WO2007027151A1 - Verification of a product identifier - Google Patents

Verification of a product identifier Download PDF

Info

Publication number
WO2007027151A1
WO2007027151A1 PCT/SE2006/050308 SE2006050308W WO2007027151A1 WO 2007027151 A1 WO2007027151 A1 WO 2007027151A1 SE 2006050308 W SE2006050308 W SE 2006050308W WO 2007027151 A1 WO2007027151 A1 WO 2007027151A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
product identification
identification circuit
check sum
reader
Prior art date
Application number
PCT/SE2006/050308
Other languages
French (fr)
Inventor
Ingrid Rokahr
Jouni Stam
Original Assignee
Stora Enso Oyj
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Stora Enso Oyj filed Critical Stora Enso Oyj
Publication of WO2007027151A1 publication Critical patent/WO2007027151A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user

Definitions

  • the invention relates to the identification of products and their origin, as well as to the identification of other product information, and also to tracking of the movement of goods during the life cycle of a product.
  • Radio frequency identifiers have also come into use as product identifiers.
  • information is stored electronically in a memory device which stores product information and communicates it via radio frequency induction current to a reader.
  • This memory can be a Silicon-based circuit or so-called data chip, but also chipless memories have been developed.
  • chips and readers There are various kinds of chips and readers and they vary according to the purpose of use, but most generally the product identifiers comprise a data chip which is remotely accessible by the reader via an antenna. Modulated electromagnetic radiation at radio frequency is used for transmission of the information.
  • These RFID product identifiers can be used, for example, for product tracking, reading of price information, theft control, and also as authentication means.
  • a product identifier has been attached to a product as a tag and contains a small amount of information that can be modified at least partly.
  • Product information could be a number which is pointing to further information stored in a database or it could be information about the product like product name, origin of the product, delivery addresses, temperature logs, expiry date, among others.
  • the product identifier circuit can also contain a small- sized processor for processing information.
  • the processor can be manufactured or programmed in such a way that it only performs a given task. With the advancement of circuit technology, more and more components can be placed within a compact space, and the functionality of the future tags will be enhanced significantly.
  • a verification database which is a database normally maintained by the issuer or manufacturer of the items and not disclosed to other parties. If the chip information corresponds to information in the verification database, the chip is considered to be authentic and indirectly also the product or device attached to the chip is considered to be authentic. Examples of products could be any goods, documents or smart cards etc which are at risk to be counterfeited.
  • US patent application US 2004/0066278 discloses a method of securing communications in an RFID system including a reader and an RF tag having a memory configured to store information.
  • the method comprises sending, from the reader, a message to the tag wherein the tag, in response to the message, generates a challenge value and sends the challenge value to the reader.
  • the reader then performs a mathematical operation on the challenge value based upon a key value to generate a challenge reply and sends the challenge reply to the tag.
  • the tag independently computes a challenge response based on the key value and mathematical operation and compares the challenge response computed by the tag with the challenge reply sent by the reader.
  • the tag authenticates the reader if the challenge response matches the challenge reply.
  • the objective of this invention is to provide a solution for secure authentication of a product in order to distinguish a product from fraud products.
  • Another object of the invention is to provide an authentication procedure that is secure and still independent of any authentication of the interrogating device or user.
  • Summary of the Invention concerns a system for verifying a product identification circuit.
  • the system comprises a product identification circuit comprising a memory for storing product information, a telecommunication connection for transmitting the information contained in the product identification circuit to a reader, a reader for reading the information contained in the product identification circuit and for transmitting it further to a verification system, and a verification system for receiving and processing the information transmitted by the reader and for performing the verification.
  • the verification system comprises at least one data processing device, e.g.
  • the memory for storing the product information comprises a public memory area for storing any publicly readable information contained in the product identification circuit, and a secure memory area for storing of a secret key.
  • the product identification circuit comprises processing means, e.g. a processor, for reading the secure memory area of the product identification circuit.
  • the processing means have further been arranged to compute a check sum based on the encryption key of the secure memory area and on the information contained in the public memory area. After calculation, the resulting check sum is preferably written to the public memory area but may alternatively be directly provided to an external receiver if needed.
  • the secure memory area of the product identification circuit can only be accessed by the circuit's own processing means while the public memory area may be read by any suitable reader.
  • the telecommunication means can also be used to receive information to be processed by the processing means.
  • the verification system is connected to the Internet and arranged to receive the check sum and information provided by the reader over the Internet.
  • the term "remote" does not necessary reflect the true physical location of a system or server.
  • any systems can be relocated or co-located, or services provided by computer systems can be outsourced to one or more service providers.
  • the verification system comprises two or more independent information hosts. In this way the verification can be done remotely anywhere in the world as long as a connection is established between the reader and the verification system. Internet or any other chosen network can be used to establish the connection.
  • the method and system presented in WO04051510 can serve as communication protocol in the network to establish a peer-to peer connection between network nodes.
  • the combination of the secure encrypted chip described above, and a communication protocol that utilizes a peer-to-peer connection in a decentralized system with multiple independent information hosts, for example the communication protocol presented in WO04051510, is very advantageous and gives a secure authentication of the product to be protected.
  • the authentication could take place via any established connection in a data network. It could even take place via letters or people on the phone, if needed, as long as the communication means with the product identification circuit allow feeding of information, reading of the response and respectively interaction with the database in the verification system for re-calculation of the checksum for comparison.
  • the information could also be visibly communicated by using pressure sensitive areas representing certain numbers
  • a cryptographic security algorithm solves two of the major problems faced by today's RF unidirectional transmitters: code grabbing and code scanning. Code grabbing involves using an unauthorized receiver to record the signal data sent by the transmitter. Once the transmitted signal is recorded it can be resent to the receiver at a later time. Typically the system recognizes the "captured" data as valid and unlocks the system. Code scanning is a method of transmitting all available combinations of data to a receiver until the correct code combination is recognized by the system.
  • the invention concerns a method for verification of a product identification circuit and thereby also of the authenticity of a product connected to said circuit.
  • the method is used for checking the authenticity of the aforementioned product identification circuit. Before using the method, the necessary encryption key shall be stored to both the product identifier circuit being checked and to the verification system.
  • the invention operates with the symmetric secret key method, but in one embodiment of the invention, public key cryptography is used, whereby the secret encryption key is stored to the product identification circuit, and the public encryption key corresponding to the secret key is stored to the verification system.
  • the secret key stored to the product identification circuit is read by the processing means of the product identification circuit; the public information stored to the product identification circuit is read by the processing means of the product identification circuit; a first check sum is computed based on the aforementioned information which was read; the first check sum and the aforementioned public information which was read are transmitted to the reader; the first check sum and the aforementioned public information which was read are transmitted from the reader to a server which is acting as verification system or possibly to a server which is connected to a remote verification system, for example via the Internet; a second check sum is computed based on the aforementioned public information which was read and the encryption key stored to the verification system; and the first and second check sum are compared with one another to verify the authenticity of the information contained in the product identifier circuit.
  • the method for checking the authenticity of a product identification circuit comprises the following steps; reading of a secret key stored in an verification system; reading of public information stored in the verification system; computing, in the verification system, a first check sum based on the secret key and said public information; transmitting the first check sum and said public information from the verification system, to a reader; transmitting the first check sum and said public information from the reader to a product identification circuit; computing, in the product identification circuit, a second check sum based on said public information and an encryption key stored in the product identification circuit; and comparing, in the product identification circuit, the first and the second check sums to verify the authenticity of the information contained in the product identification circuit.
  • a random number is generated, which is transmitted to the product identifier circuit to be used in the computation of the check sum.
  • the reader may then further comprise a random number generator for generating a random number.
  • the computation efficiency required of the product identifier circuit is lesser since the comparison of check sums is done by the verification server. Due to this, besides being simple, the invention provides the additional advantage of being less expensive , which is an essential factor in using product identifier circuits. The cheaper a circuit can be made, the more products it can be placed within without significantly affecting the cost margins. Furthermore, it provides a more secure authentication since the data which are transferred between product identification circuit and reader and between reader and the verification system are numbers and do not contain the secret key. In this way, interference with the communication means and reading the information by unauthorized parties does not reveal the secret key.
  • the invention has the advantage that it enables reading of the product identifier using devices that do not have the ability to compute a check sum. More specifically, current crypto-chips deliver information in a way so that the information can only be accessed by special readers having information about the security protocol for communication with the chip.
  • the invention provides a solution for secure authentication that is able to use any standard reader being able to perform a two-way communication with the public memory area of the chip. The reader will be enabled to provide authentication based on the use of the secure/encrypted information and the authentication method disclosed in this application.
  • the system and method of the invention make it possible to perform a secure authentication by use of standard readers that are solely enabled to communicate with the data chip by talking and listening.
  • standard reader is herein meant a reader that does not need to verify or identify itself by a security discussion in order to perform the two-way communication with the chip and/or with the secret database.
  • the present invention enables the use of standard communication protocols between interrogator and chip due to the dynamically encrypted features in the chip. It does not require RFID interrogators which contain encryption information or special security commands.
  • Fig. 1 illustrates a system according to the invention
  • Fig 2 illustrates a distributed authentication system according to one aspect of the invention
  • Fig. 3 illustrates a method according to the invention .
  • Fig. Ia illustrates one system of the invention.
  • the system comprises a remote-readable product identifier circuit 10, a reader 18 and a verification system 19.
  • the product identifier circuit 10 of the present invention is a product identifier circuit attached to a product that comprises information about the product, which information can be read using a reader.
  • the product identifier circuit is an RFID circuit
  • the remote-readable product identifier circuit can be any product identifier circuit provided with data processing means 12 and any form of communication means, such as infra red transceivers (e.g. IrDA), for providing the reader with information stored on the chip and possibly for providing a challenge request, e.g. a random number, to the chip.
  • the data processing means include e.g. a small-sized specialized processor or the like. These means shall be able to perform simple computations and to read from the memory, or one shall also be able to add to them information that is readable in some other manner.
  • the reader of the product identifier circuit can be any reader as long as it is provided with telecommunication connections 111 and can be arranged to perform functions that are essential from the standpoint of the invention.
  • the telecommunication connection preferably is a wireless, generally used telecommunication connection.
  • the reader can also be a reader attachable to a computer or one fixedly arranged in conjunction with the computer, making a wireless network unnecessary.
  • the reader can also be a person or a device which is reading a display providing the public information of the chip.
  • a reader 18 is used to mean a reader assembly that can include either a separate reader, a combination of a reader and a computer, or other similar device or hardware assembly.
  • the reader is connected to a verification system 19 which comprises a server holding a database where an encryption key is stored for each product identifier.
  • the secret key 11 is stored to the memory such that it can be only read by the processing means 12 arranged in connection with the product identifier circuit.
  • the RFID circuit 10 comprises both a memory 11 and means 12 on the same circuit so that the memory 11 cannot be read from outside the circuit.
  • the RFID circuit 10 has been connected to the outside world in a wireless manner by a connection 110 and is provided with a specific public memory area 13, enabling one to read information using a reader 18.
  • the connection 110 can be e.g. a radio frequency connection operating with induction current. Examples of such connections are existing standards IS015693, IS014443A1B. Using existing standards allows any reader to operate with the authentication labels.
  • the reading area 13 includes e.g.
  • the ID code 14 of the circuit is a typical field, but it is mainly designed to provide information on the circuit manufacturer, and it is not necessary for the present invention.
  • the number of fields can be varied according to need, but at its minimum, the reading area 13 shall comprise at least the check sum and some kind of identification information, most preferably an electronic product code 15.
  • the fields can be varying or permanent in content. The number of fields is limited by the amount of memory placed on the circuit, and their number can be increased according to need within the limits of the amount of memory.
  • the information contained in the public memory area 13 can also be read by the processing means 12.
  • the reader 18 is used to read the circuit the check sum 16 and the other information 13 contained in the reading area and used for the computation of the check sum.
  • the information which was read is transmitted to the verification system 19, having the encryption keys of all the circuits stored therein. This has been arranged, for example, so that the circuit manufacturer generates a secret key for every circuit manufactured by it.
  • the secret key can vary for each product identifier or for any group of product identifiers.
  • the verification system Based on the information transmitted, the verification system computes its own check sum and compares it with the transmitted check sum. In case the sums are matching, the authenticity of the product identifier circuit is verified.
  • the method and system presented in WO04051510 can serve as communication protocol in the network.
  • the protocol may be used to share product related information in a distributed, multi-user environment. It provides the set of communication rules, certification mechanism and handshaking procedures required to create peer-to-peer connection where nodes (servers) share product data in real time.
  • Fig. 2 illustrates a system for managing distributed product information.
  • the products 30 are equipped with unique product identifier codes and the unique codes are the key to retrieve information at information hosts (host 34, 36, 38) in Fig. 2). Information regarding a certain identifier code is requested from a known host.
  • a handshaking procedure will take place to establish a peer-to peer connection to the requesting server. In any case, this host will forward the request to all servers with known IP addresses. Once the host is identified which is holding the verification database, a handshaking procedure connects the verification process is initiated between the reader 32 and said host 38.
  • the transmission of the information between the reader and the verification system is preferably done by using a computer network, such as the Internet.
  • the reader may hence be located at a distance far away from the distributed verification system and the different information hosts may easily be connected to each other using standard network technologies.
  • a computer network such as the Internet for connecting the readers to the information hosts the system may easily be extended by adding additional information hosts and/or readers to the overall system.
  • the check sum to be computed can be any known check sum or a hash function, e.g. MD5.
  • the ID number granted by the circuit manufacturer serves as the circuit identifier information and the ID number 14.
  • the identification information one can also use e.g. the EPC information 15 granted by the product manufacturer and an additional information field 17, but these are not necessary. Thereafter, the check sum of the circuit is computed based on the information used and the secret key 11 stored to the circuit.
  • the reader 18 when checking, the reader 18 is used to read in the circuit all the information used for the computation of the check sum, except for the secret key, and this information is transmitted to the verification system, containing the previously stored secret keys corresponding to the ID numbers.
  • the verification system retrieves, based on the ID number, the secret key and computes its own check sum based on the information transmitted, and compares it with the transmitted check sum.
  • the circuit has been dependably identified, and the ID number of the circuit can be used for tracking the product in the database of the manufacturer of the RFID circuit, which database may also contain information on whom the circuit has been granted to.
  • a product identifier can serve as the key, whereby the search for retrieving the information is performed in the database of the product manufacturer, importer or distributor, for example.
  • the circuit of the invention can be utilized with several different additional applications .
  • the additional information in the above example can also be stored to the verification system, making it unnecessary to transmit further all the information contained in the reading area, or the verification system ignores those fields that have been stored to the memory of the system.
  • the name of the owner of the object can be stored to the additional information field.
  • the reader displays the information which was read, including the owner of the object. Thereafter, a checking inquiry as shown in the previous example is made, but besides the secret key, also the registered owner of the object is retrieved from the information contained in the verification system.
  • a check sum is computed from the information of the verification system's own and from that transmitted thereto, and the check sum is compared with the check sum which was read in the RFID circuit.
  • the check sum which was read and the check sum which was computed do not match.
  • also other fields to be checked can be stored to the verification system.
  • the product identifier circuit being used e.g. an RFIFD circuit
  • computes a check sum each reading time enabling one to include within the check sum information that has possibly changed in the circuit.
  • the check sum is disposed in a public reading area, it is substantially harder to tamper with, in case the sum is computed just before transmitting the information to the reader.
  • the reader can with certainty make sure of the fact that the product identifier circuit truly computes a check sum, it generates a random number, which is transmitted to the product identifier circuit and to the verification system.
  • there is in the reader a random number generator 112 or means for receiving a random number from the verification system.
  • the random number is used as one basis for the check sum. In case the circuit does not use the random number when computing the check sum, but the verification system is using it, the check sums do not match. By this one can judge that the circuit does not either work or its information has been changed, and one cannot trust on its authenticity .
  • a verification system is used to mean a larger complex having as one feature the verification of the authenticity of the product identification circuit that is substantial with regard to the invention.
  • the encryption method of the public key is used for the generation and checking of the check sum.
  • a secret key is stored to the product identifier circuit in the same manner as in the secret key method described above.
  • the pubic key corresponding to the secret key is stored to the verification system.
  • the product identifier circuit computes the check sum using the selected method and encrypts it using its secret key. Thereafter, all the information is transmitted to the verification system in the same manner as in the example of the secret key described above. Thereafter, the verification system computes its own check sum, decrypts the encryption of the check sum transmitted by the product identifier using its public key and compares the check sums with one another. In case the sums are matching, the product identifier circuit is authentic.
  • Fig. 3 illustrates one advantageous implementation of the utilization of the method of the invention for verifying the authenticity of a product circuit.
  • the verification is started e.g. by selecting on the verification device, step 20. After indication of the verification, the verification device generates a random number to enable verification of the operation of the circuit, step 21.
  • This step is not obligatory, in case one trusts on the operation of the circuit, or in case this verification is not considered substantial.
  • a random number is generated, it is transmitted to the product identifier circuit, step 22.
  • the circuit computes a check sum utilizing the secret key stored to the circuit, the random number and the public information stored to the circuit, step 23.
  • Public information includes e.g. the ID number of the circuit.
  • the check sum computed by the circuit and the information required for its computation are transmitted back to the reader step 24.
  • the reader transmits the information further to the verification system, step 25 over a network, most preferably the internet. If the random number was computed at step 21, then it is also transmitted to the verification system.
  • the verification system retrieves from its database the secret key e.g.
  • a connection is established between an identification interrogator (e.g. a reader connected to a computer) and an RFID transponder (encrypted chip +RFID antenna) .
  • the identification interrogator can communicate with a secret database.
  • Example 1 The interrogator requests authentication information from the chip.
  • the chip processes the information stored in the readable area with the algorithm stored in the secured area and delivers authentication information.
  • the interrogator receives the authentication information, which can contain a calculated checksum, and the additional information available in the readable area, e.g. EPC number, serial chip number, possibly the number of requests and other stored information.
  • the authentication information is submitted to the computer containing the secret database.
  • the computer calculates a second checksum by use of the additional information and an identical secret key and compares the checksum from the chip with the second checksum.
  • the checksums correspond to each other the product ID is considered to be authentic.
  • the checksums can be identical, differ by a predetermined factor or in another way correspond to each other.
  • the encryption algorithm may use a non-linear sequence of differential encoding schemes to encode the data stored in a synchronization counter and encryption key. After each data transmission the synchronization counter is incremented. Because of the complexity of the encryption algorithm a minor change in the synchronization counter (e.g. incrementing the counter by one bit after each transmission) will result in a large change in the actual transmitted encrypted data .
  • Example 2 A random number is provided by a user, the interrogator, the secure database system or another device.
  • An RFID interrogator sends the random number to the chip and requests a checksum which is calculated by the encrypted chip by use of a secret key, information available in the readable area and the random number.
  • the interrogator receives the checksum and the information from the readable area of the chip and submits this and the random number to a computer with access to the secret database information.
  • the computer calculates a second checksum by use of the random number, the information from the readable area and an identical secret number.
  • the computer compares the returned checksum with the second checksum. Using information of the ordinal number of such requests, unique chip serial ID, and the provided results, the secret key can be recalculated for each request by an algorithm which is also stored at the database so that the checksum can be calculated there in parallel for comparison.
  • Example 3 An item or product, e.g. a package, is equipped with a field of sensor fields that detect contact with a pointing device, for example a finger of a user. Each sensor field corresponds to a number. In case of binary information two sensor fields are needed
  • a user uses an internet interface for authentication and receives a challenge request number.
  • the user enters the challenge request number by pressing the buttons (i.e. the sensor fields), corresponding to the requested number.
  • the entered information is received by the secure chip and a checksum is calculated.
  • the result of the calculation and the information used for the calculation like EPC number and chip ID is presented to the user by a display field, for example comprising a two-dimensional barcode field which can be updated.
  • the calculated checksum is submitted to a computer, with access to a secret database, and compared to a checksum calculated by the computer as described above .
  • the authentication system comprises a server in connection to the reader (in the following referred to as Server A) and a verification system (in the following referred to as Server B)
  • Server A a server in connection to the reader
  • Server B a verification system
  • the secure key is changed after each verification, a challenge request is initiated from Server B, a challenge calculation uses public information on the circuit.
  • a method comprising the steps below may then be performed.
  • Reader reads Product ID.
  • Reader transmits Product ID to Server A.
  • Server A stores reading event in database (optionally, for track & trace) .
  • Server A connects to Server B of ID owner (Server B looks up database info about authentication procedure) .
  • Server B provides a challenge request to Server A.
  • Server A provides the challenge request to Reader.
  • chip calculates checksum according to secret key.
  • chip recalculates the encryption according to pre-determined algorithm.
  • Reader reads out challenge response from chip, k) Reader transmits challenge response to Server A.
  • Server A transmits challenge response to Server B.
  • Server B calculates own checksum with secret key stored in Server B database.
  • Server B compares checksums provided by chip and by Server B.
  • Server B transmits authentication result to Server A.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)

Abstract

An authentication system is disclosed. The system comprises a product identification circuit comprising a public memory area for storing publicly readable information, a secure memory area for storing at least one encryption key, a processor for reading said secure memory area and said public memory area, wherein the processor is arranged to compute a check sum based on said encryption key and at least a portion of the publicly readable information, and a first telecommunication connection for providing a reader with said check sum and information comprised in the public memory area. The system also comprises a reader for receiving said information and providing a verification system with said check sum and at least a portion of said information and a verification system connected to the Internet for receiving the check sum and information provided by the reader over the Internet, wherein the verification system also comprises said encryption key and is arranged to compute a check sum based on said encryption key and received information and compare the computed check sum with the received check sum.

Description

VERIFICATION OF A PRODUCT IDENTIFIER
Technical Field
The invention relates to the identification of products and their origin, as well as to the identification of other product information, and also to tracking of the movement of goods during the life cycle of a product. Background
With the advancement of information systems of shops, information on most products has been stored to information networks either for the shop's internal use or public use. Information systems are typically used for providing product information, stock follow-up, pricing, transmitting additional information associated with the products, and for other similar functions. Previously, the product identifier, usually functioning as the key in the systems, has been a barcode read by a bar code reader. Barcodes have, however, readability limitations since they require a line of sight between the reader and the code, a certain visual contrast, and sufficient resolution of the barcode. In addition, barcode information is static and restricted by limited data capacity .
Radio frequency identifiers have also come into use as product identifiers. In these, information is stored electronically in a memory device which stores product information and communicates it via radio frequency induction current to a reader. This memory can be a Silicon-based circuit or so-called data chip, but also chipless memories have been developed. There are various kinds of chips and readers and they vary according to the purpose of use, but most generally the product identifiers comprise a data chip which is remotely accessible by the reader via an antenna. Modulated electromagnetic radiation at radio frequency is used for transmission of the information. These RFID product identifiers can be used, for example, for product tracking, reading of price information, theft control, and also as authentication means. Typically, a product identifier has been attached to a product as a tag and contains a small amount of information that can be modified at least partly. Product information could be a number which is pointing to further information stored in a database or it could be information about the product like product name, origin of the product, delivery addresses, temperature logs, expiry date, among others. The product identifier circuit can also contain a small- sized processor for processing information. The processor can be manufactured or programmed in such a way that it only performs a given task. With the advancement of circuit technology, more and more components can be placed within a compact space, and the functionality of the future tags will be enhanced significantly.
In order to verify the authenticity of a product, information obtained from the data chip is compared to information stored in a verification database which is a database normally maintained by the issuer or manufacturer of the items and not disclosed to other parties. If the chip information corresponds to information in the verification database, the chip is considered to be authentic and indirectly also the product or device attached to the chip is considered to be authentic. Examples of products could be any goods, documents or smart cards etc which are at risk to be counterfeited.
In the art, such authentication processes are known wherein a code obtained from a barcode or a chip of an RF tag is compared to a code stored in a verification database. One problem related to those known authentication processes is that the barcode, the chip, or the content of the chip can be copied. Further previously known authentication processes involve encrypted data chips which can only be read by specialized reading devices. In order to perform such an authentication procedure, the reader and the chip have to apply certain security and identification protocols. The reader has to be equipped with capabilities to follow the specific security protocol and possible encryption/decryption processes required by the chip. One problem is that the large variety of chips and hardware complicates or hinders the interoperability and data collection in a supply chain.
US patent application US 2004/0066278 discloses a method of securing communications in an RFID system including a reader and an RF tag having a memory configured to store information. The method comprises sending, from the reader, a message to the tag wherein the tag, in response to the message, generates a challenge value and sends the challenge value to the reader. The reader then performs a mathematical operation on the challenge value based upon a key value to generate a challenge reply and sends the challenge reply to the tag. The tag independently computes a challenge response based on the key value and mathematical operation and compares the challenge response computed by the tag with the challenge reply sent by the reader. The tag authenticates the reader if the challenge response matches the challenge reply.
However, the technology used in US 2004/0066278 calls for the use of a special reader with computational capabilities and which is adapted to use a secure protocol in order to perform the authentication procedure. Additionally, it is often desirable to authenticate the tag and not the reader, and in many instances it would hence be more beneficial to use a standard reader, e.g. a standard ISO 14443 RF reader, for reading the tag when performing the authentication of the tag. The information contained in the tags shall be verifiable and hard to tamper with. Due to a large stock of hardware already installed, this improved product identifier circuit placed on a tag shall also be compatible with the present devices. Objective of the Invention
The objective of this invention is to provide a solution for secure authentication of a product in order to distinguish a product from fraud products. Another object of the invention is to provide an authentication procedure that is secure and still independent of any authentication of the interrogating device or user. Summary of the Invention The present invention concerns a system for verifying a product identification circuit. The system comprises a product identification circuit comprising a memory for storing product information, a telecommunication connection for transmitting the information contained in the product identification circuit to a reader, a reader for reading the information contained in the product identification circuit and for transmitting it further to a verification system, and a verification system for receiving and processing the information transmitted by the reader and for performing the verification. The verification system comprises at least one data processing device, e.g. a computer server, or a network of data processing devices connected to each other . The memory for storing the product information comprises a public memory area for storing any publicly readable information contained in the product identification circuit, and a secure memory area for storing of a secret key. In addition, the product identification circuit comprises processing means, e.g. a processor, for reading the secure memory area of the product identification circuit. The processing means have further been arranged to compute a check sum based on the encryption key of the secure memory area and on the information contained in the public memory area. After calculation, the resulting check sum is preferably written to the public memory area but may alternatively be directly provided to an external receiver if needed. The secure memory area of the product identification circuit can only be accessed by the circuit's own processing means while the public memory area may be read by any suitable reader. The telecommunication means can also be used to receive information to be processed by the processing means.
In one preferred embodiment of the invention the verification system is connected to the Internet and arranged to receive the check sum and information provided by the reader over the Internet.
By providing the information via the Internet it is possible to arrange the reader and the verification system at different locations located at a great distance form each other. Another advantage of using the Internet for transferring data is the widespread use of standardized communication equipment, which facilitates the implementation of the system.
In this context it is emphasized that the term "remote" does not necessary reflect the true physical location of a system or server. In a global network any systems can be relocated or co-located, or services provided by computer systems can be outsourced to one or more service providers. In another preferred embodiment the verification system comprises two or more independent information hosts. In this way the verification can be done remotely anywhere in the world as long as a connection is established between the reader and the verification system. Internet or any other chosen network can be used to establish the connection. For example, the method and system presented in WO04051510 can serve as communication protocol in the network to establish a peer-to peer connection between network nodes. The combination of the secure encrypted chip described above, and a communication protocol that utilizes a peer-to-peer connection in a decentralized system with multiple independent information hosts, for example the communication protocol presented in WO04051510, is very advantageous and gives a secure authentication of the product to be protected.
In general, the authentication could take place via any established connection in a data network. It could even take place via letters or people on the phone, if needed, as long as the communication means with the product identification circuit allow feeding of information, reading of the response and respectively interaction with the database in the verification system for re-calculation of the checksum for comparison. The information could also be visibly communicated by using pressure sensitive areas representing certain numbers
(for example printed switches or piezo-foil switches) for input of a random number and an updatable barcode (for example a printed display) for the output of the comparison number. The product identification circuits may incorporate security communication protocols directly into the silicon circuitry and combine RF components into the silicon circuit and semiconductor package. According to the invention a cryptographic security algorithm solves two of the major problems faced by today's RF unidirectional transmitters: code grabbing and code scanning. Code grabbing involves using an unauthorized receiver to record the signal data sent by the transmitter. Once the transmitted signal is recorded it can be resent to the receiver at a later time. Typically the system recognizes the "captured" data as valid and unlocks the system. Code scanning is a method of transmitting all available combinations of data to a receiver until the correct code combination is recognized by the system.
Further, the invention concerns a method for verification of a product identification circuit and thereby also of the authenticity of a product connected to said circuit.
The method is used for checking the authenticity of the aforementioned product identification circuit. Before using the method, the necessary encryption key shall be stored to both the product identifier circuit being checked and to the verification system. The invention operates with the symmetric secret key method, but in one embodiment of the invention, public key cryptography is used, whereby the secret encryption key is stored to the product identification circuit, and the public encryption key corresponding to the secret key is stored to the verification system. In the method, the secret key stored to the product identification circuit is read by the processing means of the product identification circuit; the public information stored to the product identification circuit is read by the processing means of the product identification circuit; a first check sum is computed based on the aforementioned information which was read; the first check sum and the aforementioned public information which was read are transmitted to the reader; the first check sum and the aforementioned public information which was read are transmitted from the reader to a server which is acting as verification system or possibly to a server which is connected to a remote verification system, for example via the Internet; a second check sum is computed based on the aforementioned public information which was read and the encryption key stored to the verification system; and the first and second check sum are compared with one another to verify the authenticity of the information contained in the product identifier circuit. In another embodiment of the invention, the method for checking the authenticity of a product identification circuit comprises the following steps; reading of a secret key stored in an verification system; reading of public information stored in the verification system; computing, in the verification system, a first check sum based on the secret key and said public information; transmitting the first check sum and said public information from the verification system, to a reader; transmitting the first check sum and said public information from the reader to a product identification circuit; computing, in the product identification circuit, a second check sum based on said public information and an encryption key stored in the product identification circuit; and comparing, in the product identification circuit, the first and the second check sums to verify the authenticity of the information contained in the product identification circuit.
In one embodiment of the invention, prior to the verification, a random number is generated, which is transmitted to the product identifier circuit to be used in the computation of the check sum. The reader may then further comprise a random number generator for generating a random number. The advantages of the invention described above include enabling checking of the authenticity of the circuit, improving the dependability of additional information fields, as well as simplicity and compatibility with previous systems . The system of the present invention enables dependable identification of the circuits being used. The accuracy of the dependability can be adjusted by choosing the method to be used for the computation of the check sum according to the required dependability. The present invention uses a dependable algorithm also for the verification of the authenticity of the information stored to the product identification circuit. The present method has the advantage of being simple. As it is possible to use the method of the secret key in the system, the computation efficiency required of the product identifier circuit is lesser since the comparison of check sums is done by the verification server. Due to this, besides being simple, the invention provides the additional advantage of being less expensive , which is an essential factor in using product identifier circuits. The cheaper a circuit can be made, the more products it can be placed within without significantly affecting the cost margins. Furthermore, it provides a more secure authentication since the data which are transferred between product identification circuit and reader and between reader and the verification system are numbers and do not contain the secret key. In this way, interference with the communication means and reading the information by unauthorized parties does not reveal the secret key.
In addition, it is possible to use the encryption method of the public key for communicating the content of the public memory area
Furthermore, the invention has the advantage that it enables reading of the product identifier using devices that do not have the ability to compute a check sum. More specifically, current crypto-chips deliver information in a way so that the information can only be accessed by special readers having information about the security protocol for communication with the chip. The invention provides a solution for secure authentication that is able to use any standard reader being able to perform a two-way communication with the public memory area of the chip. The reader will be enabled to provide authentication based on the use of the secure/encrypted information and the authentication method disclosed in this application. In contrast to prior art, the system and method of the invention make it possible to perform a secure authentication by use of standard readers that are solely enabled to communicate with the data chip by talking and listening. By "standard reader" is herein meant a reader that does not need to verify or identify itself by a security discussion in order to perform the two-way communication with the chip and/or with the secret database. I.e. the present invention enables the use of standard communication protocols between interrogator and chip due to the dynamically encrypted features in the chip. It does not require RFID interrogators which contain encryption information or special security commands.
List of Figures
Fig. 1 illustrates a system according to the invention; Fig 2 illustrates a distributed authentication system according to one aspect of the invention; Fig. 3 illustrates a method according to the invention . Detailed Description of the Invention Fig. Ia illustrates one system of the invention. The system comprises a remote-readable product identifier circuit 10, a reader 18 and a verification system 19. The product identifier circuit 10 of the present invention is a product identifier circuit attached to a product that comprises information about the product, which information can be read using a reader. Preferably, the product identifier circuit is an RFID circuit, but the remote-readable product identifier circuit can be any product identifier circuit provided with data processing means 12 and any form of communication means, such as infra red transceivers (e.g. IrDA), for providing the reader with information stored on the chip and possibly for providing a challenge request, e.g. a random number, to the chip. The data processing means include e.g. a small-sized specialized processor or the like. These means shall be able to perform simple computations and to read from the memory, or one shall also be able to add to them information that is readable in some other manner. Similarly, the reader of the product identifier circuit can be any reader as long as it is provided with telecommunication connections 111 and can be arranged to perform functions that are essential from the standpoint of the invention. In case a specific reader is used with the invention, the telecommunication connection preferably is a wireless, generally used telecommunication connection. It must, however, be noted that the reader can also be a reader attachable to a computer or one fixedly arranged in conjunction with the computer, making a wireless network unnecessary. The reader can also be a person or a device which is reading a display providing the public information of the chip. In Fig. 1, a reader 18 is used to mean a reader assembly that can include either a separate reader, a combination of a reader and a computer, or other similar device or hardware assembly.
The reader is connected to a verification system 19 which comprises a server holding a database where an encryption key is stored for each product identifier.
As concerns the present invention, the secret key 11 is stored to the memory such that it can be only read by the processing means 12 arranged in connection with the product identifier circuit. Typically, this is arranged so that the RFID circuit 10 comprises both a memory 11 and means 12 on the same circuit so that the memory 11 cannot be read from outside the circuit. The RFID circuit 10 has been connected to the outside world in a wireless manner by a connection 110 and is provided with a specific public memory area 13, enabling one to read information using a reader 18. The connection 110 can be e.g. a radio frequency connection operating with induction current. Examples of such connections are existing standards IS015693, IS014443A1B. Using existing standards allows any reader to operate with the authentication labels. The reading area 13 includes e.g. the ID code 14 of the circuit, an electronic product code (EPC) 15, a generated check sum 16 and additional information 17 such as optional user data. The ID number 14 of the circuit is a typical field, but it is mainly designed to provide information on the circuit manufacturer, and it is not necessary for the present invention. The number of fields can be varied according to need, but at its minimum, the reading area 13 shall comprise at least the check sum and some kind of identification information, most preferably an electronic product code 15. The fields can be varying or permanent in content. The number of fields is limited by the amount of memory placed on the circuit, and their number can be increased according to need within the limits of the amount of memory. The information contained in the public memory area 13 can also be read by the processing means 12. The reader 18 is used to read the circuit the check sum 16 and the other information 13 contained in the reading area and used for the computation of the check sum. The information which was read is transmitted to the verification system 19, having the encryption keys of all the circuits stored therein. This has been arranged, for example, so that the circuit manufacturer generates a secret key for every circuit manufactured by it. The secret key can vary for each product identifier or for any group of product identifiers. Based on the information transmitted, the verification system computes its own check sum and compares it with the transmitted check sum. In case the sums are matching, the authenticity of the product identifier circuit is verified.
As mentioned above, in a preferred embodiment of the invention, the method and system presented in WO04051510, which is hereby incorporated by reference, can serve as communication protocol in the network. The protocol may be used to share product related information in a distributed, multi-user environment. It provides the set of communication rules, certification mechanism and handshaking procedures required to create peer-to-peer connection where nodes (servers) share product data in real time. Fig. 2 illustrates a system for managing distributed product information. The products 30 are equipped with unique product identifier codes and the unique codes are the key to retrieve information at information hosts (host 34, 36, 38) in Fig. 2). Information regarding a certain identifier code is requested from a known host. In case this host is having information regarding this product ID, a handshaking procedure will take place to establish a peer-to peer connection to the requesting server. In any case, this host will forward the request to all servers with known IP addresses. Once the host is identified which is holding the verification database, a handshaking procedure connects the verification process is initiated between the reader 32 and said host 38.
The transmission of the information between the reader and the verification system is preferably done by using a computer network, such as the Internet. The reader may hence be located at a distance far away from the distributed verification system and the different information hosts may easily be connected to each other using standard network technologies. Furthermore, by using a computer network such as the Internet for connecting the readers to the information hosts the system may easily be extended by adding additional information hosts and/or readers to the overall system. As concerns the present invention, most substantial is comprehension of how the check sum is computed and checked, which is explained in the following example. The check sum to be computed can be any known check sum or a hash function, e.g. MD5. These are obvious to a person skilled in the art, so they are not explained in more detail herein. We select, for example, a product and provide it with a remote-readable piece of information, e.g. an RFID circuit, fixedly attached to the product. In the case of the present example, the ID number granted by the circuit manufacturer serves as the circuit identifier information and the ID number 14. In addition to this, as the identification information one can also use e.g. the EPC information 15 granted by the product manufacturer and an additional information field 17, but these are not necessary. Thereafter, the check sum of the circuit is computed based on the information used and the secret key 11 stored to the circuit. Correspondingly, when checking, the reader 18 is used to read in the circuit all the information used for the computation of the check sum, except for the secret key, and this information is transmitted to the verification system, containing the previously stored secret keys corresponding to the ID numbers. The verification system retrieves, based on the ID number, the secret key and computes its own check sum based on the information transmitted, and compares it with the transmitted check sum. In case the check sum matches, the circuit has been dependably identified, and the ID number of the circuit can be used for tracking the product in the database of the manufacturer of the RFID circuit, which database may also contain information on whom the circuit has been granted to. Alternatively, a product identifier can serve as the key, whereby the search for retrieving the information is performed in the database of the product manufacturer, importer or distributor, for example.
In addition to a basic application, the circuit of the invention can be utilized with several different additional applications . The additional information in the above example can also be stored to the verification system, making it unnecessary to transmit further all the information contained in the reading area, or the verification system ignores those fields that have been stored to the memory of the system. In this manner, for example, the name of the owner of the object can be stored to the additional information field. When the information associated with the object is read by means of a reader, the reader displays the information which was read, including the owner of the object. Thereafter, a checking inquiry as shown in the previous example is made, but besides the secret key, also the registered owner of the object is retrieved from the information contained in the verification system. Thereafter, a check sum is computed from the information of the verification system's own and from that transmitted thereto, and the check sum is compared with the check sum which was read in the RFID circuit. In case there has been a change in the additional information field without registering it, e.g. without authorization, the check sum which was read and the check sum which was computed do not match. In a similar manner, also other fields to be checked can be stored to the verification system.
In the present invention the product identifier circuit being used, e.g. an RFIFD circuit, computes a check sum each reading time, enabling one to include within the check sum information that has possibly changed in the circuit. Because the check sum is disposed in a public reading area, it is substantially harder to tamper with, in case the sum is computed just before transmitting the information to the reader. In order to provide for that the reader can with certainty make sure of the fact that the product identifier circuit truly computes a check sum, it generates a random number, which is transmitted to the product identifier circuit and to the verification system. To enable this, there is in the reader a random number generator 112 or means for receiving a random number from the verification system. The random number is used as one basis for the check sum. In case the circuit does not use the random number when computing the check sum, but the verification system is using it, the check sums do not match. By this one can judge that the circuit does not either work or its information has been changed, and one cannot trust on its authenticity .
In addition to the identification described above, it is also possible to add to the verification systems other functions such as transmitting product information and logistics information such as tracking of products. Thus, it is obvious to a person skilled in the art that a verification system is used to mean a larger complex having as one feature the verification of the authenticity of the product identification circuit that is substantial with regard to the invention.
In one embodiment of the invention, the encryption method of the public key is used for the generation and checking of the check sum. In this embodiment, a secret key is stored to the product identifier circuit in the same manner as in the secret key method described above. The pubic key corresponding to the secret key is stored to the verification system. The product identifier circuit computes the check sum using the selected method and encrypts it using its secret key. Thereafter, all the information is transmitted to the verification system in the same manner as in the example of the secret key described above. Thereafter, the verification system computes its own check sum, decrypts the encryption of the check sum transmitted by the product identifier using its public key and compares the check sums with one another. In case the sums are matching, the product identifier circuit is authentic. In this manner, the key security of the verification system is improved because the key of the verification system can be only used to decrypt the encryption of the check sum and thus to check the check sum of the product identifier circuit. Compared to the secret key method, this method has the disadvantage of an increased need for computation as well as an increase in the length of the keys, so it is more poorly suited for cheap mass products than the symmetric method. Fig. 3 illustrates one advantageous implementation of the utilization of the method of the invention for verifying the authenticity of a product circuit. The verification is started e.g. by selecting on the verification device, step 20. After indication of the verification, the verification device generates a random number to enable verification of the operation of the circuit, step 21. This step is not obligatory, in case one trusts on the operation of the circuit, or in case this verification is not considered substantial. In case a random number is generated, it is transmitted to the product identifier circuit, step 22. Thereafter, the circuit computes a check sum utilizing the secret key stored to the circuit, the random number and the public information stored to the circuit, step 23. Public information includes e.g. the ID number of the circuit. The check sum computed by the circuit and the information required for its computation are transmitted back to the reader step 24. The reader transmits the information further to the verification system, step 25 over a network, most preferably the internet. If the random number was computed at step 21, then it is also transmitted to the verification system. The verification system retrieves from its database the secret key e.g. based on the ID number of the circuit. Thereafter, it computes the check sum using the secret key and the information received by it. In case the check sum corresponds to the check sum computed by the circuit, the circuit is authentic, step 26. Finally, the information about the authenticity is transmitted to the verification device and is displayed to the user, step 27. Examples of uses and applications:
A connection is established between an identification interrogator (e.g. a reader connected to a computer) and an RFID transponder (encrypted chip +RFID antenna) . The identification interrogator can communicate with a secret database. Example 1. The interrogator requests authentication information from the chip. The chip processes the information stored in the readable area with the algorithm stored in the secured area and delivers authentication information. The interrogator receives the authentication information, which can contain a calculated checksum, and the additional information available in the readable area, e.g. EPC number, serial chip number, possibly the number of requests and other stored information. The authentication information is submitted to the computer containing the secret database. The computer calculates a second checksum by use of the additional information and an identical secret key and compares the checksum from the chip with the second checksum. In case the checksums correspond to each other the product ID is considered to be authentic. In order to correspond to each other, the checksums can be identical, differ by a predetermined factor or in another way correspond to each other. The encryption algorithm may use a non-linear sequence of differential encoding schemes to encode the data stored in a synchronization counter and encryption key. After each data transmission the synchronization counter is incremented. Because of the complexity of the encryption algorithm a minor change in the synchronization counter (e.g. incrementing the counter by one bit after each transmission) will result in a large change in the actual transmitted encrypted data .
Example 2. A random number is provided by a user, the interrogator, the secure database system or another device. An RFID interrogator sends the random number to the chip and requests a checksum which is calculated by the encrypted chip by use of a secret key, information available in the readable area and the random number. The interrogator receives the checksum and the information from the readable area of the chip and submits this and the random number to a computer with access to the secret database information. The computer calculates a second checksum by use of the random number, the information from the readable area and an identical secret number. The computer compares the returned checksum with the second checksum. Using information of the ordinal number of such requests, unique chip serial ID, and the provided results, the secret key can be recalculated for each request by an algorithm which is also stored at the database so that the checksum can be calculated there in parallel for comparison.
Example 3. An item or product, e.g. a package, is equipped with a field of sensor fields that detect contact with a pointing device, for example a finger of a user. Each sensor field corresponds to a number. In case of binary information two sensor fields are needed
(corresponding 0 and 1) . In case of a decimal numbering, 10 fields are needed corresponding to the numbers 0-9.
A user uses an internet interface for authentication and receives a challenge request number. The user enters the challenge request number by pressing the buttons (i.e. the sensor fields), corresponding to the requested number. The entered information is received by the secure chip and a checksum is calculated. The result of the calculation and the information used for the calculation, like EPC number and chip ID is presented to the user by a display field, for example comprising a two-dimensional barcode field which can be updated. The calculated checksum is submitted to a computer, with access to a secret database, and compared to a checksum calculated by the computer as described above .
Example 4. In another implementation of the invention, the authentication system comprises a server in connection to the reader (in the following referred to as Server A) and a verification system (in the following referred to as Server B) In this example, the secure key is changed after each verification, a challenge request is initiated from Server B, a challenge calculation uses public information on the circuit. A method comprising the steps below may then be performed. a) Reader reads Product ID. b) Reader transmits Product ID to Server A. c) Server A stores reading event in database (optionally, for track & trace) . d) Server A connects to Server B of ID owner (Server B looks up database info about authentication procedure) . e) Server B provides a challenge request to Server A. f) Server A provides the challenge request to Reader. g) Reader requests challenge response from chip (challenge response = checksum and public information used in calculation) . h) chip calculates checksum according to secret key. i) chip recalculates the encryption according to pre-determined algorithm. j) Reader reads out challenge response from chip, k) Reader transmits challenge response to Server A.
1) Server A transmits challenge response to Server B. m) Server B calculates own checksum with secret key stored in Server B database. n) Server B compares checksums provided by chip and by Server B. o) Server B transmits authentication result to Server A.
The invention is not limited merely to the examples of its embodiments referred to above; instead many variations are possible within the scope of the inventive idea defined by the claims.

Claims

We claim :
1. An authentication system comprising: a product identification circuit comprising a public memory area for storing publicly readable information, a secure memory area for storing at least one encryption key, a processor for reading said secure memory area and said public memory area, wherein the processor is arranged to compute a check sum based on said encryption key and at least a portion of the publicly readable information, and a first telecommunication connection for providing a reader with said check sum and information comprised in the public memory area; a reader for receiving said information and providing an verification system with said check sum and at least a portion of said information; a verification system adapted to receive the check sum and information provided by the reader, wherein the verification system also comprises said encryption key and is arranged to compute a check sum based on said encryption key and received information and compare the computed check sum with the received check sum.
2. The system of claim 1, wherein the verification system is connected to the Internet and arranged to receive the check sum and information provided by the reader over the Internet.
3. The system of any of the claims 1-2, wherein the verification system comprises two or more independent information hosts.
4. The system of any of the claims 1-3, wherein the telecommunication connection of the product identification circuit is arranged to receive information to be processed using the processor.
5. The system of any of the claims 1-4, wherein a random number generator is arranged in the reader for providing a random number to the product identification circuit to be used in the computation of the check sum.
6. The system of any of the claims 1-5, wherein the public memory area of the product identification circuit comprises at least two fields for storing the identification number of the product identification circuit and the check sum.
7. The system of claim 6, wherein one or more fields of the public memory area of the product identification circuit can be determined to be static or dynamic.
8. The system of any of the claims 1-7, wherein the verification system also comprises information stored in the public memory area of the product identification circuit .
9. A method for checking the authenticity of a product identification circuit, the method comprising: reading a secret key stored in the product identification circuit by a processor in the product identification circuit; reading public information stored in the product identification circuit by the processor in the product identification circuit; computing, in the product identification circuit, a first check sum based on the secret key and said public information; transmitting the first check sum and said public information from the product identification circuit to a reader; transmitting the first check sum and said public information from the reader to a verification system; computing, in the authentication system, a second check sum based on said public information and an encryption key stored in the verification system; and comparing, in the authentication system, the first and the second check sums to verify the authenticity of the information contained in the product identification circuit.
10. The method of claim 9, wherein the first check sum and said public information system is transmitted over the Internet .
11. The method of any of the claims 9-10, wherein the verification system comprises two or more independent information hosts.
12. The method of any of the claims 9-11, comprising generating in the reader a random number that is transmitted to the product identification circuit to be used in the computation of the check sums .
13. The method of any of the claims 9-12, comprising storing the secret key in the product identification circuit prior to reading by means of the processor of the product identification circuit.
14. A method for checking the authenticity of a product identification circuit, the method comprising: reading a secret key stored in an verification system; reading public information stored in the verification system; computing, in the verification system, a first check sum based on the secret key and said public information; transmitting the first check sum and said public information from the verification system, to a reader; transmitting the first check sum and said public information from the reader to a product identification circuit; computing, in the product identification circuit, a second check sum based on said public information and an encryption key stored in the product identification circuit; and comparing, in the product identification circuit, the first and the second check sums to verify the authenticity of the information contained in the product identification circuit.
15. The method of claim 14, wherein the verification system comprises two or more independent information hosts.
16. The method of any of the claims 14-15, comprising generating in the reader a random number that is transmitted to the product identification circuit to be used in the computation of the check sums .
17. The method of any of the claims 14-16, comprising storing the secret key in the product identification circuit prior to reading by means of the processor of the product identification circuit.
PCT/SE2006/050308 2005-09-01 2006-09-01 Verification of a product identifier WO2007027151A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US71339505P 2005-09-01 2005-09-01
US60/713,395 2005-09-01

Publications (1)

Publication Number Publication Date
WO2007027151A1 true WO2007027151A1 (en) 2007-03-08

Family

ID=37809155

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2006/050308 WO2007027151A1 (en) 2005-09-01 2006-09-01 Verification of a product identifier

Country Status (1)

Country Link
WO (1) WO2007027151A1 (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009022850A1 (en) * 2009-05-27 2010-12-02 Siemens Aktiengesellschaft Authentication of an RFID tag with an asymmetric cryptography method
DE102009024922A1 (en) * 2009-06-15 2010-12-16 Siemens Aktiengesellschaft A method of providing a node ID in a peer-to-peer network
CN101556654B (en) * 2009-05-27 2013-03-27 杨志清 Anti-counterfeiting technology for multi-variable dynamic digital signature and interactive authentication electronic tag
CN103971250A (en) * 2014-04-09 2014-08-06 四川谦泰仁投资管理有限公司 One-time-one-certificate anti-fake traceability system based on mobile terminal and RFID (radio frequency identification)
WO2017000727A1 (en) * 2015-07-02 2017-01-05 北京西阁万投资咨询有限公司 Product verification method
CN112347801A (en) * 2020-10-27 2021-02-09 任玉海 Electronic chip information data analysis method
IT202100005492A1 (en) * 2021-03-09 2022-09-09 Krupteia S R L METHOD FOR IDENTIFICATION AND AUTHENTICATION OF OBJECTS, AND SYSTEM FOR IMPLEMENTING THE METHOD
US11475747B2 (en) * 2019-12-26 2022-10-18 Sensormatic Electronics, LLC Electronic product code (EPC) encoding for retailer-specific radio-frequency identification (RFID) tags

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030028787A1 (en) * 2001-08-06 2003-02-06 Microsoft Corporation Method and system for discouraging unauthorized copying of a computer program
US20040049451A1 (en) * 2001-07-10 2004-03-11 Berardi Michael J. System and method for payment using radio frequency identification in contact and contactless transactions
US20040066278A1 (en) * 2002-10-04 2004-04-08 Hughes Michael A. Challenged-based tag authentication medel
US20040222878A1 (en) * 2003-05-06 2004-11-11 Ari Juels Low-complexity cryptographic techniques for use with radio frequency identification devices
WO2006037220A1 (en) * 2004-10-01 2006-04-13 Ubitrak Inc. Security system for authenticating gaming chips
GB2423672A (en) * 2005-02-23 2006-08-30 Hewlett Packard Development Co Authenticating a memory tag

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040049451A1 (en) * 2001-07-10 2004-03-11 Berardi Michael J. System and method for payment using radio frequency identification in contact and contactless transactions
US20030028787A1 (en) * 2001-08-06 2003-02-06 Microsoft Corporation Method and system for discouraging unauthorized copying of a computer program
US20040066278A1 (en) * 2002-10-04 2004-04-08 Hughes Michael A. Challenged-based tag authentication medel
US20040222878A1 (en) * 2003-05-06 2004-11-11 Ari Juels Low-complexity cryptographic techniques for use with radio frequency identification devices
WO2006037220A1 (en) * 2004-10-01 2006-04-13 Ubitrak Inc. Security system for authenticating gaming chips
GB2423672A (en) * 2005-02-23 2006-08-30 Hewlett Packard Development Co Authenticating a memory tag

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009022850A1 (en) * 2009-05-27 2010-12-02 Siemens Aktiengesellschaft Authentication of an RFID tag with an asymmetric cryptography method
CN101556654B (en) * 2009-05-27 2013-03-27 杨志清 Anti-counterfeiting technology for multi-variable dynamic digital signature and interactive authentication electronic tag
US8842831B2 (en) 2009-05-27 2014-09-23 Siemens Aktiengesellschaft Authentication of an RFID tag using an asymmetric cryptography method
DE102009024922A1 (en) * 2009-06-15 2010-12-16 Siemens Aktiengesellschaft A method of providing a node ID in a peer-to-peer network
CN103971250A (en) * 2014-04-09 2014-08-06 四川谦泰仁投资管理有限公司 One-time-one-certificate anti-fake traceability system based on mobile terminal and RFID (radio frequency identification)
CN103971250B (en) * 2014-04-09 2017-04-05 四川谦泰仁投资管理有限公司 A kind of one time one card anti-fake traceability system based on mobile terminal and RFID
WO2017000727A1 (en) * 2015-07-02 2017-01-05 北京西阁万投资咨询有限公司 Product verification method
US11475747B2 (en) * 2019-12-26 2022-10-18 Sensormatic Electronics, LLC Electronic product code (EPC) encoding for retailer-specific radio-frequency identification (RFID) tags
CN112347801A (en) * 2020-10-27 2021-02-09 任玉海 Electronic chip information data analysis method
IT202100005492A1 (en) * 2021-03-09 2022-09-09 Krupteia S R L METHOD FOR IDENTIFICATION AND AUTHENTICATION OF OBJECTS, AND SYSTEM FOR IMPLEMENTING THE METHOD
EP4057591A1 (en) * 2021-03-09 2022-09-14 Krupteia Srl Method for identification and authentication of objects, and system for implementing the method
US11909883B2 (en) 2021-03-09 2024-02-20 Krupteia S.R.L. Method for identification and authentication of objects, and system for implementing the method

Similar Documents

Publication Publication Date Title
US12045812B2 (en) System and method for secured account numbers in wireless devices
US8368516B2 (en) Secure data exchange with a transponder
US8447991B2 (en) Card authentication system
KR100805273B1 (en) Method and system for identfying information of product in display or in buy with radio frequency identification system and recording medium thereof
US8751806B1 (en) Method and apparatus to provide public key authentication with low complexity devices
US20090129595A1 (en) Verification of a product identifier
WO2007027151A1 (en) Verification of a product identifier
US8296852B2 (en) Transponder, RFID system, and method for RFID system with key management
US20090240946A1 (en) Dynamic identifier for use in identification of a device
US20080094220A1 (en) Methods and Systems for Improving RFID Security
US20070194879A1 (en) Method and device for detecting an invalid RFID tag and method for manufacturing an RFID tag
CN101111853A (en) Control of data exchange
US20050134436A1 (en) Multiple RFID anti-collision interrogation method
CN107276976A (en) Verify the authentication method and system of the authenticity of product
EP2200218A1 (en) Dynamic identifier for use in identification of a device
Kumari Real time authentication system for RFID applications
EP2286373B1 (en) Reader and transponder for obscuring the applications supported by a reader and/or a transponder and method thereof
WO2012163920A2 (en) A system and a method for verifying a communication device
JP2008293415A (en) Authenticity determination method, relay device for authenticity determination, and server for authenticity determination
KR20200098355A (en) System for preventing forgery of Near Field Communication and method therefor
GB2503227A (en) Method and system for authenticating messages

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06784222

Country of ref document: EP

Kind code of ref document: A1