WO2020240527A1 - Joint d'étanchéité électronique et procédé de vérification de joint d'étanchéité électronique - Google Patents

Joint d'étanchéité électronique et procédé de vérification de joint d'étanchéité électronique Download PDF

Info

Publication number
WO2020240527A1
WO2020240527A1 PCT/IB2020/056218 IB2020056218W WO2020240527A1 WO 2020240527 A1 WO2020240527 A1 WO 2020240527A1 IB 2020056218 W IB2020056218 W IB 2020056218W WO 2020240527 A1 WO2020240527 A1 WO 2020240527A1
Authority
WO
WIPO (PCT)
Prior art keywords
seal
response
circuit
electronic
challenge
Prior art date
Application number
PCT/IB2020/056218
Other languages
English (en)
Inventor
Krzysztof Gołofit
Original Assignee
Golofit Krzysztof
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Golofit Krzysztof filed Critical Golofit Krzysztof
Priority to PL440524A priority Critical patent/PL242117B1/pl
Priority to PL440523A priority patent/PL241997B1/pl
Priority to PL440113A priority patent/PL242116B1/pl
Publication of WO2020240527A1 publication Critical patent/WO2020240527A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • H04L9/0662Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication

Definitions

  • the invention concerns an electronic seal and a method of electronic seal veri
  • an electronic seal comprising an RFID communication module with an antenna coil for wireless communication, which was partially placed on the surface of the laminate using a conductive ink characterized by fragility. Breaking the seal will damage the antenna, resulting in a lack of radio communication with the seal.
  • an electronic seal containing an electronic tape consisting of: a protective coating, a conductive strip, an intermediate insulating layer, insulating surface contact and resistive strips.
  • a protective coating consisting of: a protective coating, a conductive strip, an intermediate insulating layer, insulating surface contact and resistive strips.
  • the following parameters are measured for changes: resistance, capacitance and inductance. Random codes are also stored on the tape and the seal, which are erased when intrusion is detected.
  • a physically unclonable functions (PUF) circuit in which a conductive material of suitable grain is distributed on the insulator layer, under which there are many electrical contacts of an electronic circuit.
  • the electronic circuit uses measurements of capacitance and resistance values between the conductive layer and contacts or between selected contacts. The structure of the layer on the circuit causes that these values are random, but repeatable, which ensures the functionality of the PUF circuit.
  • US2015278505 is known a method of authenticating a target device using a reader and a data store comprising: sending a selected challenge data value from the reader to the target device multiple times; receiving at the reader the respective response data value generated by the target device in response to each instance of the challenge data value sent by the reader; de termining a representative response data value from the response data values received by the reader; comparing the representative response data value against the response data values in the respective challenge-response data set; and determining that the target device is authentic if the representative data value matches any one of the response data values from a respective challenge-response data set.
  • the chaotic circuit contains a chaotic circuit.
  • the chaotic circuit has two switchable chain ring oscillators, which outputs are connected to inputs of a phase detector, which output is connected to control inputs of the switchable chain ring oscillators through a control system and is also connected to a output of the chaotic circuit.
  • the output of the chaotic circuit is connected to the output of the generator of physically unclonable cryptographic keys through a sample and compare circuit.
  • Generator has an initializing input connected to both initializing inputs of the switchable chain ring oscillators and to the first input of the sample and compare circuit, which second input is connected to the output of the second switchable chain ring oscillator.
  • a chaotic circuit which is constructed based on two frequency generating modules, each consisting of four MOS transistors, and an active nonlinear module, consisting of three MOS transistors.
  • a chaotic circuit with constant Liapunov exponent spectrum which comprises a signal source module, a linear module, a piecewise linear function module and a negative resistor module.
  • the signal source module is connected with the linear module and the negative resistor module.
  • the piecewise linear function module is connected with the linear module.
  • the negative resistor module is connected with the linear module.
  • Chaotic circuits known in the art essentially strengthen microscopic differences, ensuring a reproducible result, without the possibility of calculating or discovering these differences based on the result.
  • the invention solves the problem of ensuring authenticity of a protected object.
  • the aim of the invention is to ensure a bond between an object and the seal
  • Electronic seal comprising a communication module and a circuit of physically un- clonable functions connected to it, comprising at least one sensitive element, which electrical parameters change a response of this circuit, according to the invention it has at least one sensitive contact surface connected to at least one protected object. Further at least one sensitive element of the circuit has an electrical contact connected with it, which is placed directly next to the sensitive contact surface, or at least one sensitive element of the circuit, which is a sensitive electronic element, is placed directly next to the sensitive contact surface, thus the connection of the sensitive contact surface with the protected object influences electrical parameters of at least one sensitive element of the circuit of physically unclonable function.
  • the technical effect of the solution is that violating seal in regard to protected object will produce irreversible parameter changes in structure of the circuit of physically unclonable functions. As result, a violation of the seal can be detected without the need for constant monitoring or powering the seal, and its verification confirms the authenticity of the protected object.
  • At least one electrical contact is brought to at least one sensitive contact surface and is electrically connected directly to the protected object. For that reason, the resistance and the impedance of the connection have an impact on the response of the circuit of physically unclonable functions.
  • At least one electrical contact is brought to at least one sensitive contact surface and is electrically connected directly to the protected object with an insulator. For that reason, capacitive and inductive characteristics of the connection have an influence on the response of the circuit of physically unclonable functions.
  • At least one sensitive electronic element of the circuit is placed at at least one sensitive contact surface, wherein changing the position of the protected object relative to this element changes the electrical parameters of the circuit. Bringing electronic elements close to the protected object allows to change their parameters when the position of the protected object changes, and thus to change the response of the circuit of physically unclonable functions.
  • Electronic seal is advantageously attached to the protected object with the adhesive layer.
  • the adhesive layer is electrically conductive. This makes it possible to detect changes in resistance.
  • the insulator is also an adhesive layer that electrically insulates at least one electrical contact from the protected object. This makes it possible to detect capacitive changes.
  • the adhesive layer is more durable than the internal structure of the circuit of physically unclonable functions.
  • a violation or break of seal enhances changes in the sensitive structure of the circuit of physically unclonable functions.
  • the circuit of physically unclonable functions comprises a chaotic circuit.
  • a chaotic circuit intensively amplifies microscopic differences that are the initial conditions for the circuit operation, which results in significant divergences in outcomes on the circuit output.
  • the sensitivity of the circuit of physically un clonable functions increases.
  • Electronic seal advantageously comprises a random number generator connected to the communication module. This makes it possible to perform encryption of in formation with one-time encryption keys.
  • the random number generator is a true random number generator.
  • the communication module is a radio-frequency identification
  • This solution enables communication with the seal in the RFID standard.
  • the communication module is a near field communication module.
  • the seal identification is proceeded as follows, upon a request of an authentication party, a predetermined seal identifier, with which the seal was equipped, is sent from the seal to the authentication party, where identification of the identifier occurs. This allows for the identification of the seal in a simple and implementation- un demanding way.
  • the seal identification is proceeded as follows, upon a request of an authentication party, a seal identifier, which comprises at least one response of the circuit of physically unclonable functions for at least one predetermined challenge, is sent from the seal to the authentication party, where identification of the identifier occurs.
  • a seal identifier which comprises at least one response of the circuit of physically unclonable functions for at least one predetermined challenge.
  • the seal identification is proceeded as follows, upon a request of an authentication party, a series of random numbers is generated in the seal using a random number generator, and then this series and the corresponding series of identifier number values determined by the series of generated random numbers are sent from the seal to the authentication party, where identification based on these values occurs.
  • a series of random numbers is generated in the seal using a random number generator, and then this series and the corresponding series of identifier number values determined by the series of generated random numbers are sent from the seal to the authentication party, where identification based on these values occurs.
  • the seal authentication by an authentication party is proceeded as follows, a first challenge is sent to the seal by the authentication party, then the first response to this challenge is generated in the seal using a circuit of physically un- clonable functions, then this response is sent by the seal to the authentication party, where the correctness of the response is verified by comparison with the previously re membered response, wherein their compliance means the proper authentication of the seal for the authentication party.
  • This allows for the seal authentication in a simple and implementationally undemanding way.
  • the authentication party is authenticated by the seal as follows, a second challenge and a second response is sent to the seal by the authen tication party, then the second response to the second challenge is generated in the seal using a circuit of physically unclonable functions, where the correctness of the received second response is verified by comparison with the generated second response, wherein their compliance means the proper authentication of the authen tication party for the seal.
  • This allows for mutual authentication in a simple and imple mentationally undemanding way.
  • the data sent from authen tication party to seal are encrypted as follows, a transmitting key is randomly generated by the authentication party, and all data being sent to the seal except the first challenge are encrypted using the transmitting key by the authentication party, moreover the au thentication party provides the first response encrypted using transmitting key and an encrypted second response to the seal, then the transmitting key is computed in the seal based on the generated first response and the encrypted first response, where the transmitting key allows for decryption of the remaining encrypted data in the seal. This allows for secure transmission from the authentication party to the seal of all data encrypted with one-time keys.
  • the data sent from the seal to the authentication party are encrypted as follows, a receiving key is randomly generated in the seal, and all data being sent to authentication party are encrypted by the seal and sent, then the receiving key is computed by the authentication party based on the encrypted second response, which allows the authentication party to decrypt of all the remaining data received from the seal. This allows for secure transmission from the seal to the authentication party of all data encrypted with one-time keys.
  • the first challenge is masked as follows, the authentication party generates a series of random numbers using a random number generator, then the authentication party determines a random series of values of the identifier numbers in regard to the series of random numbers, then the first challenge encrypted using the series of values and the series of random numbers are sent from the authentication party to the seal, where the series of values is recreated in the seal based on the series of random numbers and the identifier numbers, which is used to decrypt the first challenge.
  • This allows for masking the first challenge and protecting against attacks based on constant monitoring of transmissions.
  • the invention allows to detect violations of the direct bond between the seal and the surface against which the seal has been placed.
  • Fig. 1 presents a schematic diagram of a seal with direct connections
  • fig. 2 presents a schematic diagram of a seal with isolated connections
  • fig. 3 presents a schematic view of seal from the contact surface side
  • fig. 4 presents a schematic diagram of a seal with electronic elements of a circuit of physically unclonable functions placed at the edge of the contact surface
  • fig. 5 presents a schematic diagram of a double-sided seal
  • fig. 6 presents a sequence of operations in a method of seal identification based on an identifier
  • fig. 7 presents a sequence of operations in a method of seal identification based on a response of a circuit of physically unclonable functions
  • fig. 8 presents a sequence of operations in a method of seal identification based on random fragments of an identifier
  • fig. 9 presents a sequence of operations in a method of an open authentication of a seal
  • fig. 10 presents a sequence of operations in a method of an open mutual authentication
  • fig. 11 presents a sequence of operations in a method of an open authentication of a seal with an exchange of a challenge- response pair
  • fig. 12 presents a sequence of operations in a method of encrypted seal authentication
  • Electronic seal in the embodiment presented in fig. 1 comprises a sensitive contact surface SS at the bottom of the electronic seal SL, a circuit of physically unclonable functions PUF. which comprises sensitive elements EL and electrical contacts KT on the sensitive contact surface SS.
  • the electrical contacts KT are connected to the sensitive elements EL of the circuit of physically unclonable functions PUF.
  • the electronic seal SL makes contact with its entire lower surface against a protected object OB.
  • the electrical contacts KT are in contact with the surface of the object OB.
  • the edges of the bottom surface of the seal SL were attached to the surface of the object OB with an adhesive layer GL.
  • Electronic seal in the embodiment presented in fig. 2 comprises a sensitive contact surface SS at the bottom of the electronic seal SL, a communication module COM a random number generator RNG, a circuit of physically unclonable functions PUF. which comprises sensitive elements EL and electrical contacts KT on the sensitive contact surface SS.
  • the communication module COM is connected to the circuit of physically unclonable functions PUF and to the random number generator RNG.
  • the electrical contacts KT are connected to the sensitive elements EL of the circuit of physically unclonable functions PUF.
  • the electronic seal SL makes contact with its entire lower surface against a protected object OB with an insulator IR, therefore the electrical contacts KT do not make direct contact with the surface of the object OB.
  • direct electrical connections or insulated connections or mixed connections are chosen.
  • internal elements of the circuit of physically unclonable functions are selected which parameter values allow to cooperate with external parameters.
  • an electronic element of the PUF circuit can be connected in parallel with a fragment of the protected object surface if the protected object surface characterize a high re sistance.
  • a fragment of the protected object surface can be used as an electrical path in the PUF circuit structure (or be connected in parallel with it).
  • Sensitive contact surface SS comprises an electrical contact assembly KT arranged in a matrix, as presented in fig. 3.
  • the size of the electrical contacts, their density and location, and the number of contacts depend on the nature of the protected object surface, in particular the roughness of the protected object surface, the internal granularity of the external layer material of the object and its overall impedance properties.
  • Electronic seal in the embodiment presented in fig. 4 comprises a sensitive contact surface SS at the bottom of the electronic seal SF, a near field communication module NFC a true random number generator TRNG. a circuit of physically unclonable functions PUF. which comprises sensitive elements EF and sensitive electronic elements EE placed near the sensitive contact surface SS.
  • the communication module NFC is connected to the circuit of physically unclonable functions PUF and to the true random number generator TRNG.
  • the electronic seal SF makes contact with its entire lower surface against a protected object OB. wherein the edges of the bottom surface of the seal SF were attached to the surface of the object OB with an adhesive layer GF. whereas the sensitive contact surface SS was affixed to the surface of the object OB by a strongly bonding adhesive layer SGF.
  • electronic seal presented in fig. 5 comprises two sensitive contact surfaces SSI and SS2 - first SSI at the bottom and second SS2 at the top of the electronic seal SF.
  • the electronic seal SF comprises a communication module in the form of radio-frequency identification system RFID a true random number generator TRNG. a circuit of physically unclonable functions PUF. which comprises sensitive electronic elements EE placed near both sensitive contact surfaces SSI and SS2.
  • the communication module RFID is connected to the circuit of physically unclonable functions PUF and to the true random number generator TRNG.
  • the electronic seal SF makes contact with its entire lower surface SSI against first protected object OBI and with its entire upper surface SS2 against second protected object OB2. Both surfaces were attached to the surfaces of the objects OB 1 and OB2 using a strongly bonding adhesive layer SGF.
  • Fots of solutions of Physical Unclonable Function are based on microscopic differences in electrical parameters of electronic circuit components. These circuits are designed to be sensitive to the inter- specimen spreads of the circuit components pa rameters. Any differences in the geometry of elements (thickness, length, width), their mutual distance, inhomogeneity of doping, etc., translate into spreads of parameters such as: resistance, capacitance, impedance, current efficiency, etc. These differences are used to generate a PUF response inextricably linked to a given specimen - what is important, in most cases these parameters are impossible to measure, and such an attempt would destroy or change the PUF structure.
  • the category of strong PUF concerns solutions in which the PUF circuit generates a response R to a challenge C, which in most cases are in the form of binary numbers vectors. With a sufficiently large space of challenge vectors and response vectors, the PUF circuit can perform a function in a form of an asymmetric cryptography function. Moreover, such solutions may be used to generate unclonable cryptographic keys unique to a specific device. These keys are random but constant for a given specimen. Their significant advantage, in addition to unclonability, is that these keys are usually not present in the circuit, because they are generated only when they are needed in the circuit - thanks to this, such solutions are extremely resistant to various types of side-channel attacks.
  • the structure of the PUF circuit includes elements (both electronic and passive) that have no influence (or have a negligible effect) on the result of the circuit operation and elements EL (both electronic EE and passive KT), which electrical parameters affect the result of circuit operation - in particular, these are all elements responsible for re configuration of the circuit according to the challenge C. So far internal differences between circuits have been used, however, in accordance with the invention, in order to generate a response, besides internal differences, there are also external parameters taken into account, which are resulting from the immediate proximity to an external object OB. OBI. OB2. Thanks to this, it is possible to implement the electronic seal SL .
  • a particularly advantageous implementation of the PUF circuit is a chaotic circuit, thanks to which the microscopic parameters of the PUF circuit are incessantly amplified.
  • the chaotic circuit is also characterized by the fact that even the manu facturer of the electronic circuits is not able to imitate or fabricate the operation of a specimen.
  • Flexible printed circuits have been known for years in the art and on the market, which give little possibilities to implement electronic seals.
  • flexible in tegrated circuits are relatively new, which are flexible in a way as flexible printed circuits.
  • the technologies of flexible integrated circuits are characterized by a very small scale of integration (very large sizes of electronic components), therefore many complex implementations (such as asymmetric cryptography algorithms) often exceed the possibilities of these technologies.
  • Another disadvantage of flexible integrated circuits is the lack of memory (FLASH or RAM), which makes cryptographic keys im possible to save or change. Therefore, cryptographic implementations are impossible or very difficult.
  • a memory-free electronic circuit is proposed, and it is also not implementationally complex.
  • the dimensions of flexible integrated circuits allow for sealing objects of all sizes (e.g. confirming the authenticity of banknotes, sealing paper envelopes or letters).
  • the disadvantage of many electronic seals is that they require a continuous power supply, which is used, for example, to monitor the security circuitry for a breach. Moreover, in the event of a power failure, once it has been restored, it is often im possible to determine whether the safety circuit was interrupted during the power failure.
  • the solution according to the invention allows to verify that the seal has not been violated in reference to its state registered at the beginning, when the seal was applied. Moreover, when using RFID or NFC communication technology, a seal is not powered for most of the time. Energy is induced in the seal only while the seal is being verified.
  • Method of electronic seal identification presented in fig. 6 consists in receiving by the seal a query for its identifier ID? (step 1), then seal reads its identifier ID consisting of a series of numbers id (step 2) and sends it ID back (step 3).
  • the identifier may be permanently set in the seal (e.g. in the production process), so that the seal does not have to be equipped with a memory. Moreover, it allows identifying the seal in a simple and implementation- undemanding way.
  • Method of electronic seal identification presented in fig. 7 consists in receiving by the seal a query for its identifier ID? (step 1), after which the seal, based on a series of given challenges C (step 2), generates a series of responses R (steps 3-6) using a circuit of physically unclonable functions put, and then, after combining a series of responses R into a single identifier IDp (step 7), the seal sends it back (step 8).
  • the challenges C can be arbitrary established values, therefore the seal does not need to be equipped with a memory. With this method, the identifier is not stored in the seal.
  • Method of electronic seal identification presented in fig. 8 consists in receiving by the seal a query for its identifier ID? (step 1), after which the seal generates a series of random numbers L using a random number generator nig (step 2), then, from among the values of the identifier numbers, the values id with positions corresponding to the randomly drawn numbers are selected, and an identifier numbers series IDg is created from the selected numbers (step 3).
  • the seal sends back both the series of random numbers L (step 4) and the series of corresponding identifier numbers IDg (step 5).
  • This method enables anonymity of identification, especially when it is based on a suf ficiently long identifier.
  • This method can use both a sufficiently long identifier per manently set in the seal, and an identifier consisting of a sufficiently large number of responses of the circuit of physically unclonable functions.
  • Method of electronic seal authentication presented in fig. 9 consists in retrieving from authentication party storage a challenge-response pair Cx. Rx that is corre sponding to the identified seal (step 1), and then sending the challenge Cx from the au thentication party to the seal (step 2).
  • a response Rx’ to this challenge is generated using a circuit of physically unclonable functions put (step 3), which is then sent back to authentication party from the seal (step 4).
  • Proper authentication of the seal is verified by the authentication party by comparison of the received response Rx’ with the previously retrieved response Rx. This method is characterized by simplicity and low engagement of used devices.
  • a second challenge-response pair Cv. Rv corre sponding to the identified seal is retrieved by the authentication party (step 2), which is also sent from the authentication party to the seal (steps 4 and 5).
  • a second response Rv’ to the second challenge Cy is generated using the circuit of physically unclonable functions put (step 7), which is then used to au thenticate the authentication party by comparing the received second response of Ry with the generated second response Rv’ (step 8).
  • An exchange of an old challenge-response pair to a new challenge-response pair can be achieved by extending the method presented in fig. 9 to a method presented in fig. 11, which is similar to the method presented in fig. 9, except that a new challenge Cn is randomly generated in the seal using a random number generator mg (step 4) and this challenge is used to generate a new response Rn using the circuit of physically un clonable functions put (step 5).
  • the new challenge-response pair Cn. Rn is then sent from the seal to the authentication party (steps 7 and 8).
  • the new challenge-response pair Cn. Rn can replace the previously used challenge- response pair Cx- Rx (step 10), hence a chain exchange of pairs occurs.
  • the encryption of data sent from the authentication party to the seal and received by the authentication party from the seal can be implemented by extending the method presented in fig. 9 to a method presented in fig. 12, which is similar to the method presented in fig. 9, except that a second challenge-response pair Cv. Rv corresponding to the identified seal is retrieved by the authentication party (step 2), and a transmitting key Ks is randomly generated by the authentication party using a random number generator rng (step 3). Except the first challenge Cx all the data being sent to the seal are encrypted with this key, including the first and second responses Rx Rv (steps 5 and 6).
  • the first response Rx’ Since the first response Rx’ can be generated in the seal, it is used in order to calculate the transmitting key Ks (step 8), which is used for decryption of the second response Ry in the seal (step 9) and other data. Furthermore, in the seal a one-time random receiving key Kr is generated using the random number generator nig (step 10). This key is used for encryption of all data being sent from the seal to the authen tication party (steps 11 and 12), including the second response Ry (step 11), which is used in order to calculate the receiving key Kr by the authentication party based on the encrypted second response Ry and the previously retrieved second response Ry (step 13). The receiving key Kr is used for decryption of all other data received by the au thentication party from the seal (step 14). Encryption and decryption is performed using exclusive disjunction (XOR). This method allows for secure data transmission encrypted with one-time keys, thus attacks based on eavesdropping or message repetition will not succeed.
  • XOR exclusive disjun
  • the most comprehensive variant of the seal authentication combines the methods presented in fig. 9, 10, 11 and 12 and includes an additional masking of the first challenge by the authentication party, which is based on the seal identification method presented in fig 8.
  • the method of authentication presented in fig. 13 is similar to the methods presented in fig. 9, 10, 11 and 12, except that a series of random numbers K is generated using a random number generator mg by the authentication party (step 3), then the numbers of this series are used to select randomly chosen values of the identifier id, which make a series of also random numbers Ki (step 4) - i.e.
  • the identifier temporary masking key with which the first challenge Cx is encrypted and sent from the authentication party to the seal (step 6), with which the series of random numbers is sent K (step 7).
  • the masking key Ki is regenerated in the seal (step 11), based on which the first challenge Cx is decrypted (step 12).
  • sender's authentication (authentication party) - steps: 2, 9, 10, 17, 18;
  • the application of the invention can be found in ensuring the originality of products, in securing the integrity of objects or their components, in preventing counterfeiting products and in counteracting documents forgery, in particular in RFID or NFC tags made in the technologies of integrated circuits with low integration scale and no memory or permanent storage or power source.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Mathematical Physics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)
  • Credit Cards Or The Like (AREA)
  • Adhesive Tapes (AREA)
  • Collating Specific Patterns (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Le joint d'étanchéité électronique (SL) comprend deux surfaces de contact sensibles (SS1, SS2) – une première (SS1) au niveau de la partie inférieure, une seconde (SS2) au niveau de la partie supérieure du joint d'étanchéité (SL). De plus, l'invention concerne un module de communication sous la forme d'un système d'identification par radiofréquence (RFID), un générateur de nombres aléatoires vrais (TRNG), un circuit de fonctions physiques inclonables (PUF), qui comprend des éléments électroniques sensibles (EE) placés à proximité des deux surfaces de contact sensibles (SS1, SS2). Le module de communication (RFID) est connecté au circuit de fonctions physiques inclonables (PUF) et au générateur de nombres aléatoires vrais (TRNG). Le joint d'étanchéité électronique (SL) entre en contact avec toute sa surface inférieure (SS1) contre un premier objet protégé (OB1) et avec toute sa surface supérieure (SS2) contre un second objet protégé (OB2). Les deux surfaces ont été fixées aux surfaces des objets (OB1 et OB2) à l'aide d'une couche adhésive fortement adhésive (SGL).
PCT/IB2020/056218 2019-07-02 2020-07-01 Joint d'étanchéité électronique et procédé de vérification de joint d'étanchéité électronique WO2020240527A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
PL440524A PL242117B1 (pl) 2019-07-02 2020-07-01 Sposób uwierzytelniania elektronicznej pieczęci
PL440523A PL241997B1 (pl) 2019-07-02 2020-07-01 Sposób identyfikacji elektronicznej pieczęci
PL440113A PL242116B1 (pl) 2019-07-02 2020-07-01 Elektroniczna pieczęć

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
PL430471A PL238366B1 (pl) 2019-07-02 2019-07-02 Elektroniczna pieczęć
PLP.430471 2019-07-02

Publications (1)

Publication Number Publication Date
WO2020240527A1 true WO2020240527A1 (fr) 2020-12-03

Family

ID=73552751

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2020/056218 WO2020240527A1 (fr) 2019-07-02 2020-07-01 Joint d'étanchéité électronique et procédé de vérification de joint d'étanchéité électronique

Country Status (2)

Country Link
PL (4) PL238366B1 (fr)
WO (1) WO2020240527A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080256600A1 (en) * 2005-09-14 2008-10-16 Koninklijke Philips Electronics, N.V. Device, System and Method for Determining Authenticity of an Item
WO2009079050A2 (fr) * 2007-09-19 2009-06-25 Verayo, Inc. Authentification avec des fonctions non clonables physiques
US20130047209A1 (en) * 2010-03-24 2013-02-21 National Institute Of Advanced Industrial Science And Technology Authentication processing method and apparatus
US10256983B1 (en) * 2015-03-25 2019-04-09 National Technology & Engineering Solutions Of Sandia, Llc Circuit that includes a physically unclonable function

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080256600A1 (en) * 2005-09-14 2008-10-16 Koninklijke Philips Electronics, N.V. Device, System and Method for Determining Authenticity of an Item
WO2009079050A2 (fr) * 2007-09-19 2009-06-25 Verayo, Inc. Authentification avec des fonctions non clonables physiques
US20130047209A1 (en) * 2010-03-24 2013-02-21 National Institute Of Advanced Industrial Science And Technology Authentication processing method and apparatus
US10256983B1 (en) * 2015-03-25 2019-04-09 National Technology & Engineering Solutions Of Sandia, Llc Circuit that includes a physically unclonable function

Also Published As

Publication number Publication date
PL238366B1 (pl) 2021-08-16
PL440524A1 (pl) 2022-10-03
PL242116B1 (pl) 2023-01-16
PL241997B1 (pl) 2023-01-02
PL440113A1 (pl) 2022-10-17
PL242117B1 (pl) 2023-01-16
PL430471A1 (pl) 2021-01-11
PL440523A1 (pl) 2022-10-03

Similar Documents

Publication Publication Date Title
US8516269B1 (en) Hardware device to physical structure binding and authentication
US20210036875A1 (en) Apparatus and method for processing authentication information
Chothia et al. A traceability attack against e-passports
US8856533B2 (en) Device, system and method for determining authenticity of an item
Guajardo et al. Anti-counterfeiting, key distribution, and key storage in an ambient world via physical unclonable functions
US20090282259A1 (en) Noisy low-power puf authentication without database
US8384546B2 (en) Enhanced security protocol for radio frequency systems
US11516028B2 (en) Temperature sensing physical unclonable function (PUF) authentication system
US11044108B1 (en) Temperature sensing physical unclonable function (PUF) authentication system
US11496285B2 (en) Cryptographic side channel resistance using permutation networks
WO2020240527A1 (fr) Joint d'étanchéité électronique et procédé de vérification de joint d'étanchéité électronique
CN110033286A (zh) 产品防伪验证方法、装置、可读介质、系统和设备
Achard et al. A cross layer approach to preserve privacy in RFID ISO/IEC 15693 systems
Rahman et al. A secure RFID authentication protocol with low communication cost
PL238956B1 (pl) Sposób sprawdzania elektronicznej pieczęci
US11741332B2 (en) Securing cryptographic keys
Ranasinghe et al. A low cost solution to authentication in passive RFID systems
Samuel RFID security in door locks
Bolotnyy et al. 4 Physical Privacy and Security in RFID Systems
Pierson et al. Authentication without secrets
EP4281955A1 (fr) Sécurisation de clés cryptographiques
Huey et al. Fingerprint-based mutual authentication RFID protocol
Deepika et al. Identification of UHF Gen 2 RFID privacy and security issues
Abidin Enhancing the Security of E-Passports using a Secure Key Management Framework.
Allard et al. Physical aggregated objects and dependability

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20815361

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20815361

Country of ref document: EP

Kind code of ref document: A1