CN112862047A - Double-authorization intelligent anti-counterfeit label generation method - Google Patents

Double-authorization intelligent anti-counterfeit label generation method Download PDF

Info

Publication number
CN112862047A
CN112862047A CN202110165222.9A CN202110165222A CN112862047A CN 112862047 A CN112862047 A CN 112862047A CN 202110165222 A CN202110165222 A CN 202110165222A CN 112862047 A CN112862047 A CN 112862047A
Authority
CN
China
Prior art keywords
chip
identity
server
label
writing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110165222.9A
Other languages
Chinese (zh)
Other versions
CN112862047B (en
Inventor
陈永林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202110165222.9A priority Critical patent/CN112862047B/en
Publication of CN112862047A publication Critical patent/CN112862047A/en
Application granted granted Critical
Publication of CN112862047B publication Critical patent/CN112862047B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/073Special arrangements for circuits, e.g. for protecting identification code in memory
    • G06K19/07309Means for preventing undesired reading or writing from or onto record carriers
    • G06K19/07318Means for preventing undesired reading or writing from or onto record carriers by hindering electromagnetic reading or writing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards

Abstract

The application discloses a double-authorization intelligent anti-counterfeit label generation method, which comprises the steps of writing a unique identification code, a cryptographic algorithm, a first-level authorization code and a second-level authorization code in a chip, and automatically generating a first-level identity and a second-level identity in the chip. According to the intelligent anti-counterfeit label generation method, the respective authorization is isolated through two different links of label production and application, so that any link cannot obtain a complete authorization code, the cracking of a unique identification code hidden in a chip is avoided, and the safety is improved.

Description

Double-authorization intelligent anti-counterfeit label generation method
Technical Field
The application relates to the technical field of intelligent anti-counterfeiting, in particular to a method for generating an intelligent anti-counterfeiting label with double authorization.
Background
At present, the anti-counterfeiting means on the market are endlessly changed, but the counterfeit and shoddy products are still rampant, and how to prevent counterfeiting and identify the authenticity becomes a problem that merchants and consumers pay much attention to and feel headache. The traditional physical anti-counterfeiting technical means is used, so that the counterfeiting cost is too low and the counterfeiting is easy to copy; the anti-counterfeiting technology using the two-dimension code has certain safety, but the anti-counterfeiting system is easy to be counterfeited integrally because the two-dimension code is mainly supported by a background database.
With the development of science and technology, radio frequency anti-counterfeit labels, such as RFID anti-counterfeit labels and NFC anti-counterfeit labels, have come into existence. The radio frequency anti-counterfeit label adopts a radio frequency chip verification technology to achieve the purpose of identifying true and false, but most of the existing radio frequency anti-counterfeit labels utilize the unique identification code of the radio frequency chip for verification, the unique identification code of the radio frequency chip is disclosed to the outside, and the radio frequency anti-counterfeit label has a bug of being copied and counterfeited, so that counterfeiting cannot be fundamentally avoided, and great loss is brought to merchants and consumers.
Disclosure of Invention
The present application aims to solve at least one of the above technical problems to a certain extent.
The application provides a double-authorization intelligent anti-counterfeit label generation method, wherein the intelligent anti-counterfeit label comprises a chip, and the double-authorization intelligent anti-counterfeit label generation method comprises the following steps:
programming a unique identification code of the chip in the chip circuit; the attribute of the unique identification code is set as: the chip is readable, and external software and hardware are not readable and writable;
writing a cryptographic algorithm in the chip;
writing a first-level authorization code in the chip; the first-level authorization code is authorized to be written into a label manufacturer by the server; the attribute of the first-level authorization code is set as: the chip is readable, and the external software and hardware are readable;
automatically generating a primary identity in a chip; the primary identity identification is generated by the unique identification code and the primary authorization code through calculation by using a cryptographic algorithm; the attribute of the primary identity is set as follows: the chip is readable, and the external software and hardware are readable;
writing a secondary authorization code in the chip; the secondary authorization code is authorized to be written into a label application manufacturer by the server; the attribute of the secondary authorization code is set as: the chip is readable, and the external software and hardware are readable;
automatically generating a secondary identity mark in the chip; the secondary identity is generated by the primary identity and the secondary authorization code through calculation by using a cryptographic algorithm; the attribute of the secondary identity is set as follows: the chip is readable, and the external software and hardware are readable;
the primary authorization code, the primary identity, the secondary authorization code and the secondary identity are all extracted by the server and stored in a database of the server.
Further, the step of writing a primary authorization code in the chip includes:
a label manufacturer starts a label production end chip reading and writing device;
the tag production end chip reading and writing equipment establishes remote communication connection with the server;
the tag production end chip read-write equipment sends a primary authorization request to the server; the primary authorization request comprises a request server to configure a primary authorization code and allow the primary authorization code to be written into a chip;
after receiving a primary authorization request, the server starts a primary authorization configuration program to configure a primary authorization code;
the server sends the configured primary authorization code to the tag production end chip read-write equipment;
and the tag production end chip read-write equipment writes the received primary authorization code into the chip.
Further, the first-level authorization code is written into a read-only memory of the chip by a chip read-write device at the tag production end.
Further, the step of writing a primary authorization code in the chip further includes: the server verifies the identity of the tag production end chip reading and writing equipment; if the identity verification of the tag production end chip reading and writing equipment passes, the server keeps the remote communication connection with the tag production end chip reading and writing equipment; if the identity verification of the tag production end chip reading and writing equipment is not passed, the server shields the tag production end chip reading and writing equipment;
the step of verifying the identity of the tag production end chip reading and writing equipment by the server specifically comprises the following steps:
the server matches the tag production end chip read-write equipment in advance according to a tag manufacturer, and writes matching information into a database; the matching information comprises identity identification information of the tag production end chip reading and writing equipment;
after the tag production end chip read-write equipment establishes remote communication connection with the server, the server extracts the identity information of the accessed tag production end chip read-write equipment;
the server verifies the identity of the read-write equipment according to the extracted identity information of the read-write equipment of the tag production end chip; if matching information prestored in the database has label production end chip reading and writing equipment identity identification information matched with the identity information of the currently accessed label production end chip reading and writing equipment, the label production end chip reading and writing equipment passes verification; and if the matching information prestored in the database does not have the identification information of the label production end chip reading and writing equipment, which is identical with the identification information of the currently accessed label production end chip reading and writing equipment, the verification of the label production end chip reading and writing equipment is not passed.
Further, the step of writing a secondary authorization code in the chip includes:
a label application manufacturer starts a label application end chip read-write device;
the tag application end chip read-write equipment establishes remote communication connection with the server;
the tag application end chip read-write equipment sends a secondary authorization request to the server;
the server starts a secondary authorization configuration program to configure a secondary authorization code after receiving a secondary authorization request;
the server sends the configured secondary authorization code to the tag application end chip read-write equipment;
and the tag application end chip read-write equipment writes the received secondary authorization code into the chip.
Further, the secondary authorization code is written into a programmable read-only memory of the chip by the tag application end chip read-write equipment.
Further, the step of writing a secondary authorization code in the chip further includes: the server verifies the identity of the label application end chip reading and writing equipment; if the identity verification of the tag application end chip reading and writing equipment passes, the server keeps the remote communication connection with the tag application end chip reading and writing equipment and further completes the subsequent authorized reading and writing operation; if the identity verification of the tag application end chip reading and writing equipment is not passed, the server shields the tag application end chip reading and writing equipment;
the step of verifying the identity of the tag application side chip reading and writing equipment by the server specifically comprises the following steps:
the server matches the tag application end chip read-write equipment in advance according to a tag application manufacturer, and writes matching information into a database; the matching information comprises identity identification information of the label application end chip reading and writing equipment;
after the tag application end chip read-write equipment establishes remote communication connection with a server, the server extracts the identity information of the accessed tag application end chip read-write equipment;
the server verifies the identity of the read-write equipment according to the extracted identity information of the read-write equipment of the tag application end chip; if matching information prestored in the database has label application end chip reading and writing equipment identity identification information matched with the identity information of the currently accessed label application end chip reading and writing equipment, the label application end chip reading and writing equipment passes verification; and if the matching information prestored in the database does not have the identification information of the label application end chip read-write equipment matched with the identification information of the currently accessed label application end chip read-write equipment, the verification of the label application end chip read-write equipment is not passed.
Further, the step of writing a secondary authorization code in the chip further includes: the server verifies the identity of the intelligent anti-counterfeiting label before configuring the secondary authorization code; if the intelligent anti-counterfeiting label passes the authentication, the server configures and issues a secondary authorization code; and if the identity verification of the intelligent anti-counterfeiting label is not passed, the server rejects the secondary authorization request and does not configure a secondary authorization code.
Further, the cryptographic algorithm is set as a cryptographic HASH function, and the cryptographic HASH function is an MD5/SM3 information digest HASH function or a SHA-1/SHA-224/SHA-256/SHA-384/SHA-512 secure HASH HASH function;
the calculation formula of the primary identity is as follows:
SID1=HASH(UID+AUTHORIZECODE1);
the calculation formula of the secondary identity is as follows:
SID2=HASH(SID1+AUTHORIZECODE2)。
further, the cryptographic algorithm is set as an encryption algorithm; the encryption algorithm is SM1/SM4 cryptographic algorithm;
the calculation formula of the primary identity is as follows:
SID1=SM1/SM4[HASH(UID+AUTHORIZECODE1),AUTHORIZECODE1];
the calculation formula of the secondary identity is as follows:
SID2=SM1/SM4(SID1+AUTHORIZECODE1+AUTHORIZECODE2,AUTHORIZECODE2)。
the beneficial effect of this application is: the method comprises the steps that the unique identification code of a chip is programmed in a chip circuit, and the unique identification code of the chip is set to be readable in the chip and unreadable in external software and hardware, so that the unique identification code is hidden; writing a first-level authorization code in a chip authorized by a label manufacturer, generating a first-level identity through the first-level authorization code and a unique identification code, writing a second-level authorization code in the chip authorized by the label manufacturer, generating a second-level identity through the first-level identity and the second-level authorization code, performing secondary authorization, and obtaining a second-level identity formed after secondary deformation through a secondary cryptographic algorithm, so that the second-level identity is subjected to irreversible operation or decryption to obtain the unique identification code of the original chip, and the original unique identification code of the chip is effectively prevented from being copied; the respective authorization is isolated through two different links of label production and application, so that any link cannot obtain a complete authorization code, the hidden unique identification code of the chip is prevented from being broken, and the safety is further improved.
Drawings
Fig. 1 is a flowchart of a method for generating a dual-authorization intelligent anti-counterfeit label according to the present application.
Fig. 2 is a flowchart of writing a primary authorization code in a chip according to the present application.
Fig. 3 is a flowchart of writing a secondary authorization code in a chip according to the present application.
Detailed Description
Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary and intended to be used for explaining the present application and should not be construed as limiting the present application.
In the description of the present application, it is to be understood that the terms "first", "second" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implying any number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. In the description of the present application, "a plurality" means two or more unless specifically limited otherwise.
The present application will be described in further detail below with reference to the accompanying drawings by way of specific embodiments.
Referring to fig. 1 to 3, the present application provides a method for generating a dual-authorization intelligent anti-counterfeit label, where the intelligent anti-counterfeit label includes a chip, an antenna connected to the chip, and a substrate for carrying the chip and the antenna. In this embodiment, the chip is a chip based on an NFC technology. In other embodiments of the present application, the chip may also be a chip based on RFID technology, or other electronic chips that may be used in tags.
The method for generating the double-authorized intelligent anti-counterfeit label comprises the following steps:
s101, programming a unique identification code of a chip in a chip circuit;
s102, writing a cryptographic algorithm into the chip;
s103, writing a primary authorization code in the chip;
s104, automatically generating a primary identity in the chip;
s105, writing a secondary authorization code in the chip;
s106, automatically generating a secondary identity in the chip.
The unique identification code is physical and is burnt into an electronic circuit of the chip during production of the chip. The attribute of the unique identification code is set as: the chip can be read and written, and the external software and hardware can not be read and written. Namely, the unique identification code only participates in the internal operation of the chip and is not readable and writable externally.
The cryptographic algorithm is used for calculating the relevant information of the chip according to a preset rule so as to encrypt the relevant information of the chip. The cryptographic algorithm is also programmed into the electronic circuitry of the chip during its production.
The primary authorization code is authorized by the server to the tag manufacturer and written to the chip at the time of tag production. The attribute of the first-level authorization code is set as: readable on chip and readable by external software and hardware. In the application, the first-level authorization code is only open to a specified label manufacturer, and when the label manufacturer produces the intelligent anti-counterfeit label, the received first-level authorization code is written into the chip after the server authorizes and configures the first-level authorization code, and the production of the intelligent anti-counterfeit label body is completed based on the received first-level authorization code. The server comprises a database and a server control system, wherein the database is used for storing relevant information of the read-write equipment, the intelligent anti-counterfeit label body and application products of the intelligent anti-counterfeit label body, and the server control system is used for information processing, overall management, authorization and the like.
The step of writing a primary authorization code in the chip further comprises:
s201, a label manufacturer starts a label production end chip reading and writing device; the chip reading and writing equipment at the label production end can complete the reading and writing operation of the chip in the production process of the intelligent anti-counterfeiting label;
s202, the tag production end chip reading and writing equipment establishes remote communication connection with a server; in this embodiment, after the tag production end chip read-write device is powered on, a remote communication connection can be automatically established with a server; certainly, in other embodiments, the establishment of the remote communication connection between the tag production end chip read-write device and the server may also be manually completed by a worker;
s203, the tag production end chip read-write equipment sends a primary authorization request to a server; the primary authorization request comprises a request server to configure a primary authorization code and allow the primary authorization code to be written into a chip;
s204, after receiving the primary authorization request, the server starts a primary authorization configuration program to configure a primary authorization code; the server control system is preset with a primary authorization configuration program, and the primary authorization configuration program is started only when the requester is a label manufacturer and the request content is primary authorization;
s205, the server sends the configured primary authorization code to the tag production end chip read-write equipment;
and S206, the chip read-write equipment at the tag production end writes the received primary authorization code into the chip. As a preferred embodiment, the tag production end chip read-write device is configured to automatically write the primary authorization code into the chip after receiving the primary authorization code, without manual operation, thereby improving the security of writing the primary authorization code. Of course, in other embodiments, the writing of the primary authorization code may also be implemented by a worker operating a read-write device.
In this embodiment, the primary authorization code is written into a read only memory of the chip. The read-only memory is a ROM read-only memory, the ROM read-only memory works in a non-destructive reading mode, only information can be read out but information cannot be written in, the information is fixed once being written in, and the information cannot be lost even if a power supply is cut off.
The step of configuring the primary authorization code by the server comprises the following steps:
a server primary authorization configuration program generates primary authorization information, wherein the primary authorization information comprises information such as a primary authorization object name, authorization timeliness and production batch;
generating a first set of private and public keys using a cryptographic algorithm, storing the first private key in a database field PRIVATEKEY 1;
the primary authorization code obtained by encrypting the primary authorization information through the cryptographic algorithm and the first public key is authorsezecode 1, and is stored in the database field authorsezecode 1.
Further, the step of writing a primary authorization code in the chip further includes:
the server verifies the identity of the tag production end chip reading and writing equipment; if the identity verification of the tag production end chip reading and writing equipment passes, the server keeps the remote communication connection with the tag production end chip reading and writing equipment and further completes the subsequent authorized reading and writing operation; and if the identity verification of the tag production end chip reading and writing equipment is not passed, shielding the tag production end chip reading and writing equipment by the server. And the identity of the reading and writing equipment of the chip at the label production end is verified, so that whether the primary authorization request party is a label manufacturer or not is determined.
The step of verifying the identity of the tag production end chip reading and writing equipment by the server specifically comprises the following steps:
the server matches the tag production end chip read-write equipment in advance according to a tag manufacturer, and writes matching information into a database; the matching information comprises identity identification information of the tag production end chip reading and writing equipment;
after the tag production end chip read-write equipment establishes remote communication connection with the server, the server extracts the identity information of the accessed tag production end chip read-write equipment;
the server verifies the identity of the read-write equipment according to the extracted identity information of the read-write equipment of the tag production end chip; if matching information prestored in the database has label production end chip reading and writing equipment identity identification information matched with the identity information of the currently accessed label production end chip reading and writing equipment, the label production end chip reading and writing equipment passes verification; and if the matching information prestored in the database does not have the identification information of the label production end chip reading and writing equipment, which is identical with the identification information of the currently accessed label production end chip reading and writing equipment, the verification of the label production end chip reading and writing equipment is not passed.
The primary identity is generated by a unique identification code and a primary authorization code through calculation by using a cryptographic algorithm, and the attribute of the primary identity is set as: readable on chip and readable by external software and hardware. After a label manufacturer writes a primary authorization code into a chip, the chip automatically calculates the unique identification code and the primary authorization code by using a cryptographic algorithm according to a preset program to generate a primary identity. Because the unique identification codes of each chip are different, no matter whether the primary authorization codes written in each chip are the same or not, the primary identity marks generated after the calculation of the cryptographic algorithm are different, and the uniqueness of each intelligent anti-counterfeiting label can be further ensured. The primary identity mark is subjected to irreversible operation or decryption to obtain a unique identification code, and the primary identity mark is set to be readable by external software and hardware as a unique external identity identification code when the intelligent anti-counterfeiting label leaves a factory.
The secondary authorization code is authorized by the server to the tag application manufacturer and written to the chip when the tag is applied. The attribute of the secondary authorization code is set as: readable on chip and readable by external software and hardware. In the application, the second-level authorization code is only open to the appointed label application manufacturer, when the label application manufacturer fixes the intelligent anti-counterfeit label on the pre-anti-counterfeit product, the intelligent anti-counterfeit label can be fixed on the product body or the product package, and after the server authorizes and configures the second-level authorization code, the received second-level authorization code is written into the chip of the intelligent anti-counterfeit label, so that the setting of the intelligent anti-counterfeit label on the anti-counterfeit product is prevented.
Specifically, the step of writing the secondary authorization code in the chip further includes:
s301, a label application manufacturer starts a label application end chip read-write device; the label application end chip reading and writing equipment can complete the reading and writing operation on the chip in the application process of the intelligent anti-counterfeiting label;
s302, the tag application end chip read-write equipment establishes remote communication connection with a server; in this embodiment, after the tag application chip read-write device is powered on, a remote communication connection can be automatically established with a server; certainly, in other embodiments, the establishment of the remote communication connection between the tag application side chip read-write device and the server may also be manually completed by a worker;
s303, the tag application end chip read-write equipment sends a secondary authorization request to the server; the secondary authorization request comprises a request server configuration secondary authorization code and is allowed to be written into the chip;
s304, after receiving the secondary authorization request, the server starts a secondary authorization configuration program to configure a secondary authorization code; the server control system is preset with a secondary authorization configuration program, and the secondary authorization configuration program is started only when the requester is a label application manufacturer and the request content is secondary authorization;
s305, the server sends the configured secondary authorization code to the tag application end chip read-write equipment;
and S306, the tag application end chip read-write equipment writes the received secondary authorization code into the chip. As a preferred embodiment, the tag application side chip read-write device is configured to automatically write the secondary authorization code into the chip after receiving the secondary authorization code, without manual operation, thereby improving the security of writing the secondary authorization code. Of course, in other embodiments, the writing of the secondary authorization code may also be implemented by a worker operating a read-write device.
In this application, the secondary authorization code is written into a programmable read-only memory of the chip. The programmable memory is a PROM programmable read-only memory, or can be an EEPROM electrified erasable programmable read-only memory. The PROM programmable read-only memory is only allowed to be written once, namely a one-time programmable read-only memory; the data of the EEPROM with the electricity is not lost after the electricity is lost.
The step of configuring the secondary authorization code by the server comprises the following steps:
a server secondary authorization configuration program generates secondary authorization information, wherein the secondary authorization information comprises information such as a secondary authorization object name, authorization timeliness and a production batch;
generating a second set of private and public keys using a cryptographic algorithm, storing the second private key in a database field PRIVATEKEY 2;
the second-level authorization code obtained by encrypting the second-level authorization information through the cryptographic algorithm and the second public key is authorsezecode 2, and is stored in the database field authorsezecode 2.
In this application, the step of writing the secondary authorization code in the chip further includes: the server verifies the identity of the label application end chip reading and writing equipment; if the identity verification of the tag application end chip reading and writing equipment passes, the server keeps the remote communication connection with the tag application end chip reading and writing equipment and further completes the subsequent authorized reading and writing operation; and if the identity verification of the label application end chip reading and writing equipment is not passed, shielding the label application end chip reading and writing equipment by the server. And further determining whether the secondary authorization request party is a label application manufacturer or not by verifying the identity of the label application end chip reading and writing equipment.
The step of verifying the identity of the tag application side chip reading and writing equipment by the server specifically comprises the following steps:
the server matches the tag application end chip read-write equipment in advance according to a tag application manufacturer, and writes matching information into a database; the matching information comprises identity identification information of the label application end chip reading and writing equipment;
after the tag application end chip read-write equipment establishes remote communication connection with a server, the server extracts the identity information of the accessed tag application end chip read-write equipment;
the server verifies the identity of the read-write equipment according to the extracted identity information of the read-write equipment of the tag application end chip; if matching information prestored in the database has label application end chip reading and writing equipment identity identification information matched with the identity information of the currently accessed label application end chip reading and writing equipment, the label application end chip reading and writing equipment passes verification; and if the matching information prestored in the database does not have the identification information of the label application end chip read-write equipment matched with the identification information of the currently accessed label application end chip read-write equipment, the verification of the label application end chip read-write equipment is not passed.
The secondary identity is generated by the calculation of a primary identity and a secondary authorization code by using a cryptographic algorithm, and the attribute of the secondary identity is set as: readable on chip and readable by external software and hardware. And when the label application manufacturer writes the secondary authorization code into the chip, the chip automatically calculates the primary identity and the secondary authorization code by using a cryptographic algorithm according to a preset program to generate a secondary identity. Because the primary identification marks of each chip when leaving the factory are different, no matter whether the secondary authorization codes written in each chip are the same or not, the secondary identification marks generated after calculation by the cryptographic algorithm are different, and the uniqueness of each anti-fake product can be further ensured. The secondary identity mark is used as a unique external identity identification code of an intelligent anti-counterfeiting label application product and can be read by external software and hardware.
And in the process that the server is in remote communication with the chip reading and writing equipment of each link and chip reading and writing operation is carried out, the primary authorization code, the primary identity, the secondary authorization code and the secondary identity are all extracted by the server and stored in a database.
In this application, the step of writing the secondary authorization code in the chip further includes:
the server verifies the identity of the intelligent anti-counterfeiting label before configuring the secondary authorization code; if the intelligent anti-counterfeiting label passes the authentication, the server configures and issues a secondary authorization code; if the intelligent anti-counterfeit label does not pass the authentication, the server rejects the secondary authorization request and does not configure a secondary authorization code;
the step of verifying the identity of the intelligent anti-counterfeiting label by the server further comprises the following steps:
the tag application end chip read-write equipment reads a primary authorization code and a primary identity of the intelligent anti-counterfeiting tag and sends the primary authorization code and the primary identity as verification information of the intelligent anti-counterfeiting tag to a server;
the server compares the received intelligent anti-counterfeiting label verification information with the intelligent anti-counterfeiting label information stored in the database; if the two are consistent, the intelligent anti-counterfeiting label passes verification; if the two are not in accordance with each other, the intelligent anti-counterfeit label is not verified;
and the server writes the comparison result into a database.
The chip is internally provided with a random code generator or a time sequence code generator and used for generating a random code or a time sequence code so as to be further used for forming a signature subsequently, and the signature is generated by calculating a secondary identity, a primary authorization code, a secondary authorization code and a dynamic code by using a cryptographic algorithm. The signature is used for verifying the authenticity of the application product through the intelligent anti-counterfeiting label by a consumer.
According to the intelligent anti-counterfeiting mark, the signature can be completed only by complete primary and secondary authorization codes through respective independent authorization of two links of production and application of the chip; meanwhile, a random code generator or a time sequence code generator is arranged in the chip, so that the signature process and the signature transmission process cannot be falsified, forged and copied.
In some embodiments of the present application, the cryptographic algorithm may be configured as a cryptographic hash function. When the cryptographic algorithm is set as a cryptographic HASH function, the cryptographic HASH function may be specifically an MD5/SM3 message digest HASH function or a SHA-1/SHA-224/SHA-256/SHA-384/SHA-512 secure HASH function.
The calculation formula of the primary identity is as follows: SID1 ═ HASH (UID + authorsize 1);
the calculation formula of the secondary identity is as follows: SID2 ═ HASH (SID1+ authorsize 2);
the calculation formula of the signature is as follows:
SIGN=HASH(SID2+AUTHORIZECODE1+AUTHORIZECODE2+RANDOMCODE);
the output parameter form of the signature is as follows: SID2& SIGN randommode.
The SID1 is a primary id of the chip 10, the SID2 is a secondary id of the chip 10, the UID is a unique identifier of the chip 10, the authorsezcode 1 is a primary authorization code authorized to be written into the chip 10 by a server, the authorsezcode 2 is a secondary authorization code authorized to be written into the chip 10 by the server, and the randomdate generates a random code or a timing code for a random code generator or a timing code generator built in the chip 10.
In other embodiments of the present application, the cryptographic algorithm may also be configured as an encryption algorithm. When the cryptographic algorithm is set as an encryption algorithm, the encryption algorithm may be specifically SM1/SM4 cryptographic algorithm.
The calculation formula of the primary identity is as follows:
SID1=SM1/SM4[HASH(UID+AUTHORIZECODE1),AUTHORIZECODE1];
the calculation formula of the secondary identity is as follows:
SID2=SM1/SM4(SID1+AUTHORIZECODE1+AUTHORIZECODE2,AUTHORIZECODE2);
the calculation formula of the signature is as follows:
SIGN=SM1/SM4[(SID2+RANDOMCODE),AUTHORIZECODE2];
the output parameter form of the signature is as follows: SID2& SIGN randommode.
According to the method for generating the double-authorization intelligent anti-counterfeiting label, the unique identification code of the chip is burnt in a chip circuit and set as readable in the chip, and the external software and hardware can not be read and written, the first-level authorization code is authorized to be written in a label manufacturer, the second-level authorization code is authorized to be written in a label application manufacturer, and meanwhile, the second-level identity formed after secondary deformation is obtained through secondary authorization and a secondary cryptographic algorithm, so that the second-level identity can not be operated in an irreversible mode or decrypted to obtain the unique identification code of the original chip, the unique identification code of the chip is effectively hidden, and the original unique identification code of the chip is prevented from being copied; the respective authorization is isolated through two different links of label production and application, so that any link cannot obtain a complete authorization code, the hidden unique identification code of the chip is prevented from being broken, and the safety is further improved.
In the description herein, reference to the description of the terms "one embodiment," "some embodiments," "an example," "a specific example," or "some examples" or the like means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The foregoing is a more detailed description of the present application in connection with specific embodiments thereof, and it is not intended that the present application be limited to the specific embodiments thereof. It will be apparent to those skilled in the art from this disclosure that many more simple derivations or substitutions can be made without departing from the spirit of the disclosure.

Claims (10)

1. A double-authorization intelligent anti-counterfeit label generation method is characterized in that the intelligent anti-counterfeit label comprises a chip, and the double-authorization intelligent anti-counterfeit label generation method comprises the following steps:
programming a unique identification code of the chip in the chip circuit; the attribute of the unique identification code is set as: the chip is readable, and external software and hardware are not readable and writable;
writing a cryptographic algorithm in the chip;
writing a first-level authorization code in the chip; the first-level authorization code is authorized to be written into a label manufacturer by the server; the attribute of the first-level authorization code is set as: the chip is readable, and the external software and hardware are readable;
automatically generating a primary identity in a chip; the primary identity identification is generated by the unique identification code and the primary authorization code through calculation by using a cryptographic algorithm; the attribute of the primary identity is set as follows: the chip is readable, and the external software and hardware are readable;
writing a secondary authorization code in the chip; the secondary authorization code is authorized to be written into a label application manufacturer by the server; the attribute of the secondary authorization code is set as: the chip is readable, and the external software and hardware are readable;
automatically generating a secondary identity mark in the chip; the secondary identity is generated by the primary identity and the secondary authorization code through calculation by using a cryptographic algorithm; the attribute of the secondary identity is set as follows: the chip is readable, and the external software and hardware are readable;
the primary authorization code, the primary identity, the secondary authorization code and the secondary identity are all extracted by the server and stored in a database of the server.
2. The method for generating the dual-authorization intelligent anti-counterfeit label according to claim 1, wherein the step of writing the primary authorization code in the chip comprises:
a label manufacturer starts a label production end chip reading and writing device;
the tag production end chip reading and writing equipment establishes remote communication connection with the server;
the tag production end chip read-write equipment sends a primary authorization request to the server; the primary authorization request comprises a request server to configure a primary authorization code and allow the primary authorization code to be written into a chip;
after receiving a primary authorization request, the server starts a primary authorization configuration program to configure a primary authorization code;
the server sends the configured primary authorization code to the tag production end chip read-write equipment;
and the tag production end chip read-write equipment writes the received primary authorization code into the chip.
3. The method for generating the dual-authorization intelligent anti-counterfeit label according to claim 2, wherein the primary authorization code is written into a read-only memory of the chip by a chip read-write device at a label production end.
4. The method for generating a dual-authorization intelligent anti-counterfeit label according to claim 2, wherein the step of writing a primary authorization code in the chip further comprises: the server verifies the identity of the tag production end chip reading and writing equipment; if the identity verification of the tag production end chip reading and writing equipment passes, the server keeps the remote communication connection with the tag production end chip reading and writing equipment; if the identity verification of the tag production end chip reading and writing equipment is not passed, the server shields the tag production end chip reading and writing equipment;
the step of verifying the identity of the tag production end chip reading and writing equipment by the server specifically comprises the following steps:
the server matches the tag production end chip read-write equipment in advance according to a tag manufacturer, and writes matching information into a database; the matching information comprises identity identification information of the tag production end chip reading and writing equipment;
after the tag production end chip read-write equipment establishes remote communication connection with the server, the server extracts the identity information of the accessed tag production end chip read-write equipment;
the server verifies the identity of the read-write equipment according to the extracted identity information of the read-write equipment of the tag production end chip; if matching information prestored in the database has label production end chip reading and writing equipment identity identification information matched with the identity information of the currently accessed label production end chip reading and writing equipment, the label production end chip reading and writing equipment passes verification; and if the matching information prestored in the database does not have the identification information of the label production end chip reading and writing equipment, which is identical with the identification information of the currently accessed label production end chip reading and writing equipment, the verification of the label production end chip reading and writing equipment is not passed.
5. The method for generating a dual-authorization intelligent anti-counterfeit label according to claim 1, wherein the step of writing a secondary authorization code in the chip comprises:
a label application manufacturer starts a label application end chip read-write device;
the tag application end chip read-write equipment establishes remote communication connection with the server;
the tag application end chip read-write equipment sends a secondary authorization request to the server;
the server starts a secondary authorization configuration program to configure a secondary authorization code after receiving a secondary authorization request;
the server sends the configured secondary authorization code to the tag application end chip read-write equipment;
and the tag application end chip read-write equipment writes the received secondary authorization code into the chip.
6. The method for generating the dual-authorization intelligent anti-counterfeit label according to claim 5, wherein the secondary authorization code is written into a programmable read-only memory of the chip by a chip read-write device at the application end of the label.
7. The method for generating a dual-authorization intelligent anti-counterfeit label according to claim 5, wherein the step of writing a secondary authorization code into the chip further comprises: the server verifies the identity of the label application end chip reading and writing equipment; if the identity verification of the tag application end chip reading and writing equipment passes, the server keeps the remote communication connection with the tag application end chip reading and writing equipment and further completes the subsequent authorized reading and writing operation; if the identity verification of the tag application end chip reading and writing equipment is not passed, the server shields the tag application end chip reading and writing equipment;
the step of verifying the identity of the tag application side chip reading and writing equipment by the server specifically comprises the following steps:
the server matches the tag application end chip read-write equipment in advance according to a tag application manufacturer, and writes matching information into a database; the matching information comprises identity identification information of the label application end chip reading and writing equipment;
after the tag application end chip read-write equipment establishes remote communication connection with a server, the server extracts the identity information of the accessed tag application end chip read-write equipment;
the server verifies the identity of the read-write equipment according to the extracted identity information of the read-write equipment of the tag application end chip; if matching information prestored in the database has label application end chip reading and writing equipment identity identification information matched with the identity information of the currently accessed label application end chip reading and writing equipment, the label application end chip reading and writing equipment passes verification; and if the matching information prestored in the database does not have the identification information of the label application end chip read-write equipment matched with the identification information of the currently accessed label application end chip read-write equipment, the verification of the label application end chip read-write equipment is not passed.
8. The method for generating a dual-authorization intelligent anti-counterfeit label according to claim 5, wherein the step of writing a secondary authorization code into the chip further comprises: the server verifies the identity of the intelligent anti-counterfeiting label before configuring the secondary authorization code; if the intelligent anti-counterfeiting label passes the authentication, the server configures and issues a secondary authorization code; and if the identity verification of the intelligent anti-counterfeiting label is not passed, the server rejects the secondary authorization request and does not configure a secondary authorization code.
9. The method for generating the double-authorized intelligent anti-counterfeit label according to any one of claims 1 to 8, wherein the cryptographic algorithm is set as a cryptographic HASH function, and the cryptographic HASH function is an MD5/SM3 information digest HASH function or a SHA-1/SHA-224/SHA-256/SHA-384/SHA-512 secure HASH HASH function;
the calculation formula of the primary identity is as follows:
SID1=HASH(UID+AUTHORIZECODE1);
the calculation formula of the secondary identity is as follows:
SID2=HASH(SID1+AUTHORIZECODE2)。
10. the method for generating the double-authorized intelligent anti-counterfeit label according to any one of claims 1 to 8, wherein the cryptographic algorithm is set as an encryption algorithm; the encryption algorithm is SM1/SM4 cryptographic algorithm;
the calculation formula of the primary identity is as follows:
SID1=SM1/SM4[HASH(UID+AUTHORIZECODE1),AUTHORIZECODE1];
the calculation formula of the secondary identity is as follows:
SID2=SM1/SM4(SID1+AUTHORIZECODE1+AUTHORIZECODE2,AUTHORIZECODE2)。
CN202110165222.9A 2021-02-06 2021-02-06 Dual-authorization intelligent anti-counterfeit label generation method Active CN112862047B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110165222.9A CN112862047B (en) 2021-02-06 2021-02-06 Dual-authorization intelligent anti-counterfeit label generation method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110165222.9A CN112862047B (en) 2021-02-06 2021-02-06 Dual-authorization intelligent anti-counterfeit label generation method

Publications (2)

Publication Number Publication Date
CN112862047A true CN112862047A (en) 2021-05-28
CN112862047B CN112862047B (en) 2023-09-15

Family

ID=75988759

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110165222.9A Active CN112862047B (en) 2021-02-06 2021-02-06 Dual-authorization intelligent anti-counterfeit label generation method

Country Status (1)

Country Link
CN (1) CN112862047B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114492690A (en) * 2022-01-24 2022-05-13 芯电智联(北京)科技有限公司 Method for managing bound NFC (near field communication) tag and issuing equipment by anti-counterfeiting traceability system

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1540583A (en) * 2003-10-27 2004-10-27 江苏瑞福智能科技有限公司 Method of safe using and anti false discriminating stored type electronic label
US20050211760A1 (en) * 2004-03-23 2005-09-29 First Data Corporation System and method for preparing RF devices for delivery and verifying delivery information
CN1728162A (en) * 2005-07-07 2006-02-01 复旦大学 Method for anti false verification based on identification technique in radio frequency, and anti false system
CN101251886A (en) * 2007-11-02 2008-08-27 淄博泰宝防伪技术产品有限公司 Method for related using conventional false proof physical distribution data label and electronic label
WO2011030352A2 (en) * 2009-09-11 2011-03-17 3I Infotech Consumer Services Ltd. System and method for mobile phone resident digital signing and encryption/decryption of sms
CN102663591A (en) * 2012-03-19 2012-09-12 樊俊锋 Product anti-counterfeiting method and system based on electronic tag
US20140032898A1 (en) * 2012-07-26 2014-01-30 Shenzhen Skyworth-RGB electronics Co. Ltd. Authentication system and method for digital televisions
US20140222687A1 (en) * 2013-02-04 2014-08-07 Samsung Electronics Co. Ltd. Apparatus and method for reverse authorization
US20140266591A1 (en) * 2013-03-14 2014-09-18 Covidien Lp Rfid secure authentication
CN107341676A (en) * 2017-07-17 2017-11-10 深圳天净喔溯源科技有限公司 False proof mark and the method for tracing to the source
US20180191505A1 (en) * 2015-08-25 2018-07-05 Inexto Sa Multiple authorization modules for secure production and verification
WO2019185754A1 (en) * 2018-03-28 2019-10-03 Mc Industry Method for authenticating a product

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1540583A (en) * 2003-10-27 2004-10-27 江苏瑞福智能科技有限公司 Method of safe using and anti false discriminating stored type electronic label
US20050211760A1 (en) * 2004-03-23 2005-09-29 First Data Corporation System and method for preparing RF devices for delivery and verifying delivery information
CN1728162A (en) * 2005-07-07 2006-02-01 复旦大学 Method for anti false verification based on identification technique in radio frequency, and anti false system
CN101251886A (en) * 2007-11-02 2008-08-27 淄博泰宝防伪技术产品有限公司 Method for related using conventional false proof physical distribution data label and electronic label
WO2011030352A2 (en) * 2009-09-11 2011-03-17 3I Infotech Consumer Services Ltd. System and method for mobile phone resident digital signing and encryption/decryption of sms
CN102663591A (en) * 2012-03-19 2012-09-12 樊俊锋 Product anti-counterfeiting method and system based on electronic tag
US20140032898A1 (en) * 2012-07-26 2014-01-30 Shenzhen Skyworth-RGB electronics Co. Ltd. Authentication system and method for digital televisions
US20140222687A1 (en) * 2013-02-04 2014-08-07 Samsung Electronics Co. Ltd. Apparatus and method for reverse authorization
US20140266591A1 (en) * 2013-03-14 2014-09-18 Covidien Lp Rfid secure authentication
US20180191505A1 (en) * 2015-08-25 2018-07-05 Inexto Sa Multiple authorization modules for secure production and verification
CN107341676A (en) * 2017-07-17 2017-11-10 深圳天净喔溯源科技有限公司 False proof mark and the method for tracing to the source
WO2019185754A1 (en) * 2018-03-28 2019-10-03 Mc Industry Method for authenticating a product

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114492690A (en) * 2022-01-24 2022-05-13 芯电智联(北京)科技有限公司 Method for managing bound NFC (near field communication) tag and issuing equipment by anti-counterfeiting traceability system

Also Published As

Publication number Publication date
CN112862047B (en) 2023-09-15

Similar Documents

Publication Publication Date Title
CN105024824B (en) The generation and verification method and system of credible label based on rivest, shamir, adelman
CN108053001B (en) Information security authentication method and system for electronic warehouse receipt
JP5139415B2 (en) Article information acquisition method and apparatus
CN107342867B (en) Signature verification method and device
US8954742B2 (en) Method and apparatus for digital authentication of valuable goods
CN103473592B (en) A kind of label off-line authenticating method and device based on CPK system
CN109360008B (en) Product anti-counterfeiting authentication updating method and system
JP5661772B2 (en) How to check if a product is genuine product manufacturer
CN109522988B (en) Method and system for updating product anti-counterfeiting electronic label information
CN108573296B (en) Anti-counterfeiting device, anti-counterfeiting system and anti-counterfeiting method
CN102004986A (en) Product anti-counterfeiting method based on digital signature and public key system and verifying method
US20090040023A1 (en) RF Transponder for Off-Line Authentication of a Source of a Product Carrying the Transponder
US20180205714A1 (en) System and Method for Authenticating Electronic Tags
CN112862047B (en) Dual-authorization intelligent anti-counterfeit label generation method
CN112801677A (en) Anti-counterfeiting tracing method based on electronic tag
CN109583555B (en) Product anti-counterfeiting electronic tag authentication method and system
CN104883260B (en) Certificate information processing and verification method, processing terminal and authentication server
CN109543791B (en) Product anti-counterfeiting verification method and system
KR20090041473A (en) Authentication server for validating product authenticity using otp electronic tag and method therefor
CN104094274A (en) Method for personalizing security module for smart meter or smart meter gateway
CN109544182B (en) Product anti-counterfeiting verification method and system
US20210158039A1 (en) Managing physical objects using crypto-anchors
JP2008233975A (en) Information communicating device, information collectively managing device, and information processing system
CN109523277B (en) Product anti-counterfeiting electronic tag authentication method and system
CN215987352U (en) Intelligent anti-counterfeit label and application product thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant