CN207884641U - Physics voucher including encryption key pair - Google Patents
Physics voucher including encryption key pair Download PDFInfo
- Publication number
- CN207884641U CN207884641U CN201820035452.7U CN201820035452U CN207884641U CN 207884641 U CN207884641 U CN 207884641U CN 201820035452 U CN201820035452 U CN 201820035452U CN 207884641 U CN207884641 U CN 207884641U
- Authority
- CN
- China
- Prior art keywords
- code
- voucher
- physics
- physics voucher
- key pair
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C5/00—Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/60—Context-dependent security
- H04W12/69—Identity-dependent
- H04W12/77—Graphical identity
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Lock And Its Accessories (AREA)
Abstract
The utility model is related to a kind of physics vouchers including encryption key pair.Provide a kind of physics voucher comprising:First code is machine readable optical code, wherein the first code includes the public key of encryption key pair;And second code, it is machine readable optical code, wherein the second code includes the private key of encryption key pair.Second code is covered by opaque covering.Opaque covering can be irreversibly removed at least partly to manifest second code.First code is not provided with any opaque covering.
Description
Technical field
The utility model is related to physics voucher and correlation technique, computer program and computer program products, wherein should be with
Card includes the public key and private key of encryption key pair.
Background technology
Currently, this concept of Internet of Things IoT is associated with rapidly.In IoT, a large amount of electronic equipment both provides
Network insertion.Network insertion can be used for the equipment and carry out data reporting and/or allow to control the equipment by another equipment.
By IoT, number of devices will greatly increase.Everyone will be responsible for more and more equipment.Problem is how to configure
All these equipment, especially because being usually not intended to need to provide user interface for each equipment.In addition it is also necessary to pacify
Full property is to ensure not having unauthorized user access device.
Utility model content
The purpose of this utility model is to provide the improvement flexibilities of public key and Private key distribution mode.
Provide a kind of physics voucher comprising:First code is machine readable optical code, wherein the first generation
Code includes the public key of encryption key pair;And second code, it is machine readable optical code, wherein the second code includes
The private key of encryption key pair.Second code is covered by opaque covering.Opaque covering can be irreversible at least partly
Ground is removed to manifest second code.First code is not provided with any opaque covering.
Opaque covering can be the covering that can be removed by user scrapes.
Machine readable optical code can be matrix bar code.
Physics voucher may be implemented as card.
First code and second code are both printed codes.
In general, unless otherwise explicitly defined herein, all terms otherwise used in claims will be according to it in skill
Ordinary meaning in art field explains.Unless expressly stated otherwise, otherwise it is all to " one/one kind/element, device,
The reference of component, equipment, step etc. " is explained as referring in element, device, component, equipment, step etc. at least to be disclosedly
One example.Unless explicitly stated otherwise, otherwise any method disclosed herein the step of not necessarily in disclosed exact sequence
To execute.
Description of the drawings
The utility model is described by way of example referring now to the drawings, in the accompanying drawings:
Fig. 1 is the schematic diagram for showing the environment that can apply embodiment proposed in this paper;
Fig. 2A to Fig. 2 B is the physics for respectively illustrating Fig. 1 with opaque covering and without opaque covering
The schematic diagram of voucher;
Fig. 3 is the signal for the voucher provider for showing the physics voucher for providing Fig. 1 according to one embodiment
Figure;
Fig. 4 is the flow chart for showing the physics voucher for providing Fig. 1 according to one embodiment;
Fig. 5 is the schematic diagram of the component for the voucher provider for showing Fig. 3 according to one embodiment;And
Fig. 6 shows an example of the computer program product including computer readable device.
Specific implementation mode
The utility model is more fully described hereinafter with reference to attached drawing now, in the accompanying drawings, shows that this practicality is new
The certain embodiments of type.However, the utility model can be implemented in many different forms, and it should not be construed and be limited
In embodiment set forth herein;On the contrary, these embodiments are provided as example, so that present disclosure will be
It is thorough and complete, and the scope of the utility model is fully conveyed to those skilled in the art.It is identical through specification
Number refers to identical element.
Embodiment proposed in this paper is related to physics voucher, which includes:Include the first optical code of public key
And the second optical code comprising corresponding private key.Second optical code is covered by removable opaque covering.It uses
The physics voucher can use and (manifest) public key by key pair (and physics voucher obtained from) and target device
It is associated to control access to which.Then target device is protected so that only just allow further to access by providing private key
Target device.In this way, physics voucher can be distributed in any suitable manner, and recipient is it is believed that only
The second optical code is not manifested also, third party cannot access target device.This provided to the user intrinsic trust and
Regard.Moreover, the second optical code can be read by smart phone (or similar devices), then the smart phone is (or similar
Equipment) it can be communicated with target device, to eliminate or reduce the needs that target device provides the user interface of own.
Fig. 1 is the schematic diagram for showing the environment that can apply embodiment proposed in this paper.Physics voucher 1 includes first
Code 10 and second code 11.Physics voucher 1 is also referred to as key bill.First code 10 and second code 11 are both machines
The readable optical code of device, for example, matrix bar code such as QR (quick response), PDF (portable data file) 417, A Zite
Gram or one-dimensional bar code such as UPC (Universial Product Code), EAN (European Product Number), code 39 or code 128.First
Code 10 and second code 11 can even is that the machine readable printed text using optical character identification (OCR).However, item
The reliability of shape code is more suitable for optical apparatus reading, and matrix bar code can potentially indicate bigger than one-dimensional bar code
Number.
With connection or integrated camera/scanner code reader 2 can read first code 10 and the second generation
Code 11.Code reader 2 may, for example, be smart phone, tablet computer, general-purpose computer or electronic lock.
Code reader 2 can be communicated by communication link 4 with target device 3.Communication link 4 can be for example originally
Ground link reduces eavesdropping risk by bluetooth or BLE (Bluetooth Low Energy).Alternatively, communication link 4 can be in wide area network
Such as on internet, to allow the telecommunication between code reader 2 and target device 3.
Target device 3 is to control any suitable equipment accessed to it using physics voucher 1.For example, target device can
To be the equipment in Internet of Things (IoT) environment.Note that physics voucher 1 can optionally be configured for multiple target devices 3,
Wherein, each target device will work as described herein.For example, there may be several targets of the lock as building to set
Standby 3, all these target devices 3 can be controlled using physics voucher 1.
Fig. 2A to Fig. 2 B is the Fig. 1 respectively illustrated with opaque covering 12 and without opaque covering 12
The schematic diagram of physics voucher 1.Physics voucher 1 can be provided for example in the form of card, to allow such as passing in target device
The simple regulation of middle offer is provided, and allows for example easily to distribute in mail.If distributing physics voucher in mail,
Then mail can be sent by the registered mail with limited delivering, so that it is guaranteed that recipient is strictly desired reception
Person.
With reference first to Fig. 2A, physics voucher 1 includes first code 10 and second code 11.As described above, first code 10
It is both machine readable optical code with second code 11.Both first code 10 and second code 11 both are set to can not
The code of change.For example, both first code 10 and second code 11 can be printed codes.
First code 10 includes the public key of encryption key pair, and second code 11 includes the private key of identical encryption key pair.
First code 10 may include other data in addition to public key, and second code 11 may include other numbers in addition to private key
According to.
Second code 11 in Fig. 2A is covered by opaque covering 12.Opaque covering 12 can be by user at least portion
Ground is divided irreversibly to remove, to manifest second code 11.In this way, anyone can be by checking opaque covering
The situation of object 12 checks whether the second code 12 of physics voucher 1 has exposed.
As long as second code 11 can be manifested, there is no need to be completely removed by user for opaque covering 12.
Opaque covering 12 can be so-called scraping covering, similar to the covering applied in scraping lottery ticket.So
Afterwards, it can be dismantled by user's scratch-off surface.
In one embodiment, opaque covering 12 is using the form with many pasters linearly perforated, setting
At so that it is practically impossible to attach paster again to cover second code 11.
First code 10 is not provided with any opaque covering, and therefore can read, and executes and appoints without user
What opens (such as scraping) action.
In fig. 2b, opaque covering 12 has been removed, and thus second code 11 is visible, and can be read by code
Device 2 is read to read.
Several embodiments will now be described to illustrate that in the cards some are beneficial using physics voucher proposed in this paper
Aspect.A to Fig. 2 B describes embodiment referring to Figures 1 and 2.
First embodiment is related to configuring electronic lock, wherein therefore electronic lock is target device 3.In this embodiment,
Electronic lock will be installed in this green emerald green family.This is older for green kingfisher, and inadaptable using electronic equipment, and such as intelligence is electric
Words and computer.
As described above, electronic lock has been delivered physics voucher 1.Electronic lock is installed by setter.Once electronic lock is by physics
It installs, then setter uses the software application (also referred to as app) in his/her smart phone to be read as code reader 2
Take the first code 10 of physics voucher 1.The public key of the key pair of app extracts physicals voucher 1 in code reader 2.
Then, the app in code reader 2 is communicated (such as passing through BLE) with electronic lock 3 so that electronic lock 3 is arranged
The owner.The owner is identified by means of public key.
After the owner is arranged in electronic lock 3, the code reader for only private key being used to provide certification can match
Set electronic lock.
Setter by physics voucher give it is green it is emerald green this and leave.Green emerald green this gives physics voucher 1 to her daughter Anna now
To configure electronic lock.
Anna removes the physics covering 12 of physics voucher 1 to manifest second code 11.Anna uses her intelligence electricity
The app in (another example as code reader 2) is talked about to read the second code 11 of physics voucher 1.Code reader 2 with
The private key of the key pair of this mode extracts physical voucher 1.
Then, the app in the smart phone 2 of Anna is communicated (such as passing through BLE) with electronic lock 3, to use private key
(such as by by digital signature applications in the data provided by electronic lock) is come certification oneself.It is for example logical and if only if electronic lock 3
It crosses when possessing the private key with public key match using public key verifications signature to verify the app, electronic lock 3 allows the intelligence electricity of Anna
The setting in app modification electronic locks 3 in words 2.Electronic lock 3 for example may be configured to be arranged now the new owner (for example,
The smart phone of Anna) and new key devices are installed, for example, the green emerald green key card that this can be used.
Since Anna and emerald green these of Bi can check that opaque covering 12 is not damaged also, so they can determine not
There are other people to access electronic lock.
In similar with first embodiment but second embodiment applied to any target device, physics voucher can be with
It is used to configure new electronic equipment, i.e. target device 3 in an identical manner.Target device 3 for example during fabrication with physics
The public key of the key pair of voucher is associated.Physics voucher 1 can be provided in the box comprising target device 3.Target device can
Only to be configured (for example, via as smart phone described in first embodiment) by providing private key.With this side
Formula, the covering 12 in second code by verifying physics voucher 1 is complete, can ensure that nobody had previously matched to user
Set the equipment.
In addition, if user needs to configure multiple target devices but do not have time or wish to execute the task, can incite somebody to action
The physics voucher of all these target devices is supplied to third party, to allow third party to execute the task of configuration target device.
In the variant of second embodiment, physics voucher 1 provides in the registered mail with limited delivering.This allows to supply
Quotient is answered to firmly believe that only specific people permits access to configure target device.
Second embodiment can be used for any suitable electronic equipment.This is in each family and user to more and more
It is particularly suitable in the responsible Internet of Things concept of electronic equipment.
In addition, in this second embodiment, since target device, mesh can be configured using the app of smart phone
Marking device can be not provided with any user interface.
In the third embodiment, physics voucher 1 is used as access voucher (the fallback access that retract
credential).It is, for example, possible to use the method for the prior art or configuring mesh by means of the first physics voucher as described above
Marking device.Then, the second physics voucher may be configured to allow to access, and be come as described above using the public key of the second physics voucher
It is configured.
It is then possible to the second physics voucher is stored in safe place, and if user forgets Password or with it
Its mode has lost the access rights to target device, then user can obtain the second physics voucher, and removal is opaque to be covered
The second code 11 (for example, using the app on smart phone) of the exposure of cover material 12 and the second physics voucher of use, to weight
Newly it is able to access to configure target device.
At this point, if there is user available third physics voucher, third physics voucher may be configured to use the
The first code 10 (including public key) of three physics vouchers accesses to provide new rollback.
Usually, by providing public key and capped private key on same physics voucher, the case where not damaging trust
Lower configuration target device becomes very convenient.User can trust has used private key to carry out target device without either party
Control, for example, obtaining ownership control.In other words, can be inferred that in the recipient of physics voucher has been made even if public key
With but in the case that nobody sees private key, public key can be used before anyone sees corresponding private key.
Physics voucher can be produced in batches in advance, and each physics voucher can use public affairs as described above when needed
Key comes associated with particular target device.
Fig. 3 is the signal for the voucher provider 5 for showing the physics voucher for providing Fig. 1 according to one embodiment
Figure.
Voucher provider 5 is for providing and (manufacturing) the physics voucher 1 from voucher blank 15.Voucher blank 15 neither has
There is first code 10 also not have second code 11.
Voucher blank can be manufactured in a manner of being difficult to forge, such as bank money.It is, for example, possible to use such as water
The technologies such as print, special paper, hologram ensure that without other people the voucher blank of forgery can be manufactured and seem by voucher
The physics voucher of provider manufacture.This improve when people receive the physics of the second code including first code and covering with
Degree of belief when card, because the personnel can trust nobody and can use the voucher provider of personal code.
For being supplied to each voucher blank 15 of voucher provider 5, voucher provider to print first code 10 and second
Code 11 simultaneously further provides opaque covering 12 in second code 11.
Fig. 4 is the flow chart for showing the physics voucher for providing and (manufacturing) Fig. 1 according to one embodiment.
This method is executed in the voucher provider of Fig. 3.
In the step 40 for obtaining key pair, the acquisition of voucher provider includes the encryption key pair of public key and private key.
The acquisition can be based on the voucher provider for generating key pair.Key pair can be based on generating random number, this is random
Number comes from hardware-implemented special random number generator.Alternatively, pseudo random number can be used.Real random number provides
Higher safety, and can be realized for this purpose using specific hardware.Many integrated circuits are such as from north
The nRF52 of Europe semiconductor has such specialized hardware.By generating key pair in voucher provider, key pair need not be with
Any mode carries out the communication for being possible to potentially be ravesdropping.Therefore, voucher provider may be configured so that key pair or
The private key of at least key pair exists only in physics voucher sheet.In addition to as second under opaque covering on physics voucher
Except a part for code, private key is not necessarily present in Anywhere.Voucher provider can be not provided with network insertion, to reduce
Any attacker is able to access the risk of private key.
In one embodiment, private key is firstly generated, and public key is calculated based on private key.
In the step 42 for providing first code, voucher provider provides first code in voucher blank can as machine
Read optical code, wherein first code includes public key.This can be for example by printing first code come complete in voucher blank
At.
In the step 44 for providing second code, voucher provider provides second code in voucher blank space can as machine
Read optical code, wherein second code includes private key.This can be for example by printing second code come complete in voucher blank
At.
Note that the sequence executed in step 42 and 44 is not important.
In the step 46 for providing opaque covering, voucher provider provides opaque covering on the second optical code
Object, opaque covering can irreversibly be removed by user, and first code is not provided with any opaque covering.
Fig. 5 is the schematic diagram of the component for the voucher provider 5 for showing Fig. 3 according to one embodiment.Processor 60
Using being able to carry out the suitable central processing unit (CPU) of the software instruction stored in memory 64 67, multiprocessor, micro-control
One or more of device processed, digital signal processor (DSP), application-specific integrated circuit etc. arbitrary combination (its thus can be
Computer program product) it provides.Processor 60 may be configured to execute the method described above with reference to Fig. 4.
Memory 64 can be the arbitrary combination of random access memory (RAM) and read-only memory (ROM).Memory 64
Further include permanent memory, such as can be the memory of magnetic memory, optical memory, solid-state memory or even Remote Installation
In any individual one or combination.
Data storage 66 is also configured to for reading and/or storing number during executing software instruction in processor 60
According to.Data storage 66 can be the arbitrary combination of random access memory (RAM) and read-only memory (ROM).
Voucher provider 5 includes still optionally further the I/O interfaces 62 for being communicated with other external entities.It can replace
Selection of land, I/O interfaces 62 further include user interface.
Printing machine 61 includes the component for the readable optical code of printing press in voucher blank.Printing machine 61 further includes
Component for providing opaque covering on the second optical code.
The other component of voucher provider 5 is omitted, in order to avoid obscure concept proposed in this paper.
Fig. 6 shows an example of the computer program product including computer readable device.It is computer-readable at this
In equipment, computer program 91 can be stored, which can be such that processor executes according to embodiment party described herein
The method of formula.In this example, computer program product is such as CD (compact disk) or DVD (digital versatile disc) or Blu-ray disc
CD.As described above, computer program product can also be included in the computer program product of memory such as Fig. 5 of equipment
In 64.Although computer program 91 is shown schematically as the track on shown CD herein, computer program can
To be stored to be suitable for any way of computer program product, solid-state memory, such as universal serial bus such as can be removed
(USB) driver.
The utility model is described above primarily with several embodiments.However, as those skilled in the art are easy reason
It solves, the other embodiment other than embodiments disclosed above is equally possible to be limited by appended patent claims
In fixed the scope of the utility model.
Claims (8)
1. a kind of physics voucher (1), including:
First code (10) is machine readable optical code, wherein the first code includes the public key of encryption key pair;
And
Second code (11) is machine readable optical code, wherein the second code includes the private of the encryption key pair
Key;
Wherein, the second code (11) is covered by opaque covering (12), and the opaque covering (12) can be at least
Partly irreversibly be removed to manifest the second code (11), and the first code (10) be not provided with it is any
Opaque covering.
2. physics voucher (1) according to claim 1, wherein the opaque covering (12) is can to pass through user
The covering for scraping and removing.
3. physics voucher (1) according to claim 1 or 2, wherein the machine readable optical code is matrix stripe shape
Code.
4. physics voucher (1) according to claim 1 or 2, wherein the physics voucher is implemented as card.
5. physics voucher (1) according to claim 3, wherein the physics voucher is implemented as card.
6. the physics voucher (1) according to claims 1 or 2 or 5, wherein the first code and the second code two
Person is printed code.
7. physics voucher (1) according to claim 3, wherein the first code and the second code are both
Printed code.
8. physics voucher (1) according to claim 4, wherein the first code and the second code are both
Printed code.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP17206424.8 | 2017-12-11 | ||
EP17206424 | 2017-12-11 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN207884641U true CN207884641U (en) | 2018-09-18 |
Family
ID=60654848
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201820035452.7U Active CN207884641U (en) | 2017-12-11 | 2018-01-09 | Physics voucher including encryption key pair |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN207884641U (en) |
WO (1) | WO2019115469A1 (en) |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2509275A1 (en) * | 2011-04-04 | 2012-10-10 | Buntinx | Method and system for authenticating entities by means of mobile terminals |
-
2018
- 2018-01-09 CN CN201820035452.7U patent/CN207884641U/en active Active
- 2018-12-10 WO PCT/EP2018/084213 patent/WO2019115469A1/en active Application Filing
Also Published As
Publication number | Publication date |
---|---|
WO2019115469A1 (en) | 2019-06-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20210226798A1 (en) | Authentication in ubiquitous environment | |
CN101296241B (en) | Method for improving identity authentication security based on password card | |
NZ537305A (en) | Passport authentication and verification with machine readable data and chip held biometric certificate | |
US20140331302A1 (en) | Method for securing an electronic document | |
CN104881648A (en) | Fingerprint verification system arranged in valid identity card | |
CN103020574A (en) | OTP (One Time Password) equipment and method combining photographing and bar code indentifying technologies | |
WO2017021738A1 (en) | Puf based mobile user passport identification system and method | |
EP2930663A1 (en) | Electronic circuit chip for an RFID tag with a read-only-once functionality | |
CN113570387A (en) | Artwork tracing method based on block chain and electronic equipment | |
EP2770484A1 (en) | Reader for a document, method for reading a data object and computer program product | |
US20070061868A1 (en) | One-time password client | |
DE102021127716A1 (en) | SECURE IDENTIFICATION OF A PCB | |
CN207884641U (en) | Physics voucher including encryption key pair | |
CN101304315A (en) | Method for improving identification authentication security based on password card | |
Atanasiu et al. | Biometric passports (ePassports) | |
EP4162646A2 (en) | Blockchain supported banknote | |
EP2774074B1 (en) | Document, process for authenticating a user, more particularly for releasing a smart-card function, and computer system | |
JP3636898B2 (en) | Information card and information card system | |
CN101304316B (en) | Method for improving identification authentication security based on password card | |
CN101304317B (en) | Method for improving identification authentication security based on password card | |
CN109146022A (en) | Method and system based on living things feature recognition identity information | |
CN101304422A (en) | Method for improving identification authentication security based on password card | |
EP2234030B1 (en) | Chip card, computer system, method for activating a chip card and method for personalising a chip card | |
EP1746529A1 (en) | Smart card and method and system for authentication thereof | |
EP3061041B1 (en) | Document with contactless chip card interface and electronic system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
GR01 | Patent grant | ||
GR01 | Patent grant |