 of figure 1 ; 201 of figure 2) and associated electronic authentication medium (in this instance being random electronic values intrinsic to said electronic authentication medium),
In another instance of this embodiment the processes 101 A (authentication reading process for said random electronic values), 106, 108) HOE, 1 10D, 112, 211 and 213 maybe integrated into said electronic memory device, making it self contained, including the authentication reading process 101 A that in this embodiment is an electronic process internal to said electronic memory device,
In another instance of this embodiment the processes 106, 108, 110D, 112, 211 and 213 may be integrated into said electronic memory device, making it self contained except for the authentication reading process 101 A and encryption process HOE. As for specific preferred embodiment 2 above, the encryption process 11 OE may be carried out by a remote secure encryption device that accepts security data 109, generates encrypted security data 111 and transmits it back to said electronic memory device, The data 113 is then generated and recorded in said electronic memory device. Preferably an asymmetric encryption process 11 OB/11OD may be used, with the encryption process HOE using a secret private key and the decryption process 11 OD using a corresponding public key. In this way the private encryption key can be maintained securely in the remote secure encryption device, while the public decryption key would be stored in the data retrieval and authentication process described in relation to figure 2. Knowledge of the public key does not present a security threat to the processes described herein. Connection to the remote secure encryption device maybe via the internet when said electronic memory device is connected to a computer.
In yet another instance of this embodiment a radio frequency identification (RPID) tag is used. The RFID tag includes an RFID memory chip that incorporates random electronically readable features. These random electronically readable features then provide the authentication data. Hence in this embodiment the authentication medium 101 of figure 1 is the portion or function of the RFID chip that incorporates or generates the random electronically readable features, the authentication reading process 101A is carried out by an RFID reading device, and measured values of the random electronic features constitute the authentication data 103 of figure 1. The information storage medium (1 14 in figure 1) is the electronic memory of the RFID chip. Other functions described in relation to figures 1 and 2 may be integrated mto the RFID chip or may be external. If the RFID tag is active - i.e. includes an on-board power source - then it is possible to incorporate some or all of the functions of figures 1 and 2 into the chip, ϊf the RFID tag is passive - i.e. does not include an on-board power source - then the various functions of figures I and 2 may be external to the RFID tag. In particular the functions required in the processes of figures 1 and 2 maybe housed in an RFID read/write device. In one specific example, the processes 101 A, 106, 108, HOD, 112, 211 and 213 may be integrated into an RFID read/write device that communicates with said passive RFID tag. As in the case of specific preferred embodiment 2 above, the encryption process 1 IOE may be carried out by a remote secure encryption device that accepts security data 109 from said RFID read/write device, generates encrypted security data 111 and transmits it back to said RFID read/write device, which generates the combined data 113 and writes it to the memory of said passive RFID tag. Preferably an asymmetric encryption process 110E./11OD may be used, with the encryption process 11 OE using a secret private key and the decryption process 11 OD using a corresponding public key, In this way the private encryption key can be maintained securely in the remote secure encryption device, while the public decryption key would be stored in said RFID read/write device for use in the data retrieval and authentication process described in relation to figure 2. Knowledge of the public key does not present a security threat to the processes described herein, Connection to the remote secure encryption device maybe via a connection from said RFID read/write device to the internet.
With regard to this specific preferred embodiment 3, it should be noted that RFID chips with random electronically readable features are offered by a company called Verayo, which refers to such' random electronically readable features as Physical Unclonable Functions.
Specific Preferred Embodiment 4 This specific preferred embodiment is similar to specific preferred embodiment 3 described above. The difference between the present preferred embodiment and embodiment 3 above is that in die present embodiment a second authentication medium (and authentication process) is used. Preferably said second authentication process is a token based authentication process that involves deriving a unique authentication code from a removable token. Said token may in one embodiment be an electronic "smart" card.
In this embodiment the token authentication code (the authentication data) is read from the token during the data preparation and recording process, as described in relation to figure 1, and the authentication data derived from this authentication reading process is used along with the intrinsic random electronic values described above in relation to specific preferred embodiment 3.
In one instance of this embodiment the processes 101 A and 102A (the two authentication reading processes), 106, 108, 110E, 110D, 112, 211 and 213 maybe external to said electronic memory device, such that said electronic memory device comprises only the information recording medium (114 of figure 1; 201 of figure 2) and associated electronic authentication medium (in this instance comprising the first of two authentication media and being random electronic values intrinsic to said electronic authentication medium),
In another instance of this embodiment the processes 101 A and 102A (the two authentication reading processes), 106, 108, 110E, 110D, 112, 21 1 aud 213 may be integrated into said electronic memory device, making it self contained except for the second token based authentication medium.
In another instance of this embodiment the processes 101 A and 102A, 106, 108, HOD, 112, 21 1 and 213 may be integrated into said electronic memory device, making it self contained except for the encryption process 110E and the second token based authentication medium. As for specific preferred embodiments 2 and 3 above, the encryption process 110E may be carried out by a remote secure encryption device that accepts security data 109, generates encrypted security data 11 1 and transmits it back to said electronic memory device. The data 113 is then generated and recorded in said electronic memory device, Preferably an asymmetric encryption process 110E/110D may be used, with the encryption process 11OE using a secret private key and the decryption process 110D using a corresponding public key. In this way the private encryption key can be maintained securely in the remote secure encryption device, while the public decryption key would be stored in the device that carries out the data retrieval and authentication process described in relation to figure 2. Knowledge of the public key does not present a security threat to the processes described herein. Connection to the remote secure encryption device may be via the internet when said electronic memory device is connected to a computer, In this specific preferred embodiment it is evident that a valid data match 212 cannot be achieved unless:
- the predefined data 206 is unmodified;
- the electronic memory device is authentic - i.e. is the same electronic memory device as was used to originally record the predefined data 206 - as verified by said electronic authentication medium integral to said electronic memory device;
- an authorized encryption process 1 IOE was used;
- the same token is used to retrieve and authenticate the predefined data 206 as was originally used during preparation and recording of the combined data 200. If the data processing apparatus 213 is configured to output the predefined data 206 only when a valid data match 212 is obtained, then it can also be concluded that retrieval of the predefined data 206 from the medium 201 is possible only with the use of the original token.
It is important to appreciate that although the present specific preferred embodiment uses a token based authentication process, no token authentication data is stored in said electronic memory device, and neither is any data stored from which said token data can be retrieved or reconstructed. The only authentication data retained in the information storage medium is in the form of the encrypted security data (111 of figure 1; 209 of figure 2), Even if this is decrypted, what is recovered is the security data (109 of figure 1; 210 of figure 2). However, as described above the data processing function 108 generates security data 109 from which it is not possible to reconstruct the combined input data 107, which combined input data 107 includes authentication data derived from said token. During the reading and data recording process of figure 1 , the combined input data 107 is kept in volatile memory only long enough to generate the security data 1.09, at which time the combined input data 107 is erased. Similarly, during the data retrieval and authentication process described in relation to figure 2, the retrieved combined input data 207 is retained only long enough to generate retrieved security data 208, after which time the retrieved combined input data 207 is erased. As in the case of the security data 109, it is not possible to reconstruct from retrieved security data 208 the corresponding retrieved combined input data 207, which retrieved combined input data 207 includes authentication data derived from said token, Consequently although the processes described herein use token based authentication processes they do not risk exposing the token authentication data.
Specific Preferred Embodiment 5
This specific preferred embodiment is in the form of an adhesive label or tag, comprising at least:
- a substrate with a top surface and a bottom surface; - at least a portion of said substrate being transparent;
- a layer of adhesive applied to the bottom, surface of said substrate to attach said label or tag to an object;
- said substrate being configured to accept a marking process such as printing or laser marking. In this embodiment a single authentication medium is used, in the form of a random pattern of machine readable authentication features applied in the transparent portion of the label or tag substrate - for example, between the substrate and an object to which said label or tag is applied (i.e. above, below, or within the adhesive layer), The authentication features will have the general authentication properties as described above, An example would be a random pattern of micro particles applied to the bottom surface of the substrate, where the small size and random placements of the particles make such a pattern extremely difficult to copy or emulate. Other types of authentication media may be employed instead. The authentication features may be intrinsic (e.g. surface texture of the substrate) or maybe deliberately introduced (e.g. a random pattern of applied micro particles). The authentication features are applied in a tamper-indicating manner, such that if the label or tag is removed from a surface to which it has been applied the authentication features will be disrupted in a manner that is detectable in the authentication reading process for said authentication features, The authentication reading process involves reading through the transparent portion of the substrate to generate unique authentication data indicative of at least the absolute or relative positions of at least a portion of said authentication features, in some cases combined with information regarding other specified properties of the authentication features.
In this embodiment the information storage medium is the substrate, and the data 113 is applied to the substrate in the form of a marked machine readable pattern such as a barcode or 2-dimensional barcode. The marking may, for example, be printing on the top surface of the substrate or laser marking to an internal layer within the substrate, or some other marking process.
In one instance of this embodiment the substrate may be prepared, either previously die out or not, with the authentication features applied at specified positions on the bottom surface of the substrate in, the transparent areas of the substrate, along with a layer of adhesive. As each area of authentication features is presented to the process of figure 1, the security data 109 is generated locally and transmitted to a remote secure encryption device 11OE that generates the encrypted security data 111 and transmits it back to the apparatus of figure 1. The data 113 is then generated and marked on or in the substrate in association with the corresponding authentication features, Preferably an asymmetric encryption process 11 OE/ 11 OD may be used, with the encryption process 11OE using a secret private key and the decryption process 11 OD using the corresponding public key. In this way the private encryption key can be maintained securely in the remote secure encryption device, while the public decryption key may be stored in the data retrieval and authentication process described in relation to figure 2. Knowledge of the public key does not present a security threat to the processes described herein - instead the public key essentially provides a means to confirm that an authorized private key was used in the encryption process, thereby confirming that an authorized data preparation and data recording process was undertaken.
It should be apparent to a person skilled in the art that numerous other variations are possible, based on the general principles described herein.

Claims

CLAIMS:
1. A method of preparing authenticated predefined data, the method including the steps of: providing an information storage item to store the predefined data; providing one or more an authentication medium, each medium having identifiable features; using each medium to generate authentication data indicative of the features of the medium; combining the authentication data from each medium with the predefined data to produce combined data; processing at least part of the combined data to provide security data; encrypting the security data to provide encrypted security data; and storing the predefined data and encrypted security data in said storage item as stored data.
2. The method of claim I , wherein the step of processing includes a cryptographic hash function.
3. The method of claim 1, 2 or 3, wherein the step of storing the predefined data and encrypted security data is performed by a deterministic and reversible process.
4. The method of any one of claim 1 , 2 or 3 , wherein said predefined data is encrypted data.
5. The method of any one of claims 1 to 4, wherein the step of using a medium includes machine reading the medium to generate the authentication data.
6. The method of any one of claims 1 to S, wherein the features include biometric features,
7. The method of any one of claims 1 to 6, wherein the features include a plurality ofmicroparticles.
8. The method of any one of claims 1 to 7, wherein the association between one or more of the authentication media and the item is tamper-indicating, with tampering of a tamper indicating authentication medium resulting in modification of the authenti cation data for said medium.
9. The method of any one of claims 1 to 8, wherein said item is an electronic device,
10. - The method of any one of claim 1 to 8, wherein the medium is a surface to receive a printed image, with the stored data in a printed image applied to the surface.
11. The method of any one of claims 1 to 10, wherein said item is an RFID tag, having a memory portion with recognisable, readable, random electronically recorded features providing the authentication data.
12. A method to retrieve predefined data and authenticate the predefined data, the method including the steps of: providing one or more authentication medium, each medium having identifiable features; using each medium to generate authentication data indicative of the features of the medium; providing a storage item having stored data including encrypted security data and the predefined data; retrieving the predefined data and combining the predefined data with the authentication data to provide retrieved combined data; processing at least part of the combined retrieved data to provide retrieved security data; retrieving the encrypted security data from the storage item; decrypting the encrypted security data to provide decrypted security data; and comparing the retrieved security date with the decrypted security data to generate data indicative of any match between the retrieved security data and the decrypted security data to determine a positive match between the retrieved security and the decrypted security data;
13. The method of claim 12, wherein the encrypted security data is a digital signature.
14. The method of claim 12. or 13, wherein the step of using the medium includes machine reading the medium to generate the authentication data.
15. The method of claims 12, 13 or 14, wherein the features include biometric features,
16. The method of claims 12, 13 or 14, wherein the features include a plurality of microparticles,
17. The method of any one of claims 13 to 16, wherein the association between one or more of the authentication media and the item is tamper-indicating with tampering of a tamper indicating authentication medium resulting in modification of the authentication data for said medium,
18. The method of any one of claims 12 to 17, wherein, the item is an electronic device.
19. The method of any one of claims 12 to 17, wherein the medium is a surface to receive a printed image, with the stored data in a printed image applied to the surface.
20. The method of any one of claims 12 to 19, wherein said item is an RFID tag having a memory portion with recognisable readable brand of electronic recorded features providing the authentication data.
PCT/IB2010/000669 2009-02-06 2010-02-08 A data authentication technology WO2010089673A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US15044109P 2009-02-06 2009-02-06
US61/150,441 2009-02-06

Publications (2)

Publication Number Publication Date
WO2010089673A2 true WO2010089673A2 (en) 2010-08-12
WO2010089673A3 WO2010089673A3 (en) 2010-11-11

Family

ID=42542451

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2010/000669 WO2010089673A2 (en) 2009-02-06 2010-02-08 A data authentication technology

Country Status (1)

Country Link
WO (1) WO2010089673A2 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system
US11228423B2 (en) 2020-01-12 2022-01-18 Advanced New Technologies Co., Ltd. Method and device for security assessment of encryption models

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020136400A1 (en) * 2001-01-08 2002-09-26 Arif Askerov R-conversion encryption method and system
US20020186838A1 (en) * 2001-03-09 2002-12-12 Pascal Brandys System and method of user and data verification
US20080175377A1 (en) * 2007-01-22 2008-07-24 Global Crypto Systems Methods and Systems for Digital Authentication Using Digitally Signed Images

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020136400A1 (en) * 2001-01-08 2002-09-26 Arif Askerov R-conversion encryption method and system
US20020186838A1 (en) * 2001-03-09 2002-12-12 Pascal Brandys System and method of user and data verification
US20080175377A1 (en) * 2007-01-22 2008-07-24 Global Crypto Systems Methods and Systems for Digital Authentication Using Digitally Signed Images

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system
US11228423B2 (en) 2020-01-12 2022-01-18 Advanced New Technologies Co., Ltd. Method and device for security assessment of encryption models

Also Published As

Publication number Publication date
WO2010089673A3 (en) 2010-11-11

Similar Documents

Publication Publication Date Title
US11600056B2 (en) Authentication method and system
US9686082B2 (en) Generating and processing an authentication certificate
US7712675B2 (en) Physical items for holding data securely, and methods and apparatus for publishing and reading them
US8447038B2 (en) Method and systems using identifier tags and authenticity certificates for detecting counterfeited or stolen brand objects
US8235286B2 (en) Card capable of authentication
CN104166871B (en) Anti-counterfeit label and anti-counterfeit method based on combination of two-dimension codes and RFID chips
RU2435218C2 (en) Card with possibility of authentication
US20090315686A1 (en) Rfid tag using encrypted value
CN104285230A (en) Method for coding and decoding information associated with an item
KR100992705B1 (en) Method and system for processing securities using rfid system
AU682778B2 (en) Authentication technique
DE102004059391B4 (en) Crypto-wireless-tag
WO2010089673A2 (en) A data authentication technology
CN105187404B (en) A kind of document security querying method and device based on Cloud Server
WO2009150622A2 (en) Encrypted marking and method for securing and certifying the authenticity of a product
CN101395619A (en) Card capable of authentication
CN101170626A (en) Information processing apparatus, information processing method, program, and storage medium
JP4104801B2 (en) IC card reader and IC card system
JP2001283167A (en) Individual identification method with two-dimensional code and hybrid type individual authentication system and off-line person himself or herself confirmation system
JP2006319506A (en) Information-carrying sheet, method and system for manufacturing and publishing thereof, and method and system for discriminating truth-falsehood thereof
EA042414B1 (en) SYSTEM AND METHOD FOR AUTHENTICATION OF SECURITY CERTIFICATES

Legal Events

Date Code Title Description
NENP Non-entry into the national phase in:

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10738265

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 10738265

Country of ref document: EP

Kind code of ref document: A2