WO2020240527A1 - Electronic seal and method of electronic seal verification - Google Patents

Electronic seal and method of electronic seal verification Download PDF

Info

Publication number
WO2020240527A1
WO2020240527A1 PCT/IB2020/056218 IB2020056218W WO2020240527A1 WO 2020240527 A1 WO2020240527 A1 WO 2020240527A1 IB 2020056218 W IB2020056218 W IB 2020056218W WO 2020240527 A1 WO2020240527 A1 WO 2020240527A1
Authority
WO
WIPO (PCT)
Prior art keywords
seal
response
circuit
electronic
challenge
Prior art date
Application number
PCT/IB2020/056218
Other languages
French (fr)
Inventor
Krzysztof Gołofit
Original Assignee
Golofit Krzysztof
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Golofit Krzysztof filed Critical Golofit Krzysztof
Priority to PL440113A priority Critical patent/PL242116B1/en
Priority to PL440523A priority patent/PL241997B1/en
Priority to PL440524A priority patent/PL242117B1/en
Publication of WO2020240527A1 publication Critical patent/WO2020240527A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • H04L9/0662Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication

Definitions

  • the invention concerns an electronic seal and a method of electronic seal veri
  • an electronic seal comprising an RFID communication module with an antenna coil for wireless communication, which was partially placed on the surface of the laminate using a conductive ink characterized by fragility. Breaking the seal will damage the antenna, resulting in a lack of radio communication with the seal.
  • an electronic seal containing an electronic tape consisting of: a protective coating, a conductive strip, an intermediate insulating layer, insulating surface contact and resistive strips.
  • a protective coating consisting of: a protective coating, a conductive strip, an intermediate insulating layer, insulating surface contact and resistive strips.
  • the following parameters are measured for changes: resistance, capacitance and inductance. Random codes are also stored on the tape and the seal, which are erased when intrusion is detected.
  • a physically unclonable functions (PUF) circuit in which a conductive material of suitable grain is distributed on the insulator layer, under which there are many electrical contacts of an electronic circuit.
  • the electronic circuit uses measurements of capacitance and resistance values between the conductive layer and contacts or between selected contacts. The structure of the layer on the circuit causes that these values are random, but repeatable, which ensures the functionality of the PUF circuit.
  • US2015278505 is known a method of authenticating a target device using a reader and a data store comprising: sending a selected challenge data value from the reader to the target device multiple times; receiving at the reader the respective response data value generated by the target device in response to each instance of the challenge data value sent by the reader; de termining a representative response data value from the response data values received by the reader; comparing the representative response data value against the response data values in the respective challenge-response data set; and determining that the target device is authentic if the representative data value matches any one of the response data values from a respective challenge-response data set.
  • the chaotic circuit contains a chaotic circuit.
  • the chaotic circuit has two switchable chain ring oscillators, which outputs are connected to inputs of a phase detector, which output is connected to control inputs of the switchable chain ring oscillators through a control system and is also connected to a output of the chaotic circuit.
  • the output of the chaotic circuit is connected to the output of the generator of physically unclonable cryptographic keys through a sample and compare circuit.
  • Generator has an initializing input connected to both initializing inputs of the switchable chain ring oscillators and to the first input of the sample and compare circuit, which second input is connected to the output of the second switchable chain ring oscillator.
  • a chaotic circuit which is constructed based on two frequency generating modules, each consisting of four MOS transistors, and an active nonlinear module, consisting of three MOS transistors.
  • a chaotic circuit with constant Liapunov exponent spectrum which comprises a signal source module, a linear module, a piecewise linear function module and a negative resistor module.
  • the signal source module is connected with the linear module and the negative resistor module.
  • the piecewise linear function module is connected with the linear module.
  • the negative resistor module is connected with the linear module.
  • Chaotic circuits known in the art essentially strengthen microscopic differences, ensuring a reproducible result, without the possibility of calculating or discovering these differences based on the result.
  • the invention solves the problem of ensuring authenticity of a protected object.
  • the aim of the invention is to ensure a bond between an object and the seal
  • Electronic seal comprising a communication module and a circuit of physically un- clonable functions connected to it, comprising at least one sensitive element, which electrical parameters change a response of this circuit, according to the invention it has at least one sensitive contact surface connected to at least one protected object. Further at least one sensitive element of the circuit has an electrical contact connected with it, which is placed directly next to the sensitive contact surface, or at least one sensitive element of the circuit, which is a sensitive electronic element, is placed directly next to the sensitive contact surface, thus the connection of the sensitive contact surface with the protected object influences electrical parameters of at least one sensitive element of the circuit of physically unclonable function.
  • the technical effect of the solution is that violating seal in regard to protected object will produce irreversible parameter changes in structure of the circuit of physically unclonable functions. As result, a violation of the seal can be detected without the need for constant monitoring or powering the seal, and its verification confirms the authenticity of the protected object.
  • At least one electrical contact is brought to at least one sensitive contact surface and is electrically connected directly to the protected object. For that reason, the resistance and the impedance of the connection have an impact on the response of the circuit of physically unclonable functions.
  • At least one electrical contact is brought to at least one sensitive contact surface and is electrically connected directly to the protected object with an insulator. For that reason, capacitive and inductive characteristics of the connection have an influence on the response of the circuit of physically unclonable functions.
  • At least one sensitive electronic element of the circuit is placed at at least one sensitive contact surface, wherein changing the position of the protected object relative to this element changes the electrical parameters of the circuit. Bringing electronic elements close to the protected object allows to change their parameters when the position of the protected object changes, and thus to change the response of the circuit of physically unclonable functions.
  • Electronic seal is advantageously attached to the protected object with the adhesive layer.
  • the adhesive layer is electrically conductive. This makes it possible to detect changes in resistance.
  • the insulator is also an adhesive layer that electrically insulates at least one electrical contact from the protected object. This makes it possible to detect capacitive changes.
  • the adhesive layer is more durable than the internal structure of the circuit of physically unclonable functions.
  • a violation or break of seal enhances changes in the sensitive structure of the circuit of physically unclonable functions.
  • the circuit of physically unclonable functions comprises a chaotic circuit.
  • a chaotic circuit intensively amplifies microscopic differences that are the initial conditions for the circuit operation, which results in significant divergences in outcomes on the circuit output.
  • the sensitivity of the circuit of physically un clonable functions increases.
  • Electronic seal advantageously comprises a random number generator connected to the communication module. This makes it possible to perform encryption of in formation with one-time encryption keys.
  • the random number generator is a true random number generator.
  • the communication module is a radio-frequency identification
  • This solution enables communication with the seal in the RFID standard.
  • the communication module is a near field communication module.
  • the seal identification is proceeded as follows, upon a request of an authentication party, a predetermined seal identifier, with which the seal was equipped, is sent from the seal to the authentication party, where identification of the identifier occurs. This allows for the identification of the seal in a simple and implementation- un demanding way.
  • the seal identification is proceeded as follows, upon a request of an authentication party, a seal identifier, which comprises at least one response of the circuit of physically unclonable functions for at least one predetermined challenge, is sent from the seal to the authentication party, where identification of the identifier occurs.
  • a seal identifier which comprises at least one response of the circuit of physically unclonable functions for at least one predetermined challenge.
  • the seal identification is proceeded as follows, upon a request of an authentication party, a series of random numbers is generated in the seal using a random number generator, and then this series and the corresponding series of identifier number values determined by the series of generated random numbers are sent from the seal to the authentication party, where identification based on these values occurs.
  • a series of random numbers is generated in the seal using a random number generator, and then this series and the corresponding series of identifier number values determined by the series of generated random numbers are sent from the seal to the authentication party, where identification based on these values occurs.
  • the seal authentication by an authentication party is proceeded as follows, a first challenge is sent to the seal by the authentication party, then the first response to this challenge is generated in the seal using a circuit of physically un- clonable functions, then this response is sent by the seal to the authentication party, where the correctness of the response is verified by comparison with the previously re membered response, wherein their compliance means the proper authentication of the seal for the authentication party.
  • This allows for the seal authentication in a simple and implementationally undemanding way.
  • the authentication party is authenticated by the seal as follows, a second challenge and a second response is sent to the seal by the authen tication party, then the second response to the second challenge is generated in the seal using a circuit of physically unclonable functions, where the correctness of the received second response is verified by comparison with the generated second response, wherein their compliance means the proper authentication of the authen tication party for the seal.
  • This allows for mutual authentication in a simple and imple mentationally undemanding way.
  • the data sent from authen tication party to seal are encrypted as follows, a transmitting key is randomly generated by the authentication party, and all data being sent to the seal except the first challenge are encrypted using the transmitting key by the authentication party, moreover the au thentication party provides the first response encrypted using transmitting key and an encrypted second response to the seal, then the transmitting key is computed in the seal based on the generated first response and the encrypted first response, where the transmitting key allows for decryption of the remaining encrypted data in the seal. This allows for secure transmission from the authentication party to the seal of all data encrypted with one-time keys.
  • the data sent from the seal to the authentication party are encrypted as follows, a receiving key is randomly generated in the seal, and all data being sent to authentication party are encrypted by the seal and sent, then the receiving key is computed by the authentication party based on the encrypted second response, which allows the authentication party to decrypt of all the remaining data received from the seal. This allows for secure transmission from the seal to the authentication party of all data encrypted with one-time keys.
  • the first challenge is masked as follows, the authentication party generates a series of random numbers using a random number generator, then the authentication party determines a random series of values of the identifier numbers in regard to the series of random numbers, then the first challenge encrypted using the series of values and the series of random numbers are sent from the authentication party to the seal, where the series of values is recreated in the seal based on the series of random numbers and the identifier numbers, which is used to decrypt the first challenge.
  • This allows for masking the first challenge and protecting against attacks based on constant monitoring of transmissions.
  • the invention allows to detect violations of the direct bond between the seal and the surface against which the seal has been placed.
  • Fig. 1 presents a schematic diagram of a seal with direct connections
  • fig. 2 presents a schematic diagram of a seal with isolated connections
  • fig. 3 presents a schematic view of seal from the contact surface side
  • fig. 4 presents a schematic diagram of a seal with electronic elements of a circuit of physically unclonable functions placed at the edge of the contact surface
  • fig. 5 presents a schematic diagram of a double-sided seal
  • fig. 6 presents a sequence of operations in a method of seal identification based on an identifier
  • fig. 7 presents a sequence of operations in a method of seal identification based on a response of a circuit of physically unclonable functions
  • fig. 8 presents a sequence of operations in a method of seal identification based on random fragments of an identifier
  • fig. 9 presents a sequence of operations in a method of an open authentication of a seal
  • fig. 10 presents a sequence of operations in a method of an open mutual authentication
  • fig. 11 presents a sequence of operations in a method of an open authentication of a seal with an exchange of a challenge- response pair
  • fig. 12 presents a sequence of operations in a method of encrypted seal authentication
  • Electronic seal in the embodiment presented in fig. 1 comprises a sensitive contact surface SS at the bottom of the electronic seal SL, a circuit of physically unclonable functions PUF. which comprises sensitive elements EL and electrical contacts KT on the sensitive contact surface SS.
  • the electrical contacts KT are connected to the sensitive elements EL of the circuit of physically unclonable functions PUF.
  • the electronic seal SL makes contact with its entire lower surface against a protected object OB.
  • the electrical contacts KT are in contact with the surface of the object OB.
  • the edges of the bottom surface of the seal SL were attached to the surface of the object OB with an adhesive layer GL.
  • Electronic seal in the embodiment presented in fig. 2 comprises a sensitive contact surface SS at the bottom of the electronic seal SL, a communication module COM a random number generator RNG, a circuit of physically unclonable functions PUF. which comprises sensitive elements EL and electrical contacts KT on the sensitive contact surface SS.
  • the communication module COM is connected to the circuit of physically unclonable functions PUF and to the random number generator RNG.
  • the electrical contacts KT are connected to the sensitive elements EL of the circuit of physically unclonable functions PUF.
  • the electronic seal SL makes contact with its entire lower surface against a protected object OB with an insulator IR, therefore the electrical contacts KT do not make direct contact with the surface of the object OB.
  • direct electrical connections or insulated connections or mixed connections are chosen.
  • internal elements of the circuit of physically unclonable functions are selected which parameter values allow to cooperate with external parameters.
  • an electronic element of the PUF circuit can be connected in parallel with a fragment of the protected object surface if the protected object surface characterize a high re sistance.
  • a fragment of the protected object surface can be used as an electrical path in the PUF circuit structure (or be connected in parallel with it).
  • Sensitive contact surface SS comprises an electrical contact assembly KT arranged in a matrix, as presented in fig. 3.
  • the size of the electrical contacts, their density and location, and the number of contacts depend on the nature of the protected object surface, in particular the roughness of the protected object surface, the internal granularity of the external layer material of the object and its overall impedance properties.
  • Electronic seal in the embodiment presented in fig. 4 comprises a sensitive contact surface SS at the bottom of the electronic seal SF, a near field communication module NFC a true random number generator TRNG. a circuit of physically unclonable functions PUF. which comprises sensitive elements EF and sensitive electronic elements EE placed near the sensitive contact surface SS.
  • the communication module NFC is connected to the circuit of physically unclonable functions PUF and to the true random number generator TRNG.
  • the electronic seal SF makes contact with its entire lower surface against a protected object OB. wherein the edges of the bottom surface of the seal SF were attached to the surface of the object OB with an adhesive layer GF. whereas the sensitive contact surface SS was affixed to the surface of the object OB by a strongly bonding adhesive layer SGF.
  • electronic seal presented in fig. 5 comprises two sensitive contact surfaces SSI and SS2 - first SSI at the bottom and second SS2 at the top of the electronic seal SF.
  • the electronic seal SF comprises a communication module in the form of radio-frequency identification system RFID a true random number generator TRNG. a circuit of physically unclonable functions PUF. which comprises sensitive electronic elements EE placed near both sensitive contact surfaces SSI and SS2.
  • the communication module RFID is connected to the circuit of physically unclonable functions PUF and to the true random number generator TRNG.
  • the electronic seal SF makes contact with its entire lower surface SSI against first protected object OBI and with its entire upper surface SS2 against second protected object OB2. Both surfaces were attached to the surfaces of the objects OB 1 and OB2 using a strongly bonding adhesive layer SGF.
  • Fots of solutions of Physical Unclonable Function are based on microscopic differences in electrical parameters of electronic circuit components. These circuits are designed to be sensitive to the inter- specimen spreads of the circuit components pa rameters. Any differences in the geometry of elements (thickness, length, width), their mutual distance, inhomogeneity of doping, etc., translate into spreads of parameters such as: resistance, capacitance, impedance, current efficiency, etc. These differences are used to generate a PUF response inextricably linked to a given specimen - what is important, in most cases these parameters are impossible to measure, and such an attempt would destroy or change the PUF structure.
  • the category of strong PUF concerns solutions in which the PUF circuit generates a response R to a challenge C, which in most cases are in the form of binary numbers vectors. With a sufficiently large space of challenge vectors and response vectors, the PUF circuit can perform a function in a form of an asymmetric cryptography function. Moreover, such solutions may be used to generate unclonable cryptographic keys unique to a specific device. These keys are random but constant for a given specimen. Their significant advantage, in addition to unclonability, is that these keys are usually not present in the circuit, because they are generated only when they are needed in the circuit - thanks to this, such solutions are extremely resistant to various types of side-channel attacks.
  • the structure of the PUF circuit includes elements (both electronic and passive) that have no influence (or have a negligible effect) on the result of the circuit operation and elements EL (both electronic EE and passive KT), which electrical parameters affect the result of circuit operation - in particular, these are all elements responsible for re configuration of the circuit according to the challenge C. So far internal differences between circuits have been used, however, in accordance with the invention, in order to generate a response, besides internal differences, there are also external parameters taken into account, which are resulting from the immediate proximity to an external object OB. OBI. OB2. Thanks to this, it is possible to implement the electronic seal SL .
  • a particularly advantageous implementation of the PUF circuit is a chaotic circuit, thanks to which the microscopic parameters of the PUF circuit are incessantly amplified.
  • the chaotic circuit is also characterized by the fact that even the manu facturer of the electronic circuits is not able to imitate or fabricate the operation of a specimen.
  • Flexible printed circuits have been known for years in the art and on the market, which give little possibilities to implement electronic seals.
  • flexible in tegrated circuits are relatively new, which are flexible in a way as flexible printed circuits.
  • the technologies of flexible integrated circuits are characterized by a very small scale of integration (very large sizes of electronic components), therefore many complex implementations (such as asymmetric cryptography algorithms) often exceed the possibilities of these technologies.
  • Another disadvantage of flexible integrated circuits is the lack of memory (FLASH or RAM), which makes cryptographic keys im possible to save or change. Therefore, cryptographic implementations are impossible or very difficult.
  • a memory-free electronic circuit is proposed, and it is also not implementationally complex.
  • the dimensions of flexible integrated circuits allow for sealing objects of all sizes (e.g. confirming the authenticity of banknotes, sealing paper envelopes or letters).
  • the disadvantage of many electronic seals is that they require a continuous power supply, which is used, for example, to monitor the security circuitry for a breach. Moreover, in the event of a power failure, once it has been restored, it is often im possible to determine whether the safety circuit was interrupted during the power failure.
  • the solution according to the invention allows to verify that the seal has not been violated in reference to its state registered at the beginning, when the seal was applied. Moreover, when using RFID or NFC communication technology, a seal is not powered for most of the time. Energy is induced in the seal only while the seal is being verified.
  • Method of electronic seal identification presented in fig. 6 consists in receiving by the seal a query for its identifier ID? (step 1), then seal reads its identifier ID consisting of a series of numbers id (step 2) and sends it ID back (step 3).
  • the identifier may be permanently set in the seal (e.g. in the production process), so that the seal does not have to be equipped with a memory. Moreover, it allows identifying the seal in a simple and implementation- undemanding way.
  • Method of electronic seal identification presented in fig. 7 consists in receiving by the seal a query for its identifier ID? (step 1), after which the seal, based on a series of given challenges C (step 2), generates a series of responses R (steps 3-6) using a circuit of physically unclonable functions put, and then, after combining a series of responses R into a single identifier IDp (step 7), the seal sends it back (step 8).
  • the challenges C can be arbitrary established values, therefore the seal does not need to be equipped with a memory. With this method, the identifier is not stored in the seal.
  • Method of electronic seal identification presented in fig. 8 consists in receiving by the seal a query for its identifier ID? (step 1), after which the seal generates a series of random numbers L using a random number generator nig (step 2), then, from among the values of the identifier numbers, the values id with positions corresponding to the randomly drawn numbers are selected, and an identifier numbers series IDg is created from the selected numbers (step 3).
  • the seal sends back both the series of random numbers L (step 4) and the series of corresponding identifier numbers IDg (step 5).
  • This method enables anonymity of identification, especially when it is based on a suf ficiently long identifier.
  • This method can use both a sufficiently long identifier per manently set in the seal, and an identifier consisting of a sufficiently large number of responses of the circuit of physically unclonable functions.
  • Method of electronic seal authentication presented in fig. 9 consists in retrieving from authentication party storage a challenge-response pair Cx. Rx that is corre sponding to the identified seal (step 1), and then sending the challenge Cx from the au thentication party to the seal (step 2).
  • a response Rx’ to this challenge is generated using a circuit of physically unclonable functions put (step 3), which is then sent back to authentication party from the seal (step 4).
  • Proper authentication of the seal is verified by the authentication party by comparison of the received response Rx’ with the previously retrieved response Rx. This method is characterized by simplicity and low engagement of used devices.
  • a second challenge-response pair Cv. Rv corre sponding to the identified seal is retrieved by the authentication party (step 2), which is also sent from the authentication party to the seal (steps 4 and 5).
  • a second response Rv’ to the second challenge Cy is generated using the circuit of physically unclonable functions put (step 7), which is then used to au thenticate the authentication party by comparing the received second response of Ry with the generated second response Rv’ (step 8).
  • An exchange of an old challenge-response pair to a new challenge-response pair can be achieved by extending the method presented in fig. 9 to a method presented in fig. 11, which is similar to the method presented in fig. 9, except that a new challenge Cn is randomly generated in the seal using a random number generator mg (step 4) and this challenge is used to generate a new response Rn using the circuit of physically un clonable functions put (step 5).
  • the new challenge-response pair Cn. Rn is then sent from the seal to the authentication party (steps 7 and 8).
  • the new challenge-response pair Cn. Rn can replace the previously used challenge- response pair Cx- Rx (step 10), hence a chain exchange of pairs occurs.
  • the encryption of data sent from the authentication party to the seal and received by the authentication party from the seal can be implemented by extending the method presented in fig. 9 to a method presented in fig. 12, which is similar to the method presented in fig. 9, except that a second challenge-response pair Cv. Rv corresponding to the identified seal is retrieved by the authentication party (step 2), and a transmitting key Ks is randomly generated by the authentication party using a random number generator rng (step 3). Except the first challenge Cx all the data being sent to the seal are encrypted with this key, including the first and second responses Rx Rv (steps 5 and 6).
  • the first response Rx’ Since the first response Rx’ can be generated in the seal, it is used in order to calculate the transmitting key Ks (step 8), which is used for decryption of the second response Ry in the seal (step 9) and other data. Furthermore, in the seal a one-time random receiving key Kr is generated using the random number generator nig (step 10). This key is used for encryption of all data being sent from the seal to the authen tication party (steps 11 and 12), including the second response Ry (step 11), which is used in order to calculate the receiving key Kr by the authentication party based on the encrypted second response Ry and the previously retrieved second response Ry (step 13). The receiving key Kr is used for decryption of all other data received by the au thentication party from the seal (step 14). Encryption and decryption is performed using exclusive disjunction (XOR). This method allows for secure data transmission encrypted with one-time keys, thus attacks based on eavesdropping or message repetition will not succeed.
  • XOR exclusive disjun
  • the most comprehensive variant of the seal authentication combines the methods presented in fig. 9, 10, 11 and 12 and includes an additional masking of the first challenge by the authentication party, which is based on the seal identification method presented in fig 8.
  • the method of authentication presented in fig. 13 is similar to the methods presented in fig. 9, 10, 11 and 12, except that a series of random numbers K is generated using a random number generator mg by the authentication party (step 3), then the numbers of this series are used to select randomly chosen values of the identifier id, which make a series of also random numbers Ki (step 4) - i.e.
  • the identifier temporary masking key with which the first challenge Cx is encrypted and sent from the authentication party to the seal (step 6), with which the series of random numbers is sent K (step 7).
  • the masking key Ki is regenerated in the seal (step 11), based on which the first challenge Cx is decrypted (step 12).
  • sender's authentication (authentication party) - steps: 2, 9, 10, 17, 18;
  • the application of the invention can be found in ensuring the originality of products, in securing the integrity of objects or their components, in preventing counterfeiting products and in counteracting documents forgery, in particular in RFID or NFC tags made in the technologies of integrated circuits with low integration scale and no memory or permanent storage or power source.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Mathematical Physics (AREA)
  • Credit Cards Or The Like (AREA)
  • Storage Device Security (AREA)
  • Adhesive Tapes (AREA)
  • Collating Specific Patterns (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

Electronic seal (SL) comprises two sensitive contact surfaces (SS1, SS2) – first (SS1) at the bottom, second (SS2) at the top of the seal (SL). Moreover comprises a communication module in the form of radio-frequency identification system (RFID), a true random number generator (TRNG), a circuit of physically unclonable functions (PUF), which comprises sensitive electronic elements (EE) placed near both sensitive contact surfaces (SS1, SS2). The communication module (RFID) is connected to the circuit of physically unclonable functions (PUF) and to the true random number generator (TRNG). The electronic seal (SL) makes contact with its entire lower surface (SS1) against first protected object (OB1) and with its entire upper surface (SS2) against second protected object (OB2). Both surfaces were attached to the surfaces of the objects (OB1 and OB2) using a strongly bonding adhesive layer (SGL).

Description

Description
Title of Invention: Electronic seal and method of electronic seal verification
[0001] The invention concerns an electronic seal and a method of electronic seal veri
fication, intended especially for attaching to objects, documents, packaging or products.
[0002] From Japanese Patent Application Publication No. JP2018081512, an electronic seal is known comprising an RFID communication module with an antenna coil for wireless communication, which was partially placed on the surface of the laminate using a conductive ink characterized by fragility. Breaking the seal will damage the antenna, resulting in a lack of radio communication with the seal.
[0003] From the publication of international patent application no. W02009157032, an
electronic seal is known containing an electronic tape consisting of: a protective coating, a conductive strip, an intermediate insulating layer, insulating surface contact and resistive strips. In order to verify the seal, the following parameters are measured for changes: resistance, capacitance and inductance. Random codes are also stored on the tape and the seal, which are erased when intrusion is detected.
[0004] The disadvantages of known electronic seals are: lack of sensitivity to the charac teristics of the protected object, the inability to ensure the authenticity of the protected object and the possibility of substitution of protected objects or separation of the protected object from the electronic seal or security element of the electronic seal.
[0005] From the publication of Chinese patent application no. CN102265395, a physically unclonable functions (PUF) circuit is known, in which a conductive material of suitable grain is distributed on the insulator layer, under which there are many electrical contacts of an electronic circuit. The electronic circuit uses measurements of capacitance and resistance values between the conductive layer and contacts or between selected contacts. The structure of the layer on the circuit causes that these values are random, but repeatable, which ensures the functionality of the PUF circuit.
[0006] It is known from patent literature, e.g. from patent US2008256600 (Al), a device containing a physically unclonable functions (PUF) circuit, comprising an integrated circuit covered with a matrix of sensor structures, which is covered with a coating containing random dielectric particles, from which local capacitance values may be measured determining a unique key pattern, as well as the device is equipped with an RFID communication module, wherein the whole device may be in the form of a label in order to be easily attached to items. The disadvantage of this solution is that the unique key pattern is created based on internal measurements in the physically un- clonable functions PUF circuit.
[0007] Physically unclonable functions circuits are generally used to attach them to
protected objects or to ensure the authenticity of electronic circuits in which physically unclonable functions are contained. However, the disadvantage of known physically unclonable functions circuits is that they can only provide authenticity with regard to their own circuits. Physically unclonable functions circuits are not electronic seals, unless threated in regard to themselves when they are also protected objects.
[0008] From the publication of the US patent application no. US2015278505 is known a method of authenticating a target device using a reader and a data store comprising: sending a selected challenge data value from the reader to the target device multiple times; receiving at the reader the respective response data value generated by the target device in response to each instance of the challenge data value sent by the reader; de termining a representative response data value from the response data values received by the reader; comparing the representative response data value against the response data values in the respective challenge-response data set; and determining that the target device is authentic if the representative data value matches any one of the response data values from a respective challenge-response data set.
[0009] From the publication of Polish patent application no. P.422486 a generator of
physically unclonable cryptographic keys is known, which contains a chaotic circuit. The chaotic circuit has two switchable chain ring oscillators, which outputs are connected to inputs of a phase detector, which output is connected to control inputs of the switchable chain ring oscillators through a control system and is also connected to a output of the chaotic circuit. The output of the chaotic circuit is connected to the output of the generator of physically unclonable cryptographic keys through a sample and compare circuit. Generator has an initializing input connected to both initializing inputs of the switchable chain ring oscillators and to the first input of the sample and compare circuit, which second input is connected to the output of the second switchable chain ring oscillator.
[0010] From the publication of Chinese patent application no. CN105978552A, a chaotic circuit is known, which is constructed based on two frequency generating modules, each consisting of four MOS transistors, and an active nonlinear module, consisting of three MOS transistors.
[0011] From the publication of Chinese patent application no. CN107623567A is known a chaotic circuit with constant Liapunov exponent spectrum, which comprises a signal source module, a linear module, a piecewise linear function module and a negative resistor module. The signal source module is connected with the linear module and the negative resistor module. The piecewise linear function module is connected with the linear module. The negative resistor module is connected with the linear module. [0012] Chaotic circuits known in the art essentially strengthen microscopic differences, ensuring a reproducible result, without the possibility of calculating or discovering these differences based on the result.
[0013] The invention solves the problem of ensuring authenticity of a protected object.
[0014] The aim of the invention is to ensure a bond between an object and the seal, the
violation of which will create irreversible changes resulting in seal break elec tronically.
[0015] Electronic seal comprising a communication module and a circuit of physically un- clonable functions connected to it, comprising at least one sensitive element, which electrical parameters change a response of this circuit, according to the invention it has at least one sensitive contact surface connected to at least one protected object. Further at least one sensitive element of the circuit has an electrical contact connected with it, which is placed directly next to the sensitive contact surface, or at least one sensitive element of the circuit, which is a sensitive electronic element, is placed directly next to the sensitive contact surface, thus the connection of the sensitive contact surface with the protected object influences electrical parameters of at least one sensitive element of the circuit of physically unclonable function. The technical effect of the solution is that violating seal in regard to protected object will produce irreversible parameter changes in structure of the circuit of physically unclonable functions. As result, a violation of the seal can be detected without the need for constant monitoring or powering the seal, and its verification confirms the authenticity of the protected object.
[0016] Advantageously at least one electrical contact is brought to at least one sensitive contact surface and is electrically connected directly to the protected object. For that reason, the resistance and the impedance of the connection have an impact on the response of the circuit of physically unclonable functions.
[0017] Advantageously at least one electrical contact is brought to at least one sensitive contact surface and is electrically connected directly to the protected object with an insulator. For that reason, capacitive and inductive characteristics of the connection have an influence on the response of the circuit of physically unclonable functions.
[0018] Advantageously at least one sensitive electronic element of the circuit is placed at at least one sensitive contact surface, wherein changing the position of the protected object relative to this element changes the electrical parameters of the circuit. Bringing electronic elements close to the protected object allows to change their parameters when the position of the protected object changes, and thus to change the response of the circuit of physically unclonable functions.
[0019] Electronic seal is advantageously attached to the protected object with the adhesive layer. As a result, the impact of accidental, unintentional seal violation is minimized and the effects of seal detachment or seal violation are enhanced. [0020] Advantageously the adhesive layer is electrically conductive. This makes it possible to detect changes in resistance.
[0021] Advantageously the insulator is also an adhesive layer that electrically insulates at least one electrical contact from the protected object. This makes it possible to detect capacitive changes.
[0022] Advantageously the adhesive layer is more durable than the internal structure of the circuit of physically unclonable functions. As a result, a violation or break of seal enhances changes in the sensitive structure of the circuit of physically unclonable functions.
[0023] Advantageously the circuit of physically unclonable functions comprises a chaotic circuit. A chaotic circuit intensively amplifies microscopic differences that are the initial conditions for the circuit operation, which results in significant divergences in outcomes on the circuit output. Thus the sensitivity of the circuit of physically un clonable functions increases.
[0024] Electronic seal advantageously comprises a random number generator connected to the communication module. This makes it possible to perform encryption of in formation with one-time encryption keys.
[0025] Advantageously the random number generator is a true random number generator.
This makes the encryption keys more unique and reduces the vulnerability to attacks that exploit the periodicity and/or bias of random generators.
[0026] Advantageously the communication module is a radio-frequency identification
system. This solution enables communication with the seal in the RFID standard.
[0027] Advantageously the communication module is a near field communication module.
This solution enables communication with the seal in the NFC standard.
[0028] Method of electronic seal verification, in which seal identification is performed first, and then seal authentication, according to the invention is performed on the electronic seal characterized in accordance with the subject matter described herein. This makes it possible to perform identification and authentication of the seal, which is the subject of this invention.
[0029] Advantageously the seal identification is proceeded as follows, upon a request of an authentication party, a predetermined seal identifier, with which the seal was equipped, is sent from the seal to the authentication party, where identification of the identifier occurs. This allows for the identification of the seal in a simple and implementation- un demanding way.
[0030] Advantageously the seal identification is proceeded as follows, upon a request of an authentication party, a seal identifier, which comprises at least one response of the circuit of physically unclonable functions for at least one predetermined challenge, is sent from the seal to the authentication party, where identification of the identifier occurs. Thus no memory is required in the seal as well as in the seal the identifier does not exist until it is temporarily generated.
[0031] Advantageously the seal identification is proceeded as follows, upon a request of an authentication party, a series of random numbers is generated in the seal using a random number generator, and then this series and the corresponding series of identifier number values determined by the series of generated random numbers are sent from the seal to the authentication party, where identification based on these values occurs. Thus anonymity of the identification is possible and the difficulty of tracing the seal is significantly increased.
[0032] Advantageously the seal authentication by an authentication party is proceeded as follows, a first challenge is sent to the seal by the authentication party, then the first response to this challenge is generated in the seal using a circuit of physically un- clonable functions, then this response is sent by the seal to the authentication party, where the correctness of the response is verified by comparison with the previously re membered response, wherein their compliance means the proper authentication of the seal for the authentication party. This allows for the seal authentication in a simple and implementationally undemanding way.
[0033] Advantageously additionally the authentication party is authenticated by the seal as follows, a second challenge and a second response is sent to the seal by the authen tication party, then the second response to the second challenge is generated in the seal using a circuit of physically unclonable functions, where the correctness of the received second response is verified by comparison with the generated second response, wherein their compliance means the proper authentication of the authen tication party for the seal. This allows for mutual authentication in a simple and imple mentationally undemanding way.
[0034] Advantageously in the seal authentication additionally challenge-response pairs stored by the authentication party are exchanged as follows, a new challenge is generated randomly in the seal, then a new response to this challenge is generated in the seal using the circuit of physically unclonable functions, then the new challenge and the new response are additionally sent from the seal to the authentication party, where the authentication party replaces the stored challenge-response pair with the new pair comprising the new challenge and the new response. This allows for a chain exchange of challenge-response pairs.
[0035] Advantageously in the seal authentication additionally the data sent from authen tication party to seal are encrypted as follows, a transmitting key is randomly generated by the authentication party, and all data being sent to the seal except the first challenge are encrypted using the transmitting key by the authentication party, moreover the au thentication party provides the first response encrypted using transmitting key and an encrypted second response to the seal, then the transmitting key is computed in the seal based on the generated first response and the encrypted first response, where the transmitting key allows for decryption of the remaining encrypted data in the seal. This allows for secure transmission from the authentication party to the seal of all data encrypted with one-time keys.
[0036] Advantageously in the seal authentication additionally the data sent from the seal to the authentication party are encrypted as follows, a receiving key is randomly generated in the seal, and all data being sent to authentication party are encrypted by the seal and sent, then the receiving key is computed by the authentication party based on the encrypted second response, which allows the authentication party to decrypt of all the remaining data received from the seal. This allows for secure transmission from the seal to the authentication party of all data encrypted with one-time keys.
[0037] Advantageously in the seal authentication additionally the first challenge is masked as follows, the authentication party generates a series of random numbers using a random number generator, then the authentication party determines a random series of values of the identifier numbers in regard to the series of random numbers, then the first challenge encrypted using the series of values and the series of random numbers are sent from the authentication party to the seal, where the series of values is recreated in the seal based on the series of random numbers and the identifier numbers, which is used to decrypt the first challenge. This allows for masking the first challenge and protecting against attacks based on constant monitoring of transmissions.
[0038] The invention allows to detect violations of the direct bond between the seal and the surface against which the seal has been placed.
[0039] The invention has been described below in detail, with reference to the attached
figures. Fig. 1 presents a schematic diagram of a seal with direct connections, fig. 2 presents a schematic diagram of a seal with isolated connections, fig. 3 presents a schematic view of seal from the contact surface side, fig. 4 presents a schematic diagram of a seal with electronic elements of a circuit of physically unclonable functions placed at the edge of the contact surface, fig. 5 presents a schematic diagram of a double-sided seal, fig. 6 presents a sequence of operations in a method of seal identification based on an identifier, fig. 7 presents a sequence of operations in a method of seal identification based on a response of a circuit of physically unclonable functions, fig. 8 presents a sequence of operations in a method of seal identification based on random fragments of an identifier, fig. 9 presents a sequence of operations in a method of an open authentication of a seal, fig. 10 presents a sequence of operations in a method of an open mutual authentication, fig. 11 presents a sequence of operations in a method of an open authentication of a seal with an exchange of a challenge- response pair, fig. 12 presents a sequence of operations in a method of encrypted seal authentication, a fig. 13 - a sequence of operations in a method of encrypted mutual authentication with an exchange of a challenge-response pair and masking an un encrypted challenge.
[0040] Electronic seal in the embodiment presented in fig. 1 comprises a sensitive contact surface SS at the bottom of the electronic seal SL, a circuit of physically unclonable functions PUF. which comprises sensitive elements EL and electrical contacts KT on the sensitive contact surface SS. The electrical contacts KT are connected to the sensitive elements EL of the circuit of physically unclonable functions PUF. The electronic seal SL makes contact with its entire lower surface against a protected object OB. The electrical contacts KT are in contact with the surface of the object OB. The edges of the bottom surface of the seal SL were attached to the surface of the object OB with an adhesive layer GL.
[0041] Electronic seal in the embodiment presented in fig. 2 comprises a sensitive contact surface SS at the bottom of the electronic seal SL, a communication module COM a random number generator RNG, a circuit of physically unclonable functions PUF. which comprises sensitive elements EL and electrical contacts KT on the sensitive contact surface SS. The communication module COM is connected to the circuit of physically unclonable functions PUF and to the random number generator RNG. The electrical contacts KT are connected to the sensitive elements EL of the circuit of physically unclonable functions PUF. The electronic seal SL makes contact with its entire lower surface against a protected object OB with an insulator IR, therefore the electrical contacts KT do not make direct contact with the surface of the object OB.
[0042] Depending on the type of surface, in particular depending on its impedance
properties, direct electrical connections or insulated connections or mixed connections are chosen. In the case of direct electrical connections, depending on the resistive nature of the typical protected object material (the conductivity of this material), internal elements of the circuit of physically unclonable functions are selected which parameter values allow to cooperate with external parameters. For example, an electronic element of the PUF circuit can be connected in parallel with a fragment of the protected object surface if the protected object surface characterize a high re sistance. However, in the case where the protected object surface is characterized by low resistance, a fragment of the protected object surface can be used as an electrical path in the PUF circuit structure (or be connected in parallel with it).
[0043] Sensitive contact surface SS comprises an electrical contact assembly KT arranged in a matrix, as presented in fig. 3. The size of the electrical contacts, their density and location, and the number of contacts depend on the nature of the protected object surface, in particular the roughness of the protected object surface, the internal granularity of the external layer material of the object and its overall impedance properties.
[0044] Electronic seal in the embodiment presented in fig. 4 comprises a sensitive contact surface SS at the bottom of the electronic seal SF, a near field communication module NFC a true random number generator TRNG. a circuit of physically unclonable functions PUF. which comprises sensitive elements EF and sensitive electronic elements EE placed near the sensitive contact surface SS. The communication module NFC is connected to the circuit of physically unclonable functions PUF and to the true random number generator TRNG. The electronic seal SF makes contact with its entire lower surface against a protected object OB. wherein the edges of the bottom surface of the seal SF were attached to the surface of the object OB with an adhesive layer GF. whereas the sensitive contact surface SS was affixed to the surface of the object OB by a strongly bonding adhesive layer SGF.
[0045] Alternatively, electronic seal presented in fig. 5 comprises two sensitive contact surfaces SSI and SS2 - first SSI at the bottom and second SS2 at the top of the electronic seal SF. Furthermore the electronic seal SF comprises a communication module in the form of radio-frequency identification system RFID a true random number generator TRNG. a circuit of physically unclonable functions PUF. which comprises sensitive electronic elements EE placed near both sensitive contact surfaces SSI and SS2. The communication module RFID is connected to the circuit of physically unclonable functions PUF and to the true random number generator TRNG. The electronic seal SF makes contact with its entire lower surface SSI against first protected object OBI and with its entire upper surface SS2 against second protected object OB2. Both surfaces were attached to the surfaces of the objects OB 1 and OB2 using a strongly bonding adhesive layer SGF.
[0046] Fots of solutions of Physical Unclonable Function (PUF) are based on microscopic differences in electrical parameters of electronic circuit components. These circuits are designed to be sensitive to the inter- specimen spreads of the circuit components pa rameters. Any differences in the geometry of elements (thickness, length, width), their mutual distance, inhomogeneity of doping, etc., translate into spreads of parameters such as: resistance, capacitance, impedance, current efficiency, etc. These differences are used to generate a PUF response inextricably linked to a given specimen - what is important, in most cases these parameters are impossible to measure, and such an attempt would destroy or change the PUF structure. The category of strong PUF concerns solutions in which the PUF circuit generates a response R to a challenge C, which in most cases are in the form of binary numbers vectors. With a sufficiently large space of challenge vectors and response vectors, the PUF circuit can perform a function in a form of an asymmetric cryptography function. Moreover, such solutions may be used to generate unclonable cryptographic keys unique to a specific device. These keys are random but constant for a given specimen. Their significant advantage, in addition to unclonability, is that these keys are usually not present in the circuit, because they are generated only when they are needed in the circuit - thanks to this, such solutions are extremely resistant to various types of side-channel attacks. The structure of the PUF circuit includes elements (both electronic and passive) that have no influence (or have a negligible effect) on the result of the circuit operation and elements EL (both electronic EE and passive KT), which electrical parameters affect the result of circuit operation - in particular, these are all elements responsible for re configuration of the circuit according to the challenge C. So far internal differences between circuits have been used, however, in accordance with the invention, in order to generate a response, besides internal differences, there are also external parameters taken into account, which are resulting from the immediate proximity to an external object OB. OBI. OB2. Thanks to this, it is possible to implement the electronic seal SL . A particularly advantageous implementation of the PUF circuit is a chaotic circuit, thanks to which the microscopic parameters of the PUF circuit are incessantly amplified. The chaotic circuit is also characterized by the fact that even the manu facturer of the electronic circuits is not able to imitate or fabricate the operation of a specimen.
[0047] Flexible printed circuits have been known for years in the art and on the market, which give little possibilities to implement electronic seals. However, flexible in tegrated circuits are relatively new, which are flexible in a way as flexible printed circuits. The technologies of flexible integrated circuits are characterized by a very small scale of integration (very large sizes of electronic components), therefore many complex implementations (such as asymmetric cryptography algorithms) often exceed the possibilities of these technologies. Another disadvantage of flexible integrated circuits is the lack of memory (FLASH or RAM), which makes cryptographic keys im possible to save or change. Therefore, cryptographic implementations are impossible or very difficult. According to the invention, a memory-free electronic circuit is proposed, and it is also not implementationally complex. Moreover, the dimensions of flexible integrated circuits (in the form of thin flexible foil) allow for sealing objects of all sizes (e.g. confirming the authenticity of banknotes, sealing paper envelopes or letters).
[0048] The disadvantage of many electronic seals is that they require a continuous power supply, which is used, for example, to monitor the security circuitry for a breach. Moreover, in the event of a power failure, once it has been restored, it is often im possible to determine whether the safety circuit was interrupted during the power failure. The solution according to the invention allows to verify that the seal has not been violated in reference to its state registered at the beginning, when the seal was applied. Moreover, when using RFID or NFC communication technology, a seal is not powered for most of the time. Energy is induced in the seal only while the seal is being verified.
[0049] Method of electronic seal identification presented in fig. 6 consists in receiving by the seal a query for its identifier ID? (step 1), then seal reads its identifier ID consisting of a series of numbers id (step 2) and sends it ID back (step 3). The identifier may be permanently set in the seal (e.g. in the production process), so that the seal does not have to be equipped with a memory. Moreover, it allows identifying the seal in a simple and implementation- undemanding way.
[0050] Method of electronic seal identification presented in fig. 7 consists in receiving by the seal a query for its identifier ID? (step 1), after which the seal, based on a series of given challenges C (step 2), generates a series of responses R (steps 3-6) using a circuit of physically unclonable functions put, and then, after combining a series of responses R into a single identifier IDp (step 7), the seal sends it back (step 8). The challenges C can be arbitrary established values, therefore the seal does not need to be equipped with a memory. With this method, the identifier is not stored in the seal.
[0051] Method of electronic seal identification presented in fig. 8 consists in receiving by the seal a query for its identifier ID? (step 1), after which the seal generates a series of random numbers L using a random number generator nig (step 2), then, from among the values of the identifier numbers, the values id with positions corresponding to the randomly drawn numbers are selected, and an identifier numbers series IDg is created from the selected numbers (step 3). The seal sends back both the series of random numbers L (step 4) and the series of corresponding identifier numbers IDg (step 5).
This method enables anonymity of identification, especially when it is based on a suf ficiently long identifier. This method can use both a sufficiently long identifier per manently set in the seal, and an identifier consisting of a sufficiently large number of responses of the circuit of physically unclonable functions.
[0052] Method of electronic seal authentication presented in fig. 9 consists in retrieving from authentication party storage a challenge-response pair Cx. Rx that is corre sponding to the identified seal (step 1), and then sending the challenge Cx from the au thentication party to the seal (step 2). In the seal, a response Rx’ to this challenge is generated using a circuit of physically unclonable functions put (step 3), which is then sent back to authentication party from the seal (step 4). Proper authentication of the seal is verified by the authentication party by comparison of the received response Rx’ with the previously retrieved response Rx. This method is characterized by simplicity and low engagement of used devices.
[0053] Simple mutual authentication of both parties can be achieved by extending the
method presented in fig. 9 to the method presented in fig. 10, which is similar to the method presented in fig. 9, except that a second challenge-response pair Cv. Rv corre sponding to the identified seal is retrieved by the authentication party (step 2), which is also sent from the authentication party to the seal (steps 4 and 5). In the seal, addi tionally a second response Rv’ to the second challenge Cy is generated using the circuit of physically unclonable functions put (step 7), which is then used to au thenticate the authentication party by comparing the received second response of Ry with the generated second response Rv’ (step 8).
[0054] An exchange of an old challenge-response pair to a new challenge-response pair can be achieved by extending the method presented in fig. 9 to a method presented in fig. 11, which is similar to the method presented in fig. 9, except that a new challenge Cn is randomly generated in the seal using a random number generator mg (step 4) and this challenge is used to generate a new response Rn using the circuit of physically un clonable functions put (step 5). The new challenge-response pair Cn. Rn is then sent from the seal to the authentication party (steps 7 and 8). Thus, on each authentication, the new challenge-response pair Cn. Rn can replace the previously used challenge- response pair Cx- Rx (step 10), hence a chain exchange of pairs occurs.
[0055] The encryption of data sent from the authentication party to the seal and received by the authentication party from the seal can be implemented by extending the method presented in fig. 9 to a method presented in fig. 12, which is similar to the method presented in fig. 9, except that a second challenge-response pair Cv. Rv corresponding to the identified seal is retrieved by the authentication party (step 2), and a transmitting key Ks is randomly generated by the authentication party using a random number generator rng (step 3). Except the first challenge Cx all the data being sent to the seal are encrypted with this key, including the first and second responses Rx Rv (steps 5 and 6). Since the first response Rx’ can be generated in the seal, it is used in order to calculate the transmitting key Ks (step 8), which is used for decryption of the second response Ry in the seal (step 9) and other data. Furthermore, in the seal a one-time random receiving key Kr is generated using the random number generator nig (step 10). This key is used for encryption of all data being sent from the seal to the authen tication party (steps 11 and 12), including the second response Ry (step 11), which is used in order to calculate the receiving key Kr by the authentication party based on the encrypted second response Ry and the previously retrieved second response Ry (step 13). The receiving key Kr is used for decryption of all other data received by the au thentication party from the seal (step 14). Encryption and decryption is performed using exclusive disjunction (XOR). This method allows for secure data transmission encrypted with one-time keys, thus attacks based on eavesdropping or message repetition will not succeed.
[0056] The most comprehensive variant of the seal authentication combines the methods presented in fig. 9, 10, 11 and 12 and includes an additional masking of the first challenge by the authentication party, which is based on the seal identification method presented in fig 8. The method of authentication presented in fig. 13 is similar to the methods presented in fig. 9, 10, 11 and 12, except that a series of random numbers K is generated using a random number generator mg by the authentication party (step 3), then the numbers of this series are used to select randomly chosen values of the identifier id, which make a series of also random numbers Ki (step 4) - i.e. the identifier temporary masking key with which the first challenge Cx is encrypted and sent from the authentication party to the seal (step 6), with which the series of random numbers is sent K (step 7). Based on this series K, the masking key Ki is regenerated in the seal (step 11), based on which the first challenge Cx is decrypted (step 12). This method allows to mask the first challenge Cx and to immunize the method against attacks based on continuous monitoring of successive episodes of transmission.
[0057] In the most comprehensive authentication variant, presented in fig. 13, the following steps can be distinguished based on their function:
a. seal authentication - steps: 1, 7, 13, 23, 28;
b. sender's authentication (authentication party) - steps: 2, 9, 10, 17, 18;
c. chain exchange of challenge-response pairs - steps: 20, 21, 24, 25, 31, 32; d. encryption of communication to seal - steps: 5, 8, 9, 10, 14, 15, 16;
e. encryption of communication from seal - steps: 19, 22, 23, 24, 25, 26, 27, 29, 30;
f. masking of the first challenge - steps: 3, 4, 6, 7, 11, 12.
[0058] These functions may be arbitrarily incorporated into or excluded from the method as required or depending on implementation and computational capabilities or on the availability of functions and circuits.
[0059] The application of the invention can be found in ensuring the originality of products, in securing the integrity of objects or their components, in preventing counterfeiting products and in counteracting documents forgery, in particular in RFID or NFC tags made in the technologies of integrated circuits with low integration scale and no memory or permanent storage or power source.

Claims

Claims
[Claim 1] Electronic seal (SL) comprising a communication module (COM) and a circuit of physically unclonable functions (PUF) connected to it, comprising at least one sensitive element (EL), which electrical pa rameters change a response of this circuit (PUF), characterized in that it has at least one sensitive contact surface (SS, SSI, SS2) connected to at least one protected object (OB, OBI, OB2) and at least one sensitive element (EL) of the circuit (PUF) has an electrical contact (KT) connected with it, which is placed directly next to the sensitive contact surface (SS), or at least one sensitive element (EL) of the circuit (PUF), which is a sensitive electronic element (EE), is placed directly next to the sensitive contact surface (SS, SSI, SS2), thus the connection of the sensitive contact surface (SS, SSI, SS2) with the protected object (OB, OBI, OB2) influences electrical parameters of at least one sensitive element (EL, EE) of the circuit of physically unclonable functions (PUF).
[Claim 2] Electronic seal according to claim 1, characterized in that at least one electrical contact (KT) is brought to at least one sensitive contact surface (SS) and is electrically connected directly to the protected object (OB).
[Claim 3] Electronic seal according to claim 1, characterized in that at least one electrical contact (KT) is brought to at least one sensitive contact surface (SS) and is electrically connected directly to the protected object (OB) with an insulator (IR).
[Claim 4] Electronic seal according to claim 1, characterized in that at least one sensitive electronic element (EE) of the circuit (PUF) is placed at at least one sensitive contact surface (SS, SSI, SS2), wherein changing the position of the protected object (OB, OBI, OB2) relative to this element (EE) changes the electrical parameters of the circuit (PUF).
[Claim 5] Electronic seal according to any of the claims from 1 to 4, characterized in that it is attached to the protected object (OB, OBI, OB2) with an adhesive layer (GL).
[Claim 6] Electronic seal according to claim 5, characterized in that the adhesive layer (GL) is electrically conductive.
[Claim 7] Electronic seal according to claim 3, characterized in that the insulator
(IR) is also an adhesive layer that electrically insulates at least one electrical contact (KT) from the protected object (OB).
[Claim 8] Electronic seal according to any of the claims from 5 to 7, characterized in that the adhesive layer (GL) is more durable than the internal structure of the circuit of physically unclonable functions (PUF).
[Claim 9] Electronic seal according to any of the claims from 1 to 8, characterized in that the circuit of physically unclonable functions (PUF) comprises a chaotic circuit.
[Claim 10] Electronic seal according to any of the claims from 1 to 9, characterized in that it comprises a random number generator (RNG) connected to the communication module (COM).
[Claim 11] Electronic seal according to claim 10, characterized in that the random number generator (RNG) is a true random number generator (TRNG).
[Claim 12] Electronic seal according to any of the claims from 1 to 11, char
acterized in that the communication module (COM) is a radio frequency identification system (RFID).
[Claim 13] Electronic seal according to any of the claims from 1 to 12, char
acterized in that the communication module (COM) is a near field com munication module (NFC).
[Claim 14] Method of electronic seal verification, in which seal identification is performed first, and then seal authentication, characterized in that the electronic seal is an electronic seal as defined in any of the claims from 1 to 13.
[Claim 15] Method of electronic seal verification according to claim 14, char acterized in that the seal identification is proceeded as follows, upon a request of an authentication party (ID?), a predetermined seal identifier (ID), with which the seal was equipped, is sent from the seal to the au thentication party, where identification of the identifier (ID) occurs.
[Claim 16] Method of electronic seal verification according to claim 14, char acterized in that the seal identification is proceeded as follows, upon a request of an authentication party (ID?), a seal identifier (IDp), which comprises at least one response (Rl, R2, ..., Rm) of the circuit of physically unclonable functions (puf) for at least one predetermined challenge (Cl, C2, ..., Cm), is sent from the seal to the authentication party, where identification of the identifier (IDp) occurs.
[Claim 17] Method of electronic seal verification according to claim 14, char acterized in that the seal identification is proceeded as follows, upon a request of an authentication party (ID?), a series of random numbers (L) is generated in the seal using a random number generator (rng), and then this series (L) and the corresponding series of identifier number values (IDg) determined by the series of generated random numbers (L) are sent from the seal to the authentication party, where identification based on these values (L and IDg) occurs.
[Claim 18] Method of electronic seal verification according to any of the claims from 14 to 17, characterized in that the seal authentication by an au thentication party is proceeded as follows, a first challenge (Cx) is sent to the seal by the authentication party, then the first response (Rx’) to this challenge (Cx) is generated in the seal using a circuit of physically unclonable functions (puf), then this response (Rx’) is sent by the seal to the authentication party, where the correctness of the response (Rx ) is verified by comparison with the previously remembered response (Rx), wherein their compliance (Rx and Rx') means the proper authen tication of the seal for the authentication party.
[Claim 19] Method of electronic seal verification according to claim 18, char acterized in that additionally the authentication party is authenticated by the seal as follows, a second challenge (Cy) and a second response (Ry) is sent to the seal by the authentication party, then the second response (Ry ) to the second challenge (Cy) is generated in the seal using a circuit of physically unclonable functions (puf), where the cor rectness of the received second response (Ry) is verified by comparison with the generated second response (Ry ), wherein their compliance (Ry and Ry') means the proper authentication of the authentication party for the seal.
[Claim 20] Method of electronic seal verification according to claim 18 or 19, characterized in that additionally challenge-response pairs stored by the authentication party are exchanged as follows, a new challenge (Cn) is generated randomly (mg) in the seal, then a new response (Rn) to this challenge is generated in the seal using the circuit of physically un clonable functions (puf), then the new challenge (Cn) and the new response (Rn) are additionally sent from the seal to the authentication party, where the authentication party replaces the stored challenge- response pair (Cx, Rx) with the new pair comprising the new challenge and the new response (Cn, Rn).
[Claim 21] Method of electronic seal verification according to claim 18 or 19 or
20, characterized in that additionally the data sent from authentication party to the seal are encrypted as follows, a transmitting key (Ks) is randomly generated (mg) by the authentication party, and all data being sent to the seal (Rx, Ry), (Rx, Cy, Ry) except the first challenge (Cx) are encrypted using the transmitting key (Ks) by the authentication party, moreover the authentication party provides the first response (Rx) encrypted using transmitting key (Ks) and an encrypted second response (Ry) to the seal, then the transmitting key (Ks) is computed in the seal based on the generated first response (Rx ) and the encrypted first response (Rx), where the transmitting key (Ks) allows for de cryption of the remaining encrypted data (Ry), (Ry, Cy) in the seal.
[Claim 22] Method of electronic seal verification according to any of the claims from 18 to 21, characterized in that additionally the data sent from the seal to the authentication party are encrypted as follows, a receiving key (Kr) is randomly generated (rng) in the seal, and all data being sent to authentication party (Ry, Rx’), (Ry, Rx’, Cn, Rn) are encrypted by the seal and sent, then the receiving key (Kr) is computed by the au thentication party based on the encrypted second response (Ry), which allows the authentication party to decrypt of all the remaining data received from the seal (Rx’), (Rx’, Cn, Rn).
[Claim 23] Method of electronic seal verification according to any of the claims from 18 to 22, characterized in that additionally the first challenge (Cx) is masked as follows, the authentication party generates a series of random numbers (K) using a random number generator (rng), then the authentication party determines a random series of values (Ki) of the identifier numbers (ID) in regard to the series of random numbers (K), then the first challenge (Cx) encrypted using the series of values (Ki) and the series of random numbers (K) are sent from the authentication party to the seal, where the series of values (Ki ) is recreated in the seal based on the series of random numbers (K) and the identifier numbers (ID), which is used to decrypt the first challenge (Cx).
PCT/IB2020/056218 2019-07-02 2020-07-01 Electronic seal and method of electronic seal verification WO2020240527A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
PL440113A PL242116B1 (en) 2019-07-02 2020-07-01 Electronic seal and method of electronic seal verification
PL440523A PL241997B1 (en) 2019-07-02 2020-07-01 Method of verifying the electronic seal
PL440524A PL242117B1 (en) 2019-07-02 2020-07-01 Method of verifying the electronic seal

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
PL430471A PL238366B1 (en) 2019-07-02 2019-07-02 Electronic seal and method of verifying the electronic seal
PLP.430471 2019-07-02

Publications (1)

Publication Number Publication Date
WO2020240527A1 true WO2020240527A1 (en) 2020-12-03

Family

ID=73552751

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2020/056218 WO2020240527A1 (en) 2019-07-02 2020-07-01 Electronic seal and method of electronic seal verification

Country Status (2)

Country Link
PL (4) PL238366B1 (en)
WO (1) WO2020240527A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080256600A1 (en) * 2005-09-14 2008-10-16 Koninklijke Philips Electronics, N.V. Device, System and Method for Determining Authenticity of an Item
WO2009079050A2 (en) * 2007-09-19 2009-06-25 Verayo, Inc. Authentication with physical unclonable functions
US20130047209A1 (en) * 2010-03-24 2013-02-21 National Institute Of Advanced Industrial Science And Technology Authentication processing method and apparatus
US10256983B1 (en) * 2015-03-25 2019-04-09 National Technology & Engineering Solutions Of Sandia, Llc Circuit that includes a physically unclonable function

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080256600A1 (en) * 2005-09-14 2008-10-16 Koninklijke Philips Electronics, N.V. Device, System and Method for Determining Authenticity of an Item
WO2009079050A2 (en) * 2007-09-19 2009-06-25 Verayo, Inc. Authentication with physical unclonable functions
US20130047209A1 (en) * 2010-03-24 2013-02-21 National Institute Of Advanced Industrial Science And Technology Authentication processing method and apparatus
US10256983B1 (en) * 2015-03-25 2019-04-09 National Technology & Engineering Solutions Of Sandia, Llc Circuit that includes a physically unclonable function

Also Published As

Publication number Publication date
PL238366B1 (en) 2021-08-16
PL430471A1 (en) 2021-01-11
PL242117B1 (en) 2023-01-16
PL440523A1 (en) 2022-10-03
PL440524A1 (en) 2022-10-03
PL242116B1 (en) 2023-01-16
PL440113A1 (en) 2022-10-17
PL241997B1 (en) 2023-01-02

Similar Documents

Publication Publication Date Title
US8516269B1 (en) Hardware device to physical structure binding and authentication
US20210036875A1 (en) Apparatus and method for processing authentication information
Chothia et al. A traceability attack against e-passports
US8856533B2 (en) Device, system and method for determining authenticity of an item
Guajardo et al. Anti-counterfeiting, key distribution, and key storage in an ambient world via physical unclonable functions
US11516028B2 (en) Temperature sensing physical unclonable function (PUF) authentication system
US20090282259A1 (en) Noisy low-power puf authentication without database
US8384546B2 (en) Enhanced security protocol for radio frequency systems
US11044108B1 (en) Temperature sensing physical unclonable function (PUF) authentication system
US11496285B2 (en) Cryptographic side channel resistance using permutation networks
WO2020240527A1 (en) Electronic seal and method of electronic seal verification
Achard et al. A cross layer approach to preserve privacy in RFID ISO/IEC 15693 systems
Rahman et al. A secure RFID authentication protocol with low communication cost
David Lightweight cryptography for passive RFID tags
PL238956B1 (en) Method of verifying the electronic seal
US11741332B2 (en) Securing cryptographic keys
Ranasinghe et al. A low cost solution to authentication in passive RFID systems
Samuel RFID security in door locks
Bolotnyy et al. 4 Physical Privacy and Security in RFID Systems
Pierson et al. Authentication without secrets
EP4281955A1 (en) Securing cryptographic keys
Huey et al. Fingerprint-based mutual authentication RFID protocol
Deepika et al. Identification of UHF Gen 2 RFID privacy and security issues
Abidin Enhancing the Security of E-Passports using a Secure Key Management Framework.
Chinnappa Gounder Periaswamy et al. Fingerprinting RFID Tags.

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20815361

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20815361

Country of ref document: EP

Kind code of ref document: A1