JP2010160673A - Tag system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent information falsification or spoofing during communication, and to easily discriminate whether or not an IC tag or a system is genuine. <P>SOLUTION: In a tag system wherein a server device 16 and the IC tag 12 are connected via a communication network 15 and perform authentication processing, a common data storage part of a device selected as a first device of the server device and the IC tag stores authenticating common data, an authenticating data generation part generates and transmits authenticating data to a device selected as a second device, and a first discrimination data generation part generates first authenticating discrimination data based on the authenticating data and the authenticating common data. A second discrimination data generation part of the second device generates second authenticating discrimination data based on the received authenticating data and the previously stored authenticating common data, and a transmission part transmits the second authenticating discrimination data to the first device. <P>COPYRIGHT: (C)2010,JPO&INPIT

Description

  The present invention relates to a tag system, and more particularly, to a tag system that performs communication with a server apparatus using an active wireless tag.

Conventionally, various systems for authenticating an IC tag have been proposed in a system using an IC tag having a wireless communication function.
For example, Patent Document 1 proposes using DNA information as authentication information recorded on an IC tag for authenticating products. Further, Patent Document 2 proposes that an IC tag is used as a code recording medium for tracing a member of a product or the like and a database system thereof. Patent Document 3 discloses a configuration in which falsification and forgery countermeasure information is added to an IC tag in order to ensure product traceability.
JP 2002-253203 A Japanese Patent Laid-Open No. 2004-29860 JP 2005-267153 A

However, neither of these techniques is a countermeasure against falsification or impersonation of information during actual wireless communication, and authentication itself cannot be performed correctly if the IC tag or the system side is not authentic. There was a problem.
Accordingly, an object of the present invention is to provide a tag system that can prevent information falsification and impersonation during communication and can easily determine whether an IC tag or a system is genuine.

  In order to solve the above-described problems, a first aspect of the present invention is a tag system in which a server device and an active IC tag are connected via a wireless communication network including a reader / writer device to perform an authentication process. And the IC tag can be selected to function as a first device on the authentication side and the other function as a second device on the authentication side. Based on a common data storage unit that stores authentication common data, an authentication data generation unit that generates and transmits authentication data to the second device, the authentication data, and the authentication common data A first determination data generation unit that generates first authentication determination data, the first authentication determination data, and the second authentication determination data received from the second device are compared. An authentication unit that performs authentication of the second device, and the second device generates second authentication determination data based on the received authentication data and pre-stored authentication common data A second determination data generation unit, and a transmission unit that transmits the second authentication determination data to the first device.

According to the above configuration, the common data storage unit of the device selected as the first device stores the authentication common data.
The authentication data generation unit generates and transmits authentication data to the device selected as the second device, and the first determination data generation unit is based on the authentication data and the authentication common data. To generate first authentication determination data.
On the other hand, the second determination data generation unit of the second device generates second authentication determination data based on the received authentication data and the pre-stored authentication common data, and the transmission unit receives the second authentication data. The discrimination data is transmitted to the first device.
As a result, the authentication unit of the first device compares the first authentication determination data with the second authentication determination data received from the second device, and authenticates the second device.
Therefore, the device selected as the first device can reliably authenticate the device selected as the second device without being affected by information falsification or impersonation during communication. Furthermore, if the first device and the second device are interchanged, mutual authentication is possible.

According to a second aspect of the present invention, in the first aspect, when the first device is authenticated, the first device includes a notification unit that notifies the second device to that effect, The second apparatus includes a display unit that displays that the authentication has been performed based on the notification from the notification unit.
According to the above configuration, when the second device is authenticated, the notification unit of the first device notifies the second device to that effect, whereby the display unit of the second device Based on the notification by the notification unit, the fact that the authentication has been performed is displayed.
Therefore, it can be grasped that the authentication is easily performed on the second device side.

According to a third aspect of the present invention, in the first aspect or the second aspect, the reader / writer device is configured as an active IC tag connected to the server device via a communication network, and the first device or Inter-tag communication is performed with an IC tag that functions as the second device.
According to the above configuration, since the reader / writer device is configured as an active IC tag, the system construction is facilitated while reducing the system cost.

According to a fourth aspect of the present invention, in the tag system according to any one of the first to third aspects, the server device performs merchandise management, and the first device or the second device A functioning IC tag stores information on a corresponding product and is configured as an embedded tag embedded in the product.
Therefore, the server device side can easily authenticate that the product is genuine, and the IC tag side (product side) can authenticate that the server device is authentic.

According to a fifth aspect of the present invention, in the tag system according to the first aspect, the IC tag includes a battery that supplies power, a supply wiring that includes battery terminals and supplies the power, and the power supply via the supply wiring. A volatile storage device that stores the authentication common data by being supplied, and the battery, the supply wiring, and the storage device are integrally packaged by a resin packaging material. It is characterized by.
According to the above configuration, since the IC tag is integrally packaged with the resin package material, the battery terminal is electrically disconnected from the battery or the supply wiring is disconnected when the package material is peeled off. Therefore, the authentication common data is not lost from the storage device and read illegally.

Next, preferred embodiments of the present invention will be described with reference to the drawings.
FIG. 1 is a schematic block diagram of the tag system.
The tag system 10 includes an active IC tag 12 attached to a product 11 and an active IC tag 13, an information terminal device 14 configured as a personal computer, and the information terminal device 14, such as the Internet. And a server device 16 connected via the communication network 15.
Here, the product 11 is a so-called brand product, and its value greatly fluctuates depending on its authenticity. The tag system 10 of this embodiment is an authenticity for determining whether or not it is a genuine product. It is configured as a judgment system.

FIG. 2 is a block diagram of a schematic configuration of an IC tag attached to a product.
The IC tag 12 is attached by sewing or the like in a place where the product 11 cannot be easily removed. The IC tag 12 is packaged with resin so that there is no problem even if it is cleaned or wet.
In the resin package 20 of the IC tag 12, a battery 21 that supplies power for operation to each part, and a power supply wiring 22 that is arranged at a predetermined distance from the battery 21 and includes battery terminals 22 A and 22 B and a wiring pattern 22 C. An RF unit 25 that is connected to a RAM 23 to which backup power is supplied via a loop antenna (or an antenna pattern) 24 and is connected to an external device (IC tag 13 in this embodiment); The control part 26 which controls each part of the tag 12 centrally, the operation part 27 which has a membrane switch etc., and the indicator part 28 which has LED are provided.

Here, of the power supply wiring 22 including the battery terminals 22A and 22B, at least the battery terminals 22A and 22B are integrated with the resin package 20 which is an exterior, and the battery 21 and the battery terminal 22A are separated by peeling of the resin package 20. , 22B contact is easily interrupted. Alternatively, the wiring pattern 22 </ b> C is easily cut by peeling off the resin package 20. Further, the RAM 23 is configured as a volatile memory such as an SRAM. These are made from the viewpoint of ensuring security. When the resin package 20 is peeled off, the supply of backup power is cut off and the contents stored in the RAM 23 (programs and various parameters including seed values for generating pseudo-random numbers) are stored. This is to ensure erase and prevent reading.
The resin package 20 is preferably a completely waterproof type that is often used for linen tags that can withstand cleaning and the like. More specifically, engineering plastics (for example, PPS resin) that can withstand high temperatures and solvents are used.
The RF unit 25 includes an RF circuit and a baseband circuit for wireless communication (not shown). Under the control of the control unit 26, the current flowing through the loop antenna 24 is changed to cause a change in the magnetic field, thereby causing an external device and Radiates radio waves for electromagnetic communication.
The control unit 26 includes a CPU as a program execution unit, a RAM used as a work area for the CPU, a ROM for storing various programs, and the like.

Here, the functional configuration of the IC tag 12 will be described.
FIG. 3 is a functional block diagram of an IC tag attached to a product. In FIG. 3, the broken line represents the signal of the control system.
The IC tag 12 authenticates an external device with a unique ID storage unit 31 that stores a unique tag ID, a random number seed value storage unit 32 that stores a random number seed value SP1 that becomes a seed for generating a pseudo random number value, and the like. The verification random number seed value SP2 (common data for authentication) used in this case can be updated and a pseudo random number value is generated as a challenge value CH2 based on the random number seed value storage unit 33 and the random number seed value SP1 and verified. A pseudo random number generation block unit 34 that generates a pseudo random number value SP2X for authentication from the random number seed value SP2 for authentication and updates it as a new random number seed value SP2 for verification, the operation unit 27, the indicator unit 28, When self is the authenticated side, the response value RE1 is generated based on the challenge value CH1 input from the server device 16 and transmitted to the server device 16, and the self is the authenticating side. In this case, based on the pseudo random number value SP2X and the challenge value CH2 generated by the pseudo random number generation block unit 34, the calculation unit 36 that generates the verification response value PER2, and the authentication target when the self is the authentication side The comparison between the transmitted response value RE2 and the verification response value RER2 generated by the calculation unit 36 and controlling the indicator unit 28 based on the comparison result, and the IC tag 13 of the information terminal device 14 And a control unit 39 for centrally controlling each unit.
Here, unlike the challenge value CH1, the predetermined algorithm common to the verification random number seed value SP2 and the server device 16 needs to be strictly concealed from a third party. Further, the pseudo random number generation block unit 34 generates a pseudo random number sequence using, for example, cryptographic logic or a hash function that operates in the OFB mode. For example, in the OFB mode, the calculation unit 36 generates the response value RE1 by taking the exclusive OR (XOR) of the verification random seed value SP2 and the challenge value CH1 and then passing it through the hash function. It becomes.

FIG. 4 is a schematic configuration block diagram of an IC tag built in the information terminal device.
As shown in FIG. 3, the IC tag 13 has the same configuration as the control unit 41 that centrally controls each part of the IC tag 13 and the RF unit 25 of the IC tag 12. An RF unit 43 that communicates with the tag 12, an interface unit 44 that performs an interface operation with the information terminal device 14, and a RAM 45 that temporarily stores various types of information are included.
The control unit 41 includes a CPU as a program execution unit, a RAM used as a work area for the CPU, a ROM for storing various programs, and the like.

Here, the functional configuration of the server device 16 will be described.
FIG. 5 is a functional block diagram of the server device.
The server device 16 functions as an authentication server device, and a tag ID that temporarily stores a tag unique ID of the network interface unit 51 for performing communication via the communication network 15 and the IC tag 12 to be authenticated. A temporary storage unit 52, a tag ID-seed value correspondence database unit 53 that stores a correspondence relationship between a tag unique ID and a random seed value SP12 (= SP2) for generating a pseudo-random number, and a pseudo-random value when generating a pseudo-random value The random number seed value storage unit 54 that stores the seed random number seed value SP11 has the same configuration as the pseudo random number generation block unit 34, and generates a pseudo random number value as the challenge value CH1 based on the random number seed value SP11. The pseudo random number value SP12X for authentication is generated from the random number seed value SP12, and the tag ID-seed value correspondence is created as a new random number seed value SP12 for verification. A pseudo-random number generation block unit 55 that updates the relational database unit 53, and a challenge value CH2 and a random number seed value SP12 (= SP2) input from the IC tag 12 via the information terminal device 14 when the self-authentication side is the authenticated side. ) Based on a predetermined algorithm common to the IC tag 12, generates a response value RE 2 and transmits it to the IC tag 12. Based on the generated pseudo-random value SP12X and the challenge value CH1, the calculation unit 56 that generates the response value PER1 for verification, and the response value RE1 and the calculation unit 56 that are transmitted from the authentication target when the self is the authentication side A comparison unit 57 that compares the generated verification response value RER1 and a control unit 58 that centrally controls each unit are provided.

Next, the operation of the embodiment will be described.
In the following description, it is determined whether or not the product is authentic by using the authentic information terminal device 14 and the authentic server device 16 and whether or not the information terminal device and the server device are authentic. 11 will be described separately.
First, a case will be described in which whether or not a product is authentic is determined using the authentic information terminal device 14 and the authentic server device 16.
In this case, it is assumed that the operator who performs authentication has the genuine information terminal device 14 and is connected to the URL of the server device 16 designated by the operator through the communication network. In this case, the communication speed between the information terminal device 14 and the server device 16 is set to a relatively low communication speed so that the number of accesses that can be performed per unit time can be suppressed. Specifically, for example, the communication speed is 9.6 kbs or less. As a result, it is possible to suppress unauthorized estimation of a seed value for generating a pseudo-random number from a response value obtained by repeating unauthorized access and transmitting a challenge value. Further, when the number of accesses is limited, the number of accesses that can be made within a certain period of time may be determined in advance.

FIG. 6 is a processing flowchart in the case of determining whether or not a product is genuine using a genuine information terminal device and a genuine server device.
First, when a product authentication application is executed in the information terminal device 14, the IC tag 13 of the information terminal device communicates with the IC tag 12 and requests transmission of a unique ID tag (step S11).
Thus, the IC tag 12 reads the tag unique ID from the tag unique ID storage unit and transmits it via the transceiver.
Thereby, the information terminal device 14 transmits the received tag unique ID of the IC tag 12 to the server device 16 via the communication network (step S12).

Accordingly, the network interface unit 51 of the server device 16 stores the received tag unique ID of the IC tag 12 in the tag ID temporary storage unit 52 (step S13).
Then, the control unit 58 reads the random number seed value SP11 from the random number seed value storage unit 54, and the pseudo random number generation block unit 55 generates a pseudo random number as the challenge value CH1 based on the read random number seed value SP11 ( Step S14).
Accordingly, the control unit 58 transmits the challenge value CH1 generated by the pseudo random number generation block unit 55 to the information terminal device 14 via the network interface unit 51 and the communication network 15, and the information terminal device 14 The challenge value CH1 received from is transferred to the IC tag 12 via the IC tag 13 (step S15).

Accordingly, the control unit 39 of the IC tag 12 outputs the challenge value CH1 received via the transceiver unit 38 to the calculation unit 36.
The computing unit 36 generates a response value RE1 based on the pseudo random number value SP2X and the challenge value CH1 by a predetermined algorithm common to the server device 16 (for example, an exclusive OR is passed through a hash function) ( Step S16).
Subsequently, the control unit 39 transmits the generated response value RE1 to the IC tag 13 of the information terminal device 14 again via the transceiver unit 38, and the information terminal device 14 transmits the received response value via the communication network 15. The data is transmitted to the server device 16 (step S17).

When receiving the response value RE1 generated by the IC tag 12 via the network interface unit 51, the control unit 58 of the server device 16 outputs the response value RE1 to the comparison unit 57.
As a result, the control unit 58 refers to the tag ID-species value correspondence database unit 53 based on the tag unique ID of the IC tag 12 stored in the tag ID temporary storage unit 52, and currently corresponds to the tag unique ID. The pseudo-random number generation block SP 55 generates a pseudo-random number value SP12X for authentication from the verification random number seed value SP12 and updates it as a new verification random number value SP12. . The calculation unit 56 generates a response value PER1 for verification based on the pseudorandom value SP12X and the challenge value CH2 by using a predetermined algorithm common to the IC tag 12 (for example, exclusive OR is passed through a hash function). Then, it outputs to the comparison part 57 (step S18).
As a result, the comparison unit 57 compares the response value RE1 generated by the IC tag 12 with the verification response value RER1, and when the response value RE1 generated by the IC tag 12 matches the verification response value RER1. (Step S20; Yes), the random number seed value and the predetermined arithmetic expression (function) in the arithmetic unit 36 of the IC tag 12 coincide with the random seed value and arithmetic expression stored in the server device 16. The product 11 is authenticated as a genuine product, and a genuine product authentication process is performed (step S21). In the above description, the challenge value CH1 and the challenge value CH13 are described as matching if they are genuine products 11, but when the product 11 or the server device 16 is illegally accessed. May be inconsistent due to the random seed value being updated. In preparation for such a case, it is also possible to store a series of a plurality of random number seed values associated with the update, and authenticate that they are authentic if they match within this range. .

In this case, the control unit 58 of the server device 16 notifies the information terminal device 14 that the authentication has been made, and an indication that the product 11 is a genuine product is displayed on a display (not shown) of the information terminal device. Therefore, the operator having the genuine information terminal device 14 can easily grasp the fact.
On the other hand, if the response value RE1 generated by the IC tag 12 and the verification response value PER1 do not match (step S20; No), the random number seed value or the predetermined algorithm in the calculation unit 36 of the IC tag 12 is: Since the random number seed value or algorithm stored in the server device 16 does not match and is different, the product 11 is determined to be fake and is not authenticated.
In this case, the control unit 58 of the server device 16 notifies the information terminal device 14 that the authentication has not been made, and the display (not shown) of the information terminal device indicates that the product 11 is a fake product. Since the display is made, the operator having the genuine information terminal device 14 can easily grasp the fact.

According to the above procedure, whether or not the product is authentic can be easily determined using the authentic information terminal device 14 and the authentic server device 16.
Therefore, it is possible to carry out business without anxiety that a fake product is caught by mistake. Or it can be easily shown to the customer who intends to purchase the product 11 that it is a genuine product.

Next, a case where it is determined whether or not the information terminal device and the server device are authentic using the genuine product 11 will be described.
In this case, it is assumed that the operator who performs authentication possesses a product that has been authenticated as authentic.
FIG. 7 is a processing flowchart in the case of determining whether or not the information terminal device and the server device are authentic using a genuine product.
First, the operator performs an authentication instruction operation via the operation unit 27 of the IC tag 12 of the genuine product 11 (step S31).
Thereby, the pseudo random number generation block unit 34 of the IC tag 12 generates the challenge value CH2 based on the random number seed value SP1 and outputs it to the calculation unit 36. Further, the pseudo random number generation block unit 34 generates an authentication pseudo random number value SP2X from the verification random number seed value SP2, and updates it as a new verification random number seed value SP2. (Step S32).

Subsequently, the control unit 39 transmits the challenge value CH2 generated by the pseudo random number generation block unit 34 to the information terminal device 14 via the transceiver unit 38, and the information terminal device 14 transmits the received challenge value CH2 via the communication network. To the server device 16 (step S33).
Accordingly, when the network interface unit 51 of the server device 16 receives the received challenge value CH2 from the IC tag 12, the control unit 58 outputs the received challenge value CH1 to the calculation unit 56.
The computing unit 56 performs computation on the input challenge value CH2 using a predetermined algorithm, and generates a response value RE2 (step S34).

Subsequently, the control unit 58 transmits the generated response value RE2 to the information terminal device 14 again via the network interface unit 51, and the information terminal device 14 sends the received response value RE2 to the IC tag 12 via the IC tag 13. (Step S35).
When the control unit 39 of the IC tag 12 receives the response value RE2 generated by the server device 16 via the transceiver unit 38, the control unit 39 outputs the response value RE2 to the comparison unit 37.
On the other hand, the calculation unit 36 uses a predetermined algorithm common to the server device 16 based on the pseudo random number value SP2X and the challenge value CH2 (for example, an exclusive OR is passed through a hash function) and a verification response value PER2 Is output to the comparison unit 37 (step S36).
As a result, when the response value RE2 generated by the server device 16 matches the verification response value RER2 (step S38; Yes), the random number seed value and the predetermined algorithm in the calculation unit 56 of the server device are self- Therefore, the information terminal device 14 and the server device 16 are authenticated as a genuine system and a genuine system authentication display is made (step S39).

In this case, the control unit 39 of the IC tag 12 turns on the indicator unit 28 in a predetermined manner to the effect that the authentication has been made, and the operator having the genuine product 11 can easily grasp the fact. It becomes.
On the other hand, when the response value RE2 generated by the server device 16 and the response value for verification RER2 do not match (step S38; No), the random number seed value or the predetermined algorithm in the calculation unit 36 of the IC tag 12 is: Since the random number seed value and the predetermined algorithm in the calculation unit 56 of the server device do not match and differ, the system is judged to be fake and is not authenticated.

In this case, the control unit 39 of the IC tag 12 turns on the indicator unit 28 in a predetermined manner to indicate that the authentication has been performed, or remains off, so that the operator having the genuine product 11 It will be possible to easily grasp the effect.
According to the above procedure, it is possible to easily determine whether or not the system is authentic by using the genuine product 11.
Therefore, it is possible to show the fake product fake authentication process by using the fake system, and it is possible to purchase the product in peace without being caught by the fake product.
As described above, according to the present embodiment, it is possible to easily determine whether the product is a genuine product or a genuine system by using a normal authentication process.

In addition, communication access for internal analysis by an unauthorized server device or an unauthorized information terminal device to the IC tag 12 attached to the genuine product 11 is rejected by server authentication in the IC tag 12, and thus continues. It is impossible to perform internal analysis easily. In addition, after such communication access occurs, the legitimate server device 16 can easily detect how far the pseudorandom number sequence in the IC tag 12 has advanced based on the generation logic in the server device 16.
In the above description, pseudo-random numbers using random number seed values are used to generate the challenge values CH1 and CH2. However, if the values are updated at any time (ideally, random values) that cannot be predicted, Any value such as time information can be used.

It is a general | schematic block diagram of a tag system. It is a general | schematic block diagram of the IC tag attached to the goods. It is a functional block diagram of an IC tag attached to a product. FIG. 5 is a functional block diagram of the server device. It is a general | schematic block diagram of the IC tag built in an information terminal device. It is a functional block diagram of a server apparatus. It is a process flowchart in the case of discriminating whether a goods is genuine using a genuine information terminal device and a genuine server device. It is a process flowchart in the case of discriminating whether an information terminal device and a server apparatus are authentic using genuine goods.

  DESCRIPTION OF SYMBOLS 10 ... Tag system, 11 ... Product, 12 ... IC tag, 13 ... IC tag, 14 ... Information terminal device, 15 ... Communication network, 16 ... Server device, 20 ... Resin package, 21 ... Battery, 22 ... Power supply wiring, 22A ... battery terminal, 22C ... wiring pattern, 23 ... RAM, 24 ... loop antenna, 25 ... RF part, 26 ... control part, 27 ... operation part, 28 ... indicator part, 31 ... unique ID storage part, 32 ... random number seed Value storage unit 33... Verification random number seed value storage unit 34... Pseudo random number generation block unit 36... Operation unit 37 37 Comparison unit 38 Transceiver unit 39 Control unit 41 Control unit 42 Loop Antenna, 43 ... RF unit, 44 ... Interface unit, 45 ... RAM, 51 ... Network interface unit, 52 ... Tag ID temporary storage unit, 53 ... ID-species value correspondence database unit, 54 ... random number seed value storage unit, 55 ... pseudorandom number generation block unit, 56 ... calculation unit, 57 ... comparison unit, 58 ... control unit, CH1 to CH3, CH13 ... challenge value ( Authentication data), RE1, RE2,... Response values (second authentication determination data), RER1, RER2,... Verification response values (first authentication determination data).

Claims (5)

In a tag system in which a server device and an active IC tag are connected via a wireless communication network including a reader / writer device to perform authentication processing,
Either one of the server device and the IC tag can function as a first device on the authentication side, and the other can function as a second device on the authentication side.
The first device includes a common data storage unit that stores authentication common data;
An authentication data generation unit that generates and transmits authentication data to the second device;
A first determination data generating unit that generates first authentication determination data based on the authentication data and the authentication common data;
An authentication unit that compares the first authentication determination data with the second authentication determination data received from the second device and performs authentication of the second device;
The second device includes a second determination data generation unit that generates second authentication determination data based on the received authentication data and pre-stored authentication common data;
A transmission unit for transmitting the second authentication determination data to the first device,
Tag system characterized by that. The tag system according to claim 1, wherein
When the first device is authenticated, the first device includes a notification unit that notifies the second device to that effect,
The tag system, wherein the second device includes a display unit that displays that the authentication has been performed based on the notification from the notification unit. The tag system according to claim 1 or 2,
The reader / writer device is configured as an active IC tag connected to the server device via a communication network, and performs inter-tag communication with the IC tag functioning as the first device or the second device. Tag system characterized by. The tag system according to any one of claims 1 to 3,
The server device performs product management,
The IC tag that functions as the first device or the second device stores information about the corresponding product, and is configured as an embedded tag embedded in the product.
Tag system characterized by that. The tag system according to claim 1, wherein
The IC tag includes a battery for supplying power,
Supply wiring for supplying the power including battery terminals;
A volatile storage device that stores the authentication common data when the power is supplied through the supply wiring;
The tag system, wherein the battery, the supply wiring, and the storage device are integrally packaged by a resin packaging material.

Images