EP2291744A2 - Verfahren und system zur validierung des erfolgs von ereignissen in einem gerät - Google Patents

Verfahren und system zur validierung des erfolgs von ereignissen in einem gerät

Info

Publication number
EP2291744A2
EP2291744A2 EP09769530A EP09769530A EP2291744A2 EP 2291744 A2 EP2291744 A2 EP 2291744A2 EP 09769530 A EP09769530 A EP 09769530A EP 09769530 A EP09769530 A EP 09769530A EP 2291744 A2 EP2291744 A2 EP 2291744A2
Authority
EP
European Patent Office
Prior art keywords
event
value
traceability
events
identifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP09769530A
Other languages
English (en)
French (fr)
Inventor
Nicolas Reffe
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ORIDAO
Original Assignee
ORIDAO
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ORIDAO filed Critical ORIDAO
Publication of EP2291744A2 publication Critical patent/EP2291744A2/de
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/28Error detection; Error correction; Monitoring by checking the correct order of processing

Definitions

  • the present invention relates to the general field of traceability of any devices such as for example materials, products or objects.
  • It relates more particularly to the mechanisms making it possible to control at any stage of a process comprising a plurality of events, if a device arrived at this stage has undergone or experienced all the events provided for by the process in a sequence predetermined.
  • an event experienced by a device may designate in particular a treatment applied to this device or a state or change of state of a physical parameter of this device (such as for example its temperature, its pressure, etc. .).
  • this solution has a complexity in terms of deployment and a high cost of implementation, especially in the case of traceability applications of distribution networks for which the different points of passage are not in a single place (eg points passing through various subcontractors or distribution networks). It also requires means of connection to the centralized information system and remote interrogation.
  • Another alternative is to use recording media embedded on the device, such as for example RFID tags, incorporating memory modules of suitable size for storing tracking data associated with each event experienced by the device individually.
  • This alternative has the advantage that the monitoring data to determine whether a device has undergone all the expected events, are directly carried by the device and thus exploitable simply and quickly.
  • these recording media and in particular the RFID tags are easily searchable and the data they carry do not offer any confidentiality.
  • the present invention relates to a method for validating a succession of events in the life of a device with respect to a predefined sequence of events, this method comprising:
  • the invention also relates to a system for validating a succession of events in the life of a device with respect to a predefined sequence of events, this system comprising:
  • a control system comprising:
  • the validation is done in two phases: a first marking phase of the device, with a digital traceability fingerprint calculated from a cryptographic hash function and representative of a sequence of events experienced by the device; and
  • a second control phase consisting in comparing this traceability footprint with a theoretical footprint generated using the same cryptographic hash function and representative of a sequence of events expected from the process.
  • the identifiers of the events used on the one hand during the marking phase and on the other hand during the control phase must be coherent with each other, that is to say identical when they identify the same event.
  • a cryptographic hashing function (or cryptographic hashing algorithm) is a function that processes or processes a data input message of any size to produce a fixed-size digital fingerprint for identify the input data.
  • Such a function generally has the following properties
  • a cryptographic hash function is conventionally used in cryptography in authentication or document integrity control protocols.
  • the invention advantageously proposes to use this function in a context of traceability, to validate, at any stage of a given process (intermediate or final stage), that a device has respected a finite sequence of events of this process in a given order, without storing on the device, tracking data other than a digital fingerprint traceability fixed size regardless of the number of events considered.
  • the digital traceability fingerprint generated for each event represents, by its construction, a summary of the history of previous events experienced by the device. Therefore, it is not necessary to store, for each event lived by the device, a digital fingerprint specific to this event. Only the digital fingerprint generated for the last event lived by the device is used for validation.
  • the invention allows a substantial gain in terms of size compared to the solutions proposed in the prior art.
  • the use of passive RFID chips with very little memory space for storage on the device traceability footprint is allowed, which represents a significant gain in terms of costs for an industrial wishing to achieve traceability of its products.
  • the invention provides a secure and reliable solution. Indeed, given the properties of the cryptographic hash function, it is impossible, if the traceability footprint differs from the expected theoretical footprint, to establish a sequence of simulated events so as to reduce the footprint of traceability to the expected value.
  • a fingerprint can be calculated by knowing the sequence of events experienced by the device, but it is impossible to deduce these successive events from the sole knowledge of the fingerprint. . Consequently, reading the traceability fingerprint of a device at any stage of a process does not allow a malicious person to deduce any information about the process itself and especially about the sequence of events. events of this process.
  • the theoretical footprint i.e. the expected footprint of the predefined sequence of events
  • the theoretical footprint can be calculated separately from the device, and subsequently compared to the traceability footprint carried by the device. This limits the costs of redeployment in the event of modification of the process, the calculation of the traceability footprint taking place in a similar way regardless of the complexity and the length of the process, and the theoretical footprint can be pre-calculated for a predefined sequence of events independently of the device.
  • the means for obtaining an identifier of each event of the succession, the means for calculating the traceability footprint (including the means for applying the cryptographic hash function) and the means to memorize are embedded on the device. They are for example implemented on an active or passive RFID chip carried by or integrated into the device.
  • the means for obtaining an identifier and the means for calculating the traceability footprint can be implemented on a calculation module that is not worn by the device. This solution requires the recovery by the calculation module of the value of the digital fingerprint traceability calculated for the previous event.
  • this solution will preferably be used to ensure the traceability of a device in an internal process under control and without risk of malfeasance (interception and modification of the traceability footprint between the calculation module and the device), or else accompanied by securing the connection between the calculation module and the device.
  • the memorization of the traceability footprint on the device can be done on a support carried by or integrated into this device, of different types. It may be for example a rewritable digital memory, an active or passive RFID chip or tag, etc.
  • a tag or a passive RFID chip has the advantage of having a relatively low cost.
  • the identifier of each event of the succession of events can be predefined. It is a specific identifier for this event, for example an event number, etc. It will be managed preferentially by a module external to the device followed and associated with the event considered, which sends, before the calculation step, the device or the calculation module, the identifier of the event experienced by the device.
  • the validation method further comprises, for each event, before the calculation step:
  • the validation system may also comprise a module associated with each event of the succession and comprising:
  • the module associated with the event receives the digital fingerprint traceability but can not have access to events previously experienced by the device simply by reading this fingerprint.
  • the external calculation module or the device itself receives the event identifier transmitted by the module associated with this event and used to generate the traceability footprint, maize can not have access to the initial identifier of the event. current event at the simple reading of this event identifier.
  • the means for memorizing memorize the current value of the traceability fingerprint on the device in replacement of the value of the traceability fingerprint stored for the previous event.
  • all the digital impression values can be memorized (for example to retrace back in the course of a survey phase an event of the predefined sequence that would not have been experienced by the device), but only the last one value of the digital traceability fingerprint is used during the process according to the invention.
  • the monitored device which stores via the traceability fingerprint the history of the events that it has experienced at a given stage of a process
  • a calculation module that can be integrated into the device and that calculates the current value of the traceability fingerprint with each event using a hash function
  • control system which is adapted to evaluate a theoretical footprint relating to a predefined sequence of events and to check that this sequence has been lived by the device.
  • the invention provides a method of controlling a device for determining whether a predefined sequence of events has been experienced by this device, comprising:
  • the invention also relates to a control system adapted to determine whether a predefined sequence of event processing has been experienced by a device, characterized in that it comprises:
  • the invention also relates to a method of marking a device characterized in that it comprises, for each event of a succession of events in the life of a device:
  • the invention also relates to a device comprising:
  • the means for obtaining, calculating and memorizing are implemented on an RFID chip embedded on or integrated in the device.
  • the device according to the invention further comprises:
  • the means for protecting this code adapted to make it inaccessible to an unauthorized third party by interrogating the device; and is such that the means for calculating are further adapted to calculate an initial value of the traceability fingerprint by applying the hash function on at least this proprietary code.
  • the traceability imprints calculated by the device are unfalsifiable by an unauthorized person outside the validation application.
  • the device further comprises means for activating and deactivating the aforementioned means for obtaining, calculating and memorizing.
  • the RFID chip considered is a passive RFID chip.
  • the invention also aims at an RFID chip intended to be embedded on a device and comprising:
  • the RFID chip according to the invention further comprises:
  • means for protecting this code adapted to make it inaccessible to an unauthorized third party by querying the chip; and is such that the means for calculating are further adapted to calculate an initial value of the traceability footprint by applying the hash function on at least this proprietary code.
  • the traceability imprints calculated by the RFID chip are tamper-proof by an unauthorized person outside the validation application.
  • the proprietary code is for example a specific identifier for the user wishing to perform the validation.
  • the means of protection of the proprietary code implemented may be of different natures.
  • the device according to the invention can store this code in a volatile memory for calculating the cryptographic hash function, so that after calculating the initial imprint, the value of the proprietary code not be kept.
  • the implementation of the cryptographic hash functions is such that the processing variables used by these functions are not retained (they are usually erased after each use or overwritten by other processing variables).
  • the device according to the invention can store this code in a secure memory, protected for example by means of an encryption or authentication algorithm, so that only an authorized person ( holding the appropriate decryption key) can access this code.
  • control method is determined by computer program instructions.
  • the invention also relates to a computer program on an information carrier, this program being capable of being implemented in a control system or more generally in a computer, this program comprising instructions adapted to the implementing the steps of a control method as described above.
  • This program can use any programming language, and be in the form of source code, object code, or intermediate code between source code and object code, such as in a partially compiled form, or in any other form desirable shape.
  • the invention is also directed to a computer readable information medium, and including computer program instructions as mentioned above.
  • the information carrier may be any entity or device capable of storing the program.
  • the medium may comprise storage means, such as a ROM, for example a CD ROM or a microelectronic circuit ROM, or a means magnetic recording, for example a floppy disk or a hard disk.
  • the information carrier may be a transmissible medium such as an electrical or optical signal, which may be conveyed via an electrical or optical cable, by radio or by other means.
  • the program according to the invention can be downloaded in particular on an Internet type network.
  • the information carrier may be an integrated circuit in which the program is incorporated, the circuit being adapted to execute or to be used in the execution of the method in question.
  • FIG. 1 shows a device according to the invention in its environment, in a first embodiment of the validation system according to the invention
  • FIG. 2 represents, in schematic form, an RFID tag associated with the device according to the invention in a particular embodiment of the invention
  • FIG. 3 represents, in flowchart form, the main steps of a marking method according to the invention when they are implemented by a device as represented in FIG. 1, in a particular embodiment;
  • FIG. 4 represents a control system according to the invention, in its environment, in a particular embodiment of the invention
  • FIG. 5 represents, in flowchart form, the main steps of a control method according to the invention, when they are implemented by a control system as represented in FIG. 4, in a particular mode of achievement;
  • FIG. 6 represents an example of digital impressions generated during the marking process and the control method according to the invention;
  • FIG. 7 represents a device according to the invention in its environment, in a second embodiment of the validation system according to the invention.
  • FIG. 8 represents an example of a hash function that can be implemented in an RFID device and / or a chip in accordance with the invention and / or in a control system according to the invention.
  • FIG. 9 represents a particular embodiment of a hash function as represented in FIG. 8.
  • the tracking of any device is considered to be the subject of a succession of processes of a process, so as to validate this succession of treatments with respect to a predefined sequence of expected treatments.
  • the invention can also be applied to the monitoring of any event of the life of a device, such as, for example, the evolution of the state of physical parameters of this device, for example in a sterilization or chain process. cold.
  • the validation comprises two phases:
  • a marking phase of the device aimed at calculating a traceability footprint representative of a succession of events in the life of this device, and implemented using a marking method according to the invention as subsequently described.
  • Figures 1, 2, 3 and 7 in two embodiments;
  • FIG. 1 represents a device 10 according to the invention, in its environment, in a first embodiment of the validation system according to the invention.
  • the device 10 is a computing device within the meaning of the invention.
  • a process PROC 10 comprising a number M of successive processes EV 1 , EV 2 ,..., EV n , .., EV M , is applied to this device 10.
  • the validation of the SEV succession of n consecutive events EVi, EV 2 ,..., EV n is applied to this device 10.
  • Other successions of events may be envisaged (for example a succession of non-consecutive but ordered events such as the succession constituted by the events EV 2 , EV 4 , EVM).
  • the device 10 incorporates (or carries) an RFID electronic tag 11.
  • This tag can be active or passive.
  • the RFID electronic tag 11 is part of the device 10, and in particular that a datum stored on the RFID tag 11 is on the device 10.
  • Figure 2 schematically illustrates an example of such a label. It comprises in particular an antenna HA connected to a RFID chip HB.
  • the antenna HA of the RFID tag 11 is adapted to transmit and receive radio waves, for example from a read / write system such as an RFID reader or a scanner.
  • Each scanner 2Q 1 stores in a memory 2 I j an identifier ID 1 specific to the processing EVj (identifier of the event EV j within the meaning of the invention).
  • the identifier ID j is stored in the form of a block of digital data (for example binary), whose size is a multiple of a predetermined value p.
  • the size of a block of digital elements is the number of elements (eg bits) of this block.
  • the identifiers ID j can have different sizes with respect to each other.
  • the HB chip of the RFID tag here comprises calculation means HC, implementing a cryptographic hash function H associated here with the process PROC.
  • This function H is for example one of the following known cryptographic hash functions: SHA-I (Secure Hash Algorithm - 1), SHA-2 (Secure Hash Algorithm - 2) or MD5 (Message Digest 5).
  • Another hash function can be implemented. An example of such a function will be described later with reference to FIGS. 8 and 9.
  • a cryptographic hash function is a function that undergoes one or more successive processing of data so as to generate a given fixed-size digital fingerprint from an initial print value.
  • the hash function H is adapted to successively "chop" blocks of digital data U i, U 2 , ... of size p, to compute a digital fingerprint E of size t from a value initial impression E, n , t .
  • the data on which the cryptographic hash functions are applied have sizes. multiples of p so that these functions successively hack blocks of fixed size P.
  • this assumption is not limiting, it is possible to consider blocks of any size using for example stuffing techniques (or padding in English) known to those skilled in the art to obtain blocks of size multiple of p, or appropriate hash functions suitable for chopping blocks of variable size.
  • the calculation means of the function H can be implemented on a calculation module external to the device 10 and adapted to communicate with the device 10 and in particular with the RFID tag.
  • a calculation module external to the device 10 and adapted to communicate with the device 10 and in particular with the RFID tag.
  • Such an external module can be implemented including scanners 2O j described above, for each event EV j.
  • the HB chip of the RFID tag 11 further comprises HD storage means of a digital fingerprint of size t. These means include a rewritable zone Z of size t.
  • this zone Z may not be rewritable but adapted to contain consecutive recordings of digital fingerprint.
  • this marking consists in calculating a so-called traceability imprint, representative of the succession of the ordered treatments EVi, EV 2 ,..., EV n applied to the device 10, and storing it on the device 10.
  • a digital fingerprint EN is updated stored in the RFID tag 11, as the various treatments are applied to the device 10.
  • the RFID tag 11 calculates an initial value EN 0 of the traceability fingerprint EN using the hash function H (step FlO).
  • a public footprint eo of size t for example common to all the devices tracked by means of a marking method and a validation method according to the invention.
  • This proprietary code K has a size here that is a multiple of p.
  • the public imprint eo has been previously stored on the RFID tag 11, for example by the manufacturer of the RFID tag.
  • the proprietary code is transmitted to the RFID tag in a secure environment, for example when associating the RFID tag 11 with the device 10. It is stored on the RFID tag 11, directly (and only here) in a volatile memory HE of calculation of the function H, and this the time of its use for the calculation of the value of the initial imprint.
  • the volatile memory HE is for example a calculation register of the function H.
  • the RFID tag 11 calculates the initial imprint EN 0 by applying the hash function H parameterized by the public imprint eo on the proprietary code K, ie:
  • the variables on which the cryptographic hash function H (eg event identifiers and proprietary code) are applied, pass through a volatile memory for calculating this function (such as the aforementioned HE memory). , but are not preserved, after applying the hash function, in this memory. They are for example erased from this memory or overwritten by other so-called H function processing variables.
  • the proprietary code K is erased from the volatile memory HE.
  • an unauthorized third person can not access the proprietary code from the device 10, and in particular by querying the RFID chip 11. In this way, the traces of traceability generated later will be tamper-proof.
  • the obtaining by the RFID chip of the proprietary code K in a secure environment, the storage of this proprietary code in a volatile memory for calculating the function H, and the operating mode of the function H as to the non-conservation of the variables of processing they use, represent means of protection of the proprietary code within the meaning of the invention.
  • other means of protection may be implemented by the RFID chip so as to make the proprietary code inaccessible.
  • this proprietary code can be stored in a secure memory by a cryptographic process of encryption or authentication.
  • the division into blocks of size p of the proprietary code K may advantageously be carried out by the entity which transmits to the RFID tag this proprietary code, this entity then transmitting each block of size p successively to the RFID tag.
  • an identifier of the device 10 serial or batch number of the device, product range to which the device belongs, etc.
  • stored on the RFID tag or not stored on the RFID tag, provided that it is accessible on the device 10 by another reading means;
  • identifiers may be used, in combination with the proprietary code K, to generate the initial imprint EN 0 so as to make it specific to each device 10 or to each batch of devices for example. They can be chopped after having minced the owner code K.
  • step F20 It is assumed that the device 10 then initiates the succession of treatments EV 1 , EV 2 ,..., EV n (step F20).
  • the identifier ID j of this processing is sent by the scanner 2O j to the device 10 by radio wave (so unencrypted here), for example upon detection of completion of this treatment by appropriate means known per se.
  • This identifier ID j is received by the antenna HA of the RFID tag 11 (step F31) and stored temporarily (and only here) in the volatile memory calculation HE of the function H.
  • the calculating means HC then calculate the current value EN j for the event EV j of the traceability digital fingerprint, by applying to the identifier ID j the hash function H parameterized by the previous value EN j -i of the digital print (step F32):
  • ENJ H ([IDJ], EN H )
  • the current value J is then stored by the storage means HD in the rewritable area replacement Z value by j -i of the digital fingerprint calculated for the treatment EV j previous -i (step F33).
  • the identifiers ID j (and in general, the set of variables hashed by the hash function) are erased from the volatile memory calculation HE of the RFID chip from their use by the function hash, so as to make them inaccessible by reading or interrogating the RFID tag.
  • step F40 Following the storage of the digital fingerprint EN j , the device 10 is subjected to the following processing EV ] + i (step F40). The steps F31, F32 and F33 are repeated for each treatment applied to the device 10.
  • the traceability imprint EN n stored in the rewritable zone Z represents a condensed history of the ordered processes EVi, EV 2 , ..., EV n .
  • the user A wishes to check at this stage of the treatment process, that the device 10 has undergone a predetermined sequence composed of n ordered treatment re fi EV, EV ref 2, ..., and denoted EVrefn SEV re f.
  • it uses a control system according to the invention, as shown, in a particular embodiment, in Figure 4 described now.
  • control system considered is for example a scanner 30 having the hardware architecture of a computer. It comprises in particular a processor 31, a random access memory RAM 32, radio communication means 33 enabling it to communicate with and read RFID tags (and in particular the RFID tag 11 of the device 10), a read-only memory of type ROM 34 and a rewritable non-volatile memory 35.
  • the identifiers ID refj and ID j are identical.
  • the ROM-type ROM 34 constitutes a recording medium in accordance with the invention on which is recorded a computer program according to the invention adapted to perform the main steps of the control method according to the invention, represented in the form of FIG. flowchart in Figure 5 described now.
  • control system 30, the device 10 carrying the RFID chip 11 and the scanners 20 3 form a validation system according to the invention.
  • control system 30 uses, in accordance with the invention, on the one hand the value of the digital fingerprint EN n stored in the device 10. and on the other hand a theoretical numerical fingerprint IN re f representative of the predefined sequence of SEV treatments re f.
  • the control system reads the RFID tag 11 of the device 10 by means of its communication means 33 (step GlO), in a manner known to those skilled in the art.
  • control system 30 evaluates the theoretical numerical fingerprint BY re f by applying the hash function H successively on the identifiers ID re f j , taken in order, of the events of the SEV sequence re f (step G20 ).
  • the calculation of the theoretical footprint EN re f can be done at any time by means of the knowledge of the identifiers ID refj , the public footprint eo and the proprietary code K, that is to say "independently" of the when the calculation of the traceability footprint is performed by the device 10.
  • the theoretical footprint EN r ⁇ f can be pre-calculated.
  • the control system 30 compares the traceability fingerprint EN n received from the device 10 with the theoretical fingerprint IN re f (step G30).
  • step G40 If the traceability footprint EN n corresponds to the theoretical footprint EN ref (step G40), then the control system 30 determines that the device 10 has followed the predefined processing sequence SEVr ef (step G50).
  • control system 30 deduces that the device 10 has not followed the predefined treatment sequence SEV re f (step G60). This may be because, for example, the order of sequence of treatment was not respected, or that all the expected treatments were not achieved. An additional procedure of investigation and / or corrections, not described here, can then be implemented to find the source of the problem.
  • FIG. 6 illustrates an example of different digital tracing fingerprints EN 2 and theoretical EN ref , generated respectively during the marking and control methods previously described, for a number n of treatments equal to 2.
  • the digital prints are represented in hexadecimal form and are small in size, in particular for the sake of simplicity and clarity.
  • the invention applies to digital fingerprints that are not necessarily binary, and of any size, it will however be preferable to use, for reasons of hardware implementation in particular, binary digital prints. Furthermore, in a privileged manner, particularly for reasons of security and robustness of the hash function H, the size of the digital prints will be taken sufficiently large, ie generally greater than 60 bits.
  • FIG. 7 represents a device 10 according to the invention (as previously described with reference to FIG. 1 in particular), implemented in a second embodiment of the validation system according to the invention.
  • the scanner 20 ' j associated with an event EV j calculates an identifier ID j ' of this event (also called contextual identifier of the event) from an initial identifier specific to the event.
  • This initial identifier may be, for example, the identifier ID j considered previously in the first embodiment.
  • the contextual identifier ID j ' is an identifier of the event EV j within the meaning of the invention.
  • the scanner 2O j' bed initially the value of the footprint on the device 10 in the zone Z of the RFID tag 11.
  • a cryptographic hash function h (second hash function in the sense of the invention) parameterized by the value EN 3 - I , ie with the notations previously introduced:
  • This hash function h is for example a SHA-1, SHA-2 or MD5 function. It may be different from the cryptographic hash function H implemented in the device 10. A hash function h different for each scanner 20 / may also be implemented.
  • the identifier IDj ' is then sent to the device 10 (see step F31 of FIG. 3), which calculates from this identifier the current value of the digital traceability fingerprint EN 3 for the event EV j (cf. step F32 of FIG. 3), as previously described for the first embodiment of the invention.
  • control system 30 the device 10 carrying the RFID chip 11 and the scanners 20y form a validation system according to the invention.
  • This second embodiment implements a so-called "mutual ignorance" protocol between the device 10 and the scanner 20 /.
  • This protocol is particularly advantageous, especially in a context where the event identifiers could be intercepted between the scanners and the device 10 so as to be exploited dishonestly (for example to implement a counterfeit PROQ process.
  • the scanner 20 / can not access, on simple reading of the value of the traceability fingerprint EN 3-I , information concerning the previously applied treatments on the device 10.
  • the device 10 can not have access, from the identifier ID j 'transmitted by the scanner, to the initial identifier ID 3 . Because of the properties of the cryptographic hash function h, it is indeed impossible for it to find, starting from the value EN 3-1 of the traceability footprint and the contextual identifier ID j '/ initial identifier IDj.
  • H1 a hash function
  • H1 means for calculating this hash function H1 which can be used in particular by the device 10 (and notably by the RFID chip 11) and the control system 30 according to the invention. It should be noted that this hash function H1 can also be used by the scanners 20 /.
  • the hash function H1 is parameterized by the value EN j -i of the traceability imprint for the event EV j -i (hereinafter referred to as the previous value of the imprint traceability), and is applied to the identifier ID j for the calculation of the value ENj of the traceability fingerprint for the EV event j (hereinafter referred to as the current value of the traceability fingerprint).
  • the identifier ID j is of size p, so that its hash requires only one iteration.
  • the generalization to several iterations for hashing the identifier ID j is obvious to those skilled in the art and will not be detailed here.
  • FIG. 8 represents an iteration carried out by calculation means 40 of the hash function H1, hereinafter denoted by iteration j. Note that this figure illustrates on the one hand the main steps of the step of calculating the current value EN j of the digital print from the identifier ID j , and on the other hand the means implemented for this calculation.
  • the computing means 40 of the hash function H1 comprise a pseudo-random state vector generator 50 and a pre-conditioning module 60.
  • the state vector considered is the traceability footprint EN of size t. This traceability footprint is assumed here binary, that is to say composed of t bits.
  • the pseudo-random generator 50 calculates the current value EN 3 according to a non-invertible application dependent on the previous value EN 3-I and a current intermediate value X u (X " is a vector of size p).
  • the pseudo-random generator 50 is adapted to successively apply, on a temporary vector of size t1 greater than or equal to t, comprising at least a first intermediate vector of size t formed from at least one section of the value IN jI and the current intermediate value X u , a predetermined number of permutations of size tl.
  • Each permutation is associated with a bit of a permutation key C n of size d and chosen as a function of at least the value of this bit.
  • the permutation key C n results from a selection of d bits from the t bits of the first intermediate vector.
  • the current value ENj of the traceability footprint is then obtained from at least one section of the vector resulting from this application step.
  • vector V 3 comprising a vector V b
  • section of a vector of size t is meant a set of j bits of this vector occupying particular positions in this vector, j being between 1 and t (l ⁇ j ⁇ t).
  • a section of size t of a vector of size t will designate the vector itself.
  • each bit of the permutation key C n that is to say each permutation stage, is associated with a permutation PO when this bit is equal to 0 and a permutation P1 when this bit is equal. to 1.
  • the same pair of permutations (PO, P1) can be considered at different permutation stages.
  • these permutations PO and P1 will be defined in every point different from each other and individually different at each point of the permutation identity.
  • the permutation function ⁇ composed of the aforementioned d permutations advantageously constitutes a one-way function, that is to say a function that can be easily calculated in a meaning, but difficult or impossible to reverse in a reasonable time (the with a reasonable complexity).
  • WS ⁇ (WE, C n ) to denote that the permutation function ⁇ parameterized by the permutation key C n is applied to input data WE in order to obtain output data WS.
  • the current intermediate value X ⁇ used by the pseudo-random generator 50 is derived from a calculation carried out by the preconditioning module 60 according to an invertible application dependent on the previous value EN j -i and the identifier ID j transmitted by the scanner 2O j .
  • the pre-conditioning module 60 applies on the identifier ID j , a symmetric function f with a secret key parameterized by at least one section of the previous value EN j -i of the traceability fingerprint.
  • This symmetric secret key function comprises at least one exclusive operation with at least one section of the previous value EN j-1 of the traceability footprint.
  • the traceability footprint EN has a section of size p denoted X also called state variable.
  • the location of this state variable is predefined and preferably fixed.
  • the value X j -i of the state variable X included in the previous value EN j -i of the traceability fingerprint is used, by the pre-conditioning module 60, to parameterize the symmetrical function f with secret key.
  • the function / is an exclusive-or-operation, implemented by the exclusive-door 61, and parameterized by the value X ⁇ 1 (the secret key of this function f is thus equal here to Xj -i).
  • the exclusive-or-gate 61 calculates the current intermediate value X " by applying an exclusive-or-operation between the identifier ID j and the value X jI of the state variable X:
  • X " IDj ⁇ XJ-I.
  • the function / may comprise other operations (eg, exclusive-or-operations, permutations, etc.) parameterized by other sections of the imprint EN jI .
  • the current intermediate value X " is then transmitted to the pseudo-random generator 50, which evaluates from this current intermediate value and from the previous value EN j -i of the traceability footprint, the current value EN j .
  • a first pseudo-random generator calculation means 51 replaces the previous value X H of the state variable X with the current intermediate value X "to form a first intermediate vector V ⁇ nt i of size t.
  • a second calculation means 52 forms a provisional vector V prO v of size 2 * t, starting from the first intermediate vector V ⁇ nt i and the complementary vector, denoted v intl, of this first intermediate vector V, nt i- known per se, the complementary vector of a vector is obtained by complementing each bit of this vector with 1.
  • V prov ⁇ V intl V mi l
  • this provisional vector may be equal to V, n ti (ie it is then possible to clear the second calculation means 52) and is in this case of size t.
  • the provisional vector V prO v is then supplied to a third calculation means 53 comprising permutation means 53b, adapted to apply the one-way function ⁇ previously described on the temporary vector to form a result vector V res .
  • the one-way function ⁇ applied by permutation means 53b is parameterized by a permutation key Cn of predetermined size d, less than or equal to t.
  • d t.
  • the current value of this permutation key C n is formed by a forming means 53a from the first intermediate vector.
  • the current value C n is taken equal to the value of the first intermediate vector, namely
  • the size of the key d may be less than t.
  • the permutation key C n will then be formed by the means 53a by selecting distinct bits, consecutive or not, from the t bits of the first intermediate vector V rt i, the positions of the selected bits being preferentially pre-established and fixed.
  • the size d of the permutation key greater than the size of the current intermediate value X "(d ⁇ p) will be chosen and the selected bits will comprise the current intermediate value X".
  • the pseudo-random generator 50 further comprises a fourth calculation means 54, which selects a section of t bits from among the bits of the result vector V res to form a second intermediate vector V m t2- For example, the second intermediate vector V , nt 2 is formed by the first t bits of the result vector V res .
  • the pseudo-random generator 1 also comprises a fifth calculation means 55 comprising an exclusive-exclusive gate 55a combining the previous value EN j -i of the traceability fingerprint and the second intermediate vector V mt2 , so as to form the current value EN j of the traceability footprint.
  • this hash function has the advantage of being very small. It is possible in particular to implement this function on a passive RFID chip with very few logic gates.
  • the proposed hash function can be advantageously applied to any predetermined size of words before its implementation to generate fingerprints of any predetermined size before its implementation.
  • this centralized information system comprises at least one computer server connected to a computer network and to which are connected, for each treatment step followed, applied to a device to follow equipped with an RFID tag, scanners. These scanners are responsible for reading and transmitting to this server, via the computer network, the information read on the RFID tag of the device to follow.
  • this information system is provided with means enabling it to be a control system according to the invention.
  • the device to follow is in accordance with the invention.
  • the means of the device will subsequently be grouped together under the name of traceability module to obtain an identifier of the event, the means of the device for calculating the traceability fingerprint and the means of the device for storing the fingerprint.
  • This traceability module is for example included in the RFID chip of the device to follow. It also includes here an identifier that can be used by the centralized information system (for example an identifier of the device).
  • the device to be followed further comprises means for activating and deactivating the traceability module.
  • the traceability module can advantageously take over (i.e. be activated) on the centralized information system, for events experienced by the device to be followed in remote areas or not connected to the centralized information system.
  • These zones are supposed to be provided with autonomous scanners compatible with the traceability module so as to be able to implement the marking method according to the invention.
  • the traceability module When returning the device to follow in areas covered by the centralized information system, the traceability module communicates the traceability footprint and the identifier of the device to the centralized information system. In this way, the information system can update a central database comprising all the events experienced by the device (after having interpreted the fingerprint using a control method according to the invention), for subsequent general validation (including events controlled by the centralized information system and out of control events). Following the reintegration of the device under the control of the centralized information system, the traceability module is deactivated (for example upon receipt of a predefined message from the information system).
  • This solution can also be implemented in the event of failure of the centralized information system, the device taking over from the information system until a return to normal of the information system.
  • the invention also applies to other types of events, such as, for example, a state or change of state of a physical parameter of a device (eg temperature, pressure, etc.) at during a single or multi-variable process (eg traceability of several physical parameters). It can be implemented by defining, for example, acceptance ranges of each of the monitored parameters for the duration of the process.
  • a state or change of state of a physical parameter of a device eg temperature, pressure, etc.
  • a single or multi-variable process eg traceability of several physical parameters.
  • the various events considered correspond to predefined instants for which the value of each monitored parameter is measured. This value can be measured directly by the traceability module (eg when it is integrated in a passive or active RFID tag).

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Debugging And Monitoring (AREA)
EP09769530A 2008-06-27 2009-06-22 Verfahren und system zur validierung des erfolgs von ereignissen in einem gerät Withdrawn EP2291744A2 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0854339A FR2933216B1 (fr) 2008-06-27 2008-06-27 Procede et systeme de validation d'une succession d'evenements vecus par un dispositif
PCT/FR2009/051188 WO2009156689A2 (fr) 2008-06-27 2009-06-22 Procede et systeme de validation d'une succession d'evenements vecus par un dispositif

Publications (1)

Publication Number Publication Date
EP2291744A2 true EP2291744A2 (de) 2011-03-09

Family

ID=40263235

Family Applications (1)

Application Number Title Priority Date Filing Date
EP09769530A Withdrawn EP2291744A2 (de) 2008-06-27 2009-06-22 Verfahren und system zur validierung des erfolgs von ereignissen in einem gerät

Country Status (9)

Country Link
US (1) US20110047200A1 (de)
EP (1) EP2291744A2 (de)
JP (2) JP5886626B2 (de)
KR (1) KR20110025179A (de)
CN (1) CN102077177B (de)
AU (1) AU2009264025B2 (de)
CA (1) CA2726832A1 (de)
FR (1) FR2933216B1 (de)
WO (1) WO2009156689A2 (de)

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7162035B1 (en) 2000-05-24 2007-01-09 Tracer Detection Technology Corp. Authentication method and system
US8171567B1 (en) 2002-09-04 2012-05-01 Tracer Detection Technology Corp. Authentication method and system
US7995196B1 (en) 2008-04-23 2011-08-09 Tracer Detection Technology Corp. Authentication method and system
FR2933216B1 (fr) * 2008-06-27 2012-12-21 Nicolas Reffe Procede et systeme de validation d'une succession d'evenements vecus par un dispositif
FR2970357B1 (fr) 2011-01-07 2013-01-11 Oridao Dispositif et procede de tracage
EP2498206A1 (de) * 2011-03-10 2012-09-12 Adalbert Gubo Verfahren und Vorrichtung zur Kontrolle von Mehrschrittprozessen
KR20140123723A (ko) * 2013-04-15 2014-10-23 한국전자통신연구원 충돌방지 알고리즘을 이용한 rf아이디 시스템에서 키 설립 방법
US9836750B2 (en) * 2013-04-24 2017-12-05 Hewlett-Packard Development Company, L.P. Validation in serialization flow
FR3035240B1 (fr) * 2015-04-15 2018-04-06 Rambus Inc. Procede de securisation de l'execution d'un programme
US9652644B2 (en) * 2015-07-29 2017-05-16 Palo Alto Research Center Incorporated Printable, writeable article for tracking counterfeit and diverted products
US9646310B2 (en) * 2015-07-29 2017-05-09 Palo Alto Research Center Incorporated Printable, writeable article for tracking counterfeit and diverted products
CN107622073A (zh) * 2016-07-15 2018-01-23 阿里巴巴集团控股有限公司 一种数据处理方法及装置
EP3864544B1 (de) * 2018-10-09 2023-09-20 Argo AI, LLC System zur überwachung der integrität einer ausführungssequenz

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000002236A2 (en) * 1998-07-07 2000-01-13 Memc Electronic Materials, Inc. Radio frequency identification system and method for tracking silicon wafers
US7134021B2 (en) * 1999-10-22 2006-11-07 Hitachi, Ltd. Method and system for recovering the validity of cryptographically signed digital data
JP2003267555A (ja) * 2002-03-12 2003-09-25 Omron Corp 情報記録担体、商品梱包物、リーダ/ライタ装置、ならびにリーダ装置
FR2841015A1 (fr) * 2002-06-18 2003-12-19 St Microelectronics Sa Controle d'execution d'un programme
NO320468B1 (no) * 2003-10-17 2005-12-12 Nat Oilwell Norway As System for overvakning og administrasjon av vedlikehold av utstyrskomponenter
JP2005242530A (ja) * 2004-02-25 2005-09-08 Hitachi Ltd 履歴記録システム、履歴記録方法、履歴記録プログラム、及び受領譲渡者用端末
US7142121B2 (en) * 2004-06-04 2006-11-28 Endicott Interconnect Technologies, Inc. Radio frequency device for tracking goods
JP2006103813A (ja) * 2004-09-30 2006-04-20 Hitachi Ltd 物品追跡情報格納方法および物品追跡情報格納システム
JP4235193B2 (ja) * 2005-06-07 2009-03-11 日本電信電話株式会社 イベント履歴蓄積装置、イベント情報検証装置、イベント履歴蓄積方法、イベント情報検証方法およびイベント情報処理システム
JP4111529B2 (ja) * 2005-07-01 2008-07-02 インターナショナル・ビジネス・マシーンズ・コーポレーション トレーサビリティ署名システム、署名方法、プログラム
CA2644320A1 (en) * 2006-03-31 2007-10-11 British Telecommunications Public Limited Company Method and device for obtaining item information using rfid tags
JP2008134726A (ja) * 2006-11-27 2008-06-12 Toshiba Corp トレーサビリティ情報記録装置、トレーサビリティ情報記録方法及びプログラム
JP5014081B2 (ja) * 2007-11-20 2012-08-29 三菱電機株式会社 データ処理装置及びデータ処理方法及びプログラム
FR2933216B1 (fr) * 2008-06-27 2012-12-21 Nicolas Reffe Procede et systeme de validation d'une succession d'evenements vecus par un dispositif

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None *

Also Published As

Publication number Publication date
WO2009156689A2 (fr) 2009-12-30
KR20110025179A (ko) 2011-03-09
AU2009264025B2 (en) 2015-01-15
JP5886626B2 (ja) 2016-03-16
JP2011526020A (ja) 2011-09-29
JP2014241655A (ja) 2014-12-25
CN102077177B (zh) 2015-02-11
CA2726832A1 (en) 2009-12-30
US20110047200A1 (en) 2011-02-24
FR2933216B1 (fr) 2012-12-21
AU2009264025A1 (en) 2009-12-30
WO2009156689A3 (fr) 2010-02-18
FR2933216A1 (fr) 2010-01-01
CN102077177A (zh) 2011-05-25
JP5944462B2 (ja) 2016-07-05

Similar Documents

Publication Publication Date Title
EP2291744A2 (de) Verfahren und system zur validierung des erfolgs von ereignissen in einem gerät
EP2795833B1 (de) Authentifizierungsverfahren zwischen einem lesegerät und einem funketikett
EP2149221A2 (de) Verfahren zur authentifizierung einer entität durch eine verifizierungsentität
WO2016102833A1 (fr) Entité électronique sécurisée, appareil électronique et procédé de vérification de l'intégrité de données mémorisées dans une telle entité électronique sécurisée
EP2816756A1 (de) Einmaliges kryptografisches Verfahren und einmalige kryptografische Vorrichtung mit einer physikalisch nicht wiederholbaren Funktion
EP1120662B1 (de) Verfahren zur Prüfung einer integrierten Schaltung mit vertraulichen Software- oder Hardware-elementen
EP2193626B1 (de) Sichere kommunikation zwischen einem elektronischen etikett und einem lesegerät
FR2979443A1 (fr) Microcontroleur securise a base de mode
CA2888662A1 (fr) Systeme et procede de securisation des echanges de donnees, objet portable utilisateur et dispositif distant de telechargement de donnees
EP2336931B1 (de) Verfahren zur Unterschriftenprüfung
FR2970357A1 (fr) Dispositif et procede de tracage
CA2867241A1 (fr) Procede de cryptage d'une pluralite de donnees en un ensemble securise
EP2374240B1 (de) Verfahren zum implementieren eines blockverschlüsselungsalgorithmus
EP3021515B1 (de) Verbesserung der authentischen integrität von daten anhand des letzten blocks, der diese daten im cbc-modus chiffriert
EP2859497A1 (de) Verfahren zur sicherstellung von daten ausserhalb einer sicheren mikroschaltung
EP4328771A1 (de) Verfahren zur ausführung eines maschinencodes durch einen rechner
FR3020888A1 (fr) Chiffrement d'une cle de protection de secrets protegeant au moins un element sensible d'une application
FR3080927A1 (fr) Authentification d'un circuit electronique
WO2022013072A1 (fr) Dispositif, méthode et programme pour une communication sécurisée entre boîtes blanches
FR2911021A1 (fr) Procede d'extraction d'un secret a partir de donnees biometriques
WO2003069841A1 (fr) Procede de detection des attaques par mise en defaut contre les algorithmes cryptographiques
WO2007026092A1 (fr) Authentification anonyme et non tracable retroactivement d'un objet electronique par une entite d'authentification
FR2995708A1 (fr) Dispositif delegataire et methode de delegation cryptographique
FR2992451A1 (fr) Procede pour tester le foncitonnement de pufs a partir de secure sketch
FR2924551A1 (fr) Procede de controle d'acces a au moins une fonction apte a etre mise en oeuvre par une carte a puce.

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20101021

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA RS

DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

17Q First examination report despatched

Effective date: 20170210

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: EXAMINATION IS IN PROGRESS

19U Interruption of proceedings before grant

Effective date: 20161014

19W Proceedings resumed before grant after interruption of proceedings

Effective date: 20211102

PUAJ Public notification under rule 129 epc

Free format text: ORIGINAL CODE: 0009425

32PN Public notification

Free format text: NOTIFICATION ETABLIE CONFORMEMENT A LA REGLE 142(2) CBE (REPRISE DE LA PROCEDURE CONFORMEMENT A LA REGLE 142(2) CBE EN DATE DU 07.06.2021)

RAP3 Party data changed (applicant data changed or rights of an application transferred)

Owner name: ORIDAO

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20220503