JP4763453B2 - Data falsification prevention method and data falsification prevention system - Google Patents

Description

  The present invention relates to a data falsification preventing method and a data falsification preventing system, and in particular, data falsification capable of preventing falsification of data written in an RFID tag attached to a product and obtaining accurate product history information. The present invention relates to a prevention method and a data falsification prevention system.

  As RFID (radio-frequency identification) tags or IC tags are becoming smaller and cheaper, their application to various fields is expanding. For example, an RFID tag is attached to a product itself or its packaging or container, and various information about the product is stored in the RFID tag, thereby being used for managing the history of the product.

For example, it is known to record the history data that accompanies the distribution of the product on an RFID tag fixed to the reproducible product to manage the distribution of the reproducible product ( For example, see Patent Document 1).
JP 2005-228026 A

  As described above, when the historical data of the product is recorded on the RFID tag, every time the product passes through each process, an opportunity (possibility) of falsifying the data occurs. For this reason, as a result, falsification of data stored in the RFID tag cannot be prevented.

  As described above, prevention of falsification of data stored in the RFID tag depends on the good intentions of the operator, and thus cannot be effectively countered by a malicious person. That is, it cannot be said that the traceability of the product is completely compensated. On the other hand, according to the study of the present inventor, a new data structure capable of managing the product and data more closely is adopted as the data structure of the data stored in the RFID tag. Thus, it has been found that data tampering can be effectively prevented with relatively simple means.

  An object of the present invention is to provide a data falsification preventing method capable of preventing falsification of data written in an RFID tag attached to a product and obtaining accurate product history information.

  It is another object of the present invention to provide a data falsification preventing system that can prevent falsification of data written in an RFID tag attached to a product and obtain accurate product history information.

The data falsification preventing method of the present invention prevents data falsification of data written in an RFID tag attached to a product circulating at least the i (i is a positive integer) step and the subsequent (i + 1) step. Is the method. That is, in correspondence of the i-th reading and writing device to the i-th step, and the (i + 1) -th step different from the i-th reading and writing device (i + 1) th reading and writing device To correspond. An encryption key table including a set of encryption keys used for reading and writing encrypted data of the RFID tag is stored in the i-th and (i + 1) -th reading / writing devices, and in the i-th step, i-th reading and writing device is, in the storage area of the RFID tag, the past data area only read that may of data in the i-th step in the previous step a region that has been written with data, the using the encryption key included in the encryption key table, reads the written data, and deletes the encryption key used for the reading from the encryption key table, the i-th a region other than the historical data area of the current data area capable of writing data in the process is the encryption key used in the reading remove Using said one of the cryptographic key contained in the cipher key table, basic information comprising basic information of the product in the i-th step, the history information comprising a history of the product was, and, the production User data in the i-th process is written , which is illegal copy prevention information for preventing illegal copying of the product and is a value representing the number of the products in the i-th process. In the (i + 1) -th step, the (i + 1) -th reading / writing device includes the (i + 1) -th previous data area and the current data area in the i-th step in the RFID tag storage area. ) For the new past data area in the second step , the written user data is read using the encryption key included in the encryption key table, and the encryption key used for the reading is deleted from the encryption key table. for said a new area other than the historical data area (i + 1) th new current data area in the step, any encryption keys included in the encryption key table encryption key used is removed to the reading or using a repeated writing of the user data in the (i + 1) -th process

  Preferably, in the data falsification preventing method of the present invention, the user data further includes manufacturing instruction information including instructions for manufacturing and processing the product.

Preferably, the data alteration prevention method of the present invention, before Symbol the anti-piracy information written in the first area within the past data area, made from a maximum value of a value representing the number of the product, the reading The writing device calculates the sum of the one or more illegal copy prevention information written in the past data area excluding the maximum value and the illegal copy prevention information written in the current data area as the maximum Equal to the value.

  Preferably, in the data falsification preventing method of the present invention, the i-th and (i + 1) -th reading / writing devices each include the basic information, history information, and illegal copy prevention information using a unique encryption key. User data in the i-th and (i + 1) -th steps is encrypted and written.

The data falsification preventing system of the present invention includes at least an RFID tag attached to a product distributed in an i-th process, an i-th reading / writing device corresponding to the i-th process, and the i-th reading book. And an encryption key table including a set of encryption keys used for reading and writing the encrypted data of the RFID tag stored in the embedded device. In the i-th process, the i-th read / write device is an area where data is written in the previous process in the storage area of the RFID tag, and only reads data in the i-th process. About the possible past data area , the written user data is read using the encryption key included in the encryption key table, and the encryption key used for the reading is deleted from the encryption key table, and the past data area Any of the encryption keys included in the encryption key table in which the encryption key used for the reading is deleted for the current data area that is the area other than the area where data can be written in the i-th step used as a key, the basic information consisting of basic information of the product in the i-th step History information consisting of the history of the product, and the user in the i-th step of a piracy prevention information for preventing illegal copy of the product of values representative of the production the number of the i-th step data is written to encrypted.

Preferably, in the data falsification preventing system of the present invention, the data falsification preventing system further includes one or a plurality of i th mobile terminals corresponding to the i th step. The i-th portable terminal distributes the unique encryption key used by the i-th read / write device from the i-th read / write device, and from the RFID tag , the unique encryption key. The user data in the i-th step that is encrypted and written using is read out using the distributed unique encryption key, is decrypted, and the user data in the i-th step is referred to.

Preferably, in the data falsification preventing system of the present invention, the data falsification preventing system further includes a register system formed integrally with the (i + 1) th read / write device corresponding to the (i + 1) th step . The register system writes sales information of the product as part of user data in the (i + 1) -th process in the storage area of the RFID tag .

Preferably, in the data falsification preventing system of the present invention, the data falsification preventing system further includes a register system integrally formed with the (i + 1) th read / write device corresponding to the (i + 1) th step, And an erasing device provided to pass after passing through the register system and erasing all information written in the RFID tag. The register system uses the encryption key included in the encryption key table to write the past data area in the storage area of the RFID tag that can only read data in the (i + 1) -th process. After the data is read and settled using the read user data , the erasing device erases all information written in the RFID tag.

  According to the data falsification preventing method of the present invention, in each process, the reading / writing device corresponding to the process sets the area where data has been written in the previous process as the past data area where only data can be read. Other areas are set as current data areas into which data can be written, and in addition, user data including illegal copy prevention information is written into the current data area. In this way, by adopting a new data structure that can manage the product and data more closely, the reading / writing device will be different for different processes, and as a result, The area in which data is written in the step is an area where only data can be read (past data area). Thereby, the opportunity to tamper with data when the product passes through each process can be eliminated. Therefore, falsification of data stored in the RFID tag can be effectively prevented regardless of the operator's awareness.

  Further, according to the data falsification preventing method of the present invention, the user data includes manufacturing instruction information including instructions for manufacturing and processing the product. In the subsequent process, it is possible to read the area in which data was written in the previous process (past data area), so the manufacturing instruction information indicates the information to be instructed (contacted) from the previous process to the subsequent process. It is possible to reliably notify the subsequent process.

  Further, according to the data falsification preventing method of the present invention, the illegal copy prevention information written in the first area in the past data area has a maximum value that can divide the product, and is written in the past data area. Alternatively, the sum of the plurality of illegal copy prevention information and the illegal copy prevention information written in the current data area is made equal to the maximum value. As a result, the data stored in the RFID tag cannot be tampered with above the maximum value, and as a result, the product cannot be divided beyond the maximum value.

  Further, according to the data falsification preventing method of the present invention, the i-th and (i + 1) th read / write devices respectively use the unique encryption key to transfer user data in the i-th and (i + 1) -th steps. Encrypt and write. As a result, the storage area of the RFID tag is separated into a past data area where only data can be read and a current data area where data can be written, and illegal copy prevention information is written into the current data area. Thus, by using a unique encryption key for each process, data tampering can be prevented more effectively.

  According to the data falsification preventing system of the present invention, the i-th reading / writing device corresponding to the i-th process sets the area where data has been written in the previous process as the past data area where only data can be read. The other area is set as a current data area where data can be written, and user data including illegal copy prevention information is encrypted and written in the current data area using a unique encryption key. As a result, as described above, the area where data has been written in the previous process is an area where only data can be read, so that an opportunity to tamper with the data when the product passes through each process. This can effectively prevent falsification of data stored in the RFID tag.

  In addition, the data falsification preventing system of the present invention further includes an i-th portable terminal corresponding to the i-th process. The i-th portable terminal reads and decrypts the user data in the i-th process using a unique encryption key, and refers to the user data in the i-th process. Thereby, user data can be referred from a portable terminal having an RFID tag reading function (reader) without any limitation. For example, at the storefront of a store, the final consumer can refer to the history information of the product to be purchased using the portable terminal.

  The data falsification preventing system of the present invention further includes a register system formed integrally with the reading / writing device. The register system writes product sales information as user data in the (i + 1) -th process. Thereby, for example, the sales price to the final consumer can be written in the RFID tag as user data, and the sales price to the final consumer can be known at any time after that, for example, in buying and selling second-hand goods.

  The data falsification preventing system of the present invention further includes a register system formed integrally with the (i + 1) th read / write device, and an erasing device provided so as to pass through the register system. After the register system settles, the erasing device erases all information written to the RFID tag. As a result, for example, after sales to the final consumer, all information written on the RFID tag can be erased to prevent unnecessary leakage of the information. It can be made unnecessary.

  FIG. 1 shows the configuration of a data falsification preventing system of the present invention that implements the data falsification preventing method of the present invention. FIG. 2 is an explanatory diagram of the data falsification preventing method of the present invention.

  As shown in FIG. 1, the data falsification prevention system includes an RFID tag 1 attached to a product 100 and a reading / writing device (reader / writer) 2 for the RFID tag 1. The product 100 circulates at least the i-th process. The i-th process is, for example, the current process. The i-th process uses a unique encryption key 30i as described later.

  Here, i is a positive integer and takes a value of 1 to n. That is, when i = 1, the process represents the first process, and when i = n, the process represents the final process. The reading / writing device 2 corresponding to the i-th process is represented as a reading / writing device 2i by adding a symbol i. The same applies to other devices or parts.

  A process refers to each stage in the distribution of the product 100 to which the RFID tag 1 is attached. For example, production, processing, wholesale, retail, etc. Moreover, it is possible to divide the wholesale into primary wholesale and secondary wholesale. That is, the system administrator and / or user can freely define the process. A process can be restated as a layer, a hierarchy, a process, or the like.

  Therefore, the product 100 actually circulates a plurality of steps (first to nth steps) including at least the i-th step and the (i + 1) -th step following this. For example, a plurality of processes including the i-th and (i + 1) -th processes are associated with a plurality of read-write apparatuses 2 including the i-th and (i + 1) -th read / write apparatuses 2 i and 2 (i + 1), respectively. . The plurality of reading / writing devices 2 are different from each other.

  That is, the plurality of reading / writing devices 2 encrypt predetermined information using mutually different encryption keys 30 as described later. In other words, when different encryption keys 30 are used, it can be said that the process is different. Since the plurality of read / write devices 2 are the same device except that they use different encryption keys 30, the i-th read / write device 2 will be mainly described below.

  The first reading / writing device 21 performs the following processing on the RFID tag 1 in a process corresponding to the first reading / writing apparatus 21, that is, the first process (i = 1). As shown in FIG. 2A, nothing is written in the RFID tag 1 (or a tag ID may be written (for example, at the head)). The reading / writing device 21 writes the encryption ID at the head of the RFID tag 1 as shown in FIG. The remaining area where the encryption ID is not written is the storage area of the RFID tag 1 and the current data area Ri (i = 1 because R = 1) in the reading / writing device 21.

  The i-th reading / writing device 2 i performs the following process on the RFID tag 1 in the corresponding process, that is, the i-th process. That is, as shown in FIG. 2D, the i-th reading / writing device 2i stores the areas R1 to R (i-1) in which data has been written in the previous process, as shown in FIG. The past data area is set as the current data area. The past data areas R1 to R (i-1) are areas where only reading of data in the i-th process is possible. The current data area Ri is an area where data can be written in the i-th process. FIG. 2C shows a state where the current data area R1 of the first process is set as the past data area R1 of the second process in the second process (i = 2) (the current data area Is R2.)

  In other words, in the present invention, the i-th reading / writing device 2i does not have a function of overwriting data in the storage area of the RFID tag 1 for the past data areas R1 to R (i-1), and It has only a function of reading data, and has a function of writing data for the current data area Ri.

  In this example, the past data areas R1 to R (i-1) are the head side of the storage area of the RFID tag 1, and the past data areas R1, R2, ... R (i-2), R (i- Stored in the order of 1). The current data area Ri is an area following the past data area R (i−1) and is an area up to the end of the storage area of the RFID tag 1. There is no need to write data to all of the current data area Ri. The size (length) of each of the past data areas R1 to R (i-1) is a variable length. Therefore, the current data area Ri is also variable length.

  The i-th reading / writing device 2i encrypts and writes the user data Ui in the i-th process using the unique encryption key 30i in the current data area Ri. As shown in FIG. 2D, the user data Ui has a character “beginning” surrounded by tags “<” and “>” inserted at the beginning thereof, and tags “<” and “>” at the end thereof. The character “End” surrounded by is inserted. <Start> is special control information indicating the head of data, and thus indicates the start (head) of the user data Ui. <End> is special control information indicating the end of data, and indicates the end (end) of the user data Ui. Note that various types of control information can be used.

  As shown in FIG. 2D, the (actual) user data Ui in the i-th process includes basic information, history information, and illegal copy prevention information. In this example, the sizes of these pieces of information are variable lengths, and these pieces of information are written in this order from the beginning of the current data area Ri.

  The basic information includes, for example, basic information of the product 100 in the i-th process (information common to each process). Specifically, it includes information such as the name, product name, producer, type, model number, and production location of the product 100. Thereby, the user can know basic information at any time. The history information includes, for example, information indicating the history of the product 100 (information unique to each process). Specifically, it consists of information such as the processor, qualification, processing place, distribution channel, and sales channel of the product 100. Thereby, the user can know historical information at any time. The illegal copy prevention information includes, for example, information for preventing illegal copying of the product 100. Specifically, it consists of the production quantity, the lot number, etc. of the product 100. Thereby, illegal copying of the product 100 can be prevented by preventing illegal copying of the user data U (that is, the RFID tag 1).

  Note that the user data U may further include manufacturing instruction information as indicated by a dotted line in FIG. The manufacturing instruction information includes an instruction for manufacturing and processing the product 100, for example. Thereby, the i-th process user can give the instruction | indication for manufacturing and processing the product 100 to the user of the (i + 1) th process.

  When the i-th process is the first process in the actual process (for example, a production process), there is no previous process. That is, the past data areas R1 to R (i-1) do not exist in the storage area of the RFID tag 1. Therefore, in this case, the entire storage area of the RFID tag 1 is the current data area Ri, and the user data Ui can be written in the first process.

  The above processing is executed in the same manner except for the i-th step. In order to clarify the relationship between two successive steps, the (i + 1) th step will be described. That is, in the (i + 1) -th process, the (i + 1) -th reading / writing device 2 (i + 1) uses the past data areas R1 to R (i-1) and the current data area Ri in the i-th process as (i + 1). ) A new past data area in the second step. In addition, the (i + 1) th read / write device 2 (i + 1) uses the area other than the new past data area as the new current data area R (i + 1) in the (i + 1) th process, and the (i + 1) th The user data is written in the process.

  As a result, the i-th and (i + 1) -th reading / writing devices 2i and 2 (i + 1) use the unique encryption keys (30i and 30 (i + 1)), respectively. The user data Ui and U (i + 1) in the process are encrypted and written. Thereby, the user of each process can store the history information and send it to the users of the subsequent processes. Each time the user of each process passes the RFID tag 1 to the user of the subsequent process, generation (recognition) of the past data area R (i-1) and the current data area Ri is repeated.

  FIG. 3 shows an example of a specific configuration of the reading / writing device 2 of the RFID tag 1 in the data falsification preventing system of the present invention.

  The (i-th) reading / writing device 2 includes a control unit 21, a display unit 22, an input unit 23, a reading / writing unit 24, a storage unit 25, a generation unit 26, a compression / decompression unit 27, and an encryption / decryption unit 28. The encryption / decryption unit 28 includes an encryption key table 29. The unique encryption key used by the i-th reading / writing device 2i is referred to as an encryption key 30i.

  The control unit 21 controls the entire reading / writing device 2 in accordance with a user instruction input. The display unit 22 displays user input from the input unit 23, user data U1 to U (i-1) read from past data areas R1 to R (i-1) of the RFID tag 1, and current data of the RFID tag 1. The user data Ui written in the area Ri (that is, input from the input unit 23) is displayed. The input unit 23 inputs an instruction input such as reading and writing and user data Ui to be written in the current data area Ri to the control unit 21 in accordance with a user input of the reading / writing device 2.

  The reading / writing unit 24 reads the user data U1 to U (i-1) from the past data regions R1 to R (i-1) of the RFID tag 1 in response to a request from the control unit 21, and User data Ui is written in the current data area Ri. The storage unit 25 stores user data U1 to U (i-1) read from past data regions R1 to R (i-1) of the RFID tag 1.

  For example, the generation unit 26 reads the illegal copy prevention information included in the user data U (i-1) read from the previous past data area R (i-1) (that is, in the (i-1) th step). To generate illegal copy prevention information to be written to the current data area Ri (that is, in the i-th step). The illegal copy information may be generated using illegal copy prevention information other than the illegal copy prevention information included in the immediately preceding user data U (i-1). The compression / decompression unit 27 compresses the user data Ui to be written in the current data area Ri of the RFID tag 1 by a known compression method in response to a request from the control unit 21. In response to a request from the compression / decompression unit 27 (or the control unit 21), the encryption / decryption unit 28 uses any one of the encryption keys stored in the encryption key table 29 as a unique encryption key 30i to compress / decompress the decompression unit. The user data Ui compressed by 27 is encrypted by a known encryption method.

  FIG. 4 shows the encryption key table 29 provided in the reading / writing device 2 in the data falsification preventing system of the present invention.

  As shown in FIG. 4A, the encryption key table 29 stores a plurality of (1 to n) encryption keys (a set of encryption keys) for each encryption ID. The plurality of encryption keys XXX..., YYY. The encryption ID is stored without being encrypted, for example, at the top of the RFID tag 1. Thereby, a set of encryption keys (that is, the encryption key table 29) used by the RFID tag 1 is determined in advance. The encryption key table 29 is distributed in advance to each process of distributing (using) the RFID tag 1 and stored in the reading / writing device 2. At this time, it is not determined which encryption key in the encryption key table 29 is used by the i-th reading / writing device 2i (that is, the unique encryption key 30i).

  When the product 100 to which the RFID tag 1 is attached circulates and the reading / writing device 2i comes to the corresponding i-th process, the reading / writing device 2i reads the encryption ID read from the RFID tag 1 Accordingly, the encryption key table 29 used for reading and writing of the RFID tag 1 is specified. Then, the reading / writing device 2i reads the user data U1 to U (i-1) written in the storage area of the RFID tag 1 using all the encryption keys in the specified encryption key table 29 in order. Depending on this result, the encryption key is processed.

  That is, the encryption key that can be used for reading the user data U1 to U (i-1) has already been used in any of the steps up to the (i-1) th step. . Therefore, the reading / writing device 2 i saves the user data U and then deletes the encryption key from the encryption key table 29. For example, the encryption key XXX... With the encryption ID = 1 is erased or overwritten with all “0” (all 0) as shown in FIG. Alternatively, all may be overwritten with “1” (all 1).

  Thereby, the user data U1 to U (i-1) written in the past data areas R1 to R (i-1) of the RFID tag 1 in the steps up to the (i-1) th can be read. In addition, since the encryption key is deleted after the reading, the user data U1 to U (i-1) written in the RFID tag 1 in the steps up to the (i-1) th are changed to the i-th In the process (the reading / writing device 2i), it cannot be rewritten due to forgery. In other words, the read process using the encryption key and the deletion process of the encryption key used for the read process are made inseparable so that the read data cannot be rewritten.

  On the other hand, the encryption key that could not be used for reading the user data U was not used in the previous steps (i−1). Therefore, as shown in FIG. 4B, the reading / writing device 2i randomly selects an arbitrary encryption key from the unused encryption keys, and this is unique to the i-th step. The encryption key 30i is determined (used), and the user data Ui to be written in the i-th process is encrypted and written in the current data area Ri of the RFID tag 1. For example, a random number having an appropriate size may be generated, and the unused encryption keys remaining in the encryption key table 29 may be sequentially counted from the top using the random numbers. Thereby, the user data Ui can be written in the RFID tag 1 using the unique encryption key 30i in the i-th step.

  In addition, when the said process is the 1st process, since the user data U cannot be read, it will be in the state where neither encryption key was used. Accordingly, the entire storage area of the RFID tag 1 becomes the current data area Ri, and a unique encryption key is selected from all the encryption keys in the encryption key table 29.

  FIG. 5 is a data falsification preventing process flow of the present invention, showing a data falsification preventing process executed by the data falsification preventing system of the present invention.

  The operator instructs reading from the input unit 23 in a state where the RFID tag 1 attached to the product 100 is brought close to the i-th reading / writing device 2i (the reading / writing unit 24 thereof) (step S11). In response to this, when the control unit 21 requests the reading / writing unit 24 to read, the reading / writing unit 24 reads the contents of the past data areas R1 to R (i-1) of the storage area of the RFID tag 1, The contents (also referred to as read data) are sent to the control unit 21, and the control unit 21 stores it in a predetermined area for storing the information in the storage unit 25 (step S12). In this reading, the encryption key of the encryption key table 29 is used. The control unit 21 displays the contents of the read past data areas R1 to R (i-1) on the display unit 22 (step S13). The content includes, for example, A = 100 (pieces) as the illegal copy prevention information A.

  The operator who sees this inputs data from the input unit 23 (step S14). At this time, the input data includes, for example, the product 100 as illegal copy prevention information based on the fact that the product 100 is divided into A1 = 60 (pieces) and A2 = 40 (pieces). In response to this input, when the control unit 21 requests the generation unit 26 to generate the user data Ui, the generation unit 26 generates the user data Ui using the input data, displays the user data Ui on the display unit 22, and stores it. The information is stored in a predetermined area of the unit 25 for storing the information (step S15).

  Thereafter, when the control unit 21 requests the compression / decompression unit 27 to compress the user data Ui stored in the storage unit 25, the compression / decompression unit 27 compresses the user data Ui. The encryption / decryption unit 28 is requested to encrypt the compressed user data Ui. In response to this, the encryption / decryption unit 28 encrypts the compressed user data Ui using any one of the encryption keys stored in the encryption key table 29 as the unique encryption key 30i, and this information in the storage unit 25 Is stored in a predetermined area for storing (step S16).

  Thereafter, when the control unit 21 requests the reading / writing unit 24 to write data, the reading / writing unit 24 stores the encrypted user stored in the storage unit 25 in the current data area Ri of the storage area of the RFID tag 1. Data Ui is written (step S17). In this writing, one encryption key in the encryption key table 29 is used as the encryption key 30i unique to the i-th process.

  FIG. 6 is a data falsification preventing process flow of the present invention, and shows a reading process and an encryption key erasing process executed by the data falsification preventing system of the present invention. This process is executed, for example, in step S12 of FIG.

  The reading / writing unit 24 reads the top encryption ID of the storage area of the RFID tag 1 (step S21) and sends the contents to the control unit 21. The control unit 21 selects the encryption key table 29 corresponding to the encryption ID (step S22), and clears an erasure candidate register (not shown) (step S23).

  Thereafter, the reading / writing unit 24 reads the contents (binary data) of the past data area R (i−1) of the storage area of the RFID tag 1 in order from the head (step S24), and the contents are read by the control unit 21. Send to. The control unit 21 extracts one encryption key in order from the top of the encryption key table 29 (step S25), decrypts the read data using the encryption key (also referred to as decrypted data), decompresses it, and holds it. (Step S26). The control unit 21 checks whether or not the character “beginning” surrounded by the tags “<” and “>” exists at the head of the stored decoded data (step S27). Then, it is checked whether or not the character “END” surrounded by “>” exists (step S28).

  When the character “beginning” does not exist in step S27, and when the character “end” does not exist in step S28, step S25 and subsequent steps are repeated.

  When the character “end” exists in step S28, the control unit 21 sets the data in the area surrounded by the characters “start” and “end” as user data U1 to U (i-1) in the storage unit 25. The information is stored in a predetermined area for storing information (step S29), the encryption key corresponding to the encryption ID stored in the deletion candidate register is deleted from the encryption key table 29 (step S210), and the user data U1 to U The encryption ID of the encryption key used for reading (i-1) is stored in the deletion candidate register, and the encryption key is set as the deletion candidate (step S211).

  Thereafter, the control unit 21 checks whether or not an unprocessed encryption key remains in the encryption key table 29 (step S212), and if it remains, repeats step S25 and subsequent steps. If not, the process ends without deleting the encryption key corresponding to the encryption ID stored in the deletion candidate register from the encryption key table 29.

  In the writing process after the reading process, as described above, the data to be written in the current data area Ri and the user data U (i−1) stored in the storage unit 25 in step S29 (ie, step S12) are illegal. User data Ui is generated by performing encryption using the copy information (see, for example, FIG. 7) (step S16). At this time, the unique encryption key 30i is randomly selected from the remaining encryption keys in the encryption key table 29 without being erased.

  Further, the RFID tag 1 can be duplicated by using the data to be written in the current data area Ri and the user data U (i-1) stored in the storage unit 25 in step S29. As described above, the reading process can be executed only once. Therefore, instead of steps S11 to S13, after reading the user data U1 to U (i-1) stored in the storage unit 25, steps S11 to S17 may be executed. Even in this duplication, as described above, since the past data areas R1 to R (i-1) are not rewritten, it is possible to prevent data from being falsified.

  FIG. 7 is a diagram for explaining actual use of the data falsification preventing method of the present invention, and shows data falsification prevention according to the present invention when the product 100 is divided.

  According to the present invention, as an example, the illegal copy prevention information is made up of values obtained by dividing the product 100. The illegal copy prevention information A written in the first area R1 in the past data areas R1 to R (i-1) is made to have a maximum value that can divide the product 100. Under such conditions, as shown in FIG. 7A, the reading / writing device 2 adds the sum S of one or more illegal copy prevention information written in the past data areas R1 to R (i-1). And the illegal copy prevention information Ai written in the current data area Ri are made equal to the maximum value. That is, A = S + Ai.

  For example, assume that the maximum value is A. A can take various units such as “pieces” and “sheets”. For example, in the first step, when 100 products 100 with the same lot number are produced, A = 100 (pieces). In the next step, when A1 (pieces) and A2 (pieces) are sold to two processors of the product 100, A = A1 + A2. Furthermore, in the next process, when a processor who has purchased A1 (pieces) sells A11 (pieces), A12 (pieces) and A13 (pieces) to three primary wholesalers, A1 = A11 + A12 + A13. . Furthermore, in the next process, when the primary wholesaler who purchased A12 (pieces) sells A121 (pieces), A122 (pieces), A123 (pieces) and A124 (pieces) to four secondary wholesalers A12 = A121 + A122 + A123 + A124. Accordingly, in FIG. 7, for example, A = A11 + (A121 + A122 + A123 + A124) + A13 + A21 + (A221 + A222).

  Therefore, as shown in FIG. 7B, the RFID tag 1 having the illegal copy prevention information A122 has all the illegal copy prevention information A, A1, A12, and A122 above it. By comparing the RFID tag 1 attached to the product 100, it is possible to detect any alteration of data in any process. As a result, the illegal copy prevention information cannot be effectively rewritten in each process. Therefore, the data written in the RFID tag 1 cannot be falsified, and fraud with respect to the product 100 can be prevented and its traceability can be improved.

  FIG. 8 is a diagram for explaining the actual use of the data falsification preventing method of the present invention, and shows data falsification prevention according to the present invention when the products 100 are assembled and integrated.

  According to the present invention, as an example, the user data U of the RFID tag 1 of a certain product 100 includes a value obtained by integrating the user data U of a plurality of other RFID tags 1. Specifically, the RFID tag 1 of the product 100 is written with user data of one or more components 101 attached to the product 100.

  For example, it is assumed that a table that is a product 100 includes a top plate 101 and four legs 102 that are components attached to the table 101 as shown in FIG. In this case, as shown in FIG. 8B, the RFID tag 1 of the top plate 101 stores data in the past data areas R1 to R (n−1) and the current data area Rn in the final process (i = n). Is stored (indicated by 101). The past data areas R1 to R (n-1) include various user data U1 to U (n-1) of a plurality of previous processes. The current data area Rn stores user data Un in the final process n of the top plate 101 itself. The user data Un is encrypted and written using the encryption key 30n unique to the final process n.

  In addition, information # 1 to # 4 stored in the RFID tag 1 of the four legs 102 is written in the RFID tag 1 of the top board 101. For example, information # 1 includes various user data U1 to U (n′−1) of a plurality of previous processes in the past data areas R1 to R (n′−1) for one of the four legs 102. ) And the user data Un ′ in the final process of the foot 102 itself is stored in the current data area Rn ′. The same applies to information # 2 to # 4.

  Further, information # 5 is written in the RFID tag 1 of the top plate 101. Information # 5 is assembly information indicating that the table 100 is assembled by attaching the four legs 102 to the top board 101, related information indicating that the information # 1 to # 4 is included, detailed information about the assembly, and the like. Consists of. The detailed information includes, for example, an assembler, a factory name, a seller, a sales price, and the like.

  Information # 1 to # 5 additionally written is integrated information. The integrated information may be encrypted and written using the encryption key 30n unique to the final step n, or may be encrypted and written using the encryption key 30 (n + 1) unique to the integration step (n + 1). good. That is, it may be considered that the integration process is an actual final process and that one more process is added to the process n.

  As a result, the anti-piracy information cannot be rewritten on the top board 101 and the four legs 102 as described above, and the anti-piracy information can be prevented from being rewritten in the integration process. it can. That is, even if the illegal copy prevention information of the foot 102 is forged in the integration step, it does not match the information # 1 to # 4, and therefore the meaning of forgery is lost. Therefore, in addition to preventing the rewriting of the illegal copy prevention information in each of the above-described steps, it is possible to further prevent fraud with respect to the product 100 and improve its traceability.

  FIG. 9 shows another data falsification preventing system of the present invention for realizing the data falsification preventing method of the present invention.

  As shown in FIG. 9A, the data falsification prevention system of this example further includes one or a plurality of i-th portable terminals 3i corresponding to the i-th process in addition to the configurations of FIGS. Prepare. In other words, the i-th portable terminal 3 i includes an encryption key 30 i unique to the i-th process in advance. For example, the user of the read / write device 2i in the i-th process distributes the used unique encryption key 30i in advance via the Internet or the like to those who are allowed to refer to the user data Ui in the i-th process ( Copy). Alternatively, a mobile phone on which the i-th unique encryption key 30i and the i-th process reader are mounted in advance may be distributed in advance to the members for the i-th process.

  Each i-th portable terminal 3 i includes a reading unit (reader) 31, a decrypting unit 32, a decompressing unit 33, a display unit 34, and an encryption key table 29. The processing units 31 to 34 and the encryption key table 29 are reading devices corresponding to the i-th process. Each i-th portable terminal 3i reads from the RFID tag 1 the user data Ui in the i-th process, which is encrypted and written by the reading unit 31 using the encryption key 30i unique to the i-th process. This is decrypted by the decryption unit 32 using the encryption key 30i unique to the th process, decompressed by the decompression unit 33, and the user data Ui in the i th process is displayed by the display unit 34, which can be referred to by the user. And Since the i-th portable terminal 3i includes only the reading unit 31 and does not include the writing unit (writer), even if the unique encryption key 30i is notified, the user data Ui in the i-th process may be falsified. And tampering can be prevented.

  As a result, the user data Ui can be referred to without any restriction from the portable terminal 3i provided with the reader (reader) for the i-th process of the RFID tag. For example, when the i-th process is the final process (sales process) (i = n), as shown in FIG. 9B, the final consumer uses the mobile terminal 3i at the storefront of the store. The history information of the product to be purchased can be referred to.

  FIG. 10 shows another data falsification preventing system of the present invention for realizing the data falsification preventing method of the present invention.

  As shown in FIG. 10 (A), the data falsification preventing system of this example is a register system formed integrally with the (i + 1) th read / write device 2 in addition to the configurations of FIGS. 4 is provided. The register system 4 writes sales information of the product 100 as user data in the (i + 1) -th process, as shown in FIG.

  Thereby, for example, when the (i + 1) -th process is the final process (sales process) (i + 1 = n), the sales price to the final consumer is written in the RFID tag 1 as user data U (i + 1), for example. be able to. As a result, the sales price of the product 100 to the final consumer can be known at any time thereafter, for example, in buying and selling second-hand goods. For example, as described above, the mobile terminal 3 (that is, the mobile terminal 3 (i + 1)) is provided with the encryption key 30 (that is, the encryption key 30 (i + 1)) unique to the (i + 1) -th process. In the buying and selling of second-hand goods, the owner of the mobile terminal 3 can know the sales price of the product 100 to the final consumer.

  FIG. 11 shows another data falsification preventing system of the present invention that realizes the data falsification preventing method of the present invention.

  As shown in FIG. 11 (A), the data falsification preventing system of this example is a register system formed integrally with the (i + 1) th read / write device 2 in addition to the configurations of FIGS. 4 and an erasing device 5. The erasing device 5 is provided so as to pass through the register system 4 and erases all information written in the RFID tag 1. In the case of this example, the register system 4 reads the data in the past data area where only the data can be read in the (i + 1) -th process by the reading / writing device 2 and uses this to adjust the data. The register system 4 does not write the user data U in this process (or may write it). Thereafter, the erasing device 5 erases all information written in the RFID tag 1.

  For example, when the (i + 1) -th process is the final process (sales process) (i + 1 = n), the gate 6 having the erasing device 5 is provided at the exit of the store, and the final payment is completed in the register system 4 Only the consumer can pass through the gate 6. By passing through the gate 6, all information written in the RFID tag 1 can be erased without making the user or the final consumer aware of it.

  Note that the erasing device 5 may include an encryption key table 29 that stores all encryption keys. In this case, the erasing device 5 writes meaningless data such as “0” or “1” in the entire storage area of the RFID tag 1 by using the unique encryption key 30 corresponding to each process. May be.

  As a result, as shown in FIG. 11B, for example, all information written in the RFID tag 1 can be erased after sales to the final consumer. As a result, unnecessary leakage of information can be prevented, thereby making it unnecessary to collect the RFID tag 1.

  As described above, according to the present invention, in the data falsification preventing method and system, it is possible to effectively prevent falsification of data stored in the RFID tag regardless of the operator's consciousness by eliminating the opportunity to falsify data. can do. In addition, according to the present invention, in the data tampering prevention method and system, data tampering can be prevented more effectively by writing illegal copy prevention information to the RFID tag and using a unique encryption key for each process. be able to. Thereby, the traceability of a product can be compensated more reliably.

  In addition, according to the present invention, in the data falsification prevention method and system, it is possible to know the user data and the selling price to the final consumer from a portable terminal equipped with an RFID tag reading function, thereby expanding the use of the RFID tag. be able to.

  On the other hand, according to the present invention, in the data falsification prevention method and system, unnecessary leakage of information from the RFID tag can be surely prevented, the collection of the RFID tag becomes unnecessary, and the use of the RFID tag is expanded. be able to.

It is a block diagram of the data falsification prevention system of this invention. It is explanatory drawing of the data falsification prevention method of this invention. It is explanatory drawing of the reading / writing apparatus of the data tampering prevention system of this invention. It is explanatory drawing of the reading / writing apparatus of the data tampering prevention system of this invention. It is a data tampering prevention processing flow of the present invention. It is a data tampering prevention processing flow of the present invention. It is explanatory drawing of the data falsification prevention method of this invention. It is explanatory drawing of the data falsification prevention method of this invention. It is another block diagram of the data tampering prevention system of this invention. It is another block diagram of the data tampering prevention system of this invention. It is another block diagram of the data tampering prevention system of this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 RFID tag 2 Reading / writing apparatus 21 Control part 22 Display part 23 Input part 24 Reading / writing part 25 Storage part 26 Generation part 27 Compression / decompression part 28 Encryption / decryption part 29 Encryption key table

Claims (8)

A method for preventing data tampering of data written in an RFID tag attached to a product that circulates at least the i-th process (i is a positive integer) and the subsequent (i + 1) -th process,
Made to correspond to i-th reading and writing device to the i-th step, and the corresponding the (i + 1) -th step different from the i-th reading and writing device (i + 1) th reading and writing device Let
An encryption key table including a set of encryption keys used for reading and writing encrypted data of the RFID tag is stored in the i th and (i + 1) th read / write devices,
In the i-th step, the i-th reading and writing device is, in the above memory area of the RFID tag, only the reading of data in the i-th step is a region that has been written with data in the previous step Regarding possible past data area , the written data is read using the encryption key included in the encryption key table, and the encryption key used for the reading is deleted from the encryption key table, and other than the past data area for the current data area can write data in the area is a to the i-th step, using any of the encryption keys included in the encryption key table encryption key used is removed to the reading, the Consists of basic information consisting of basic information of the product in the i-th process, and history of the product Gravel information, and writes the user data in the i-th step of a piracy prevention information for preventing illegal copy of the product of values representative of the production the number of the i-th step,
In the (i + 1) -th step, the (i + 1) -th reading / writing device includes the (i + 1) -th previous data area and the current data area in the i-th step in the RFID tag storage area. ) For the new past data area in the second step , the written user data is read using the encryption key included in the encryption key table, and the encryption key used for the reading is deleted from the encryption key table. for said a new area other than the historical data area (i + 1) th new current data area in the step, any encryption keys included in the encryption key table encryption key used is removed to the reading or using a repeated writing of the user data in the (i + 1) -th process A data falsification preventing method characterized by the above. The data alteration prevention method according to claim 1, wherein the user data further includes manufacturing instruction information including instructions for manufacturing and processing the product. Before Symbol the anti-piracy information written in the first area within the past data area, made from a maximum value of a value representing the number of the product,
The read / write device calculates a sum of one or more of the illegal copy prevention information written in the past data area excluding the maximum value and the illegal copy prevention information written in the current data area, The data alteration prevention method according to claim 1, wherein the data is equal to the maximum value. The i-th and (i + 1) -th reading / writing devices use the unique encryption key, respectively, and the users in the i-th and (i + 1) -th steps comprising the basic information, history information, and illegal copy prevention information data alteration prevention method according to claim 1, wherein the write data is encrypted. RFID tags attached to products that circulate at least the i-th process;
An i th read / write device corresponding to the i th step ;
An encryption key table including a set of encryption keys used for reading and writing encrypted data of the RFID tag stored in the i-th reading / writing device,
In the i-th process, the i-th read / write device is an area where data is written in the previous process in the storage area of the RFID tag, and only reads data in the i-th process. About the possible past data area , the written user data is read using the encryption key included in the encryption key table, and the encryption key used for the reading is deleted from the encryption key table, and the past data area Any of the encryption keys included in the encryption key table in which the encryption key used for the reading is deleted for the current data area that is the area other than the area where data can be written in the i-th step used as a key, the basic information consisting of basic information of the product in the i-th step History information consisting of the history of the product, and the user in the i-th step of a piracy prevention information for preventing illegal copy of the product of values representative of the production the number of the i-th step data, data alteration prevention systems and writes to encrypt. The data falsification prevention system
Comprising one or a plurality of i th mobile terminals corresponding to the i th step,
The i-th portable terminal distributes the unique encryption key used by the i-th read / write device from the i-th read / write device, and from the RFID tag , the unique encryption key. Read the user data in the i-th step encrypted by using the unique encryption key that has been distributed , decrypt it, and refer to the user data in the i-th step The data falsification preventing system according to claim 5. The data falsification prevention system
A register system integrally formed with the (i + 1) th read / write device corresponding to the (i + 1) th step ;
6. The data falsification preventing system according to claim 5, wherein the register system writes sales information of the product as a part of user data in the (i + 1) -th process in the storage area of the RFID tag. . The data falsification prevention system
A register system formed integrally with the (i + 1) th read / write device corresponding to the (i + 1) th step ;
An erasing device provided to pass after passing through the register system and erasing all information written in the RFID tag;
The register system uses the encryption key included in the encryption key table to write the past data area in the storage area of the RFID tag that can only read data in the (i + 1) -th process. 6. The data tampering prevention system according to claim 5, wherein after the data is read and settled using the read user data , the erasing device erases all information written in the RFID tag.

Images