KR101841929B1 - Method for issuing document offline and method for validating issued offline document on the basis of merkle tree structure, and server using the same - Google Patents

Abstract

The present invention relates to a method for authenticating a document issued offline. The method comprises the following steps: (a) a document management server (i) extracts character data through a character recognition technology (OCR) after obtaining image data of an offline document to obtain character data of comparison document data or (ii) receives the character data extracted from the image data of the offline document to obtain the character data of the comparison document data; and (b) the document management server performs a process of obtaining a second specific hash value generated by applying a hash function to ID information on the offline document and a value obtained from the comparison document data, and generating a second representative hash value or a value processing the second representative hash value by using the obtained second specific hash value, and a process of obtaining a first representative hash value or a value processing the first representative hash value from a public block chain database by using Txid, and (ii) generates document authentication result value by using the first representative hash value or the value processing the first representative hash value and the second representative hash value or the value processing the second representative hash value.

Description

METHOD FOR ISSUING DOCUMENT OFFLINE AND METHOD FOR VALIDATING ISSUED OFFLINE DOCUMENT ON THE BASIS OF MERKLE TREE STRUCTURE AND AND METHOD FOR AUTHENTICATING PUBLISHED OFFLINE DOCUMENTS USING MULTI-TREE STRUCTURE SERVER USING THE SAME}

The present invention relates to a method of issuing a document to be issued offline using a merge tree structure, a method of performing authentication on an issued offline document, and a server using the method. More particularly, (I) the ID information of the predetermined issuance target document, (ii) the reference information including the character data corresponding to the content of the predetermined issuance target document, (I) a value obtained from the document data and (iii) supporting the registration or registration of the reference document data in the private block chain database, wherein (i) the ID information of the predetermined issuance target document registered in the private block chain database ii) a value obtained from the reference document data and (iii) a value obtained from the reference block data (I) acquiring ID information of the predetermined document to be issued, (ii) acquiring a hash value from the reference document data, and (ii) A representative hash value generated by computing a specific hash value generated by applying the function and at least one neighbor hash value matched with the specific hash value or a value obtained by processing the representative hash value is registered or registered in the public block chain database Issuing process "that acquires or obtains the representative hash value registered in the public block chain database or the Txid indicating the location information on the public block chain database of the value obtained by processing the representative hash value And (2) authentication request information for the issued offline document, (I) acquiring a second specific hash value generated by applying a hash function to a value obtained from the comparison document data, and (ii) acquiring ID information for the offline document, and Generating a value obtained by processing the second representative hash value or the second representative hash value using the acquired second specific hash value, and generating a first representative hash value or the first representative hash value from the public block chain database using the Txid, (Ii) a value obtained by processing the first representative hash value or the first representative hash value and a value obtained by processing the second representative hash value or the second representative hash value Quot; authentication process "for performing authentication on a published offline document that generates a document authentication result value by using the " authentication " value and a server using the method.

Currently, documents issued by domestic institutions such as government offices and public institutions are issued through printing including document authentication information such as a unique number or a barcode that does not overlap, such as a publication number when issuing a document.

In order to authenticate the issued document, it is possible to access the homepage of the issuing institution and input the corresponding number or convey the barcode information so that the authenticity of the document can be grasped.

However, in the conventional method as described above, when the document is scanned or manipulated, or when an individual inputs a number or a barcode of a document normally authenticated in a document created after a new document is created, the authenticity of the manipulated document is confirmed There is no way you can.

In addition, when the original document is displayed on the screen in order to confirm authenticity of the document through the Internet, it is inconvenient because the authenticity checker must collate the entire phrase with the original, It may not be possible to determine the authenticity due to various reasons or cases.

In addition, there is a method of adding a specific phrase to a document to increase the security of the document authentication by preventing a specific phrase from being displayed when copying or scanning, but the document may still be manipulated due to development of a new device or development of technology there is a problem.

SUMMARY OF THE INVENTION The present invention has been made to solve all the problems described above.

It is another object of the present invention to provide a method and a server that can facilitate authentication of a document issued offline.

Another object of the present invention is to make it easy to grasp the changes such as manipulation, damage, and the like to a document issued offline.

In order to accomplish the above object, a representative structure of the present invention is as follows.

According to an embodiment of the present invention, there is provided a method for performing authentication on a published offline document, the method comprising: (a) receiving a request for offline issuance of a predetermined issuance target document from a user terminal (ii) a value obtained from reference document data including character data corresponding to the content of the predetermined issuance target document, and (iii) a value obtained from the reference document data including (i) ID information about the predetermined issuance target document, (I) ID information about the predetermined document to be issued, (ii) a first specific hash value generated by applying a hash function to a value obtained from the reference document data, and A first representative hash value generated by calculating at least one neighboring hash value matching a specific hash value or a value obtained by processing the first representative hash value is public Wherein the document management server registers ID information on the offline document and character data corresponding to the offline document as the authentication request information for the issued offline document in a state in which the document management server registers in the lock chain database and manages the Txid corresponding thereto, (I) acquiring image data for the offline document, extracting the character data through a character recognition technology (OCR), and storing character data of the comparison document data (Ii) receiving character data extracted from image data of the offline document to obtain character data of the comparison document data; And (b) the document management server obtains a second specific hash value generated by applying a hash function to (i) ID information about the offline document and (ii) a value obtained from the comparison document data, A process of generating a value obtained by processing the second representative hash value or the second representative hash value using the acquired second specific hash value and a process of generating the first representative hash value or the first representative hash value from the public block chain database using the Txid, (Ii) a value obtained by processing the first representative hash value or the first representative hash value and a value obtained by processing the second representative hash value or the second representative hash value, Generating a document authentication result value using the processed value; The method comprising the steps of:

According to an embodiment of the present invention, there is provided a method for offline issuance of a document to be issued, the method comprising: (a) when a request for offline issuance of a predetermined issuance target document from the user terminal is directly or indirectly obtained, The server generates ID information for the predetermined document to be issued, and generates (i) ID information of the predetermined document to be issued, (ii) a reference including character data corresponding to the content of the predetermined document to be issued (I) a value obtained from the document data, (iii) supporting to register or register the reference document data in the private block chain database, (i) ID information of the predetermined issuance target document registered in the private block chain database, ) A value obtained from the reference document data and (iii) a value of the reference document data on the private block chain database Support to obtain or acquire PrivTxid representing the and further comprising: support to issue or to issue a predetermined issue target document that contains the ID information of said predetermined issuance destination document off-line; And (b) if the predetermined condition is satisfied, the document management server performs: (i) ID information of the predetermined document to be issued, (ii) hash function generated by applying a hash function to the value obtained from the reference document data, And a value obtained by processing the representative hash value or the representative hash value generated by calculating at least one neighbor hash value matching the specific hash value with the public block chain database, Acquiring or obtaining a Txid indicating location information on the public block chain database of the representative hash value or the value obtained by processing the representative hash value registered in the database; The method comprising the steps of:

According to another aspect of the present invention, there is provided a server for authenticating a published offline document, the document management server comprising: a server that receives a request for offline issuance of a predetermined issuance target document from a user terminal, (ii) a value obtained from reference document data including character data corresponding to the contents of the predetermined document to be issued, and (iii) a value obtained by converting the reference document data into a private (I) ID information on the predetermined document to be issued, (ii) a first specific hash value generated by applying a hash function to a value obtained from the reference document data, and A first representative hash value generated by calculating at least one neighboring hash value matched with a hash value, or a value obtained by processing the first representative hash value, In the state in which the registered block chain database and manage the Txid corresponding to this, the communication unit to acquire the authentication information request to the off-line publishing; And obtaining comparison document data including ID information on the offline document and character data corresponding to the offline document corresponding to the authentication request information, wherein the comparison document data includes (i) image data for the offline document, (Ii) extracting character data from the image data of the offline document, and obtaining character data of the comparison document data by extracting the character data from the OCR to obtain character data of the comparison document data; (I) acquiring a second specific hash value generated by applying a hash function to a value obtained from (ii) the ID information of the offline document, and (ii) a value obtained from the comparison document data, And generating a value obtained by processing the second representative hash value or the second representative hash value using the Txi d to obtain a value obtained by processing the first representative hash value or the first representative hash value from the public block chain database, (ii) performing a process of obtaining the first representative hash value or the first representative hash value And generating a document authentication result value by using the processed value and the processed value of the second representative hash value or the second representative hash value; And a server for managing the server.

According to an embodiment of the present invention, there is provided a server for offline issuance of a document to be issued, comprising: a communication unit for directly or indirectly obtaining a request for offline issuance of a predetermined document to be issued from a user terminal; (A) generating ID information for the predetermined issuance target document in response to the request for offline issuance; (i) identifying the ID information of the predetermined issuance target document, (ii) (I) a value obtained from reference document data including character data corresponding to the private block chain database, and (iii) support to register or register the reference document data in the private block chain database, (Ii) a value obtained from the reference document data, and (iii) a PrivTxid indicating a position on the private block chain database of the reference document data, The predetermined document to be issued containing the ID information of the target document is issued offline or issued And (b) if the predetermined condition is satisfied, (i) ID information of the predetermined document to be issued, (ii) a specific hash value generated by applying a hash function to the value obtained from the reference document data And registering or registering a representative hash value generated by calculating at least one neighboring hash value matching the specific hash value or a value obtained by processing the representative hash value in the public block chain database, A processor for performing a process of acquiring or obtaining a Txid representing positional information on the public block chain database of the registered representative hash value or a value obtained by processing the representative hash value; And a server for managing the server.

In addition, a computer readable recording medium for recording a computer program for executing the method of the present invention is further provided.

According to the present invention, an offline document issued in a block chain of a virtual currency is registered to prevent the out-of-order modulation, thereby improving the reliability and security of the original document.

Also, according to the present invention, document authentication can be facilitated by comparing with an original document registered in a block chain of virtual money with respect to an offline document requested to be authenticated, and determining whether the document is up / modulated.

In addition, since the present invention identifies and provides the changed portion compared with the original document registered in the block chain of the virtual money with respect to the offline document requested for authentication, the user can easily grasp the change of the document.

The following drawings to be used for the description of the embodiments of the present invention are only a part of the embodiments of the present invention, and those having ordinary skill in the art (hereinafter referred to as " Other drawings can be obtained based on these figures without ever having to do any work.
1 schematically shows a document management server for issuing a document to be issued offline or performing authentication for an issued offline document according to an embodiment of the present invention,
2 schematically shows a method of issuing a document to be issued offline in accordance with an embodiment of the present invention,
Figures 3-5 illustrate documents that are published offline in accordance with one embodiment of the present invention,
6 and 7 schematically illustrate a process of registering reference document data for a document to be issued in a public block chain database according to an embodiment of the present invention,
Figure 8 schematically illustrates a method for performing authentication for documents issued offline in accordance with an embodiment of the present invention.

The following detailed description of the invention refers to the accompanying drawings, which illustrate, by way of example, specific embodiments in which the invention may be practiced in order to clarify the objects, technical solutions and advantages of the invention. These embodiments are described in sufficient detail to enable those skilled in the art to practice the invention.

Also, throughout the description and the claims of the present invention, the word 'comprise' and variations thereof are not intended to exclude other technical features, additions, elements or steps. Other objects, advantages and features of the present invention will become apparent to those skilled in the art from this description, and in part from the practice of the invention. The following examples and figures are provided by way of illustration and are not intended to limit the invention.

Moreover, the present invention encompasses all possible combinations of embodiments shown herein. It should be understood that the various embodiments of the present invention are different, but need not be mutually exclusive. For example, certain features, structures, and characteristics described herein may be implemented in other embodiments without departing from the spirit and scope of the invention in connection with an embodiment. It is also to be understood that the position or arrangement of the individual components within each disclosed embodiment may be varied without departing from the spirit and scope of the invention. The following detailed description is, therefore, not to be taken in a limiting sense, and the scope of the present invention is to be limited only by the appended claims, along with the full scope of equivalents to which such claims are entitled, if properly explained. In the drawings, like reference numerals refer to the same or similar functions throughout the several views.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings, so that those skilled in the art can easily carry out the present invention.

Brief Description of the Drawings Fig. 1 is a block diagram illustrating a document management server for issuing an issue document offline or issuing an authentication for an offline document according to an embodiment of the present invention. Fig. The document management server 100 may include a communication unit 110 and a processor 120. The use of the same reference numerals is for convenience of explanation only and is not intended to mean that these individual devices are the same. In another embodiment of the present invention, the server may be configured differently to perform the corresponding method, or may perform the corresponding method through the same server 100.

In particular, the server 100 typically includes a computing device (e.g., a computer processor, memory, storage, input and output devices, and other devices capable of including components of a conventional computing device; (E.g., an electronic information storage system such as a network attached storage (NAS) and a storage area network (SAN)) and computer software (i.e., instructions that cause a computing device to function in a particular manner) ≪ / RTI >

The communication unit 110 of such a computing device can send and receive requests and responses to and from other interworking computing devices. As an example, such requests and responses can be made by the same TCP session, For example, as a UDP datagram.

The processor 120 of the computing device may include a hardware configuration such as a micro processing unit (MPU) or a central processing unit (CPU), a cache memory, and a data bus. It may further include a software configuration of an operating system and an application that performs a specific purpose.

First, referring to FIG. 2, a method of issuing a document to be issued offline according to an embodiment of the present invention will be described with reference to the document management server of FIG. 1 as follows.

When the request for offline issuance of a predetermined document to be issued from the user terminal 200 is directly or indirectly obtained through the communication unit 110 of the server 100 (S11), the processor 120 of the document management server 100 Generates ID information for a predetermined document to be issued (S12).

That is, the user may request the offline issuance of a predetermined target document through the web server 210 by using the user terminal 200 performing wired / wireless communication such as a kiosk, a PC, a PDA, a tablet, a smart phone, The processor 120 of the document management server 100 sends a request for offline issuance of a predetermined document to be generated to the document management server 100 via the user terminal 200, And generates ID information for a predetermined document to be issued. At this time, the ID information is an eigenvalue which can prevent duplication with other issued documents, and may include numbers, codes, images, etc. having unique values. In addition, the user can transmit personal information such as the name of the document issuer, the resident registration number, and the like to a predetermined document to be issued as additional authentication information through the user terminal 200, and in addition, Can also be transmitted.

Then, the document management server 100 can support issuing or issuing a predetermined publication target document including the ID information of the predetermined publication object document offline (S13). That is, the document management server 100 generates the data file for the document by including the ID information in the specific location area of the predetermined issuance target document requested to be issued offline, and transmits the generated data file to the web server 210 The user terminal 200 can support the document contents included in the data file to be printed through the printer connected to the user terminal 200 via wire, wireless, or the network. At this time, the document ID information is placed in an arbitrary area that is not overlapped with a character or an image included in the document to be printed, or positioned so that at least a part of the document or the document is overlapped with the character or image of the document to be printed, It is possible to prevent the change from being made. For example, when the document to be issued is printed, the transparency of the character or image of the document to be issued and the transparency of the document ID information can be set differently.

In addition, the document management server 100 may be configured to perform the following operations: (i) ID information of a predetermined document to be issued, (ii) a value obtained from reference document data including character data corresponding to contents of a predetermined document to be issued, (I) the ID information of a predetermined document to be issued (registered) in the private block chain database, (ii) the value obtained from the reference document data, and (iii) the reference block data And acquire or obtain PrivTxid indicating the location of the document data on the private database (S13).

Here, the value obtained from the reference document data may be a hash value for the reference document data, and the value obtained from the comparison document data may be a hash value for the comparison document data, but the present invention is not limited thereto.

The reference document data may include character data generated by acquiring all characters included in a predetermined document to be issued or at least some characters.

The reference document data may include additional authentication information such as information of a document issuance requester and document issuer information for a predetermined issuance target document transmitted from the user terminal 200, Such as minutiae information on the < / RTI >

3, when the predetermined document to be printed includes the character area A1 and the image area A2, the document management server 100 displays character data corresponding to the contents of the character area A1 The reference document data may be generated using the minutia information of the image in the image area A2. At this time, the minutia information in the image may be an example as shown in FIG. 4, but the present invention is not limited thereto.

In addition, the document management server 100 divides a predetermined document to be printed into n areas, and in a state in which a sub ID is assigned to each of the n divided areas, character data from each of the divided areas corresponding to each sub ID , And character data for each sub ID may be registered as reference document data. At this time, the document management server 100 may register character data for all sub-IDs or only character data for a specific ID.

When a predetermined document to be issued includes a table as shown in FIG. 5, the document management server 100 assigns a sub ID to each cell region forming the table, Character data may be obtained from the cell area.

In addition, the document management server 100 sets an area in which information including at least some of the watermark and logo information of the issuing institution is not overlapped with the area where the additional information to be written in the predetermined document to be printed, for example, Character data can be obtained from an area where the set additional information is not overlapped with the area to be set. This makes it possible to increase the character recognition rate of the area for verification at the time of authentication of the offline document issued later.

In addition, the document management server 100 can support such a predetermined publication target document to be issued offline in a state in which a specific display section is described in an area where character data of reference document data in a predetermined publication object document is located . At this time, the specific display unit may be a background color of a specific region or a text color located in a specific region, which is distinguished from other regions in an offline document to be issued, but is not limited thereto. This makes it easy to acquire the character data for the original collation in the offline document.

Then, when the triggering condition for registering a predetermined hash value in the public block chain database is satisfied (S20), the document management server 100 determines (i) the ID information of the predetermined issuance target document And (ii) computing a first specific hash value generated by applying a hash function to a value obtained from the reference document data and at least one neighbor hash value matching the first specific hash value, A value obtained by processing the representative hash value is generated (S21), and a value obtained by processing the generated first representative hash value or the first representative hash value is registered or registered in the public block chain database 300 (S22) Acquires a transaction ID Txid indicating position information on a public block chain database of a value obtained by processing the first representative hash value or the first representative hash value registered in the public block chain database 300 (S23).

The MDA function, the MD5 function, the SHA-0 function, the SHA-1 function, the SHA-224 function, and the hash function can be performed by various hash functions. Function, an SHA-256 function, an SHA-384 function, a SHA-512 function, and a HAS-160 function. For example, Triple SHA256 would be possible.

At this time, the document management server 100 may store and manage the first specific hash value and the at least one neighbor hash value in a predetermined data structure. Here, the data structure may be various, for example, a merkle tree structure. In this case, the computation of the first specific hash value and the at least one neighbor hash value can be done through a merkle tree.

That is, the document management server 100 can support the first specific hash value to generate or generate a merkle tree assigned to a specific leaf node, and if the predetermined condition is satisfied, the first specific hash value is matched with the first specific hash value The first representative hash value or the first representative hash value generated by computing the hash value assigned to at least one other leaf node to be registered or registered in the public block chain database 120. [

More specifically, (x1) the document management server 100 calculates (i) a first specific hash value and (ii) a hash value assigned to a sibling node of the node to which the first specific hash value is assigned, , And support to assign or assign a hash value for the computed value to the node's parent node. (x2) If the parent node is the root node of the merge tree, the hash value assigned to the parent node is the first representative hash value. (x3) On the other hand, if the parent node is not the root node of the merge tree, the document management server 100 repeats (x1) to (x3) with the hash value assigned to the parent node as a specific hash value.

Then, the document management server 100 finally registers the hash value assigned to the root node of the merge tree as a first representative hash value in the public block chain database 300 or registers it. At this time, a value obtained by processing the first representative hash value may be registered. For example, a result obtained by performing a hex operation on the first representative hash value may be registered.

Meanwhile, the document management server 100 stores the first specific hash value and the at least one neighbor hash value in a predetermined first data structure, and then stores and manages a second data structure of the same type as the first data structure In this case, the first data structure and the second data structure may be connected in a chain form.

In particular, if the first data structure and the second data structure are merc trees as in the above example, the root value of the first data structure or the hash value of the root value may be assigned to the first leaf node of the second data structure .

In addition, when the second data structure is generated, authentication of the first data structure is performed, so that data integrity can be further guaranteed.

In addition, in the case of the first one of the at least one merch tree connected in a chain form, the first leaf node of the first merch tree may be assigned a hash value or a processed value of predetermined message data composed of text, numbers, or symbols have. For example, a hash value of an input message initially assigned by the document management server 100 may be allocated when generating a merge tree.

FIGS. 6 and 7 are diagrams illustrating examples of a merge tree generated according to an embodiment of the present invention.

FIG. 6 shows a merge tree having four leaf nodes. Since the illustrated merge tree is the first merge tree (tree_id = 0), it can be seen that a hash value (sha256 (coinplug_unique_message)) of a predetermined message data is assigned to the first leaf node h0. When there is an offline issuance request for the issuance target document, the document management server 100 generates the next leaf node of the last leaf node of the currently configured merge tree and assigns a processed value of the specific hash value or a specific hash value . For example, if a new leaf node needs to be created in a state where the value assignment from the merge tree to the h1 node as the second leaf node is completed, a h2 node, which is a next leaf node, is generated to process a specific hash value or a specific hash value One value (sha256 (input2)) can be assigned. The server 100 may also support computing or computing (i) a particular hash value assigned to the h2 node and (ii) a hash value assigned to the h3 node, which is a sibling node of the h2 node. The hash value for the computed value is assigned to the h2 node and the parent node (h23 node) of the h3 node. Since the parent node (h23 node) is not the root node of the merge tree, the document management server 100 can repeat the above process with the hash value assigned to the h23 node as a specific hash value. That is, the hash value assigned to the h23 node is set as a specific hash value, and the hash value assigned to the h23 node and the hash value assigned to the h01 node are calculated and assigned to the h23 node and the parent node (h0123 node) of the h01 node have. At this time, since the h0123 node is the root node of the merge tree, the document management server 100 registers the hash value assigned to the node h0123 or the processed value hex (h {node_index}) in the public block chain database 300 Or register.

(Ii) a condition in which a predetermined time elapses; (iii) a condition in which a predetermined number of times of issuance of an issuance target document or authentication information of an offline document is obtained; A block chain, a condition in which a block is generated in a private block chain, and (iv) a condition for a service characteristic.

On the other hand, for example, if a plurality of predetermined issuance target document offline acquisition requests or acquisition of authentication information for an offline document is obtained for the leaf nodes of the merge tree, a merge tree is generated, and the root value of the merge tree is set as a public block chain To register or register in the database (300).

Also, the document management server 100 can generate the root value of the aforementioned mu tree at predetermined time intervals (condition (ii) above). In this case, the document management server 100 may generate a merge tree using the input values up to that time and register or register the root value of the merge tree in the public block chain database 300 when a predetermined time elapses.

In this case, although a predetermined time has elapsed, a value may not be assigned to a sibling node of a node to which a particular hash value of the merge tree is assigned. If the hash value is not allocated to the sibling node of the node to which the specific hash value is allocated even though the predetermined condition is satisfied, the document management server 100 supports to assign or assign a predetermined hash value to the sibling node, The route value of the merge tree can be calculated in one way. For example, the document management server 100 can support copying and assigning or assigning a particular hash value to a sibling node.

The service characteristic includes cost information provided by a specific issuer requesting an offline issuance of a predetermined issuance target document or a specific person requesting authentication for an offline document, an offline issuance request of a predetermined issuance target document or an authentication for an offline document The time zone information in which the request is made, the offline issuance of the predetermined issuance target document or the local issuance request of the offline document, the offline issuance of the issuance target document or the authentication of the offline document have. However, the present invention is not limited to the one described here, but includes various condition information in which a generally accepted differential service can be provided.

On the other hand, when a new merge tree generation is started and a predetermined condition is satisfied in a state in which there is no offline issuance request for a predetermined issuance target document, the document management server 100 judges that the predetermined message data is the first leaf node, Support for creating or creating a merge tree assigned to a node, and support for registering or registering the root value of the merge tree or the processed value in the public block chain database 300. In this case, a merge tree with two leaf nodes may be created.

Meanwhile, as described above, the document management server 100 stores the first specific hash value and the at least one neighbor hash value in a predetermined first data structure, and then stores the second data structure of the same type as the first data structure The first data structure and the second data structure may be connected in a chain form. In particular, if the first data structure and the second data structure are merc trees, the root value of the first data structure or the hash value of the root value may be assigned to the first leaf node of the second data structure.

7 is a diagram illustrating a merge tree generated as a second data structure according to an embodiment of the present invention.

Referring to Fig. 7, it can be seen that the root value (hex (h0123)) of the merge tree (tree_id = 0) of Fig. 6 is assigned to the first leaf node (h4 node) of the new merge tree (sha256 (input4)). The present invention has an advantage of improving data integrity by enabling easy tracking even when data is modulated in the middle by connecting a plurality of data structures generated at the time of occurrence of a transaction.

Next, referring to FIG. 8, a method of performing authentication for a published offline document according to an embodiment of the present invention will be described.

2, the document management server 100 acquires a request for offline issuance of a predetermined issuance target document from the user terminal in the conventional manner, as a result of (i) a predetermined issuance target document (Ii) a value obtained from reference document data including character data corresponding to a content of a predetermined document to be issued, and (iii) reference document data in a private block chain database, and (i) Which is generated by computing at least one neighboring hash value matching the first specified hash value, which is a hash value generated by applying a hash function to the value obtained from the reference document data, In a state in which a value obtained by processing one representative hash value or the first representative hash value is registered in the public block chain database and the corresponding Txid is managed, When an authentication request for an offline document issued from the authentication request terminal 201 is transmitted (S31), the document management server 100 sends a signal for the authentication request directly from the document authentication request terminal 201 to the communication unit 110 Or indirectly through the communication unit 110 through the web server 210 or the like. At this time, the document authentication request terminal 201 may include a wired or wireless terminal such as a PC, a tablet, a PDA, or a smart phone, and may have a character recognition technology (OCR) function or a function of acquiring image data for an offline document .

Then, the document management server 100 can acquire the comparison document data including the ID information for the offline document and the character data corresponding to the offline document as authentication request information for the issued offline document (S32). Also, the document management server 100 can obtain a hash value for the comparison document data.

For example, the document authentication request terminal 201 scans the offline document, extracts the ID information of the offline document and the character data of the offline document using the character recognition technology (OCR) from the scanned image data, 100, or extracts the ID information of the offline document using the character recognition technology, and transmits the scanned image data to the document management server 100 in correspondence with the ID information of the extracted offline document, Or extracts character data using the character recognition technology, or transmits the scanned image data to the document management server 100, and transmits the ID information and the character data to the document management server 100 using the character recognition technology Extraction can be performed. That is, the document management server 100 directly receives the ID information of the offline document requested to be authenticated and the offline document, or acquires the image data from the scanned image data through the OCR.

At this time, the comparison document data may include character data obtained by extracting all characters or at least some characters from the offline document.

Also, the comparison document data may include additional authentication information such as document issuer information, document issuer information, and the like for the offline document transmitted from the document authentication request terminal 201, and the minutia information about the image included in the offline document And may include additional authentication information.

3, when the offline document includes the character area A1 and the image area A2, the document management server 100 determines that the character data corresponding to the content of the character area A1 and the character area A1 A2 can be obtained as comparative document data. At this time, the minutiae information in the image may include minutiae from the image, as shown in Fig. 4, and distance information, which is an interval between extracted minutiae.

When the offline distribution is divided into n areas and the sub IDs are assigned to each of the n divided areas, the document management server 100 extracts character data from each of the divided areas corresponding to the respective sub IDs It can also be obtained. At this time, the document management server 100 may acquire character data for all the divided areas corresponding to all the sub IDs according to the preset condition, or may acquire character data only for the specific divided area corresponding to the specific ID. It is also possible to acquire only character data for a specific divided area corresponding to a specific sub ID by a request from the document authentication request terminal 201. [

5, when the sub-IDs are assigned to the respective cell regions forming the table, the document management server 100 determines that each of the cells corresponding to each sub-ID Character data may be obtained from the area. At this time, the document management server 100 may acquire character data for all the cell areas corresponding to all the sub IDs according to the preset condition, or may acquire only character data for the specific cell area corresponding to the specific ID. It is also possible to acquire character data only for a specific cell area corresponding to a specific western ID by a request from the document authentication request terminal 201. [

In addition, the document management server 100 can acquire character data for an area that does not overlap with a region where additional information including at least a part of the watermark and the logo information of the issuing institution are written in the offline document. Thereby improving the accuracy of the document data obtained thereby.

In addition, the document management server 100 can confirm the specific display portion described in the offline document and acquire character data of the specific display portion area that has been confirmed. At this time, the specific display unit may be a background color of a specific region distinguished from other regions in an offline document, or a character color located in a specific region, but is not limited thereto. This makes it possible to easily confirm the acquired portion of the character data in the offline document.

Thereafter, the processor 120 of the document management server 100 obtains the second specific hash value generated by applying the hash function to the value obtained from the ID information and the comparison document data of the offline document, A value obtained by processing the second representative hash value or the second representative hash value is generated using the hash value (S33).

That is, the value assigned to the leaf node corresponding to the corresponding ID in the existing generated merge tree can be set as the second specified hash value by using the ID information of the offline document obtained from the offline document requested for authentication.

For the second specific hash value, the description of the first specific hash value described above can be applied equally. That is, the operation of the second specific hash value and the at least one neighbor hash value can be performed by various hash functions. Since this has been described above, the explanation is omitted.

In addition, the operation of the second specific hash value and the at least one neighbor hash value can be performed through a merkle tree. Once the authentication request information for the offline document is obtained, the document management server 100 can identify the merge tree information and the leaf node information associated with the input data.

The value obtained by processing the second representative hash value or the second representative hash value is calculated by multiplying the second specific hash value by the second specific hash value in the merkle tree allocated to the specific leaf node May be generated by computing a hash value assigned to at least one other leaf node that matches.

When the authentication request information for the offline document is acquired, the document management server 100 refers to the ID information about the offline document and acquires the first document ID from the public block chain database 300 using the Txid corresponding to the ID (Step S34, step S35) to obtain or obtain a value obtained by processing the representative hash value or the first representative hash value. That is, the document management server 100 may obtain an OP message including a value obtained by processing the first representative hash value or the first representative hash value corresponding to the Txid from the public block chain database 300. At this time, the Txid corresponding to the ID for the offline document is determined by (i) the ID information for the offline document, and (ii) the merge tree information related to the value obtained from the comparison document data, Information can be identified and confirmed in correspondence with the identified mu tree tree information.

In the authentication operation process, the document management server 100 may support creation or generation of a new merge tree. In this case, the merge tree generated in the method of issuing the predetermined document to be generated may be used. That is, the document management server 100 calculates (i) a second specific hash value and (ii) a hash value assigned to the sibling node of the node to which the second specific hash value is assigned in the existing generated merge tree And support to assign or assign the hash value of the operation value to the node's parent node in the new merge tree. (Y2) if the parent node is the root node of the new merge tree, to compare or compare the hash value assigned to the parent node with the value contained in the OP message as the second representative hash value, and (y3) If it is not the root node of the new merge tree, (y1) to (y3) can be repeatedly performed using the hash value assigned to the parent node as the second specified hash value.

The document management server 100 compares the root value of the finally generated muckree or the processed value with the value obtained by processing the first representative hash value or the first representative hash value included in the OP message, It is possible to authenticate whether it is changed by up / modulation.

That is, the document management server 100 then uses the value obtained by processing the first representative hash value or the first representative hash value and the value obtained by processing the second representative hash value or the second representative hash value (S36) An authentication result value may be generated and provided (S37).

That is, the document management server 100 compares the value obtained by processing the first representative hash value or the first representative hash value with the value obtained by processing the second representative hash value or the second representative hash value, A normal document authentication result value indicating that the document is normal, and transmits the generated normal document authentication result value to the document authentication request terminal 201. This ensures that the requested offline document matching the specific document that requested the document authentication matches the original without modification

However, if the value obtained by processing the first representative hash value or the first representative hash value is compared with the value obtained by processing the second representative hash value or the second representative hash value, the document management server 100 determines that the registered The character data of the reference document data is compared with the character data of the obtained comparison document data to identify the inconsistent character data which is inconsistent character data. The abnormal document authentication result value indicating that the offline document requested to be authenticated is abnormal is generated, but the inconsistent character data identified in the abnormal document authentication result value is included. As a result, a specific person who receives the abnormal document authentication result value can not only confirm that the offline document requested for authentication has been changed due to the above-mentioned modification / modification, but also can directly check the changed portion through the inconsistent character data.

As described above, according to the present invention, when a merge tree having nm (= N) leaf nodes is generated in the step of issuing a predetermined issuance target document, the issuance of the issued offline document It is possible to perform authentication with respect to < / RTI >

Meanwhile, when obtaining the input data, the document management server 100 may identify at least one of the merge tree information and the leaf node information related to the input data with reference to the time information related to the input data.

Hereinafter, a verification process will be described with reference to a concrete example shown in FIG.

Referring again to FIG. 3, when there is a verification request for input 2, the document management server 120 identifies the existing merge tree and leaf node information with reference to the input data information, (tree_id = 0) to the public block chain database 300 to acquire the OP message from the public block chain database 300. [ Then, the server 300 can support creation or generation of a new merge tree using input 2. Since the hash value of input 2 (sha256 (input2)) is assigned to the h2 node, the server 100 determines the hash value assigned to the h2 node and the hash value assigned to the h3 node, which is the sibling node of the h2 node, It can be used to calculate or calculate values. The hash value for the operation value is assigned to the h2 node and the h23 node, which is the parent node of the h3 node. Since the h23 node is not the root node of the new merge tree, the document management server 100 can repeat the above process with the hash value assigned to the h23 node as the second specified hash value. That is, the hash value assigned to the h23 node is set as the second specific hash value, and the hash value assigned to the h23 node and the hash value assigned to the h01 node in the existing generated merge tree are calculated, Quot; node " node " h0123 " At this time, since the h0123 node is the root node of the merge tree, the document management server 100 compares the value (hex (h {node_index}) obtained by processing the hash value assigned to the node h0123 with the value contained in the OP message And compare them.

In addition, the embodiments of the present invention described above can be implemented in the form of program instructions that can be executed through various computer components and recorded in a computer-readable recording medium. The computer-readable recording medium may include program commands, data files, data structures, and the like, alone or in combination. The program instructions recorded on the computer-readable recording medium may be those specially designed and constructed for the present invention or may be those known and used by those skilled in the computer software arts. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tape, optical recording media such as CD-ROMs and DVDs, magneto-optical media such as floptical disks, media, and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions include machine language code such as those generated by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like. The hardware device may be configured to operate as one or more software modules for performing the processing according to the present invention, and vice versa.

While the present invention has been particularly shown and described with reference to exemplary embodiments thereof, it is to be understood that the invention is not limited to the disclosed exemplary embodiments, but, on the contrary, Those skilled in the art will appreciate that various modifications, additions and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims.

Therefore, the spirit of the present invention should not be construed as being limited to the above-described embodiments, and all of the equivalents or equivalents of the claims, as well as the following claims, I will say.

100: server,
110:
120: processor,
200: user terminal,
201: Document authentication request terminal
300: public block chain database

Claims (32)

A method for performing authentication on an issued offline document,
(a) the document management server has previously obtained a request for offline issuance of a predetermined issuance target document from the user terminal, (i) ID information about the predetermined issuance target document, (ii) (Iii) a value obtained from reference document data including character data corresponding to contents of a document, and (iii) the reference document data is registered in a private block chain database, and the first specific hash value - (ii) a hash value generated by applying a hash function to a value obtained from the reference document data, and at least one neighboring hash that matches the first specified hash value, Value or a value obtained by processing the first representative hash value is registered in the public block chain database and Txid corresponding to the first representative hash value is registered in the public block chain database The document management server transmits, as authentication request information for the issued offline document, ID information for the offline document and comparison document data, the comparison document data including character data corresponding to the offline document (I) acquiring image data of the offline document, extracting character data through a character recognition technology (OCR) to obtain character data of the comparison document data, (ii) receiving character data extracted from the image data of the offline document to obtain character data of the comparison document data; And
(b) the document management server obtains a second specific hash value generated by applying a hash function to (i) ID information on the offline document and (ii) a value obtained from the comparison document data, A process of generating a value obtained by processing a second representative hash value or a second representative hash value using a second specific hash value and a process of generating the first representative hash value or the second representative hash value from the public block chain database using the Txid, (Ii) a value obtained by processing the first representative hash value or the first representative hash value and a value obtained by processing the second representative hash value or the second representative hash value Generating a document authentication result value using the processed value;
≪ / RTI > The method according to claim 1,
The step (b)
(b1) in response to the acquisition of the authentication request information for the issued offline document, the document management server refers to the Txid related to the ID information for the offline document, and
(b2) the document management server obtaining the OP message from the public block chain database using the Txid,
And comparing the value obtained by processing the generated second representative hash value or the second representative hash value with a value obtained by processing the first representative hash value or the first representative hash value included in the OP message. How to. 3. The method of claim 2,
In the step (b1)
In response to the acquisition of the authentication request information for the issued offline document, the document management server is configured to perform the steps of: (i) obtaining ID information about the offline document; and (ii) Identifies node information, and refers to the Txid corresponding to the identified mu tree tree information. The method according to claim 1,
Wherein the second representative hash value is generated by computing at least one neighboring hash value matched with the second specific hash value and the second specific hash value. 5. The method of claim 4,
The second representative hash value is a value
The hash value assigned to at least one other leaf node matched with the second specific hash value and the second specific hash value is computed in a merge tree in which the second specific hash value is assigned to a specific leaf node ≪ / RTI > 6. The method of claim 5,
(x1) the document management server supports to calculate or calculate a hash value assigned to (i) the second specific hash value and (ii) the sibling node of the node to which the second specific hash value is assigned, ) The second specific hash value and (ii) the hash value of the operation value that computes the hash value assigned to the sibling node of the node to which the second specific hash value is assigned, to the parent node of the node In addition,
(x2) If the parent node is the root node of the merge tree, the hash value assigned to the parent node is set to the value included in the OP message obtained from the public block chain database using the Txid as the second representative hash value To compare and compare,
(x3) If the parent node is not the root node of the merge tree, the step (x1) to (x3) are repeated by using the hash value assigned to the parent node as the second specific hash value Way. The method according to claim 1,
In the step (b)
The document management server comprising:
If the value obtained by processing the first representative hash value or the first representative hash value is equal to the value obtained by processing the second representative hash value or the second representative hash value, Generates a normal document authentication result value,
If the value obtained by processing the first representative hash value or the first representative hash value does not match the value obtained by processing the second representative hash value or the second representative hash value, The abnormal document authentication result value is generated by comparing the character data of the document data with the abnormal document authentication result value to identify the inconsistent character data as the inconsistent character data and indicating that the offline document requested for authentication is abnormal, So that the identified mismatched character data is included. The method according to claim 1,
Wherein the reference document data and the comparison document data are additional authentication information, and the additional authentication information is information of a document issuance requestor for the predetermined document to be issued or the offline document, document issuer information, And at least some of the minutia information for an image included in an offline document. The method according to claim 1,
In the step (a)
The document management server comprises:
In acquiring the character data included in the comparison document data,
When the authentication request information for the offline document is related to a specific divided area corresponding to a specific sub ID, the control unit divides the offline document into n areas, assigns a sub ID to each of the n divided areas, And acquiring specific character data included in the area. The method according to claim 1,
Wherein the value obtained from the reference document data is a hash value for the reference document data and the value obtained from the comparison document data is a hash value for the comparison document data. A method for issuing an issuance target document offline,
(a) if a request for offline issuance of a predetermined issuance target document is directly or indirectly obtained from a user terminal, the document management server generates ID information for the predetermined issuance target document, and (i) (Ii) a value obtained from reference document data including character data corresponding to the content of the predetermined issuance target document, and (iii) the reference document data is registered in the private block chain database or registered (I) ID information of the predetermined issuance target document registered in the private block chain database, (ii) a value obtained from the reference document data, and (iii) a value obtained from the private block chain database Acquiring or obtaining a PrivTxid indicating the position of the predetermined issuance target document, The step of supporting said predetermined issued to issue or issues a target document that contains the off-line; And
(b) if the predetermined condition is satisfied, the document management server determines whether or not the specific hash value - (i) the ID information of the predetermined issuance target document, (ii) the value obtained from the reference document data A representative hash value generated by computing a hash value generated by applying a hash function and at least one neighbor hash value matched with the specific hash value or a value obtained by processing the representative hash value is registered in a public block chain database or registered To obtain or obtain a Txid indicating location information on the public block chain database of the representative hash value or the value obtained by processing the representative hash value registered in the public block chain database;
≪ / RTI > 12. The method of claim 11,
In the step (b)
The predetermined condition is that,
(ii) a condition that a predetermined period of time elapses; (iii) a condition in which, in the private block chain, at least one of the offline issuance request information of the predetermined issuance target document and the authentication information of the offline document is acquired; And (iv) a condition for a service characteristic. 12. The method of claim 11,
In the step (b)
Wherein the document management server supports to generate or generate a merkle tree in which the particular hash value is assigned to a leaf node,
A value obtained by processing the representative hash value or the representative hash value generated by computing a hash value assigned to at least one other leaf node matching the specific hash value, To be registered or registered. 14. The method of claim 13,
If the merge tree is a first tree among at least one merge tree connected in a chain form, the first leaf node of the merge tree is assigned a hash value or a processed value of predetermined message data composed of text, numbers or symbols Lt; / RTI > 14. The method of claim 13,
If the predetermined condition is satisfied,
(x1) The document management server supports (i) calculating or calculating a hash value assigned to the sibling node of the node to which the specific hash value is assigned, and (ii) Value to the parent node of the node,
(x2) if the parent node is the root node of the merge tree, supports to register or register the hash value assigned to the parent node as the representative hash value in the public block chain database,
(x3) If the parent node is not the root node of the merge tree, the step (x1) to (x2) are repeated by using the hash value assigned to the parent node as the specific hash value. 16. The method of claim 15,
At (x1)
If the hash value is not assigned to the sibling node of the node to which the specific hash value is allocated even though the predetermined condition is satisfied, the document management server supports to assign or assign a predetermined hash value to the sibling node, (x1) to (x3). < / RTI > 12. The method of claim 11,
When the document management server stores the specific hash value and the at least one neighbor hash value in a predetermined first data structure and then stores and manages a second data structure of the same type as the first data structure, Wherein the first data structure and the second data structure are connected in a chain form. 18. The method of claim 17,
Wherein a root value of the first data structure or a hash value of the root value is assigned to a first leaf node of the second data structure if the first data structure and the second data structure are merc trees. . 12. The method of claim 11,
Wherein the reference document data includes at least part of minutia information about the image included in the predetermined document to be issued, information about the document issuer of the predetermined document, document issuer information, ≪ RTI ID = 0.0 > - < / RTI > 12. The method of claim 11,
In the step (b)
The document management server comprises:
Wherein a predetermined display section is written in an area where character data of the reference document data in the predetermined issuance target document is located so that the predetermined issuance target document is issued offline. A server for performing authentication on an issued offline document,
(I) ID information about the predetermined document to be issued, (ii) content of the predetermined document to be issued (Iii) a value obtained from reference document data including character data corresponding to a first specific hash value and a second specific hash value, and (iii) (Ii) a hash value generated by applying a hash function to a value obtained from the reference document data, and at least one neighboring hash value matching the first specified hash value, A value obtained by processing the first representative hash value or the first representative hash value generated in the public block chain database and managing the corresponding Txid A communication unit for acquiring authentication request information for the issued offline document in a state that the offline document is issued; And
Obtaining identification information for the offline document and comparison document data corresponding to the authentication request information, wherein the comparison document data includes character data corresponding to the offline document, wherein (i) the image data for the offline document (Ii) extracting character data extracted from the image data of the offline document by extracting the character data through a character recognition technology (OCR) to obtain character data of the comparison document data, (Ii) acquiring a second specific hash value generated by applying a hash function to a value obtained from the comparison document data, and (iii) And generates a value obtained by processing the second representative hash value or the second representative hash value using the second specific hash value And a process of obtaining a value obtained by processing the first representative hash value or the first representative hash value from the public block chain database using the process and the Txid, and (ii) A processor for performing a process of generating a document authentication result value using a value obtained by processing the first representative hash value and a value obtained by processing the second representative hash value or the second representative hash value;
Lt; / RTI > 22. The method of claim 21,
The processor comprising:
(b1) acquiring the OP message from the public block chain database using the Txid and the process of referring to the Txid related to the ID information about the offline document, corresponding to the acquisition of the authentication request information for the issued offline document Further perform the process,
And comparing the value obtained by processing the generated second representative hash value or the second representative hash value with a value obtained by processing the first representative hash value or the first representative hash value included in the OP message. The server. 22. The method of claim 21,
Wherein the second representative hash value is generated by computing at least one neighboring hash value matched with the second specific hash value and the second specific hash value. 24. The method of claim 23,
The second representative hash value is a value
The hash value assigned to at least one other leaf node matched with the second specific hash value and the second specific hash value is computed in a merge tree in which the second specific hash value is assigned to a specific leaf node Lt; / RTI > 25. The method of claim 24,
The processor comprising:
(x1) to calculate or calculate a hash value assigned to (i) the second specific hash value and (ii) a sibling node of a node to which the second specific hash value is assigned, and (i) And (ii) a hash value for a computation value of a computed hash value assigned to a sibling node of a node to which the second specific hash value is allocated, to the parent node of the node,
(x2) If the parent node is the root node of the merge tree, the hash value assigned to the parent node is set to the value included in the OP message obtained from the public block chain database using the Txid as the second representative hash value To compare and compare,
(x3) If the parent node is not the root node of the merge tree, the step (x1) to (x3) are repeated by using the hash value assigned to the parent node as the second specific hash value server. 22. The method of claim 21,
The processor comprising:
If the value obtained by processing the first representative hash value or the first representative hash value is equal to the value obtained by processing the second representative hash value or the second representative hash value, Generates a normal document authentication result value,
If the value obtained by processing the first representative hash value or the first representative hash value does not match the value obtained by processing the second representative hash value or the second representative hash value, The abnormal document authentication result value is generated by comparing the character data of the document data with the abnormal document authentication result value to identify the inconsistent character data as the inconsistent character data and indicating that the offline document requested for authentication is abnormal, So that the identified inconsistent character data is included. 22. The method of claim 21,
Wherein the value obtained from the reference document data is a hash value for the reference document data and the value obtained from the comparison document data is a hash value for the comparison document data. A server for issuing an issuance target document offline,
A communication unit for directly or indirectly obtaining a request for offline issuance of a predetermined issuance target document from a user terminal; And
(a) generating ID information for the predetermined issuance target document in response to the request for offline issuance; (i) acquiring ID information of the predetermined issuance target document, (ii) (I) a value obtained from reference document data including corresponding character data; and (iii) support to register or register the reference document data in a private block chain database, and (i) (Ii) a value obtained from the reference document data, and (iii) a PrivTxid indicating a location on the private block chain database of the reference document data, Issuing or issuing the predetermined issuance target document including the ID information of the document offline And (b) if a predetermined condition is satisfied, a specific hash value - the specific hash value includes at least one of (i) ID information of the predetermined issuance target document, (ii) And a value obtained by processing a representative hash value or a representative hash value generated by calculating at least one neighbor hash value matched with the specific hash value is registered or registered in the public block chain database And processing to obtain or obtain a Txid indicating location information on the public block chain database of a value obtained by processing the representative hash value or the representative hash value registered in the public block chain database;
Lt; / RTI > 29. The method of claim 28,
The predetermined condition is that,
(ii) a condition that a predetermined period of time elapses; (iii) a condition in which, in the private block chain, at least one of the offline issuance request information of the predetermined issuance target document and the authentication information of the offline document is acquired; A condition to be generated, and (iv) a condition for a service characteristic. 29. The method of claim 28,
The processor comprising:
Wherein the particular hash value supports creating or generating a merkle tree assigned to a leaf node,
A value obtained by processing the representative hash value or the representative hash value generated by computing a hash value assigned to at least one other leaf node matching the specific hash value, And to register or register the server. 31. The method of claim 30,
The processor comprising:
If the predetermined condition is satisfied,
(x1) to calculate or calculate a hash value assigned to (i) the specific hash value and (ii) a hash value assigned to a sibling node of the node to which the specific hash value is assigned, and (ii) A hash value for a computation value that computes a hash value assigned to a sibling node of a node to which a particular hash value is allocated is allocated or assigned to a parent node of the node,
(x2) if the parent node is the root node of the merge tree, supports to register or register the hash value assigned to the parent node as the representative hash value in the public block chain database,
(x3) if the parent node is not the root node of the merge tree, repeats the operations (x1) to (x2) using the hash value assigned to the parent node as the specific hash value. 32. The method of claim 31,
In (x1) above,
The processor comprising:
If a hash value is not assigned to a sibling node of the node to which the specific hash value is allocated even though the predetermined condition is satisfied, it is possible to assign or assign a predetermined hash value to the sibling node, ) In response to the request.

Images