Patent Grant
7360081
This application is the US national phase of international application PCT/ZA02/00070, filed in English on 02 May 2002, which designated the US. PCT/ZA02/00070 claims priority to ZA Application No. 2001/7316 filed 04 Sep. 2001. The entire contents of these applications are incorporated herein by reference.
THIS invention relates to a method and apparatus for certifying and authenticating a product or article.
A method of tracking an article wherein a secure code is applied to the article is disclosed in South African patent 97/6663. A problem with this method and system is that the proposed codes are cloneable which would compromise the method and system.
Accordingly it is an object of the present invention to provide a method and system with which the applicant believes the aforementioned problems may at least be alleviated.
According to the invention there is provided a method of certifying an article, the method comprising the steps of:
The term “article” is used in this specification to denote naturally occurring or produced objects as well as artefacts, including digital products.
The identification code may be encrypted by utilizing one key of a pair of asymmetric encryption keys comprising a private key and a public key associated with a party performing or issuing the certification. The encryption is preferably performed utilizing the private key.
The private key is preferably a secret key and the public key may be controlled by a trusted third party according to rules of a public key infrastructure (PKI).
The code may be made available to the public by applying it to the article. The code is preferably applied to the article in a human and/or machine readable form, for example in the form of a bar code applied to the article, alternatively on a separate certificate, further alternatively on a label accompanying the article and still further alternatively and in a suitable application, included in a digital carrier, such as a digital watermark.
The inherent feature of the article may be the result of manipulation of the article, for example chemical manipulation or marking of the article, to embed a unique feature in or on the article.
The identification code may also comprise further data, such as data true to the article, for example historic data relating to the article. Such data may comprise data relating to an origin and/or an issuer of the article.
According to another aspect of the invention, a method of authenticating a certified article comprises the steps of:
The identification code may be received in a form wherein it is encrypted by a private key of an asymmetric key pair also comprising a public key and the public key may be retrieved from a trusted third party and utilized to decrypt the identification code, before comparing said digital data in the identification code to the determined data relating to the inherent feature.
Also included within the scope of the present invention is a method of authenticating an article comprising the steps of:
Further included within the scope of the present invention is a system for certifying an article, the system comprising:
The data processor may comprise an encryptor for encrypting the identification code utilizing a private key of an asymmetric encryption key pair also comprising an associated public key.
Still further included within the scope of the present invention is a system for authenticating a certified article, the system comprising:
The identification code may be supplied in a form wherein it is encrypted by a private key of an asymmetric encryption key pair also comprising a public key and the data processor may utilize said public key to decrypt the encrypted identification code, before comparing the derived data and the identification code.
The invention will now further be described, by way of example only, with reference to the accompanying diagrams wherein:
A system and method for certifying and authenticating an article such as a diamond 10 is illustrated in
The system 12 comprises an analyzing device, for example an optical scanner 14 and digitizer 16 for converting a selected inherent unique feature of the diamond into a string of digital data 18. The unique feature may relate to one or more of flaws in the diamond, size of the diamond, color of the diamond, etc. The digital data hence defines the diamond 10 uniquely enough in terms of inherent features of the diamond. Since no two diamonds are identical in the aforementioned respects, a string of digital data 18 defining a first diamond differs from a similar string of digital data defining a second diamond.
At adder 20, other truth data 21 about the diamond may be added to the string of digital data 18 to form an identification (ID) code 22 for the diamond. This truth data may comprise data relating to the name of an issuing institution such as a mining company (MCO) that mined the diamond, data relating to a date (xx/yy/zz) on which the diamond was mined and data (ABC) relating to the location (e.g. country and district) of the mine where the diamond was mined. It will be appreciated that the other truth data is not necessarily unique to a particular diamond.
At encryptor 24 the ID code 22 is encrypted in known manner utilizing a private key 26 of a pair of asymmetric keys, to form an encrypted ID code 28. The encryption is performed in accordance with known rules and conventions of a public key infrastructure (PKI) comprising a trusted third party as certification authority (CA). It is well known that in such an infrastructure the key pair comprising the private and a public key is generated. The private key is kept secret by the intended user (in this case the issuing institution, such as the mining company) and the public key is controlled and made available to prospective users by the CA through the infrastructure. It is further known that only the public key can decrypt what was encrypted-utilizing the private key and vice versa.
The encrypted ID code 28 is made available to the public at 30 on a separate printed certificate (not shown) or in any other suitable manner. In a preferred form, the encrypted code 28 is applied to the article 10, for example in the form of a bar code 32 on a label 31 accompanying the diamond.
The steps in the certification or issuing stage of the method according to the invention referred to herein before are illustrated in
Referring to
In a first step 50 which is similar to step 42 in
At 54, the encrypted ID code 28 is read by reading bar code 32 in known manner. At 56 and by utilizing the public key 51, the encrypted ID code 28 is decrypted to obtain digital data 18. In a case where no identity of an issuing institution is claimed, the jeweler may determine the issuing institution by sequentially trying, through a process of elimination, the retrieved public keys of well known issuing institutions in the relevant industry, until the encrypted ID code 28 is successfully decrypted.
At 58, data 18′ and data 18 are compared and if the portions thereof representing the unique features of the diamond are the same, the diamond is determined to be what the claimant claims it to be, as shown at 60. If not, and as shown at 62, the claims about the identity and the origin of the diamond are proved to be questionable.
In another application, discs, such as compact discs (CD), carrying digital data, including recorded music or computer software, may be certified and authenticated.
A manufacturer 70 of blank discs may manufacture the plastic disc body with higher density plastic particles embedded therein to provide a pattern 72 of such particles embedded in the disc body 74. However, depending on factors such as the resolution of pattern scanning apparatus, the patterns may randomly fall into n groups or classes namely, class #1 to class #n of discs, wherein each class accommodates discs having substantially the same pattern so embedded. The number of classes and size of a class would be determined by the resolution of the equipment. Hence, the value of n may be determined and then the scanning and/or implanting equipment is selected such as to make cloning of the system not economically viable for a pirate or copying party.
At a content provider 76, the blank CD body 74 of which the aforementioned pattern falls into any one of the aforementioned classes, preferably according to a flat random distribution, is scanned by a scanner 78, to provide digital data 80 relating to the pattern. The content data 82, is written onto the body at 84 in known manner. The pattern data 80 and content data 82 are encrypted at encryptor 86 as hereinbefore described by computing a hash (#) and digitally signing the said data and further data relating to the provider 76 with a private key of the content provider, to provide an encrypted identification code 88. The encrypted code 88 is also written onto the CD at 90 for example in the form of or as part of a digital watermark serving as carrier therefor.
In other embodiments, a manufacturer may cause or embed as herein described in each article of a group or batch of articles a single unique digitizable feature which is common to all articles in the group. Digital data relating to that feature may also be used in an identification code as herein described. A typical application may be in tablets or capsules, for medical use.
In the event of a suspected pirate or copied version of the CD, a law enforcement agency for example, may scan the disc to determine the pattern data directly from the disc. The content data is also relatively easily establishable. A public key of the provider 76 is obtained according to the PKI rules from a trusted third party and utilized to decrypt the encrypted code written on the CD as hereinbefore described, to provide decrypted data. The decrypted data and scanned pattern data are compared to determine whether the CD originates from the genuine content provider 76.
In yet another application, tyres 100 shown in
Another application is illustrated in
A unique enough digitizable feature may be caused or implanted in an article upon manufacture such as in the aforegoing example of CD bodies. Other such examples are luxury stationary, such as pens, wherein higher density particles or foreign particles may be added to the material from which a body of the article is formed, thereby to embed a unique pattern of such particles in the body. In yet other cases, the feature may be caused post manufacture. For example, small cracks may be caused in bodies of cast metals, such as aluminium, and which cracks form a random digitizable pattern unique, difficult and/or uneconomic enough to clone.
Similar to the example of the Kevlar pattern in the tyres described with reference to
Another example where an inherent feature of an article may be used is the random pattern of electron sensitive regions on a cathode ray tube (CRT) used for computer and other screens and monitors.
Whereas the aforementioned examples mainly relate to digitizable images of at least part of an article or item, information content may also be utilized as a unique enough digitizable feature of an article. For example, in the case of a cheque 140 shown in
In another application shown in
An encrypted code 178 encrypted by a private key of an institution 179 which issued the smart card 160 is stored in a memory arrangement of the smart card. The encrypted code 178 comprises an identification (ID) code associated with the smart card and one or both of an indestructible identification (ID) code once written only into the transponder chip 172 upon manufacture thereof on the one hand and data relating to a pattern 180 of high-density particles 181 or a grain within a particular frame 182 on the plastic body on the other hand.
An authentication system in card reader 168 comprises a pattern scanner 184 connected to a central processor 186. Contacts 188 to be brought into engagement with the contact arrangement on the card are also connected to the processor. A reader 190 for the transponder 170 is also connected to the processor 186.
When the card 160 is inserted into the card reader 168, the processor 186 utilizes a public key of the issuing institution 179 to decrypt the encrypted code 178 read via contacts 188, to extract plain text data relating to the ID code of the card, the ID code of the transponder chip and/or the pattern 180. The processor also receives data relating to the scanned pattern from scanner 184, data relating to the ID code of the smart card received via contacts 188 and data relating to the ID code of the transponder received from reader 190. This data is compared as hereinbefore described to determine whether the card is a genuine card or a fake card.
In yet another embodiment illustrated in
| Number | Date | Country | Kind |
|---|---|---|---|
| 2001/7316 | Sep 2001 | ZA | national |
| Filing Document | Filing Date | Country | Kind | 371c Date |
|---|---|---|---|---|
| PCT/ZA02/00070 | 5/2/2002 | WO | 00 | 8/3/2004 |
| Publishing Document | Publishing Date | Country | Kind |
|---|---|---|---|
| WO03/021541 | 3/13/2003 | WO | A |
| Number | Name | Date | Kind |
|---|---|---|---|
| 4200394 | Bartlett et al. | Apr 1980 | A |
| 4853961 | Pastor | Aug 1989 | A |
| 5521984 | Denenberg et al. | May 1996 | A |
| Number | Date | Country |
|---|---|---|
| 0 042 361 | Dec 1981 | EP |
| 0 042 361 | Dec 1981 | EP |
| 0 600 646 | Jun 1994 | EP |
| 0 600 646 | Jun 1994 | EP |
| 9724699 | Jul 1997 | WO |
| WO 9724699 | Jul 1997 | WO |
| Number | Date | Country | |
|---|---|---|---|
| 20040268130 A1 | Dec 2004 | US |
