EP1254405A2 - Verfahren zur erstellung und überprüfung fälschungssicherer dokumente - Google Patents

Verfahren zur erstellung und überprüfung fälschungssicherer dokumente

Info

Publication number
EP1254405A2
EP1254405A2 EP00982952A EP00982952A EP1254405A2 EP 1254405 A2 EP1254405 A2 EP 1254405A2 EP 00982952 A EP00982952 A EP 00982952A EP 00982952 A EP00982952 A EP 00982952A EP 1254405 A2 EP1254405 A2 EP 1254405A2
Authority
EP
European Patent Office
Prior art keywords
document
security module
data
manufacturer
temporary secret
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP00982952A
Other languages
German (de)
English (en)
French (fr)
Inventor
Jürgen Lang
Bernd Meyer
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Deutsche Post AG
Original Assignee
Deutsche Post AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from DE19948319A external-priority patent/DE19948319A1/de
Application filed by Deutsche Post AG filed Critical Deutsche Post AG
Publication of EP1254405A2 publication Critical patent/EP1254405A2/de
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash

Definitions

  • the invention relates to a method for creating counterfeit-proof documents using a security module, the security module generating a temporary secret that a document manufacturer does not
  • the temporary secret together with information that provides information about the identity of the security module, being transferred in encrypted form to a certification body, with a certification body decrypting the temporary secret, recognizing the identity of the security module and encrypting the temporary secret together with further information in this way that only one checkpoint can decrypt and transmit the encrypted temporary secret and the other information to the document manufacturer, whereby the document manufacturer transfers its own data, which is inserted into the document, to the security module, the security module containing the data itself, which the document manufacturer has brought in linked irreversibly to the temporary secret in such a way that an identical result can only arise if the same data is linked again in the same way and no regression sse to the temporary secret are possible.
  • the invention further relates to a method for checking the authenticity of a document.
  • three parties are involved in this procedure and this system, which relate to the functionality of a security module in the context of digital signatures and the use of encryption techniques:
  • document manufacturer the manufacturer / processor of a document
  • a digital signature is a seal for digital data generated with a private signature key, which, with the help of an associated public key, which is provided with a signature key certificate, reveals the holder of the signature key and the authenticity of the data (see SigG ⁇ 2, Paragraph 1).
  • a test center is able to check the digital signature of a document manufacturer and thus both its identity and the authenticity of the data contained in the document, if you have the public signature key of the document manufacturer, which is provided with a signature key certificate.
  • the use of the digital signature method is problematic if either the inspection body does not have the public signature key of the document manufacturer, which is provided with a signature key certificate from a certification body, or the document manufacturer does not have its own private or public signature key.
  • the invention has for its object to provide a method for creating and / or checking forgery-proof documents that can also be used when the
  • Verification agency does not know the public signature key of the document manufacturer and / or if the
  • this object is achieved in that the result of the irreversible linkage of the data introduced by the document manufacturer with the temporary secret is adopted in the document.
  • the invention furthermore relates to carrying out a generic method for checking the authenticity of documents in such a way that the checking body checks whether a result of an irreversible link between data brought in by a document manufacturer and a secret has been adopted in the document by the checking body checking the secret and further information that has been encrypted by a certification body is decrypted. It is particularly advantageous here that the checking body irreversibly links the data introduced by the document manufacturer with the decrypted temporary secret in the same way as a security module used to produce the tamper-proof document.
  • Certification body passed further information in addition to the temporary secret encrypted to the document manufacturer.
  • the method is expediently carried out in such a way that the further information provided by the certification body contains information about the identity of the document manufacturer and the validity of the documents produced by the document manufacturer.
  • the comparison determines whether data introduced by the document manufacturer has been falsified.
  • Fig. 1 is a security module that can be used in the method
  • Fig. 2 is a schematic representation of a system for generating and checking forgery-proof
  • the method and system described here result in for an inspection agency where the document manufacturer and the document produced by him are not known, the possibility to reliably check the authenticity of the data contained in the document and the identity of the document manufacturer without using the digital signature by the document manufacturer.
  • the document manufacturer uses a security module that is implemented using different technical means, preferably using software with programmable hardware, and contains 5 active and 3 passive units as well as 2 data outputs and 1 data input (see drawing 1).
  • the active units are:
  • the passive units are:
  • an identification register in which files are contained, with which the security module can uniquely identify itself at a confirmation point
  • the data inputs and the data outputs are the only direction-specific input and output options for the security module. No other type of access or access to the security module is possible for the document manufacturer or for third parties. Specifically, the data inputs and data outputs are:
  • the security module shown below is preferably used in the method for creating the tamper-proof documents.
  • a secret generator In the security module, a secret generator generates an unpredictable secret (e.g. one Random number), which remains unknown outside the security module, and passes this secret on the one hand to the combination machine 1 and on the other hand to the buffer.
  • the combination machine 1 combines the secret with those contained in the identification register
  • the result value of the combination machine is entered into the encryption machine, which uses the key from the key register to generate an encrypted result value that can only be decrypted by the certification body. This result value is output from data output 1 from the security module in order to be transmitted to the certification body.
  • the certification body decrypts the result value omitted and transmitted from data output 1, it decomposes this result value into the secret and the data from the identification register, identifies the security module based on the data from the identification register and encrypts the secret and other information with a key that is only available from the Can be decrypted, the encrypted secret and other information can be transferred to the document manufacturer, transferred to the document by the manufacturer and decrypted by the test center.
  • Data that the document manufacturer brings into the security module via the data input are combined by the combination machine 2 with the secret stored in the buffer.
  • the result value of the combination machine 2 is entered into the hash machine, which hash has a value according to a known method value entered. This result value is output from data output 2 from the security module in order to be adopted in the document.
  • a verifying body verifies the authenticity of the document and the identity of the document manufacturer by decrypting the secret encrypted by the certification body and further information, using a known procedure and a hash value in the security module from a combination of those introduced by the document manufacturer itself Data and the secret is formed and this hash value is compared with the transmitted hash value. This results in a comparison of the hash values - analogous to checking a digital signature
  • the certification body transmits further information to the document manufacturer in such an encrypted form that only the inspection body can decrypt it, and that to the document manufacturer for transfer to the tamper-proof Document are transmitted to provide information about the identity of the document manufacturer and the period of validity of the documents produced by the document manufacturer.
  • a preferred area of application of the invention is that document manufacturers are, for example, those persons who themselves use a computer (PC) to print out documents such as admission tickets, flight tickets or vouchers, the authenticity of which can be verified by a test part which, for example, regulates the corresponding entry.
  • the certification body is, for example, the issuing point of the admission tickets with which the document manufacturer communicates electronically over the Internet prior to printing out the admission tickets.
  • the security module is a technical means, which is preferably implemented in cooperation with software with programmable hardware and is at least temporarily part of the hardware and software of the PC of the document manufacturer.
  • the invention can ensure that, for example, the inspection body regulating entry can check the genuineness of a document that is beyond the control of an untrustworthy document manufacturer even without checking the digital signature of the document manufacturer with all the resulting consequences (individual public signature key of all document manufacturers to be checked) whose PC and printer was created.
  • the security module ensures that the information provided by the inspection body regulating entry can check the genuineness of a document that is beyond the control of an untrustworthy document manufacturer even without checking the digital signature of the document manufacturer with all the resulting consequences (individual public signature key of all document manufacturers to be checked) whose PC and printer was created.
  • the security module ensures that the information provided by the
  • Signature key certificate of a certification authority provided signature key of the document manufacturer can represent part of the document is very low. It is also advantageous that no direct communication and no joint data storage and processing between the certification body and the inspection body has to take place to check the authenticity. Finally, it is advantageous that a basic decoupling between the communication between the security module and the certification body on the one hand and the
  • Document production and checking can be carried out in such a way that several documents can be produced on the basis of communication between the security module and the certification body, into which different document-specific data can be entered by the document manufacturer.
  • FIG. 2 shows a system in which information generated by a document manufacturer is sent to a
  • the document manufacturer uses the information provided by the certification body to produce tamper-proof documents.
  • Document production is an examination of the forgery-proof documents in a test center.
  • the system shown includes process steps 1 to 8 shown below.
  • a temporary secret is generated in the form of a random number, which is encrypted together with an identification number of the security module with the public key of the certification body, so that this temporary secret cannot be known to the document manufacturer and is only decrypted by the certification body can be.
  • the encrypted random number and identification number are transmitted to the certification body. It should be noted that this transmission can also take place via an insecure path, since only the certification body is able to decrypt the information.
  • the decryption of the random number and the identification number takes place in the certification body with the private key of the certification body.
  • the random number is encrypted with further information on the identity of the document manufacturer during the period of validity of the documents produced by the document manufacturer in such a way that only the test center can decrypt the random number and the further information.
  • the encrypted information is transmitted to the document manufacturer in the method step identified by reference number 4. It should be noted that this transmission can also take place via an insecure path, since only the test center will be able to decrypt the information.
  • the method is particularly suitable for use in data networks which, as such, cannot be protected against unauthorized access, or can only be protected with difficulty, such as the Internet.
  • the document manufacturer enters his own data into the security module, which are used to identify the document.
  • a hash value is formed from the combination of the data entered by the document manufacturer and the random number still stored.
  • the document that is subsequently produced contains the data that the document manufacturer himself brings into the document hash value just created as well as the encrypted information of the certification body.
  • the document is transmitted, which consists of the data of the user, the hash value and the encrypted information of the certification body (cf. section 3).
  • the information of the certification body is decrypted using the key of the test facility.
  • the decrypted random number can be used in order to form a hash value together with the data that the document manufacturer himself has inserted into the document, using the same known method that was used in the security module to form the hash value.
  • a comparison of the hash value formed with the transmitted hash value provides reliable information as to whether the data introduced by the document manufacturer itself has been falsified.
  • further information about the identity of the document manufacturer and the validity period of the documents produced by the document manufacturer can be decrypted.
  • the method and system for creating counterfeit-proof documents using a security module results in the possibility for a test center at which a document manufacturer and the document produced by him are unknown, even without using the digital signature by the document manufacturer
  • Certification body provided with which the security module operated by the document manufacturer communicates in advance of the production / processing of the document.
  • the method and system is particularly suitable for giving people the option of printing out entry tickets or vouchers on their own PC, which can be checked for authenticity without any doubt.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Editing Of Facsimile Originals (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Document Processing Apparatus (AREA)
EP00982952A 1999-10-07 2000-10-05 Verfahren zur erstellung und überprüfung fälschungssicherer dokumente Withdrawn EP1254405A2 (de)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
DE19948319A DE19948319A1 (de) 1999-10-07 1999-10-07 Verfahren und System zur Erstellung fälschungssicherer Dokumente
DE19948319 1999-10-07
DE10020563A DE10020563C2 (de) 1999-10-07 2000-04-27 Verfahren zur Erstellung und Überprüfung fälschungssicherer Dokumente
DE10020563 2000-04-27
PCT/DE2000/003507 WO2001025880A2 (de) 1999-10-07 2000-10-05 Verfahren zur erstellung und überprüfung fälschungssicherer dokumente

Publications (1)

Publication Number Publication Date
EP1254405A2 true EP1254405A2 (de) 2002-11-06

Family

ID=26005483

Family Applications (1)

Application Number Title Priority Date Filing Date
EP00982952A Withdrawn EP1254405A2 (de) 1999-10-07 2000-10-05 Verfahren zur erstellung und überprüfung fälschungssicherer dokumente

Country Status (8)

Country Link
US (1) US7237120B1 (enExample)
EP (1) EP1254405A2 (enExample)
JP (1) JP2003527782A (enExample)
AU (1) AU773985B2 (enExample)
CA (1) CA2425184A1 (enExample)
DE (1) DE10083046D2 (enExample)
NZ (1) NZ518162A (enExample)
WO (1) WO2001025880A2 (enExample)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU773985B2 (en) * 1999-10-07 2004-06-10 Deutsche Post Ag Method for producing and checking forge-proof documents

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10136608B4 (de) 2001-07-16 2005-12-08 Francotyp-Postalia Ag & Co. Kg Verfahren und System zur Echtzeitaufzeichnung mit Sicherheitsmodul
DE10211265A1 (de) 2002-03-13 2003-10-09 Deutsche Post Ag Verfahren und Vorrichtung zur Erstellung prüfbar fälschungssicherer Dokumente
JP2008219368A (ja) * 2007-03-02 2008-09-18 Oki Data Corp 画像形成装置

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB8804689D0 (en) 1988-02-29 1988-03-30 Alcatel Business Systems Franking system
US4941176A (en) * 1988-08-11 1990-07-10 International Business Machines Corporation Secure management of keys using control vectors
FR2700905B1 (fr) 1993-01-28 1995-03-10 France Telecom Dispositif et procédé de sécurisation de transmission de télécopies, et télécopieur sécurisé comportant un tel dispositif.
US5448641A (en) * 1993-10-08 1995-09-05 Pitney Bowes Inc. Postal rating system with verifiable integrity
US5606609A (en) * 1994-09-19 1997-02-25 Scientific-Atlanta Electronic document verification system and method
DE19513896A1 (de) 1995-04-12 1996-10-17 Deutsche Telekom Ag Verfahren zum Signieren einer Nachricht
US5982506A (en) * 1996-09-10 1999-11-09 E-Stamp Corporation Method and system for electronic document certification
DE19703929A1 (de) 1997-02-04 1998-08-06 Deutsche Telekom Ag Verfahren zum Generieren einer digitalen Signatur und Verfahren zur Überprüfung der Signatur
US5872848A (en) 1997-02-18 1999-02-16 Arcanvs Method and apparatus for witnessed authentication of electronic documents
US5937159A (en) * 1997-03-28 1999-08-10 Data General Corporation Secure computer system
US5859911A (en) * 1997-04-16 1999-01-12 Compaq Computer Corp. Method for the secure remote flashing of the BIOS of a computer
US6023296A (en) * 1997-07-10 2000-02-08 Sarnoff Corporation Apparatus and method for object based rate control in a coding system
DE19948319A1 (de) * 1999-10-07 2000-05-11 Juergen K Lang Verfahren und System zur Erstellung fälschungssicherer Dokumente
JP2003527782A (ja) * 1999-10-07 2003-09-16 ドイッチェ・ポスト・アクチェンゲゼルシャフト 偽造防止文書を作成および検査する方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0125880A2 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU773985B2 (en) * 1999-10-07 2004-06-10 Deutsche Post Ag Method for producing and checking forge-proof documents

Also Published As

Publication number Publication date
DE10083046D2 (de) 2002-03-07
JP2003527782A (ja) 2003-09-16
AU773985B2 (en) 2004-06-10
WO2001025880A2 (de) 2001-04-12
WO2001025880A3 (de) 2002-08-15
US7237120B1 (en) 2007-06-26
NZ518162A (en) 2003-09-26
AU1992401A (en) 2001-05-10
CA2425184A1 (en) 2003-04-07

Similar Documents

Publication Publication Date Title
DE69931967T2 (de) Methode zur sicherung von elektronischer information
DE60036424T2 (de) Verfahren und Vorrichtung zur Verschlüsselung/Entschlüsselung sowie Identifikationssysteme
DE69737905T2 (de) Gültigkeitsprüfung kryptografischer öffentlicher Schlüssel für Chipkarten
DE3122534C1 (de) Verfahren zur Erzeugung sowie Kontrolle von Dokumenten, sowie Dokument und Vorrichtung zur Durchführung des Verfahrens
DE102009027723A1 (de) Verfahren zum Lesen von Attributen aus einem ID-Token
EP3497615B1 (de) Verfahren zur handschriftlichen elektronischen signatur
DE69330743T2 (de) Verfahren zur Beurkundung einer Informationseinheit durch eine andere
EP3422274A1 (de) Verfahren zur konfiguration oder änderung einer konfiguration eines bezahlterminals und/oder zur zuordnung eines bezahlterminals zu einem betreiber
DE69737806T2 (de) Datenverschlüsselungsverfahren
EP3552344B1 (de) Bidirektional verkettete blockchainstruktur
DE10020563C2 (de) Verfahren zur Erstellung und Überprüfung fälschungssicherer Dokumente
EP0997807A2 (de) Verfahren zum Online-Update sicherheitskritischer Software in der Eisenbahn-Signaltechnik
EP1254405A2 (de) Verfahren zur erstellung und überprüfung fälschungssicherer dokumente
DE19922946A1 (de) Verfahren zum Einbringen von Authentikationsdaten auf eine Hardwareeinheit
EP3767513B1 (de) Verfahren zur sicheren durchführung einer fernsignatur sowie sicherheitssystem
EP2562670B1 (de) Verfahren zur Durchführung eines Schreibzugriffs, Computerprogrammprodukt, Computersystem und Chipkarte
EP4174703B1 (de) Wiederherstellen eines kryptografischen schlüssels
EP1784756B1 (de) Verfahren und sicherheitssystem zur sicheren und eindeutigen kodierung eines sicherheitsmoduls
EP1222512B1 (de) Sicherungsmodul und verfahren zur erstellung fälschungssicherer dokumente
DE19801241C2 (de) Verfahren zur Generierung asymmetrischer Kryptoschlüssel beim Anwender
DE4344280C2 (de) Verfahren zum Autorisieren von digitalisierten Daten aus Texten, Bildern und dergleichen
DE102007036212A1 (de) Identitätsbasierte Produktsicherung
CH717898A1 (de) Server zur Abwicklung von Finanz-Transaktionen.
EP2230648A1 (de) Einmalkennwortmaske zum Ableiten eines Einmalkennworts
EP4174700A1 (de) Bereitstellen eines digitalen dokuments

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

AX Request for extension of the european patent

Free format text: AL;LT;LV;MK;RO;SI

17P Request for examination filed

Effective date: 20030217

17Q First examination report despatched

Effective date: 20081219

REG Reference to a national code

Ref country code: HK

Ref legal event code: WD

Ref document number: 1051585

Country of ref document: HK

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20130503