EA004774B1 - Method of protecting information on paper medium "atlas-crystal" - Google Patents

Abstract

1. The method of protecting information on the paper medium, characterized in that control information in the digital form is signed using the electronic digital signature, then the information obtained is converted from the digital form into a bar code which is applied to the document; when reading, the bar code is converted into a digital form; the electronic digital signature and control information are singled out; the authenticity of electronic digital signature is verified; if the electronic digital signature is genuine, then the control information from the bar code is visually compared with the information contained in the document; by results of comparison the conclusion is made as to authenticity of information inscribed on the document; all the information in the document is used as control information or a portion of the information which represents N of non-replicated fragments where N=1,2,3, ..., wherein the bar code with control information is considered as the primary bar code; the form account number is converted into an auxiliary bar code which is applied to the form; the auxiliary bar code is read and converted into a digital form, with additional inclusion in the control information of account number form, unique registration number of key signature certificate and name of the body that issued the key signature certificate; in addition to that, when reading the primary bar code, we single out the unique registration number of signature key certificate and name of the body that issued the key signature certificate; we identify the open key of electronic digital signature which is used for verification of authenticity of electronic digital signature. 2. The method of claim 1, wherein test fragments or fragments of images in the form of drawings, logotypes, trademarks are used as N of non-replicated fragments where N=1,2,3, ...,. 3. The method of claim 1 or 2, wherein the linear bar code is used as an auxiliary bar code.

Description

The invention relates to a method of marking and verification of documents and may find application in the protection of information from fraud in notarial, consignment, title documents, executive documents and securities.

There is a method of hidden marking of an object by applying to it an individual numeric or alphanumeric tag containing information about the object, then reading this information and comparing it with a computer database or registering it in a special journal (RF Patent No. 2107945, 6 06K 9 / 00, 6 09Р 3/10, published 1998).

By the method of identification of registered products according to the patent of the Russian Federation No. 2106689, cl. 6 06К 17/00, 6 06Р 17/60, publ. 1998, each product in the manufacturing process is physically labeled, the parameters of the products and their individual numbers are stored in the database, and during verification they request information from the database and compare them with the parameters of the products and determine their legal status.

The disadvantages of the above methods are the need to request information from a computer database or from a special logbook, as well as low protection against forgery.

There is also known a method of protecting securities from counterfeiting (US Pat. Of the Russian Federation No. 2088971, class 6 07Ό 7/00, publ. 1997). The method includes applying a security code to the banknote by scanning the material’s microstructure of the material, determining the value of the vector — the identifier of the banknote to be protected, protecting it with an electronic digital signature, encoding and printing it on the banknote.

The disadvantage of this analogue is the complexity of implementation, caused by the need for the issuer to publicly publish a list of individual features, an electronic digital signature generation algorithm, and a public key to verify digital signature and use this information to identify the protected banknote.

According to the method of identifying the authenticity of a controlled object, described in the patent of the Russian Federation No. 2132569, cl. 6 O6K 9/00, 6 07Ό 7/00, publ. 1998, information about the object is formed in digital form and signed by the electronic digital signature (EDS) of the marker. Then convert the received information from the digital form into a bar code and put it on the brand (label) attached to the object. When an object is identified, a barcode is read, it is converted into a digital form, and EDS and information about the object are extracted from it. Verify the authenticity of the digital signature and compare the read information about the object with a database of authentic objects, the results of which identify the authenticity of the object.

With this method, thanks to the application on the brand (label) of information, confirmed by EDS, in the form of a bar code, a higher security of the brand against forgery is achieved and the information is readily read when it is instrumentally verified in comparison with the previously reviewed counterparts. However, this method achieves a relatively low reliability of verifying the authenticity of an object, which uses information printed on paper as the authenticity of an object is indirectly judged by the authenticity of information about individual characteristics of an object (type of object, manufacturer, production date, unique number object, etc.). Due to the absence of an inseparable connection between the protected object and information in the barcode, this method does not provide high reliability of confirmation of the authenticity of information on paper.

The closest analogue of the claimed invention is a way to confirm the authenticity of information on the Eurasian patent No. 002518, cl. 6 06К 9/00, 6 07Ό 7/00, publ. 2002, which is chosen for the prototype. In this method, the control information is generated in digital form, signed with an electronic digital signature, the resulting information is converted from a digital form into a bar code, applied to the object, and when read, the bar code is converted into digital form, the electronic digital signature and control information is extracted from it , verify the authenticity of the digital signature and information on the object; paper object with textual information printed on it is used as an object; They use all textual information or a part of textual information; in addition, they additionally convert the digital signature verification public key into a barcode, which is also put on paper and used in digital signature authentication.

However, the prototype method has a low security of information on a paper document from falsification. So, according to the method, the prototype provides for the inclusion in the bar code of the open key of checking digital signature. This allows falsified information in the document to sign a digital signature using a false (not certified) signature key and include in the bar code the corresponding public key of checking digital signature, the use of which during verification will confirm the authenticity of the digital signature and, therefore, will not detect falsification of information. In addition, in the prototype method, information and a bar code are put on unregistered paper carrier (form), and when verifying a document there is no possibility of reliable confirmation of the number of paper carrier (blank). The prototype method does not exclude subjective errors of the operator (performer of the document) when entering the account number of the form in the bar code.

The technical result of the claimed invention is to create a method that increases the security of information on a paper document from falsification and eliminates the influence of a subjective factor when entering the account number of the form in the bar code.

The formulated technical result is achieved by the fact that in a known method of protecting information on a paper document, which consists in that the control information is digitally signed with an electronic digital signature, the resulting information is converted from a digital form into a bar code that is put on the document. When reading, the bar code is converted into digital form, the electronic digital signature and control information are extracted from it. Check the authenticity of digital signatures. If the electronic digital signature is genuine, then the control information from the bar code is visually compared with the information printed on the document and, based on the results of the comparison, they conclude that the information printed on the document is authentic. As control information, all document information or part of information is used, which is N non-duplicated fragments, where Ν = 1,2,3, .... A bar code with control information is considered as the main bar code. The account number of the form is converted into an auxiliary bar code, which is applied to the form. Read the auxiliary bar code and convert it into digital form. The control information additionally includes the account number of the form, the unique registration number of the signature key certificate and the name of the authority that issued the signature key certificate. When reading the main bar code, a unique registration number of the signature key certificate and the name of the authority that issued the signature key certificate are identified. Determine the public key of the electronic digital signature, which is used to verify the authenticity of the electronic digital signature.

As N not duplicated fragments, where N = 1,2,3, ..., use text fragments or image fragments in the form of drawings, logos, trademarks.

A linear barcode is used as an auxiliary barcode.

Thanks to a new set of essential features, the information on a paper document is protected from falsification, as the main bar code includes the unique registration number of the signature key certificate and the name of the authority that issued the signature key certificate, which when checking a document uniquely identifies the owner of the signature key certificate (the private key of the digital signature) and obtain the corresponding public key of the digital signature. Confirmation of the authenticity of a digital signature (EDS), while guaranteed to confirm the accuracy of control information, placed in the main bar code and the person who signed the document. Eliminates the possibility of substitution and falsification of signature keys. The inclusion of the account number of the form in the control information unambiguously associates the information of the document with the recorded form and does not allow unauthorized execution (replication) of the document on other forms.

The application of an auxiliary bar code with the account number of the form on the document form will increase its stability against distortion and forgery, and its automatic reading using a scanner eliminates the influence of a subjective factor when entering the account number of the form into the control information.

An image is used as one or several pieces of information, which expands the field of application of the method to documents containing information in the form of images: drawings, logos, trademarks.

The use of a linear barcode as an auxiliary barcode simplifies its automatic reading and digitization, eliminates subjective operator errors when entering the account number of the form and allows you to use a relatively inexpensive linear code scanner.

The analysis of the level of technology has allowed to establish that the analogues, characterized by a set of features identical to all the features of the claimed technical solution, are absent, which indicates the compliance of the claimed device to the condition of patentability "novelty."

Search results known solutions in this and related areas of technology in order to identify signs that match the distinctive features of the prototype features of the declared object, showed that they do not follow explicitly from the prior art. The prior art has also not revealed any influence of the transformations envisaged by the essential features of the claimed invention to achieve the said technical result. Therefore, the claimed invention meets the condition of patentability "inventive step".

The claimed method is illustrated by drawings: FIG. 1 - the appearance of the fuel coupon form with a linear bar code;

FIG. 2 - the appearance of the fuel coupon.

The algorithm for the formation and authentication of digital signature is standardized and published. Its implementation, for example, by software, is not very complex, including for all sorts of scammers. The use of certified cryptographic means of generating and verifying digital signature to protect documents and securities from fraud ensures a high degree of security only if the private key of the signature is kept secret and the authenticity of the public signature key is guaranteed.

Documents, as a rule, are executed (printed) on registered and protected from repetition (copying) forms. Their production is often carried out in advance and on special equipment at points remote from the executors of documents. In the process of preparing (manufacturing) the blanks and their delivery to the executors of documents, the theft of the blanks, the possibility of their falsification and unauthorized duplication or the fabrication of the forged documents on forged (stolen) blanks are not excluded. This can be avoided by including the account number of the form in the control information signed by the EDS. At the same time, it is important to apply the means of automated reading and entry of the accounting number of the form into the control information, excluding subjective errors (accidental or intentional) of the operator.

The basis of the present invention is to create such a way to protect information on a paper document, which eliminates the substitution of signature keys and allows you to include the account number of the form in the control information protected by EDS, as well as confirm the digital signature and determine the owner of the signature key with high reliability. The inventive method is as follows. Blank forms are accounted for in the manufacturing process by numbering them with unique alphanumeric numbers. In addition, the blank number is duplicated in the auxiliary bar code, which is also applied to the blank. For ease of application and reading, a linear bar code of one of types ΕΑΝ-8,-13, ΕΑΝ-128, etc. can be used as an auxiliary bar code.

In the process of preparing the document, control information is formed, which includes:

- part of the document information in the form of Ν most important non-duplicable document fragments, where N = 1,2,3, ...;

- account number of the form;

- unique number of the signature key certificate;

- name of the authority that issued the signature key certificate. One or more of the most important non-duplicable fragments of alphanumeric text or images (images) in the form of a picture, logo, trademark, etc. are used as the most important fragments of the document. The number of fragments and their volume depend on the type and volume of the document, importance information applied to it, and from the required level of information security. In the extreme case, the control information includes all the information applied to the document.

The accounting number of the form is digitally entered into the control information by reading the auxiliary bar code and converting it into digital form, for which an appropriate scanner is used. So, if a linear bar code of type ΕΑΝ-8, ΕΑΝ-13, ΕΑΝ-128, etc. is selected as an auxiliary barcode, then the relatively inexpensive and widely used handheld laser scanner Р8С Ошск8сап 6000 of Р8С 1пс can be used. (USA).

The unique number of the signature key certificate and the name of the authority that issued the signature key certificate are obtained from the signature key certificate, which is issued by an official authority certifying center in electronic form and signed with its EDS or on a paper document. In accordance with the Federal Law of the Russian Federation of 2002 No. 1-FZ "On electronic digital signature", the signature key certificate contains a unique registration number, for example, written in the hexadecimal system "61ΕΕ Е502 0000 0000 0010" with a volume of 10-16 bytes, the name of the certification center issuing signature key certificate, for example, “Αΐ1οκΝ \ ν” of 7 bytes. This data is sufficient to unambiguously select the required certificate from the list held by the operator in the computer’s memory or on other media (diskette, smart card, etc.), or to issue a request to the certification authority to provide the appropriate signature key certificate.

The certification authority guarantees the authenticity of the signature key certificate as a whole, as well as the public key of the signature and the owner of the signature key included in its composition. The inclusion in the control information of the unique number of the signature key certificate and the name of the authority that issued the signature key certificate allows to ensure their authenticity and to obtain the true one — the only valid public key of the signature necessary to verify the authenticity of the digital signature.

Then, as well as in the prototype, the generated control information is digitally signed with an EDS, which is formed by a standard cryptographic algorithm, for example, by the standard GOST R 34.10-2001 using the private signature key. For this, you can use, for example, a certified software tool for cryptographic information protection "CryptoPro" jointly developed by Sgur1o-Pro and the Atlas scientific and technical center (Moscow) or a library module

Sgur1opLgsMaP. specified in the prototype.

The control information signed by an EDS is converted into a main bar code, for example, into a two-dimensional bar code ΡΌΓ417, which is printed on a document using a laser printer, for example, HP NEIKETT RACCAKE type laser printer or a special bar code printer Ea1a Max Typ 6200.

For the formation of a two-dimensional bar code of type ΡΌΓ417 with a capacity of 1500 ... 2000 kbytes sufficient to display the required amount of data, as in the prototype, the software module Apech Too1k £ og ΡΌΓ417 (Apx 417) version 1.61 developed by Apech Tespochek 1 ps can be used. , Sapaba.

In the particular case of a multi-page document, the information on each page of the document is likewise protected.

Marked in such a way the document goes into business circulation.

When verifying the authenticity of the document, the main barcode is read, control information and EDS are extracted. Reading the main bar code and converting it to digital form is carried out using a scanner, for example, to read a two-dimensional bar code of the type 4Γ417, you can use a scanner-curb-1 p300. (USA).

According to the data from the control information, namely, by the unique number of the signature key and the name of the authority that issued the signature key certificate, the public key of the EDS verification is determined. To do this, determine the required certificate of the signature key by selecting from the list known to the user, or by forming a request to the appropriate official body, for example, the certification authority, to provide the required signature key certificate. Upon receipt of a certificate, a public key is extracted from it, which is used to confirm the authenticity of the digital signature.

The transfer of the request to the certification authority and the receipt of the signature key certificate from it can be carried out via communication channels or using the Internet data network. The guaranteed authenticity and validity of the received signature key certificate is officially confirmed by the corresponding electronic signature of the certification authority.

The authenticity of the EDS is checked using a personal computer using the standard algorithm for verifying the digital signature, for example, according to GOST R 34.10-2001, using the public key of verifying the digital signature.

If the digital signature is genuine, the control information from the main bar code is displayed on the monitor screen or printed on paper and visually compared with the information presented in the document. According to the results of the comparison, they make a conclusion about the authenticity of the information presented in the document.

If the EDS is not genuine, then the comparison of the control information with the information presented in the document is not carried out. The conclusion about the authenticity of the information does not. Further verification of the document is carried out by others, including forensic methods that are not considered in the framework of the claimed method.

The operation of the method can be illustrated by the example of the protection of fuel coupons. The fuel coupon form is executed using typographic, holographic and physicochemical protection methods (Fig. 1). Guilloche composition, toffee, flexographic printing with microtext and offset printing are used as typographical protection.

To protect against copying, a holographic security element containing a latent image is applied to the fuel coupon form by pressing. Physico-chemical protection is made in the form of a hidden ASVR-tag made of high-resolution anti-Stokes compound (RF Patent No. 20770072), invisible to the eye under normal illumination and illuminated by infrared irradiation with a low-power source, as well as hidden UV-label glowing in UV rays . The areas for applying hidden marks are located in the upper left and lower left corners of the blank, as shown in FIG. one.

The registration number of the fuel coupon form is printed in the usual alphanumeric form and in the auxiliary (linear) bar code.

Forms of fuel vouchers (Fig. 1) go to the fuel company, where they put the necessary information in the usual alphanumeric form and control information is generated, which digitally signs the digital signature and is converted into the main (two-dimensional) bar code Γ417. FIG. 2 illustrates a fuel coupon option. Here, as fragments of protected information, use is made of: type of fuel, refueling capacity in liters, expiration date, unique number of the signature key certificate and the name of the fuel company (acting as the certification center) that issued the ticket. In addition, the control information protected by EDS includes the account number of the form, read from the auxiliary bar code.

The fuel company sells coupons to auto enterprises and other consumers. At the filling station, the scanner reads the main barcode, converts it into digital form, allocates EDS and control information. The public key of the signature key certificate and the name of the fuel company (certification center) determine the public key that is used to verify the digital signature. For the fuel coupon, the operator of the gas station releases the client the appropriate amount of fuel after confirming the authenticity of the EDS and visually comparing the control information elements (fuel type, filling capacity in liters and the validity period of the coupon) with similar information indicated on the fuel coupon in alphanumeric form. Distortion or falsification of any, at least one character of the protected information, as well as the main (two-dimensional) barcode on the fuel coupon will be detected after the gas station operator reads the information from the two-dimensional barcode, EDS authentication and information in alphanumeric form.

The technical solution claimed as an invention enhances the security of information on a paper document from falsification. A similar method was tested at a fuel company in St. Petersburg and showed its effectiveness in protecting fuel vouchers.

Claims (3)

CLAIM 1. A way to protect information on a paper document, which consists in that the control information is digitally signed with an electronic digital signature, the information obtained is converted from a digital form into a bar code, which is put on the document, and when read, the bar code is converted into digital form, they extract from it an electronic digital signature and control information, verify the authenticity of a digital signature, if the electronic digital signature is genuine, then the control information from the bar code is visual about compare with the information printed on the document and according to the results of the comparison they conclude about the authenticity of the information printed on the document, as control information they use all the information of the document or a part of information representing N non-duplicated fragments, where N = 1,2,3, ..., characterized in that the bar code with the control information is considered as the main bar code, the accounting number of the form is converted into an auxiliary bar code, which is applied to the form, the auxiliary bar is read code and convert it into digital form, and the control information additionally includes the account number of the form, the unique registration number of the signature key certificate and the name of the authority that issued the signature key certificate, in addition, when reading the main bar code, the unique registration number of the signature key certificate is allocated and The name of the authority that issued the signature key certificate determines the public key of the digital signature that is used to verify the authenticity of the electronic digital signature th signature. 2. The method according to claim 1, characterized in that as N not duplicate fragments, where N = 1,2,3, ..., use text fragments or image fragments in the form of drawings, logos, trademarks. 3. The method according to claim 1 or 2, characterized in that a linear bar code is used as an auxiliary bar code.