WO2015154595A1 - One-time pad authentication system based on closed-loop authentication theory and internet - Google Patents

One-time pad authentication system based on closed-loop authentication theory and internet Download PDF

Info

Publication number
WO2015154595A1
WO2015154595A1 PCT/CN2015/073591 CN2015073591W WO2015154595A1 WO 2015154595 A1 WO2015154595 A1 WO 2015154595A1 CN 2015073591 W CN2015073591 W CN 2015073591W WO 2015154595 A1 WO2015154595 A1 WO 2015154595A1
Authority
WO
WIPO (PCT)
Prior art keywords
item
csn
server
key
card
Prior art date
Application number
PCT/CN2015/073591
Other languages
French (fr)
Chinese (zh)
Inventor
江峰
Original Assignee
江峰
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 江峰 filed Critical 江峰
Priority to PCT/CN2015/075952 priority Critical patent/WO2015154647A1/en
Publication of WO2015154595A1 publication Critical patent/WO2015154595A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce

Definitions

  • the invention relates to the field of commodity anti-counterfeiting technology.
  • the technical level of counterfeiting is correspondingly improved.
  • the counterfeiters illegally obtain the encrypted authentication data in the electronic tag and illegally copy it through various means such as decryption of the electronic tag, thereby counterfeiting the electronic tag to achieve the purpose of fraud. Therefore, the existing Internet anti-counterfeiting authentication system needs to be improved and improved from the system security.
  • the traditional authentication system is mostly based on the open-loop chain or tree-shaped encryption authentication theory system of A ⁇ B ( ⁇ C%) (read-write memory A ⁇ authentication server B), and its security is often cracked by the authenticated label. Being counterfeited, in the highly developed Internet and mobile Internet today, our newly created A ⁇ (B ⁇ )A closed-loop authentication encryption theory system (authentication server A ⁇ read/write memory B ⁇ authentication server A) will become the authentication system.
  • the mainstream this is a good solution to the security problems caused by the cracking of all aspects of the authentication system including the authenticated label in the authentication system.
  • One time and one secret is the highest security scheme of encryption theory. It can not be cracked due to the one-time use of password.
  • the invention combines closed-loop authentication and one-time secret to build a new authentication security architecture, so that the system authentication scheme reaches a new security height. , Its advancement and security are obvious.
  • the entire system security architecture is built, and the security of the anti-counterfeiting system is ensured from the overall security architecture of the system.
  • the technical solution adopted for achieving the object of the present invention is such a one-time secret authentication system based on closed-loop authentication theory and the Internet, which is characterized in that it comprises a system server and a readable and writable storage device disposed on each item. And a terminal device capable of reading and writing the readable and writable storage device and establishing communication with the server.
  • Each item is generated with a key K i,j and the item uniquely identifying SN i before being placed in the public environment space.
  • K i,j is used as the key of one-time encryption operation, and the ciphertext CSN i,j corresponding to SN i is obtained , and SN i and CSN i,j are stored in the object security server.
  • i is a pointer connecting SN i
  • j is the number of times a secret key is generated.
  • i ⁇ ⁇ E ⁇ , SN i ⁇ ⁇ R ⁇ , j is a natural number
  • the set ⁇ E ⁇ , and ⁇ R ⁇ are a collection of sequences consisting of numbers and/or letters.
  • the terminal device When the item holder performs anti-counterfeiting verification on the item, the terminal device is used to read the key K x,j on the item and send it to the server.
  • K x, j is used as a key to perform cryptographic operations on SN x to obtain ciphertext P.
  • the system server sends the information that the item is false to the terminal, and ends the authenticity check operation.
  • the system server sends information to the terminal that the item is true.
  • j is updated with the value of j+1, and the system server generates a new key K x,j .
  • the system server uses the new K x,j as the key, encrypting the SN x to obtain a new ciphertext CSN x,j and storing it in the server to update the original CSN x,j and send a new key K x,j to the terminal device to update the original K x,j in the readable and writable storage device.
  • the article is an IC card with a contact, an RFID electronic tag or a magnetic stripe card.
  • the item is a commodity, a bank card or a resident identity card.
  • the readable and writable storage device is a magnetic stripe card, an IC card with contacts, or an RFID electronic tag that is independently present or attached to any item.
  • CSN x,j+1 is used as the basis for verifying the verification key on the item read by the terminal device next time.
  • CSN x, j is still stored in the historical data area of the server and is not used as a verification basis.
  • the server receives the verification key on the item read by the terminal device, and the verification result of the key is the data in the historical data area, it is determined that the key has been stolen and is written into the counterfeit In the RFID tag on the item.
  • the terminal device sends the time and geographical location of the scanned product RFID to the server, and if there is a counterfeit item, the counterfeiting time and the geographical location of the counterfeiter can be provided for the anti-counterfeiting and anti-counterfeiting.
  • the article is an IC card with contacts, an RFID electronic tag or a magnetic stripe card.
  • the item is a commodity, a bank card or a resident identity card.
  • the readable and writable storage device is a magnetic stripe card, an IC card with contacts, or an RFID electronic tag that is independently present or attached to any item.
  • CSN x,j+1 is used as the basis for verifying the verification key on the item read by the terminal device next time.
  • CSN x, j is still stored in the historical data area of the server and is not used as a verification basis.
  • the server receives the verification key on the item read by the terminal device, and the verification result of the key P ⁇ CSN x,j , but P is the data in the historical data area, it is determined that the key has been It was stolen and written into a readable and writable storage device on a counterfeit item.
  • the terminal device sends to the server the time and geographical location of scanning the readable and writable storage device of the verified item, and if there is a counterfeit item, it can provide the counterfeiting time and geographical location of the counterfeit, and the use of the fake certificate or the item for the anti-counterfeiting and anti-counterfeiting.
  • SN i includes the product production time and the product serial number.
  • the RFID electronic tag is destroyed when it is activated.
  • K i,j is not stored on the server.
  • the readable and writable storage device is an RFID, an ID card, a bank card or various IC card applications.
  • the terminal device is a terminal such as a mobile phone or a tablet computer or a POS machine, a cash register or an ID card reader, and various IC card reading devices.
  • the technical effect of the present invention is undoubted, and the solution can effectively prevent the electronic tag on the item from being decrypted or being copied and copied by the illegal counterfeiter of the tag itself.
  • the present invention adopts a one-card dynamic signature authentication system, and only a relatively irregular key is written into the label on the item, and the isolation prevention is successfully realized. Whether the counterfeiter decrypts the tag or breaks the server, it is impossible to achieve large-scale fraud.
  • a first-time secret authentication system based on closed-loop authentication theory and the Internet, comprising: a system server and a readable and writable storage device disposed on each item, and A terminal device capable of reading and writing the readable and writable storage device and establishing communication with the server.
  • Each item (commodity, bank card, ID card, etc.) generates a key K i,j and the item unique identifier SN i before being placed in the public environment space.
  • K i,j is used as the key of one-time encryption operation, and the ciphertext CSN i,j corresponding to SN i is obtained , and SN i and CSN i,j are stored in the object security server.
  • i is a pointer connecting SN i
  • j is the number of times a secret key is generated.
  • I ⁇ E ⁇ , SN i ⁇ R ⁇ . j is a natural number and is the number of times the key is generated.
  • the set ⁇ E ⁇ , and ⁇ R ⁇ are a collection of sequences of numbers and/or letters.
  • the server has a set ⁇ SN 1 , SN 2 ... SN i ... ⁇ corresponding to each item, and the data in this set is fixed.
  • the terminal device (mobile phone, etc.) is used to read the key K x,j on the item and send it to the server.
  • K x, j is used as a key to perform cryptographic operations on SN x to obtain ciphertext P.
  • x ⁇ ⁇ 1, 2, ..., n ⁇ , y ⁇ ⁇ 1, 2, ..., m ⁇ of course, if the extracted K x, j digital form is inconsistent with K i, j , then directly Determine that the item is counterfeit.
  • the system server sends the information that the item is false to the terminal, and ends the authenticity check operation.
  • the system server sends information to the terminal that the item is true.
  • j is updated with the value of j+1, and the system server generates a new key K x,j .
  • the system server uses the new K x,j as the key, encrypting the SN x to obtain a new ciphertext CSN x,j and storing it in the server to update the original CSN x,j , and sends a new key K x,j to the terminal device to update the original K x,j in the readable and writable storage device.
  • the item is a consumable item - white wine.
  • SN 1 1234567891
  • SN 2 1234567892
  • SN 3 1234567893
  • SN 4 1234567894
  • SN 5 1234567895.
  • the SN i value is encrypted.
  • CSN i,j is stored in the server's certificate storage data storage area.
  • the mobile phone When a consumer buys a bottle of white wine and performs anti-counterfeiting verification, the mobile phone with the function of reading and writing the RFID tag reads the data X on the bottle of white wine and sends it to the server.
  • the item is a bank card.
  • SN 1 1234567891
  • SN 2 1234567892
  • SN 3 1234567893
  • SN 4 1234567894
  • SN 5 1234567895.
  • the SN i value is encrypted.
  • CSN i,j is stored in the server's certificate storage data storage area.
  • the verification key X on the bank card is read and sent to the server.
  • the item is an identity card.
  • SN 1 1234567891
  • SN 2 1234567892
  • SN 3 1234567893
  • SN 4 1234567894
  • SN 5 1234567895.
  • CSN i,j is stored in the server's certificate storage data storage area.
  • an institution verifies an identity card, it reads the verification key X on the identity card and sends it to the server.
  • the server finds SN 2 and CSN 2,1 that exist in the server authentication data store.
  • the server finds SN 2 and CSN 2,2 that exist in the server authentication data storage area and correspond to K 2,1 .
  • CSN 2,2 serves as the basis for verifying the verification key on the item read by the terminal device next time.
  • CSN 2,1 is still stored in the historical data area of the server and is not used as a verification basis.
  • the time and geographic location of the terminal sending the ID card to the server, for the anti-counterfeiting and anti-counterfeiting The time and location of the holiday.

Abstract

Provided is a one-time pad authentication system based on a closed-loop authentication theory and the Internet. The system comprises a system server, readable and writable memories arranged on each item, and a terminal device capable of performing reading and writing operations on the readable and writable memories, and of establishing communication with the server. On the principle that any participant of the system and any device provider used by the system are unreliable, an entire block box system security architecture is built, and the security of an anti-counterfeiting system is ensured by the entire security architecture of the system.

Description

基于闭环认证理论和互联网的一次一密认证系统One-time authentication system based on closed-loop authentication theory and Internet 技术领域Technical field
本发明涉及商品防伪技术领域。The invention relates to the field of commodity anti-counterfeiting technology.
背景技术Background technique
随着通信技术的发展,特别是2.45GHz射频识别技术及手机近距离无线通讯技术(NFC 13.56MHz)的发展,手机及终端的近距离识别功能日益强大。互联网和物联网正向人们的生活领域渗透。基于该技术的防伪识别技术层出不穷。例如,中国专利“一种基于终端和RFID电子标签的商品防伪系统”就是物联网通过互联方式在产品信息追溯和验证上的成功拓展应用。该技术在很大程度上防止了制假,实践中也得到了成功的应用。基于RFID电子标签和互联网的商品信息查询及防伪应用日益广泛,商品电子防伪系统的信息安全和加密系统的进一步完善越来越重要。With the development of communication technologies, especially the development of 2.45 GHz radio frequency identification technology and mobile phone short-range wireless communication technology (NFC 13.56 MHz), the proximity recognition function of mobile phones and terminals is increasingly powerful. The Internet and the Internet of Things are infiltrating into the realm of people's lives. Anti-counterfeiting recognition technology based on this technology emerges in an endless stream. For example, the Chinese patent "a product anti-counterfeiting system based on terminals and RFID electronic tags" is a successful application of the Internet of Things to trace and verify product information through interconnection. This technology has largely prevented counterfeiting and has been successfully applied in practice. Based on RFID electronic tags and the Internet, commodity information inquiry and anti-counterfeiting applications are becoming more and more widespread, and the information security and encryption system of commodity electronic anti-counterfeiting systems are becoming more and more important.
目前制假的技术水平也在相应的提高,制假者通过对电子标签的解密等各种手段,非法获取电子标签中的加密认证数据并进行非法复制,从而假冒电子标签达到造假的目的。因此,现有的互联网防伪认证系统从系统安全上需要得到改进和提高。At present, the technical level of counterfeiting is correspondingly improved. The counterfeiters illegally obtain the encrypted authentication data in the electronic tag and illegally copy it through various means such as decryption of the electronic tag, thereby counterfeiting the electronic tag to achieve the purpose of fraud. Therefore, the existing Internet anti-counterfeiting authentication system needs to be improved and improved from the system security.
传统认证系统多是基于A→B(→C…)的开环链形或树形加密认证理论体系建立的(可读写存储器A→认证服务器B),其安全性常常因为被认证标签的破解而被假冒,在互联网和移动互联网高度发达的今天,我们全新创立的A→(B→)A的闭环认证加密理论体系(认证服务器A→可读写存储器B→认证服务器A)将成为认证系统的主流,这很好的解决了认证系统中包括被认证标签在内的认证系统各环节被破解所带来的安全问题。而一次一密则是加密理论的最高安全方案,因密码的一次性使用而无法被破解,本发明结合闭环认证和一次一密构建全新认证安全架构,使系统认证方案到达了一个新的安全高度, 其先进性和安全性显而易见。The traditional authentication system is mostly based on the open-loop chain or tree-shaped encryption authentication theory system of A→B (→C...) (read-write memory A→authentication server B), and its security is often cracked by the authenticated label. Being counterfeited, in the highly developed Internet and mobile Internet today, our newly created A→(B→)A closed-loop authentication encryption theory system (authentication server A→read/write memory B→authentication server A) will become the authentication system. The mainstream, this is a good solution to the security problems caused by the cracking of all aspects of the authentication system including the authenticated label in the authentication system. One time and one secret is the highest security scheme of encryption theory. It can not be cracked due to the one-time use of password. The invention combines closed-loop authentication and one-time secret to build a new authentication security architecture, so that the system authentication scheme reaches a new security height. , Its advancement and security are obvious.
发明内容Summary of the invention
本发明的目的是提供一种有效防止制假者通过IC卡或电子标签的安全漏洞或其他防伪系统组件的安全漏洞,规模复制IC卡或RFID电子标签的系统方案。从而达到以系统的任何参与人员和系统使用的任何器件提供商均为不可靠的原则,搭建整个系统安全架构,从系统的整体安全架构方面,确保防伪系统的安全。It is an object of the present invention to provide a system solution for effectively preventing a counterfeiter from copying an IC card or an RFID electronic tag by a security hole of an IC card or an electronic tag or a security hole of other anti-counterfeiting system components. In order to achieve the unreliable principle of any participant and any device provider used by the system, the entire system security architecture is built, and the security of the anti-counterfeiting system is ensured from the overall security architecture of the system.
为实现本发明目的而采用的技术方案是这样的,一种基于闭环认证理论和互联网的一次一密认证系统,其特征在于:包括系统服务器和设置在每一件物品上的可读写存储器件,以及能够对该可读写存储器件进行读写操作、并与服务器建立通讯的终端设备。The technical solution adopted for achieving the object of the present invention is such a one-time secret authentication system based on closed-loop authentication theory and the Internet, which is characterized in that it comprises a system server and a readable and writable storage device disposed on each item. And a terminal device capable of reading and writing the readable and writable storage device and establishing communication with the server.
通过以下过程实现物品防伪:Anti-counterfeiting of items through the following process:
1)每一件物品在投放到公开环境空间前,产生密钥Ki,j和该物品唯一标识SNi1) Each item is generated with a key K i,j and the item uniquely identifying SN i before being placed in the public environment space.
2)使用特定加密算法对SNi进行加密运算。此过程中,Ki,j作为一次一密加密运算的密钥,得到SNi对应的密文CSNi,j,将SNi和CSNi,j存入物品防伪服务器。其中,i是连接SNi、Ki,j和CSNi,j的指针。j为产生一次一密密钥的次数。i∈{E},SNi∈{R},j为自然数,集合{E}、和{R}是由数字和/或字母组成的序列的集合。2) Encryption operation of SN i using a specific encryption algorithm. In this process, K i,j is used as the key of one-time encryption operation, and the ciphertext CSN i,j corresponding to SN i is obtained , and SN i and CSN i,j are stored in the object security server. Where i is a pointer connecting SN i , K i,j and CSN i,j . j is the number of times a secret key is generated. i ∈ {E}, SN i ∈ {R}, j is a natural number, and the set {E}, and {R} are a collection of sequences consisting of numbers and/or letters.
3)将密钥Ki.j写入固定在对应物品上的可读写存储器件后,物品投放到公开环境空间。3) After the key K ij is written into the readable and writable storage device fixed on the corresponding item, the item is placed in the public environment space.
4)当物品持有者对物品进行防伪验证时,采用所述终端设备读取所述物品上的密钥Kx,j,并发送至所述服务器。4) When the item holder performs anti-counterfeiting verification on the item, the terminal device is used to read the key K x,j on the item and send it to the server.
提取物品上的密钥Kx,j含有的指针x,其中:x∈{E},找到服务器中对应的SNx和CSNx,j。其中,使用与步骤2)相同的算法,以Kx,j作为密钥,对SNx进行加密运算,得到密文P。Extract the key K x,j on the item containing the pointer x, where: x ∈ {E}, find the corresponding SN x and CSN x, j in the server. Here, the same algorithm as in step 2) is used, and K x, j is used as a key to perform cryptographic operations on SN x to obtain ciphertext P.
若密文P=CSNx,j,则物品为真,跳转至下一步。If the ciphertext P=CSN x,j , then the item is true and jump to the next step.
若密文P≠CSNx,j,所述系统服务器向终端发送物品为假的信息,并结束真伪校验操作。 If the ciphertext P ≠ CSN x, j , the system server sends the information that the item is false to the terminal, and ends the authenticity check operation.
5)所述系统服务器向终端发送物品为真的信息。5) The system server sends information to the terminal that the item is true.
同时,以j+1的数值来更新j,系统服务器生成新的密钥Kx,j。使用与步骤2)相同的算法,以新的Kx,j作为密钥,对SNx进行加密运算,得到新的密文CSNx,j,并将其存储于服务器中,以更新原有的CSNx,j,并将新的密钥Kx,j发送至所述终端设备,更新所述可读写存储器件中原有的Kx,jAt the same time, j is updated with the value of j+1, and the system server generates a new key K x,j . Using the same algorithm as in step 2), using the new K x,j as the key, encrypting the SN x to obtain a new ciphertext CSN x,j and storing it in the server to update the original CSN x,j and send a new key K x,j to the terminal device to update the original K x,j in the readable and writable storage device.
进一步,所述物品为带触点的IC卡、RFID电子标签或磁条卡。Further, the article is an IC card with a contact, an RFID electronic tag or a magnetic stripe card.
进一步,所述物品为商品、银行卡或居民身份证。所述可读写存储器件为独立存在或附着于任意物品的磁条卡、带触点的IC卡或RFID电子标签。Further, the item is a commodity, a bank card or a resident identity card. The readable and writable storage device is a magnetic stripe card, an IC card with contacts, or an RFID electronic tag that is independently present or attached to any item.
进一步,所述步骤5)中,将CSNx,j更新为CSNx,j+1后,CSNx,j+1作为下一次验证终端设备读取到的物品上的验证密钥的依据。但CSNx,j仍然存储于服务器的历史数据区域中,不作为验证依据。Further, in the step 5), after updating CSN x,j to CSN x,j+1 , CSN x,j+1 is used as the basis for verifying the verification key on the item read by the terminal device next time. However, CSN x, j is still stored in the historical data area of the server and is not used as a verification basis.
如果服务器收到终端设备读取到的物品上的验证密钥,且该密钥的验证结果是所述历史数据区域中的数据时,则判定该密钥已被窃取,并被写入了假冒物品上的RFID电子标签中。If the server receives the verification key on the item read by the terminal device, and the verification result of the key is the data in the historical data area, it is determined that the key has been stolen and is written into the counterfeit In the RFID tag on the item.
终端设备向服务器发送扫描商品RFID的时间和地理位置,若存在假冒物品,即可为防伪打假提供制假者可能的制假时间和地理位置。The terminal device sends the time and geographical location of the scanned product RFID to the server, and if there is a counterfeit item, the counterfeiting time and the geographical location of the counterfeiter can be provided for the anti-counterfeiting and anti-counterfeiting.
所述物品为带触点的IC卡、RFID电子标签或磁条卡。The article is an IC card with contacts, an RFID electronic tag or a magnetic stripe card.
进一步,所述物品为商品、银行卡或居民身份证。Further, the item is a commodity, a bank card or a resident identity card.
所述可读写存储器件为独立存在或附着于任意物品的磁条卡、带触点的IC卡或RFID电子标签。The readable and writable storage device is a magnetic stripe card, an IC card with contacts, or an RFID electronic tag that is independently present or attached to any item.
进一步,所述步骤5)中,将CSNx,j更新为CSNx,j+1后,CSNx,j+1作为下一次验证终端设备读取到的物品上的验证密钥的依据。但CSNx,j仍然存储于服务器的历史数据区域中,不作为验证依据。Further, in the step 5), after updating CSN x,j to CSN x,j+1 , CSN x,j+1 is used as the basis for verifying the verification key on the item read by the terminal device next time. However, CSN x, j is still stored in the historical data area of the server and is not used as a verification basis.
如果服务器收到终端设备读取到的物品上的验证密钥,且该密钥的验证结果P≠CSNx,j,但P是所述历史数据区域中的数据时,则判定该密钥已被窃取,并被写入了假冒物品上的可读写存储器件中。If the server receives the verification key on the item read by the terminal device, and the verification result of the key P≠CSN x,j , but P is the data in the historical data area, it is determined that the key has been It was stolen and written into a readable and writable storage device on a counterfeit item.
终端设备向服务器发送扫描被验证物品可读写存储器件的时间和地理位置,若存在假冒物品,即可为防伪打假提供制假者可能的制假时间和地理位置,以及使用假冒证件或物品的使用者的历史使用时 间和地点。The terminal device sends to the server the time and geographical location of scanning the readable and writable storage device of the verified item, and if there is a counterfeit item, it can provide the counterfeiting time and geographical location of the counterfeit, and the use of the fake certificate or the item for the anti-counterfeiting and anti-counterfeiting. User's history Between and where.
进一步,SNi包含商品生产时间和商品序号。Further, SN i includes the product production time and the product serial number.
进一步,若所述物品是消耗型商品,被启用时,所述RFID电子标签被损毁。Further, if the item is a consumable item, the RFID electronic tag is destroyed when it is activated.
进一步,服务器上不存储Ki,jFurther, K i,j is not stored on the server.
进一步,所述可读写存储器件为RFID、身份证芯片、银行卡或各种IC卡应用。Further, the readable and writable storage device is an RFID, an ID card, a bank card or various IC card applications.
进一步,所述终端设备为手机、平板电脑等终端或POS机、收银机或身份证阅读器,以及各种IC卡阅读设备。Further, the terminal device is a terminal such as a mobile phone or a tablet computer or a POS machine, a cash register or an ID card reader, and various IC card reading devices.
进一步,所述SNi=i。Further, the SN i =i.
进一步,所述Ki,j是随机生成的。Further, the K i,j are randomly generated.
本发明的技术效果是毋庸置疑的,该方案可以有效地防止物品上的电子标签被解密或被标签本身漏洞被非法造假者读取复制。从系统架构上,本发明地采用了一次一证的动态签名认证体系,而且仅仅是相对来说无规律的密钥被写入了物品上的标签之中,成功实现了隔离防范。不管是制假者解密标签,还是攻破服务器,均不能实现规模化的制假。The technical effect of the present invention is undoubted, and the solution can effectively prevent the electronic tag on the item from being decrypted or being copied and copied by the illegal counterfeiter of the tag itself. From the system architecture, the present invention adopts a one-card dynamic signature authentication system, and only a relatively irregular key is written into the label on the item, and the isolation prevention is successfully realized. Whether the counterfeiter decrypts the tag or breaks the server, it is impossible to achieve large-scale fraud.
具体实施方式detailed description
下面结合实施例对本发明作进一步说明,但不应该理解为本发明上述主题范围仅限于下述实施例。在不脱离本发明上述技术思想的情况下,根据本领域普通技术知识和惯用手段,做出各种替换和变更,均应包括在本发明的保护范围内。The invention is further illustrated by the following examples, but it should not be understood that the scope of the invention described above is limited to the following examples. Various changes and modifications may be made without departing from the spirit and scope of the invention.
实施例1:Example 1:
一种基于闭环认证理论和互联网的一次一密认证系统,其特征在于:包括系统服务器和设置在每一件物品上的可读写存储器件,以及 能够对该可读写存储器件进行读写操作、并与服务器建立通讯的终端设备。A first-time secret authentication system based on closed-loop authentication theory and the Internet, comprising: a system server and a readable and writable storage device disposed on each item, and A terminal device capable of reading and writing the readable and writable storage device and establishing communication with the server.
通过以下过程实现物品防伪:Anti-counterfeiting of items through the following process:
1)每一件物品(商品、银行卡、身份证等)在投放到公开环境空间前,产生密钥Ki,j和该物品唯一标识SNi1) Each item (commodity, bank card, ID card, etc.) generates a key K i,j and the item unique identifier SN i before being placed in the public environment space.
2)使用特定加密算法对SNi进行加密运算。此过程中,Ki,j作为一次一密加密运算的密钥,得到SNi对应的密文CSNi,j,将SNi和CSNi,j存入物品防伪服务器。其中,i是连接SNi、Ki,j和CSNi,j的指针。j为产生一次一密密钥的次数。i∈{E},SNi∈{R}。j为自然数,是产生密钥的次数。集合{E}、和{R}是由数字和/或字母组成的序列的集合。即服务器内存在对应于每一件物品的集合{SN1、SN2……SNi……},这个集合中的数据是固定不变的。另外,服务器内存在对应于每一件物品的集合{CSN1,j、CSN2,j……CSNi,j……},这个集合中的数据在每一个物品被验证时,发生改变,j的数值也会变。2) Encryption operation of SN i using a specific encryption algorithm. In this process, K i,j is used as the key of one-time encryption operation, and the ciphertext CSN i,j corresponding to SN i is obtained , and SN i and CSN i,j are stored in the object security server. Where i is a pointer connecting SN i , K i,j and CSN i,j . j is the number of times a secret key is generated. I∈{E}, SN i ∈{R}. j is a natural number and is the number of times the key is generated. The set {E}, and {R} are a collection of sequences of numbers and/or letters. That is, the server has a set {SN 1 , SN 2 ... SN i ...} corresponding to each item, and the data in this set is fixed. In addition, there is a set of {CSN 1,j , CSN 2,j ... CSN i,j ...} corresponding to each item in the server, and the data in this set changes when each item is verified, j The value will also change.
3)将密钥Ki.j及对应物品序号SNi写入固定在对应物品上的可读写存储器件后,物品投放到公开环境空间。3) After the key K ij and the corresponding item serial number SN i are written into the readable and writable storage device fixed on the corresponding item, the item is placed in the public environment space.
4)当物品持有者对物品进行防伪验证时,采用所述终端设备(手机等)读取所述物品上的密钥Kx,j,并发送至所述服务器。4) When the item holder performs anti-counterfeiting verification on the item, the terminal device (mobile phone, etc.) is used to read the key K x,j on the item and send it to the server.
提取物品上的密钥Kx,j含有的指针x,找到服务器中对应的SNx,CSNx,j。其中,j为产生密钥的次数。使用与步骤2)相同的算法,以Kx,j作为密钥,对SNx进行加密运算,得到密文P。其中:x∈{1、2、……、n},y∈{1、2、……、m},当然,若提取到的Kx,j的数字形式与Ki,j不一致,则直接判定该物品是假冒的。Extract the key x contained in the key K x,j on the item and find the corresponding SN x , CSN x,j in the server. Where j is the number of times the key is generated. Using the same algorithm as in step 2), K x, j is used as a key to perform cryptographic operations on SN x to obtain ciphertext P. Where: x ∈ {1, 2, ..., n}, y ∈ {1, 2, ..., m}, of course, if the extracted K x, j digital form is inconsistent with K i, j , then directly Determine that the item is counterfeit.
若密文P=CSNx,j,则物品为真,跳转至下一步。If the ciphertext P=CSN x,j , then the item is true and jump to the next step.
若密文P≠CSNx,j,所述系统服务器向终端发送物品为假的信息,并结束真伪校验操作。If the ciphertext P ≠ CSN x, j , the system server sends the information that the item is false to the terminal, and ends the authenticity check operation.
5)所述系统服务器向终端发送物品为真的信息。5) The system server sends information to the terminal that the item is true.
同时,以j+1的数值来更新j,系统服务器生成新的密钥Kx,j。使用与步骤2)相同的算法,以新的Kx,j作为密钥,对SNx进行加密运算,得到新的密文CSNx,j,并将其存储于服务器中,以更新原有的CSNx,j, 并将新的密钥Kx,j发送至所述终端设备,更新所述可读写存储器件中原有的Kx,jAt the same time, j is updated with the value of j+1, and the system server generates a new key K x,j . Using the same algorithm as in step 2), using the new K x,j as the key, encrypting the SN x to obtain a new ciphertext CSN x,j and storing it in the server to update the original CSN x,j , and sends a new key K x,j to the terminal device to update the original K x,j in the readable and writable storage device.
实施例2Example 2
本实施例的主要步骤同实施例1:The main steps of this embodiment are the same as those of Embodiment 1:
所述物品是消耗型商品――白酒。The item is a consumable item - white wine.
某厂商共有5件白酒商品出厂。5件商品出厂前均贴上分别写入了随机生成的消息Ki,j的RFID标签。即K1,1、K2,1、K3,1、K4,1、K5,1的RFID电子标签。具体地,K1,1=1、K2,1=2、K3,1=3、K4,1=4、K5,1=5。A manufacturer has a total of 5 liquor products shipped from the factory. Five items were shipped with RFID tags respectively written with randomly generated messages K i,j . That is, RFID tags of K 1,1 , K 2,1 , K 3,1 , K 4,1 , K 5,1 . Specifically, K 1,1 =1, K 2,1 = 2, K 3,1 =3, K 4,1 =4, K 5,1 =5.
与这5件白酒商品相对应,服务器内存储有5个SNi值。即SN1=1234567891、SN2=1234567892、SN3=1234567893、SN4=1234567894、SN5=1234567895。Corresponding to these five liquor products, there are five SN i values stored in the server. That is, SN 1 =1234567891, SN 2 =1234567892, SN 3 =1234567893, SN 4 =1234567894, SN 5 =1234567895.
对5个SNi值进行加密运算,加密规则为:将第1位数字与第F位数字互换,F=Ki,j,即Ki,j作为加密SNi的密钥,得到CSNi,j:CSN1, 1=1234567891、CSN2,1=2134567892、CSN3,1=3214567893、CSN4,1=4231567894、CSN5,1=5234167895。CSNi,j储于服务器的验存证数据存储区。The SN i value is encrypted. The encryption rule is: the first digit and the F digit are interchanged, and F=K i,j , that is, K i,j is used as the key of the encrypted SN i to obtain the CSN i. , j : CSN 1, 1 =1234567891, CSN 2,1 =2134567892, CSN 3,1 =3214567893, CSN 4,1 =4231567894, CSN 5,1 =5234167895. CSN i,j is stored in the server's certificate storage data storage area.
当一位消费者买到一瓶白酒,并进行防伪验证时,采用具有读写RFID标签功能的手机读取这瓶白酒上的数据X并发送至所述服务器。When a consumer buys a bottle of white wine and performs anti-counterfeiting verification, the mobile phone with the function of reading and writing the RFID tag reads the data X on the bottle of white wine and sends it to the server.
服务器判断出,X=K2,1=2,含有指针i=2。The server determines that X = K 2, 1 = 2, and contains the pointer i = 2.
服务器找到存在于服务器中,与K2,1对应的SN2和CSN2,1Found server exist in the server, corresponding to the SN 2 K 2,1 and CSN 2,1.
服务器以K2,1=2为密钥,对SN2=1234567892进行加密运算,得到P=2134567892。由于P=CSN2,1,则判断出该商品为真。同时,服务器生成新的密钥K2,2=3,即j=j+1,对SN2=1234567892进行加密运算,得到SN2,2=3214567892。将SN2,2存储于服务器,并替换SN2,1。将新的密钥K2,2=3发送给终端,写入RFID标签,替换K2,1The server encrypts SN 2 =1234567892 with K 2,1 =2 as the key, and obtains P=2134567892. Since P=CSN 2,1 , it is judged that the commodity is true. At the same time, the server generates a new key K 2,2 =3, ie j=j+1, and performs an encryption operation on SN 2 =1234567892 to obtain SN 2,2 =3214567892. Store SN 2, 2 on the server and replace SN 2,1 . Send the new key K 2,2 =3 to the terminal, write the RFID tag, and replace K 2,1 .
实施例3Example 3
本实施例的主要步骤同实施例1: The main steps of this embodiment are the same as those of Embodiment 1:
所述物品是银行卡。The item is a bank card.
某共有5张银行卡发放,分别写入了随机生成的消息Ki,j。即K1,1、K2,1、K3,1、K4,1、K5,1的RFID电子标签。具体地,K1,1=1、K2,1=2、K3,1=3、K4,1=4、K5,1=5。A total of 5 bank cards were issued, and the randomly generated message K i,j was written separately. That is, RFID tags of K 1,1 , K 2,1 , K 3,1 , K 4,1 , K 5,1 . Specifically, K 1,1 =1, K 2,1 = 2, K 3,1 =3, K 4,1 =4, K 5,1 =5.
与这5张银行卡相对应,服务器内存储有5个SNi值。即SN1=1234567891、SN2=1234567892、SN3=1234567893、SN4=1234567894、SN5=1234567895。Corresponding to these five bank cards, there are five SN i values stored in the server. That is, SN 1 =1234567891, SN 2 =1234567892, SN 3 =1234567893, SN 4 =1234567894, SN 5 =1234567895.
对5个SNi值进行加密运算,加密规则为:将第1位数字与第F位数字互换,F=Ki,j,即Ki,j作为加密SNi的密钥,得到CSNi,j:CSN1, 1=1234567891、CSN2,1=2134567892、CSN3,1=3214567893、CSN4,1=4231567894、CSN5,1=5234167895。CSNi,j储于服务器的验存证数据存储区。The SN i value is encrypted. The encryption rule is: the first digit and the F digit are interchanged, and F=K i,j , that is, K i,j is used as the key of the encrypted SN i to obtain the CSN i. , j : CSN 1, 1 =1234567891, CSN 2,1 =2134567892, CSN 3,1 =3214567893, CSN 4,1 =4231567894, CSN 5,1 =5234167895. CSN i,j is stored in the server's certificate storage data storage area.
某个pos机刷卡时,读取所述银行卡上的验证密钥X并发送至所述服务器。When a pos machine swipes the card, the verification key X on the bank card is read and sent to the server.
服务器判断出,X=K2,1=2,含有指针i=2。The server determines that X = K 2, 1 = 2, and contains the pointer i = 2.
服务器找到存在于服务器中,与K2,1对应的SN2和CSN2,1Found server exist in the server, corresponding to the SN 2 K 2,1 and CSN 2,1.
服务器以X=2为密钥,对SN2=1234567892进行加密运算,得到P=2134567892。由于P=CSN2,1,则判断出该卡为真。同时,服务器生成新的密钥K2,2=3,对SN2=1234567892进行加密运算,得到SN2, 2=3214567892。将SN2,2存储于服务器,并替换SN2,1。将新的密钥K2,2=3发送给pos机,写入银行卡,替换卡中的K2,1The server encrypts SN 2 =1234567892 with X=2 as the key, and obtains P=2134567892. Since P=CSN 2,1 , it is judged that the card is true. At the same time, the server generates a new key K 2,2 =3, and performs an encryption operation on SN 2 =1234567892 to obtain SN 2, 2 =3214567892. Store SN 2, 2 on the server and replace SN 2,1 . Send the new key K 2,2 =3 to the pos machine, write the bank card, and replace K 2,1 in the card.
实施例4Example 4
本实施例的主要步骤同实施例1:The main steps of this embodiment are the same as those of Embodiment 1:
所述物品是身份证。The item is an identity card.
某共有5张身份证发放,分别写入了随机生成的消息Ki,j。即K1,1、K2,1、K3,1、K4,1、K5,1的RFID电子标签。具体地,K1,1=1、K2,1=2、K3,1 =3、K4,1=4、K5,1=5。A total of 5 ID cards were issued, and the randomly generated messages K i,j were written separately. That is, RFID tags of K 1,1 , K 2,1 , K 3,1 , K 4,1 , K 5,1 . Specifically, K 1,1 =1, K 2,1 = 2, K 3,1 =3, K 4,1 =4, K 5,1 =5.
与这5张身份证相对应,服务器内存储有5个SNi值。即SN1=1234567891、SN2=1234567892、SN3=1234567893、SN4=1234567894、SN5=1234567895。Corresponding to these 5 ID cards, there are 5 SN i values stored in the server. That is, SN 1 =1234567891, SN 2 =1234567892, SN 3 =1234567893, SN 4 =1234567894, SN 5 =1234567895.
对5个SNi值进行加密运算,加密规则为:将第1位数字与第F位数字互换,F=Ki,j,即Ki,j作为加密SNi的密钥。得到CSNi,j:CSN1, 1=1234567891、CSN2,1=2134567892、CSN3,1=3214567893、CSN4,1=4231567894、CSN5,1=5234167895。CSNi,j储于服务器的验存证数据存储区。Encryption operation is performed on the five SN i values, and the encryption rule is: the first digit and the F digit are interchanged, and F=K i,j , that is, K i,j is used as the key of the encryption SN i . Obtained CSN i,j :CSN 1, 1 =1234567891, CSN 2,1 =2134567892, CSN 3,1 =3214567893, CSN 4,1 =4231567894, CSN 5,1 =5234167895. CSN i,j is stored in the server's certificate storage data storage area.
有一回,某机构验证身份证时,读取所述身份证上的验证密钥X并发送至所述服务器。Once, when an institution verifies an identity card, it reads the verification key X on the identity card and sends it to the server.
服务器判断出,X=K2,1=2,含有指针i=2。The server determines that X = K 2, 1 = 2, and contains the pointer i = 2.
服务器找到存在于服务器验证数据存储区中的SN2和CSN2,1The server finds SN 2 and CSN 2,1 that exist in the server authentication data store.
服务器以K2,1=2为密钥,对SN2=1234567892进行加密运算,得到P=2134567892。由于P=CSN2,则判断出该身份证为真。同时,服务器生成新的密钥K2,2=3,对SN2=1234567892进行加密运算,得到SN2,2=3214567892。将SN2,2存储于服务器,并替换SN2,1。将新的密钥K2,2=3发送给pos机,写入身份证,替换卡中的K2,1The server encrypts SN 2 =1234567892 with K 2,1 =2 as the key, and obtains P=2134567892. Since P=CSN 2 , it is judged that the identity card is true. At the same time, the server generates a new key K 2,2 =3, and performs an encryption operation on SN 2 =1234567892 to obtain SN 2,2 =3214567892. Store SN 2, 2 on the server and replace SN 2,1 . Send the new key K 2,2 =3 to the pos machine, write the ID card, and replace the K 2,1 in the card.
又一回,某机构验证身份证时,读取所述身份证上的验证密钥X并发送至所述服务器。In another round, when an institution verifies an identity card, it reads the verification key X on the identity card and sends it to the server.
服务器判断出,X的数值为2,含有指针i=2。The server determines that the value of X is 2 and contains the pointer i=2.
服务器找到存在于服务器验证数据存储区中的、且与K2,1对应的SN2和CSN2,2The server finds SN 2 and CSN 2,2 that exist in the server authentication data storage area and correspond to K 2,1 .
服务器以X=2为密钥,对SN2=1234567892进行加密运算,得到P=2134567892。由于CSN2,2=3214567892,P≠CSN2,2,这张身份证是假冒的。The server encrypts SN 2 =1234567892 with X=2 as the key, and obtains P=2134567892. Since CSN 2, 2 = 3214567892, P≠CSN 2 , 2 , this ID card is counterfeit.
进一步地,将CSN2,1更新为CSN2,2后,CSN2,2作为下一次验证终端 设备读取到的物品上的验证密钥的依据。但CSN2,1仍然存储于服务器的历史数据区域中,不作为验证依据。Further, after updating CSN 2,1 to CSN 2,2 , CSN 2,2 serves as the basis for verifying the verification key on the item read by the terminal device next time. However, CSN 2,1 is still stored in the historical data area of the server and is not used as a verification basis.
前面,服务器发现身份证是假冒的,而且P=2134567892正好是服务器历史数据区域中的数据CSN2,1,终端向服务器发送身份证的时间和地理位置,为防伪打假提了供制假者可能的制假时间和地理位置。 In the front, the server found that the ID card is fake, and P=2134567892 is exactly the data CSN 2,1 in the server historical data area. The time and geographic location of the terminal sending the ID card to the server, for the anti-counterfeiting and anti-counterfeiting The time and location of the holiday.

Claims (11)

  1. 一种基于闭环认证理论和互联网的一次一密认证系统,其特征在于:包括系统服务器和设置在每一件物品上的可读写存储器件,以及能够对该可读写存储器件进行读写操作、并与服务器建立通讯的终端设备;A first-time secret authentication system based on closed-loop authentication theory and the Internet, comprising: a system server and a readable and writable storage device disposed on each item, and capable of reading and writing the readable and writable storage device And a terminal device that establishes communication with the server;
    通过以下过程实现物品防伪:Anti-counterfeiting of items through the following process:
    1)每一件物品在投放到公开环境空间前,产生密钥Ki,j和该物品唯一标识SNi1) Each item is generated before the release to the public environment space, the key K i,j and the item unique identifier SN i ;
    2)使用特定加密算法对SNi进行加密运算;此过程中,Ki,j作为一次一密加密运算的密钥,得到SNi对应的密文CSNi,j,将SNi和CSNi,j存入物品防伪服务器;其中,i是连接SNi、Ki,j和CSNi,j的指针;j为产生一次一密密钥的次数;i∈{E},SNi∈{R},j为自然数,集合{E}、和{R}是由数字和/或字母组成的序列的集合;2) Encryption operation is performed on SN i using a specific encryption algorithm; in this process, K i,j is used as a key for one-time encryption operation, and ciphertext CSN i,j corresponding to SN i is obtained , and SN i and CSN i are obtained. j is stored in the article security server; where i is a pointer connecting SN i , K i, j and CSN i, j ; j is the number of times a secret key is generated; i ∈ {E}, SN i ∈ {R} , j is a natural number, and the set {E}, and {R} are a collection of sequences of numbers and/or letters;
    3)将密钥Ki.j写入固定在对应物品上的可读写存储器件后,物品投放到公开环境空间;3) after the key K ij is written into the readable and writable storage device fixed on the corresponding item, the item is placed in the public environment space;
    4)当物品持有者对物品进行防伪验证时,采用所述终端设备读取所述物品上的密钥Kx,j,并发送至所述服务器;4) when the item holder performs anti-counterfeiting verification on the item, the terminal device is used to read the key K x,j on the item and send it to the server;
    提取物品上的密钥Kx,j含有的指针x,其中:x∈{E},找到服务器中对应的SNx和CSNx,j;其中,使用与步骤2)相同的算法,以Kx,j作为密钥,对SNx进行加密运算,得到密文P;Extracting the key K x,j on the item containing the pointer x, where: x ∈ {E}, find the corresponding SN x and CSN x, j in the server; wherein, using the same algorithm as step 2), K x , j as a key, encryption operation on SN x , to obtain ciphertext P;
    若密文P=CSNx,j,则物品为真,跳转至下一步;If the ciphertext P=CSN x,j , the item is true and jumps to the next step;
    若密文P≠CSNx,j,所述系统服务器向终端发送物品为假的信息,并结束真伪校验操作;If the ciphertext P≠CSN x,j , the system server sends the information that the item is false to the terminal, and ends the authenticity verification operation;
    5)所述系统服务器向终端发送物品为真的信息;5) the system server sends information that the item is true to the terminal;
    同时,以j+1的数值来更新j,系统服务器生成新的密钥Kx,j;使用与步骤2)相同的算法,以新的Kx,j作为密钥,对SNx进行加密运算,得到新的密文CSNx,j,并将其存储于服务器中,以更新原有的CSNx,j,并将新的密钥Kx,j发送至所述终端设备,更新所述可读写存储器件中原有的Kx,jAt the same time, j is updated with the value of j+1, the system server generates a new key K x,j ; using the same algorithm as step 2), the new K x,j is used as the key to encrypt the SN x Obtaining a new ciphertext CSN x,j and storing it in the server to update the original CSN x,j and sending the new key K x,j to the terminal device to update the Read and write the original K x,j in the storage device.
  2. 根据权利要求1所述的基于闭环认证理论和互联网的一次一密认证系统,所述物品为带触点的IC卡、RFID电子标签或磁条卡。 The first-time secret authentication system based on the closed-loop authentication theory and the Internet according to claim 1, wherein the article is an IC card with a contact, an RFID electronic tag or a magnetic stripe card.
  3. 根据权利要求1所述的基于闭环认证理论和互联网的一次一密认证系统,其特征在于:所述物品为商品、银行卡或居民身份证;The first-time secret authentication system based on closed-loop authentication theory and the Internet according to claim 1, wherein the item is a commodity, a bank card or a resident identity card;
    所述可读写存储器件为独立存在或附着于任意物品的磁条卡、带触点的IC卡或RFID电子标签。The readable and writable storage device is a magnetic stripe card, an IC card with contacts, or an RFID electronic tag that is independently present or attached to any item.
  4. 根据权利要求1所述的基于闭环认证理论和互联网的一次一密认证系统,其特征在于:所述步骤5)中,将CSNx,j更新为CSNx,j+1后,CSNx,j+1作为下一次验证终端设备读取到的物品上的验证密钥的依据;但CSNx,j仍然存储于服务器的历史数据区域中,不作为验证依据;The first-time secret authentication system based on closed-loop authentication theory and the Internet according to claim 1, wherein in the step 5), CSN x, j is updated to CSN x, j+1 , CSN x, j +1 is the basis for verifying the verification key on the item read by the terminal device next time; however, CSN x, j is still stored in the historical data area of the server, and is not used as a verification basis;
    如果服务器收到终端设备读取到的物品上的验证密钥,且该密钥的验证结果P≠CSNx,j,但P是所述历史数据区域中的数据时,则判定该密钥已被窃取,并被写入了假冒物品上的可读写存储器件中;If the server receives the verification key on the item read by the terminal device, and the verification result of the key P≠CSN x,j , but P is the data in the historical data area, it is determined that the key has been Stolen and written into a readable and writable storage device on a counterfeit item;
    终端设备向服务器发送扫描被验证物品可读写存储器件的时间和地理位置,若存在假冒物品,即可为防伪打假提供制假者可能的制假时间和地理位置,以及使用假冒证件或物品的使用者的历史使用时间和地点。The terminal device sends to the server the time and geographical location of scanning the readable and writable storage device of the verified item, and if there is a counterfeit item, it can provide the counterfeiting time and geographical location of the counterfeit, and the use of the fake certificate or the item for the anti-counterfeiting and anti-counterfeiting. The user's historical time and location.
  5. 根据权利要求1所述的基于闭环认证理论和互联网的一次一密认证系统,其特征在于:SNi包含商品生产时间和商品序号。The first-time secret authentication system based on the closed-loop authentication theory and the Internet according to claim 1, wherein the SN i includes a commodity production time and a product serial number.
  6. 根据权利要求1所述的基于闭环认证理论和互联网的一次一密认证系统,其特征在于:若所述物品是消耗型商品,被启用时,所述RFID电子标签被损毁。The one-time secret authentication system based on the closed-loop authentication theory and the Internet according to claim 1, wherein the RFID electronic tag is destroyed if the article is a consumable product and is enabled.
  7. 根据权利要求1所述的基于闭环认证理论和互联网的一次一密认证系统,其特征在于:服务器上不存储Ki,jThe first-time secret authentication system based on closed-loop authentication theory and the Internet according to claim 1, wherein K i,j is not stored on the server.
  8. 根据权利要求1所述的基于闭环认证理论和互联网的一次一密认证系统,其特征在于:所述可读写存储器件为RFID、身份证芯片、银行卡或各种IC卡应用。The first-time secret authentication system based on closed-loop authentication theory and the Internet according to claim 1, wherein the readable and writable storage device is an RFID, an ID card chip, a bank card or various IC card applications.
  9. 根据权利要求1所述的基于闭环认证理论和互联网的一次一密认证系统,其特征在于:所述终端设备为手机、平板电脑等终端或POS机、收银机或身份证阅读器,以及各种IC卡阅读设备。 The first-time secret authentication system based on closed-loop authentication theory and the Internet according to claim 1, wherein the terminal device is a terminal such as a mobile phone or a tablet computer, or a POS machine, a cash register or an ID card reader, and various IC card reading device.
  10. 根据权利要求1所述的基于闭环认证理论和互联网的一次一密认证系统,其特征在于:所述SNi=i。The first-time secret authentication system based on closed-loop authentication theory and the Internet according to claim 1, wherein said SN i = i.
  11. 根据权利要求1所述的基于闭环认证理论和互联网的一次一密认证系统,其特征在于:所述Ki,j是随机生成的。 The first-time secret authentication system based on closed-loop authentication theory and the Internet according to claim 1, wherein said K i,j are randomly generated.
PCT/CN2015/073591 2014-04-09 2015-03-03 One-time pad authentication system based on closed-loop authentication theory and internet WO2015154595A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/075952 WO2015154647A1 (en) 2014-04-09 2015-04-07 Currency or security authentication system based on closed-loop authentication theory

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410140584.2A CN103971250B (en) 2014-04-09 2014-04-09 A kind of one time one card anti-fake traceability system based on mobile terminal and RFID
CN201410140584.2 2014-04-09

Publications (1)

Publication Number Publication Date
WO2015154595A1 true WO2015154595A1 (en) 2015-10-15

Family

ID=51240710

Family Applications (4)

Application Number Title Priority Date Filing Date
PCT/CN2014/092112 WO2015154482A1 (en) 2014-04-09 2014-11-25 One-time certificate anti-counterfeiting tracing system based on mobile terminal and rfid
PCT/CN2015/073591 WO2015154595A1 (en) 2014-04-09 2015-03-03 One-time pad authentication system based on closed-loop authentication theory and internet
PCT/CN2015/075949 WO2015154646A1 (en) 2014-04-09 2015-04-07 Currency or security anti-counterfeiting tracing system based on one-time certificate technology
PCT/CN2015/075952 WO2015154647A1 (en) 2014-04-09 2015-04-07 Currency or security authentication system based on closed-loop authentication theory

Family Applications Before (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/092112 WO2015154482A1 (en) 2014-04-09 2014-11-25 One-time certificate anti-counterfeiting tracing system based on mobile terminal and rfid

Family Applications After (2)

Application Number Title Priority Date Filing Date
PCT/CN2015/075949 WO2015154646A1 (en) 2014-04-09 2015-04-07 Currency or security anti-counterfeiting tracing system based on one-time certificate technology
PCT/CN2015/075952 WO2015154647A1 (en) 2014-04-09 2015-04-07 Currency or security authentication system based on closed-loop authentication theory

Country Status (2)

Country Link
CN (1) CN103971250B (en)
WO (4) WO2015154482A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103971250B (en) * 2014-04-09 2017-04-05 四川谦泰仁投资管理有限公司 A kind of one time one card anti-fake traceability system based on mobile terminal and RFID
CN105844472A (en) * 2015-01-13 2016-08-10 四川谦泰仁投资管理有限公司 RFID merchandise anti-counterfeiting tracing system compatible with two-dimensional code counterfeiting prevention
CN105279470B (en) * 2015-09-24 2018-01-16 深圳市金溢科技股份有限公司 A kind of method, system and handheld terminal for handling the handing-over of money case
CN106709562A (en) * 2015-11-16 2017-05-24 四川谦泰仁投资管理有限公司 Currency counting system having RFID identification function
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system
CN108921692B (en) * 2017-05-16 2022-01-18 江峰 Multi-chain block chain system with block issuing mechanism
CN110648143A (en) * 2018-06-11 2020-01-03 江峰 Closed-loop anti-counterfeiting verification system based on Merkle trusted tree
CN109360002A (en) * 2018-09-21 2019-02-19 蛙力买(浙江)信息科技有限公司 A kind of method for anti-counterfeit and device of product

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103544511A (en) * 2013-10-29 2014-01-29 上海华彩科技有限公司 Anti-counterfeiting identification
CN103971250A (en) * 2014-04-09 2014-08-06 四川谦泰仁投资管理有限公司 One-time-one-certificate anti-fake traceability system based on mobile terminal and RFID (radio frequency identification)

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030221098A1 (en) * 2002-05-22 2003-11-27 Kun-Huei Chen Method for automatically updating a network ciphering key
US20040000987A1 (en) * 2002-06-27 2004-01-01 Ncr Corporation Check fraud detection process using checks having radio frequency identifier (RFID) tags and a system therefor
WO2007027151A1 (en) * 2005-09-01 2007-03-08 Stora Enso Oyj Verification of a product identifier
CN101183439A (en) * 2006-11-14 2008-05-21 中国民生银行股份有限公司 Electronic bill processing system and processing method
CN101556654B (en) * 2009-05-27 2013-03-27 杨志清 Anti-counterfeiting technology for multi-variable dynamic digital signature and interactive authentication electronic tag
CN102469080B (en) * 2010-11-11 2015-07-15 中国电信股份有限公司 Method for pass user to realize safety login application client and system thereof
CN102186151B (en) * 2011-05-13 2016-01-13 中国电信股份有限公司 The method and system of online process tax-related service, mediating transmission device
CN102236861A (en) * 2011-07-07 2011-11-09 江苏联博计算机信息产业有限公司 Commodity anti-counterfeiting method based on path mechanism
CN203232458U (en) * 2012-03-31 2013-10-09 四川谦泰仁投资管理有限公司 Merchandise anti-counterfeiting system based on mobile terminal and RFID electronic label

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103544511A (en) * 2013-10-29 2014-01-29 上海华彩科技有限公司 Anti-counterfeiting identification
CN103971250A (en) * 2014-04-09 2014-08-06 四川谦泰仁投资管理有限公司 One-time-one-certificate anti-fake traceability system based on mobile terminal and RFID (radio frequency identification)

Also Published As

Publication number Publication date
CN103971250B (en) 2017-04-05
CN103971250A (en) 2014-08-06
WO2015154646A1 (en) 2015-10-15
WO2015154482A1 (en) 2015-10-15
WO2015154647A1 (en) 2015-10-15

Similar Documents

Publication Publication Date Title
WO2015154595A1 (en) One-time pad authentication system based on closed-loop authentication theory and internet
WO2016145705A1 (en) Time-based encrypted nfc cell phone terminal anti-counterfeit system and method
CN105262595B (en) System and method for equipment and data authentication
CN102831529B (en) A kind of commodity information identification method based on radio frequency and system
WO2013155562A1 (en) Nfc card lock
CN103295143A (en) Commodity anti-counterfeiting verification method
US20140289129A1 (en) Method for secure contactless communication of a smart card and a point of sale terminal
CN108082723B (en) Anti-counterfeiting bottle cap based on CPU (Central processing Unit) password chip and working method thereof
KR100512064B1 (en) contactless type communication tag and portable tag reader for verifying a genuine article
KR20140126976A (en) apparatus and user terminal for mobile identification
CN103971245B (en) A kind of combined ciphering system false proof for electronic article
CN105844472A (en) RFID merchandise anti-counterfeiting tracing system compatible with two-dimensional code counterfeiting prevention
CN202870898U (en) Radio frequency-based commodity information identification system
CN104424568A (en) Authentication false-proof traceability system employing circuit core chip ID number as identification
KR100524176B1 (en) Mobile phone capable of reading genuine article verifying information stored in a RF-tag and method for administrating service management executable in a computer communicating with the same phone
KR101527582B1 (en) System for verifying product genuineness using double security key and method thereof
KR101638787B1 (en) Mobile ticket security system and method of based location information and terminal unique number
CN103971246B (en) One-way function bidirectional encryption based electronic commodity security system
CN102867260A (en) Bluetooth-based commodity information identification method and system
CN106815614A (en) A kind of bank acceptance Antiforge system of use NFC anti-counterfeiting technologies
KR100497630B1 (en) Portable RF-tag reader for verifying a genuine article
CN102510334B (en) Dynamic anti-counterfeiting security system and method based on WSN wireless sensing net radio-frequency technology
CN111951032A (en) Third-party article anti-counterfeiting authentication method
CN202870899U (en) Bluetooth-based commodity information identification system
CN113095844A (en) Anti-counterfeiting method and device, storage medium and terminal

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15776463

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15776463

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 15776463

Country of ref document: EP

Kind code of ref document: A1