Embodiment
In order to make purpose of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, is not intended to limit the present invention.
For technical solutions according to the invention are described, describe below by specific embodiment.
Embodiment one:
Fig. 1 shows the scene of the electronic tag Antiforge system that the embodiment of the invention one provides, the described electronic tag method for anti-counterfeit of the embodiment of the invention can be applicable in the described electronic tag Antiforge system, for convenience of explanation, only show the part relevant with the embodiment of the invention.
As shown in Figure 1, this system comprises close range wireless communication (Near Field Communication, NFC) equipment 1, certificate server 2 and electronic tag 3.
Wherein, described NFC equipment 1 can be the terminal device that has arbitrarily wireless telecommunications and function of surfing the Net, includes but not limited to mobile phone.
Described certificate server 2 can be single server, also can be the server end that jointly is comprised of several function servers.Described certificate server 2 has data-handling capacity, stores the data such as the unique identifier (ID), decruption key of various product and relevant identity in the described certificate server 2, for external world's access, the checking product whether certified products, whether be used etc.
Electronic tag 3(generally places in the packing of product) in store the data such as product IDs, described electronic tag 3 also is built-in with random code generator and sequence number generator.The effect of described random code generator and sequence number generator is so that NFC equipment 1 at every turn when reading electronic labels 3, all can produce a new random code and sequence number, avoids occurring on the same product IDs identical random code and sequence number.Random code with sequence number so that the enciphered data that each electronic tag 3 returns is not identical, thereby improve the difficulty that cracks.
In the present embodiment, the information in NFC equipment 1 reading electronic labels 3, described information comprises the chained address of security parameter and certificate server;
NFC equipment 1 is accessed corresponding certificate server 2 according to described chained address, and described security parameter is sent to described certificate server 2 authentications;
Certificate server 2 is verified described security parameter after receiving described security parameter, is made corresponding prompting according to the result.
Further be, described security parameter comprises product IDs (expressly) and ciphertext parameter, and described ciphertext parameter is the parameter that obtains after electronic tag 3 utilizes random code that preset-key produces random code generator and sequence number generator and sequence number to be encrypted;
Described certificate server 2 specifically is used for, after receiving described security parameter, judge whether the product IDs in the described security parameter is effective, if effectively, obtain the decruption key of this product, and by described decruption key described ciphertext parameter is decrypted, obtain decrypted result, and described decrypted result verified, make corresponding prompting according to the result.
Wherein, described decrypted result comprises random code and sequence number;
Further be, described certificate server 2 is after obtaining described decrypted result, further judge whether the random code in the described decrypted result is effective, if effectively, judge described sequence number whether larger than the sequence number of having stored in the described certificate server and/or with described certificate server in the sequence number of having stored meet default rule; If then pointing out described product is certified products, and store current described sequence number, compare when authenticating for next time.
Further, described security parameter can also comprise the first verification random code (expressly), and described the first verification random code is a regular part in the described random code, for example odd bits, or even bit, perhaps its last four etc.;
Described certificate server 2 is when judging described random code, specifically judge whether described the first verification random code is identical with the second verification random code, if identical, judge again described sequence number whether larger than the sequence number of having stored in the described certificate server and/or with described certificate server in the sequence number of having stored meet default rule; If then pointing out described product is certified products, and store current described sequence number, compare when authenticating for next time.Wherein said the second verification random code is the random code of extracting according to default rule from described random code.
Need to prove that described sequence number can be natural number or other character, sequence number increases progressively or regular variation after every authentication once, and this variation can be detected by certificate server 2 the priority rule of sequence number, for example presses odd number progressive law 3,5,7 ...
The effect of sequence number is to prevent from being submitted to the verify data repetition of certificate server 2 and judging the order of working as time recognition data.For example, product placement is on sales counter, someone thought that before buying the shop-assistant authenticates whether certified products of this product then and there, the shop-assistant can be without the authentication of number of times restriction so, it is all different to obtain random code during each authentication, and sequence number all can change by preset algorithm, thereby can repeat authentication and do not affect authentication next time.
As a preferred embodiment of the present invention, because the authentication of the certified products of product can not guarantee that product is not used, present embodiment has also increased the inefficacy authentication to product, is specially:
NFC equipment 1 receives the inefficacy code of user's input, and described inefficacy code is sent to described certificate server 2;
Certificate server 2 is after receiving described inefficacy code, the product labelling that the described code that lost efficacy is corresponding was for losing efficacy, be that this product is used, be failure state, this product IDs of any submission and all point out this product to lose efficacy with random code corresponding to this product IDs, the authentication of sequence number is used afterwards;
Wherein, described inefficacy code is associated with product IDs, described inefficacy code bit is not used the invisible position of front user in product, namely only being in visual state after product is used (need to prove, visual state when the described inefficacy code of production tense marker is not then within this scope), this code that lost efficacy be cannot see in the position of " coming again one bottle " when this position class is seemingly had a drink when product does not use.
Need to prove that system's scene that present embodiment provides only is used for explaining the present invention, does not limit protection scope of the present invention.
Embodiment two:
Fig. 2 shows the interaction flow of the electronic tag method for anti-counterfeit that the second embodiment provides, and details are as follows for the method process:
In step S201, the information in the close range wireless communication NFC equipment reading electronic labels.
In the present embodiment, described information includes but not limited to the chained address of security parameter and certificate server.Described security parameter includes but not limited to product IDs (expressly) and ciphertext parameter, and described ciphertext parameter is the parameter that obtains after electronic tag utilizes random code (expressly) that preset-key produces random code generator and sequence number generator and sequence number (expressly) to be encrypted.
In step S202, NFC equipment is accessed corresponding certificate server according to described chained address, and described security parameter is sent to described certificate server authentication.
In the present embodiment, described certificate server can be the server under enterprise or the Third Party Authentication mechanism.Store the data such as unique identifier (ID), decruption key, random code, sequence number of various product in the described certificate server, whether be certified products and/or whether be used etc. for the external certificate product.
In step S203, certificate server is verified described security parameter after receiving described security parameter, is made corresponding prompting according to the result.
Wherein, described described security parameter is verified, is made corresponding prompting according to the result and specifically comprise:
Judge whether described product IDs is effective;
If effectively, obtain the decruption key of this product, and by described decruption key described ciphertext parameter is decrypted, obtain decrypted result, and described decrypted result is verified, make corresponding prompting according to the result; If invalid, do not store this product IDs in the authentication authorization and accounting server, then checking finishes, the non-certified products of prompting product.
Wherein, described decrypted result includes but not limited to random code and sequence number;
Further, described described decrypted result is verified, is made corresponding prompting according to the result and specifically comprise:
Judge whether described random code is effective;
If effectively, judge described sequence number whether larger than the sequence number of having stored in the described certificate server and/or with described certificate server in the sequence number of having stored meet default rule; If invalid, then checking finishes, the non-certified products of prompting product;
If then pointing out described product is certified products, and store current described sequence number, compare when authenticating for next time; If not, then checking finishes, the non-certified products of prompting product.
In the present embodiment, the pre-stored sequence number that legal authentication arranged and described sequence number legal judgment principle whether in the certificate server, the rule that namely meets.The sequence number of the current sequence number after certificate server will be deciphered and the legal authentication of authentication server stores compares, if current sequence number is larger and/or meet default rule than the sequence number of described legal authentication, think that then this time authentication is legal, current sequence number (being the sequence number of this authentication) is stored in the certificate server; Otherwise, think that this authentication is illegal, checking finishes, the non-certified products of prompting product.
For example, the sequence number rule is defaulted as by the odd number incremental variations, the sequence number of last legal checking is 1, multiple authentication after reaching so for the second time, sequence number after the deciphering is 3 successively, 5,7,9 ... the time just regard as certified products, if the sequence number after the deciphering of submitting to when once verifying is 2,4,8, then obviously sequence number has problem, and in the situation of certified products, the sequence number that each authentication is submitted to is all not identical with any once authenticated sequence number of submitting to for certified products in front, and greater than previous sequence number, namely last sequence number is 1, and sequence number be just to be certified products more than or equal to 3 o'clock after the next time deciphering.
Further, described security parameter also comprises the first verification random code (expressly), and described the first verification random code is a regular part in the described random code, for example odd bits, or even bit, perhaps its last four etc.
Described certificate server judges specifically whether described the first verification random code is identical with the second verification random code when judging described random code, if not identical, then checking finishes, the non-certified products of prompting product; If identical, judge again described sequence number whether larger than the sequence number of having stored in the described certificate server and/or with described certificate server in the sequence number of having stored meet default rule; If then pointing out described product is certified products, and store current described sequence number, compare when authenticating for next time.Wherein said the second verification random code is the random code of extracting according to default rule from described random code.
Illustrate, as shown in Figure 3, comprise product IDs in the electronic tag: 123456 and the sequence number that produces: 1357, random code: ABCDEF01, default key, by default key to described sequence number: 1357 and random code: ABCDEF01 be encrypted and obtain ciphertext parameter A bcdefghjklm, and the first verification random code EF01, in the present embodiment, the rule of obtaining of the first school, two verification random codes is to get last four of random code.During the information of NFC equipment in reading electronic labels, obtain security parameter, described security parameter is that 123456Abcdefghjklm EFO1(comprises product IDs: 123456, ciphertext parameter: Abcdefghjklm and the first verification random code: EF01), NFC sends to certificate server with described security parameter, certificate server verifies first whether described product IDs is effective, whether the described product IDs of storage is arranged: 123456 in the authentication authorization and accounting server, if effectively, then described ciphertext parameter is decrypted, obtains sequence number: 1357 and random code: ABCDEF01.
Preferably, when being certified products by the such scheme certified product, can not guarantee that this product is not used, because the words that the product after using authenticates again also are certified products, for fear of this kind situation, present embodiment has also increased the inefficacy authentication to product, is specially:
NFC equipment receives the inefficacy code of user's input, and described inefficacy code is sent to described certificate server;
Certificate server is after receiving described inefficacy code, the product labelling that the described code that lost efficacy is corresponding was for losing efficacy, and namely this product has been used, and is failure state, this product IDs of any submission and all point out this product to lose efficacy with random code corresponding to this product IDs, the authentication of sequence number is used afterwards.
Wherein, described inefficacy code is associated with product IDs, and described inefficacy code bit is not used the invisible position of front user in product, namely only is in visual state after product is used, this code that lost efficacy be cannot see in the position of " coming again one bottle " when this position class is seemingly had a drink when product does not use.
In the present embodiment, receive the to lose efficacy mode of code of certificate server can have various ways, for example receives by note or when NFC device access certification page, this page has the code of an inefficacy dialog box, and the code that will lose efficacy is passed to this dialog box submission and gets final product.
Further, for the encourage consumer uses the product failure authentication, can be after the consumer initiatively use the product failure authentication (after namely sending the code that lost efficacy), certificate server sends the awards such as the preferential Securities of electronics or integration for checking NFC equipment.
Embodiment three:
Fig. 4 shows the composition structure of the NFC equipment that third embodiment of the invention provides, and this NFC equipment is applied to for convenience of explanation, only show the part relevant with the embodiment of the invention in as shown in Figure 1 the electronic tag Antiforge system.
This NFC equipment 1 comprises information reading unit 11 and first information transmitting element 12.Wherein, the concrete function of each unit is as follows:
Information reading unit 11 is used for the information in the reading electronic labels, and described information comprises the chained address of security parameter and certificate server;
First information transmitting element 12, corresponding certificate server is accessed in the chained address that is used for reading according to described information reading unit 11, and the described security parameter that will read sends to described certificate server authentication, so that described certificate server is behind the described security parameter that receives, described security parameter is verified, made corresponding prompting according to the result.
Further, it is characterized in that described NFC equipment 1 also comprises:
Information receiving unit 13 is used for receiving the inefficacy code of inputting;
The second information transmitting unit 14 is used for the described inefficacy code that described information receiving unit 13 receives is sent to described certificate server, so that described certificate server is after receiving described inefficacy code, the product labelling that the described code that lost efficacy is corresponding was for losing efficacy;
Wherein, described inefficacy code is associated with product IDs, and described inefficacy code bit is not used the invisible position of front user in product, namely only is in visual state after product is used.
Embodiment four:
Fig. 5 shows the composition structure of the certificate server that fourth embodiment of the invention provides, and this certificate server is applied to for convenience of explanation, only show the part relevant with the embodiment of the invention in as shown in Figure 1 the electronic tag Antiforge system.
This certificate server 2 comprises information receiving unit 21 and authentication unit 22.Wherein, the concrete function of each unit is as follows:
Information receiving unit 21 be used for to receive the security parameter that close range wireless communication NFC equipment sends, the described security parameter information that to be described NFC equipment read in the electronic tag;
Authentication unit 22 is used for the described security parameter that described information receiving unit 21 receives is verified, and makes corresponding prompting according to the result.
Further, it is characterized in that described security parameter comprises product unique identifier ID and ciphertext parameter;
Described authentication unit 22 comprises:
Judge module 221 is used for judging whether described product IDs is effective;
Authentication module 222 is used in described judge module 221 judged results obtaining the decruption key of this product when being, and by described decruption key described ciphertext parameter is decrypted, obtain decrypted result, and described decrypted result is verified, make corresponding prompting according to the result.
Further, described decrypted result comprises random code and sequence number;
Described authentication module 222 also comprises:
First judges submodule 2221, is used for judging whether described random code is effective;
Second judges submodule 2222, be used for judging submodule 2221 judged results when being described first, judge described sequence number whether than the sequence number of having stored in the described certificate server greatly or with described certificate server in the sequence number of having stored meet default rule;
Checking submodule 2223 is used for judging submodule 2222 judged results when being described second that pointing out described product is certified products, and stores current described sequence number, comparison when authenticating for next time.
Further, described security parameter also comprises the first verification random code;
Described second judges submodule 2222, concrete being used for judges that described first the submodule judged result is when being, judge whether described the first verification random code is identical with the second verification random code, wherein said the second verification random code is the random code of extracting according to default rule from described random code.
Further, described certificate server 2 also comprises:
Inefficacy authentication module 23 is used for receiving the inefficacy code that described NFC equipment sends, and the product labelling that the described code that lost efficacy is corresponding was for losing efficacy;
Wherein, described inefficacy code is associated with product IDs, and described inefficacy code bit is not used the invisible position of front user in product, namely only is in visual state after product is used.
The those skilled in the art can be well understood to, be the convenience described and succinct, only the division with above-mentioned each functional unit, module is illustrated, in the practical application, can as required the above-mentioned functions distribution be finished by different functional units or module, the inner structure that is about to device is divided into different functional units or module, to finish all or part of function described above.Each functional unit among the embodiment, module can be integrated in the processing unit, also can be that the independent physics of unit exists, also can be integrated in the unit two or more unit, above-mentioned integrated unit both can adopt the form of hardware to realize, also can adopt the form of SFU software functional unit to realize.In addition, the concrete title of each functional unit, module also just for the ease of mutual differentiation, is not limited to the application's protection domain.The specific works process of unit, module in the said apparatus can with reference to the corresponding process among the preceding method embodiment, not repeat them here.
In sum, whether the embodiment of the invention can be certified products by the various ways such as product IDs, random code and sequence number checking product, has improved greatly the accuracy of product certification.But also can whether be used by the mode certified product of product failure authentication, in the certified products verification process of product, can't guarantee the problem that product is not used to solve prior art.In addition, the embodiment of the invention is in Product Certification, do not need special-purpose authentication means, the terminal device that has arbitrarily wireless telecommunications and function of surfing the Net can be as authentication means, thereby can effectively solve the problem of the existing false proof effective utilization of the incompatible restriction radio frequency of radio-frequency recognition system.The verification process of the embodiment of the invention simply, easily and fast, accuracy rate is high, and product can repeatedly not authenticate before losing efficacy, and had stronger practicality.
Those of ordinary skills it is also understood that, realize that all or part of step in above-described embodiment method is to come the relevant hardware of instruction to finish by program, described program can be in being stored in a computer read/write memory medium, described storage medium comprises ROM/RAM, disk, CD etc.
Above content is the further description of the present invention being done in conjunction with concrete preferred implementation, can not assert that implementation of the present invention is confined to these explanations.For the general technical staff of the technical field of the invention; make without departing from the inventive concept of the premise some alternative or obvious modification that are equal to; and performance or purposes are identical, all should be considered as belonging to the scope of patent protection that the present invention is determined by claims of submitting to.