Authentication methods may be used to confirm that a product is associated with an expected source. For example, a package may include a barcode, steganographic halftone, grid code, or other printed image that may include authentication data used to verify that the package is associated with the expected source. If the authentication data is found unlikely to be authentic, counterfeiting may be suspected.
The drawings describe example embodiments. The following detailed description references the drawings, wherein:
In one implementation, authentication is performed by analyzing both authentication data content and the partitioning (such as number, size, and sequence of partitions) of the authentication data. For example, a processor may receive authentication data that is partitioned with a separating character or partitioned together in its appearance. For example, a steganographic halftone “stegatone” image may include multiple cells, and which cells include data, how much data (such as how many bits) included within the data bearing cells, and the content of the data in the data bearing cells may be used to determine whether the authentication data encoded in the halftone is likely to be authentic. The processor may determine whether the authentication data is authenticated based on both the partitioning of the data and the data itself. For example, the authentication determination may be based on the number of partitions and/or the amount of data in each partition. In one implementation, the partitioning of an authentic data string is known, such as where the string is to include four partitions with three bits each. In one implementation, a received authentication string, is compared to previously authenticated strings to determine if the partitioning of the received authentication string is likely to be associated with authentic data.
Using the partition information and the data content to determine a likelihood of authenticity may be useful where the amount of data is constricted, such as due to the constrained amount of data that may be represented by perturbations in a halftone image. For example, it may be otherwise impractical to provide additional authentication data within the authentication string or within a second authentication string due to space and visual requirements,
The processor 101 may be a central processing unit (CPU), a semiconductor-based microprocessor, or any other device suitable for retrieval and execution of instructions. As an alternative or in addition to fetching, decoding, and executing instructions, the processor 101 may include one or more integrated circuits (ICs) or other electronic circuits that comprise a plurality of electronic components for performing the functionality described below. The functionality described below may be performed by multiple processors.
The processor 101 may communicate with the machine-readable storage medium 102. The machine-readable storage medium 102 may be any suitable machine readable medium, such as an electronic, magnetic, optical, or other physical storage device that stores executable instructions or other data (e.g., a hard disk drive, random access memory, flash memory, etc.). The machine-readable storage medium 102 may be, for example, a computer readable non-transitory medium. The machine-readable storage medium 102 may include data partition authentication instructions 103, data content authentication instructions 104, likelihood of authenticity determination instructions 105, and likelihood of authenticity output instructions 106.
The data partition authentication instructions 103 relate to determining authentication information based on partitions of the authentication data. For example, the processor 101 may communicate with a storage, such as directly or via a network, to retrieve information related to determining the authentication information related to the partitions of the authentication data. In one implementation, the storage stores information related to partitions of authentic data, such as a data partition key. The processor may compare the data partitions of the received authentication data to the stored partition information. The stored partition information may include a partition information specific to a particular type of authentication string or type of user. In one implementation, the processor 101 compares the received authentication data to previously authenticated authentication data and determines information about the likelihood of authenticity of the received data partition based on the similarity to the previously authenticated data and/or similarity to previously unauthenticated data.
The processor may compare the received data partitions to a data partition key or previously authenticated data partitions to determine a degree of similarity. For example, the degree of similarity may be used where the data partitions may have some variation due to data being obfuscated.
The data content authentication instructions 104 may include instructions to determine authentication information based on the content of received authentication data. For example, the content of the data may be compared to a database of known authenticated data or compared to previously authentication data. In some implementations, an operation, such as examination of a digital signature, is performed on the received authentication data to determine if it is likely to be authentic.
The likelihood of authenticity determination instructions 105 may include instructions to determine a likelihood of authenticity of received authentication data based on the data content authentication information and the data partition authentication information. Information about the authenticity of the content of the received data may be determined in conjunction with the partition information or independently. For example, the likelihood of authentication may be based on a partition authentication score and a data authentication score. In one implementation, the data partition is analyzed and portions of the authentication data with a partitioning that is likely to be authentic is further analyzed to determine if the underlying data in those partitions is likely to be authentic. In one implementation, the data is analyzed, and if the data is determined to be likely to be authentic, the partitioning of the data is analyzed. In one implementation, the data is analyzed, and portions of the data determined to be likely to be authentic are further analyzed authenticity information related to the partitions of the portions of the data content found likely to be authentic.
The likelihood of authenticity output instructions 106 may include instructions to store, transmit, or display information about the likelihood of authenticity. In one implementation, the processor determines a binary decision as to whether the data is authentic based on the likelihood of authenticity, such as where a threshold is associated with authentication. In one implementation, the likelihood of authenticity of the data is compared to other factors to determine authenticity.
Beginning at 200, a processor determines authentication information related to partitions of authentication data. For example, the processor may determine authentication information related to the number of partitions and/or the amount of data in the partitions. The data may be partitioned in any suitable manner, such as based on a delimiter or a position of the data. The processor may communicate with a storage device that stores information about partitions.. For example, the storage may store a key for the number of partitions, a key for the amount of data In each of a number of partitions, partition information related to previously authenticated data, partition information related to previously unauthenticated data, and/or previously received partition information and the associated determined likelihood of authenticity associated with the data with the particular partition information. In one implementation, the processor determines a difference between partition information associated with data compared to stored partition information. For example, the processor may determine a Hamming distance between the two pieces of partition information. The processor may determine a Hamming distance between partition information related to received data compared to multiple pieces of stored partition information, such as where the different partition information is associated with previously analyzed data determined to have a high likelihood of authenticity. The Hamming distances may be aggregated, such as through averaging, to determine authentication information associated with the received data
In one implementation, the processor determines authentication information about the authentication string based on the difference between the received partition information and stored partition information, such as a partition key. The difference may be determined as a Hamming distance between the stored partition information and the received partition information. As an example, the first data row in block 300 includes partition information “3 0 2 0 0 1 1 2 3”, Stored partition information may include 9 partitions with the amount of data in the partitions represented by “2 1 2 0 0 1 1 2 3” such that the stored partition information includes the same number of partitions and the same amount of data, but the partition information from block 300 includes a different amount of data in the first two partitions than the stored partition key. The Hamming distance between the two sets of partition information is 2 because two of the nine partitions differ in the number of bits carried by 1 (and the sump |3−2|+0−1|=2).
Referring back to
Moving to 202, a processor determines a likelihood of authenticity of the authentication data based on the authentication information related to the partitions and the authentication information related to the content. The authentication information related to the partitioning and the authentication information related to the content may be used in any suitable manner and in any suitable combination to determine the likelihood of authenticity. The content authentication information and the partition authentication information may be used together. For example, the processor may determine content authentication information in portions of the data determined to have a higher likelihood of authenticity based on the partition information associated with the particular portions. In one implementation, the partition authentication information may be determined for portions of the data where the content is determined to have a likelihood of authenticity above a threshold. The processor may determine the likelihood of authenticity by aggregating the content authentication information and partition authentication information, such as by creating an authenticity score based on adding individual scores related to the two types of information. A likelihood of authenticity may be used to allow for some errors in the authentication string, such as where a string that is 99% likely to be authentic may include a bit printed incorrectly or read incorrectly, such as due to a camera error or printing error.
Proceeding to 203, a processor outputs information related to the likelihood of authenticity. In some implementations, the processor compares the likelihood of authenticity to a threshold and categorizes authentication strings with a likelihood of authenticity above the threshold as authentic. In some implementations, the processor compares multiple measurements of the likelihood of authenticity. The likelihood of authenticity and/or indication as to whether the authentication string is categorized as authentic may be output. For example, the information may be transmitted, stored, and/or displayed to a user. In one implementation, the processor creates a warning where the authentication data is unlikely to be authentic, such as due the likelihood of authenticity being below a threshold.
Block 400 shows an image used to create a stegatone. For example, the stegatone may be a halftone image of the image 400 where the halftone image includes additional data based on the positioning of the black and white dots of the halftone image. For example, the halftone image 401 may be a halftone image of the image 400 such that the halftone image 401 appears similar to the image 401. The mapping 402 may include partition information associated with the cells of the halftone image. For example, the mapping 402 shows the reference map where each of the numbers in the cells indicates the amount of data to be included within the cell. The data capacity of the stegatone is found by summing all the cells of the reference map 402.The data capacity in the example is 124 bits.
The mapping 404 shows a second mapping of the halftone image 401 such that the cells include a 1 where data is included within the cell and the cells include a 0 where no data is to be included within the cell. For example, the mapping 404 may be considered a security channel code because it involves a second channel of data within the image. The security channel information for determining partitioning information associated with authenticity may be based on any non-data specific aspect to the halftone image. Mapping 402 and/or mapping 404 may be used to determine the likelihood of authenticity of a received halftone image. In one implementation, the likelihood of authenticity is determined both on the correct assignment of data bearing cells and the correct amount of data in the data bearing cells. In one implementation, the factors are weighted separately such that one is given more weight than the other.
The stegatone 403 shows the halftone image 401 with the 124 bits of payload data 405 included within the halftone image. A processor may analyze the stegatone 403 to determine a likelihood of authentication based on whether the underlying data is partitioned in the same manner or as similarly to the mappings 402 and 404. A processor may further analyze the data content in the cells to determine a likelihood of authentication.
Block 502 shows the received authentication string partition information compared to the stored authentication partition information. The received authentication string includes the correct number of partitions but with some of the partitions having an incorrect number of bits. For example, both the expected partitioning and the received partitioning include 5 partitions, but the second and fifth partitions include different numbers of bits than one another. Block 503 shows an analysis of the partitions of the received string with the expected number of bits. For example, the content of the data within the partitions with the expected number of bits may be analyzed to determine the likelihood of authenticity of the authentication string.
1−Σi=1max number of bits/partitionp2(i),
where p(i) is the normalized percentage of matching partitions containing i bits of data. If p(1)=p(2)=p(3)=1/3, the estimated error rate is 0.667. If p(1)=0.5, p(2)=p(3)=0.25, the error is estimated to be 0.625. Any suitable normalization or matching criteria can be used for this purpose. The error rate may be used to determine a likelihood of authenticity. Graph 604 shows an example of determining the likelihood of authenticity based on an error rate associated with the distribution of bits in partitions of previously authenticated data.
A processor may determine a likelihood of authenticity of an authentication string in any suitable comparison to the authenticated partitions. For example, the processor may compare a Hamming distance between the received partition information and partition information associated with a stored authentication string and a Hamming distance between the received string and the stored authentication string. The processor may determine the number of mismatches based on the two sets of Hamming distances from each of the stored authentication strings as a proxy for a degree of inauthenticity. In one implementation, the processor determines the degree of authenticity based on the distribution of Hamming distances of the partition information and data from the received authentication string. Determining a likelihood of authenticity based on both data partitions and data content may allow for a second security channel in a limited authentication space, such as in a data bearing image where the amount of authentication data is limited.
Filing Document | Filing Date | Country | Kind |
---|---|---|---|
PCT/US2014/034519 | 4/17/2014 | WO | 00 |