Traitement en cours

Veuillez attendre...

Paramétrages

Paramétrages

Aller à Demande

1. WO2020114597 - TECHNIQUE DE PROTECTION ET DE VÉRIFICATION DE DOCUMENTS CRYPTOGRAPHIQUES

Note: Texte fondé sur des processus automatiques de reconnaissance optique de caractères. Seule la version PDF a une valeur juridique

[ EN ]

Claims

1. A device (102) for controlling cryptographic document protection, the device (102) being associated with a device identifier (Device ID) and with a cryptographic key (cK), wherein the device (102) is configured to

obtain an electronically processable document representation, EPDR, (H2), of content of a document (112, 114) that is to be protected;

apply the cryptographic key (cK) to the EPDR (H2) to obtain a cryptographically processed document representation, CPDR, (S2);

transmit the device identifier (Device ID) and a verification parameter comprising at least one of the EPDR (H2) and the CPDR (S2) towards a transaction server (108) that is configured to log the device identifier (Device ID) and the verification parameter (S2, H2) in a tamper-proof manner;

receive a transaction identifier (TRX ID) associated with the device identifier (Device ID) and the verification parameter (S2, H2); and

trigger printing of the transaction identifier (TRX ID) and the CPDR (S2) on a physical document (116) that corresponds to the EPDR (H2).

2. The device of claim 1, wherein

the EPDR (H2) is based on one of

- an electronic file that is based on a scan of the physical document (112) generated prior to printing; and

- an electronic file (114) of the document generated by text processing.

3. The device of claim 2, wherein

the device (102) comprises a scanner (104A) configured to provide the scan of the physical document (112).

4. The device of claim 2 or 3,

the EPDR (H2) is obtained by applying a cryptographic one-way function to the electronic file or content thereof.

5. The device of claim 4, wherein

the cryptographic one-way function is a cryptographic hash function.

6. The device of any of the preceding claims, wherein

the device (102) comprises a printer (104B) configured to print the transaction identifier (TRX ID) and the CPDR (S2) on the physical document

(112).

7. The device of any of the preceding claims, wherein

the cryptographic key (cK) corresponds to or is derived from a private key (pK) associated with the device (102).

8. The device of claim 7, wherein

the private key (pK) is stored in a tamper-proof memory (102D) of the device (102).

9. The device of claim 7 or 8, wherein

the private key (pK) is obtained from a Network Application Function, NAF, (126) entity acting as Public Key Infrastructure, PKI, portal.

10. The device of any of claims 1 to 6, wherein

the cryptographic key corresponds to or is derived from a common secret key (Ks, KsNAF) shared between the device (102) and a network entity (122, 124).

11. The device of claim 10, wherein

the device (102) is configured to trigger or perform a Generic Bootstrapping Architecture, GBA, procedure (402, 600) to create the common secret key (Ks, KsNAF).

12. The device of claim 11, wherein

the GBA procedure (402, 600) results in one or more cryptographic parameters (NAF_ID; gba-me) that are to be used by the device (102) to create the common secret key (KsNAF), and wherein the device (102) is further configured to transmit the one or more cryptographic parameters (NAF_ID; gba- me) towards the transaction server (108).

13. The device of any of the preceding claims, wherein

the device identifier (Device ID) is an Internet Protocol Multimedia Private Identity, IMPI, of the device (102).

14. A first device (102) for controlling verification of a cryptographically protected physical document (118), the first device (102) being configured to

obtain the following:

- a first electronically processable document representation, EPDR (H3), of content of the cryptographically protected physical document (118) to be verified,

- a first cryptographically processed document representation, CPDR, (SI) printed on the physical document (118), and

- a transaction identifier (TRX ID) printed on the physical document (118) and being associated with a device identifier (Device ID) of a second device (102) that triggered cryptographic protection of the physical document (116);

send the transaction identifier (TRX ID) towards a transaction server

(108);

receive, from the transaction server (108), transaction information comprising the device identifier (Device ID) associated with the transaction, wherein

- a first verification parameter set comprises at least one of the first CPDR (SI) and a second EPDR (HS1) obtained by applying a first cryptographic key (public key/KsNAF) associated with the device identifier (Device ID) to the first CPDR (SI);

- a second verification parameter set comprises at least one of the first EPDR (H3) and a second CPDR (SHI) obtained by applying a second cryptographic key (public key, KsNAF) associated with the device identifier (Device ID) to the first EPDR (H3); and

- a third verification parameter set comprises at least one of a third EPDR (H2) of the original document (112) that was to be protected and a third CPDR (S2) derived by applying a third cryptographic key (private key/KsNAF) associated with the device identifier (Device ID) to the third EPDR (H2), wherein the third parameter set is received with the transaction information; and

trigger verification of the physical document (118) based on a parameter correspondence between the first parameter set, the second parameter set and the third parameter set.

15. The device of any of the preceding claims, wherein

one or more or all of the EPDRs corresponds to one of content of the associated document (112, 114) and content of the associated document to which a cryptographic one-way function has been applied (H2).

16.The device of any of the preceding claims, wherein

one or more or all of the CPDRs corresponds to a signed or encrypted version of the associated EPDR.

ly.The device of any of claims 14 to 16, wherein

the first EPDR (H3) of the cryptographically protected physical document (118) is based on an electronic file that is based on a scan of the cryptographically protected physical document.

18. The first device of claim 17, wherein

the first device (102) comprises a scanner (104A) configured to provide the scan of the physical document (118).

19. The first device of claim 17 or 18, wherein

the scan of the physical document (118) has been processed so that the first EPDR (H3) does not include the first CPDR (SI) and the transaction identifier (TRX ID) printed on the physical document (118).

20.The first device of any of claims 14 to 19, wherein

the first cryptographic key corresponds to or is derived from a public or a common secret key (public key, KsNAF) of the second device (102) and/or the second cryptographic key corresponds to or is derived from a common secret key (KsNAF) of the second device (102).

21. The first device of claim 20, wherein

triggering verification of the physical document (118) comprises

- transmitting a key request for the public key, the key request containing the device identifier (Device ID);

- receiving, in response to the key request, the public key;

- applying the public key to the first CPDR (SI) so as to obtain the second EPDR (HS1).

22. The first device of claim 21, configured to

transmit the key request to a Network Application Function, NAF, (126).

23.The first device of any of claims 15 to 19, wherein

at least one of the first cryptographic key (KsNAF) and the second cryptographic key (KsNAF) corresponds to or is derived from a shared secret key (Ks) shared between the second device (102) and a network entity (122,

124).

24.The first device of claim 23, wherein

triggering verification of the physical document (118) comprises triggering the following steps:

- transmitting a key request containing the device identifier (Device ID) and one or more cryptographic parameters (RAND) received with the transaction information and used by the second device (102) for calculation of the first cryptographic key (KsNAS);

- receiving, in response to the key request, the common secret key (Ks); and

- applying the common secret key (Ks) to at least one of the one or more cryptographic parameters (NAF_ID; gba-me) received with the transaction information so as to obtain the second cryptographic key (KsNAF).

25. The first device of claim 24, wherein

triggering verification of the physical document (118) comprises triggering application of the first cryptographic key (KsNAF) to the first CPDR (SI) to obtain the second EPDR (HS1).

26. The first device of claim 24 or 25, wherein

triggering verification of the physical document (118) comprises triggering application of the second cryptographic key (KsNAF) to the first EPDR (H3) to obtain the second CPDR (SHI).

27.The first device of any of claims 24 to 26, configured to

trigger the verification by sending a triggering message to a Network Application Function, NAF, (126) of a Generic Bootstrapping Architecture, GBA, system.

28.The first device of claim 27, wherein

the triggering message includes at least one of the device identifier (Device ID), the first EPDR (H3), the first CPDR (SI), and the one or more cryptographic parameters (RAND; NAFJD; gba-me).

29. A transaction server (108) configured to log a cryptographic document protection transaction, the transaction server (108) being configured to

receive transaction information comprising a device identifier (TRX ID) and at least one of an electronically processable document representation, EPDR, (H2) of content of a document (112, 114) that is to be protected and a cryptographically processed document representation, CPDR, (S2), wherein the CPDR (S2) has been obtained by a device (102) associated with the device identifier (Device ID) by applying a cryptographic key (cK) associated with the device (102) to the EPDR (H2);

assign a transaction identifier (TRX ID) to the transaction information; transmit the transaction identifier (TRX ID) towards the device (102); and

log the transaction information in a tamper-proof manner in a data structure (110).

30. The transaction server of claim 29, wherein

the data structure (110) is a blockchain, and wherein the transaction information is logged in a data block of the blockchain.

31. The transaction server of claim 30, configured to

create a new data block after each lapse of a predetermined period of time.

32. The transaction server of any one of claims 29 to 31, wherein

the transaction information comprises one or more of:

- location information indicative of the location where the device (102) has applied the cryptographic key;

- a time stamp indicative of the point in time when the device

(102) has applied the cryptographic key;

- the device identifier (Device ID) in the form of an Internet Protocol Multimedia Private Identity, IMPI, of the device (102); and

- at least one cryptographic parameter (RAND, gba-me, NAFJD) used by the device (102) for calculation of the cryptographic key

(cK).

33. A transaction server (108) that logs transaction information pertaining to a plurality of cryptographic document protection transactions in a data structure (110), the transaction information comprising for each transaction a device identifier (Device ID) and at least one of an electronically processable document representation, EPDR, (H2) of content of a document (112, 114) that is to be protected and a cryptographically processed document representation, CPDR, (S2), wherein the CPDR (S2) has been obtained by a first device (102) associated with the device identifier (Device ID) by applying a cryptographic key (cK) associated with the first device (102) to the EPDR (H2), the transaction server (108) being configured to

receive a transaction identifier (TRX ID) printed on a physical document (118) and obtained by a second device (102) from the physical document (118);

access the data structure (110) to identify the transaction information associated with the transaction identifier (TRX ID); and

return at least a portion of the identified transaction information.

34. A verification device (124) configured to verify a cryptographically protected document (118) on which a first cryptographically processed document representation, CPDR (SI), is printed, wherein the first CPDR (SI) is based on a first cryptographic key (KsNAF) associated with a first device (102) having been applied to a first electronically processable document representation, EPDR (H3), of content of the physical document (112, 114) to be verified, the verification device (124) being configured to

receive a verification request comprising a device identifier (Device ID) associated with the first device (102), the first CPDR (SI), the first EPDR (H3), and a set of cryptographic parameters (RAND, NAFJD, gba-me) used by the first device (102) for calculation of the first cryptographic key (KsNAF);

transmit a key request comprising the device identifier (Device ID) and the at least one cryptographic parameter (RAND, gba-me, NAFJD);

receive a second cryptographic key (Ks) generated on the basis of the at least one cryptographic parameter (RAND) and a secret key (CK, IK) associated with the device identifier (Device ID);

apply the second cryptographic key (Ks) to at least one of the crypto- graphic parameters (NAFJD, gba-me) to derive a third cryptographic key (KsNAF);

apply the third cryptographic key (KsNAF) to at least one of the first CPDR (SI) so as to obtain a second EPDR (HS1) and the first EPDR (H3) so as to obtain a second CPDR (SHI), wherein

- a first verification parameter set comprises at least one of the first CPDR (SI) and the second EPDR (HS1);

- a second verification parameter set comprises at least one of the first EPDR (H3) and the second CPDR (SHI); and

- a third parameter set comprises at least one of a third EPDR (H2) of the original document (112, 114) that was to be protected and a third CPDR (S2) derived by applying a fourth cryptographic key (private key/KsNAF) associated with the device identifier (Device ID) to the third EPDR (H2), wherein the third parameter set is re- ceived with the verification request; and

verify the physical document (118) based on a parameter correspondence between the first parameter set, the second parameter set and the third parameter set.

35. The device of claim 34, configured to

operate as a Bootstrapping Server Function, BSF, (124) and to interface with a Network Application Function, NAF, (126) for reception of the verification request and a Home Subscriber System, HSS, (122) for transmission of the key request and reception of the second key.

36. A cryptographic document protection system (100), comprising:

- the device (102) of any of claims 1 to 13; and

- the transaction server (108) of any of claims 29 to 32.

37. A cryptographic document protection system, comprising:

- the first device (102) of any of claims 14 to 28; and

- at least one of the transaction server (108) of claim 33 and the verification device (124) of any of claims 34 and 35.

38. A method of controlling cryptographic document protection, the method being performed by a device (102) that is associated with a device identifier (Device ID) and with a cryptographic key (private key, KsNAF) and comprising

obtaining an electronically processable document representation, EPDR (H2), of content of a document (112, 114) that is to be protected;

applying the cryptographic key (private key, KsNAF) to the EPDR (H2) to obtain a cryptographically processed document representation, CPDR (S2); transmitting the device identifier (Device ID) and a verification parameter comprising at least one of the EPDR (H2) and the CPDR (S2) towards a transaction server (108) that is configured to log the device identifier (Device ID) and the verification parameter (H2, S2) in a tamper-proof manner;

receiving a transaction identifier (TRX ID) associated with the device identifier (Device ID) and the verification parameter (H2, S2); and

triggering printing of the transaction identifier (TRX ID) and the CPDR (S2) on a physical document (116) that corresponds to the EPDR (H2).

39. A method of controlling verification of a cryptographically protected physical document (118), the method being performed by a first device (102) and comprising

obtaining the following:

- a first electronically processable document representation, EPDR (H3), of content of the cryptographically protected physical document (118) to be verified,

- a first cryptographically processed document representation, CPDR, (SI) printed on the physical document (118), and

- a transaction identifier (TRX ID) printed on the physical document (118) and being associated with a device identifier (Device ID) of a second device (102) that triggered cryptographic protection of the physical document (112, 114);

sending the transaction identifier (TRX ID) towards a transaction server

(108);

receiving, from the transaction server (108), transaction information comprising the device identifier (Device ID) associated with the transaction, wherein

- a first verification parameter set comprises at least one of the first CPDR (SI) and a second EPDR (HS1) obtained by applying a first cryptographic key (public key/KsIMAF) associated with the device identifier (Device ID) to the first CPDR (SI); and

- a second verification parameter set comprises at least one of the first EPDR (H3) and a second CPDR (SHI) obtained by applying a second cryptographic key (KsNAF) associated with the device identifier (Device ID) to the first EPDR (H3);

- a third verification parameter set comprises at least one of a third EPDR (H2) of the original document (112, 114) that was to be protected and a third CPDR (S2) derived by applying a third cryptographic key (private key/KsNAF) associated with the device identifier (Device ID) to the third EPDR (H2), wherein the third parameter set is received with the transaction information; and triggering verification of the physical document (118) based on a parameter correspondence between the first parameter set, the second parameter set and the third parameter set.

40. A method of operating a transaction server (108) configured to log a cryptographic document protection transaction, the method comprising

receiving transaction information comprising a device identifier (Device ID) and at least one of an electronically processable document representation, EPDR, (H2) of content of a document that is to be protected and a cryptographically processed document representation, CPDR, (S2), wherein the CPDR (S2) has been obtained by a device (102) associated with the device identifier (Device ID) by applying a cryptographic key (cK) associated with the device (102) to the EPDR (H2);

assigning a transaction identifier (TRX ID) to the transaction information;

transmitting the transaction identifier (TRX ID) towards the device (102); and

logging the transaction information in a tamper-proof manner in a data structure (110).

41. A method of a operating transaction server (108) that logs transaction information pertaining to a plurality of cryptographic document protection transactions in a data structure (110), the transaction information comprising for each transaction a device identifier (Device ID) and at least one of an electronically processable document representation, EPDR, (H2) of content of a document that is to be protected (112, 114) and a cryptographically processed document representation, CPDR, (S2), wherein the CPDR (S2) has been obtained by a first device (102) associated with the device identifier (Device ID) by applying a cryptographic key (cK) associated with the first device (102) to the EPDR (H2), the method comprising

receiving a transaction identifier (TRX ID) printed on a physical document (118) and obtained by a second device (102) from the physical docu-

ment (118);

accessing the data structure (110) to identify the transaction information associated with the transaction identifier (TRX ID); and

returning at least a portion of the identified transaction information.

42. A method of operating a verification device (124) configured to verify a cryptographically protected document (118) on which a first cryptographically processed document representation, CPDR (SI), is printed, wherein the first CPDR (SI) is based on a first cryptographic key (KsNAF) associated with a first device (102) having been applied to a first electronically processable document representation, EPDR (H3), of content of the physical document to be verified (112, 114), the method comprising

receiving a verification request comprising a device identifier (Device ID) associated with the first device (102), the first CPDR (SI), the first EPDR (H3), and a set of cryptographic parameters (RAND, NAFJD, gba-me) used by the first device (102) for calculation of the first cryptographic key (KsNAF);

transmitting a key request comprising the device identifier (Device ID) and the at least one cryptographic parameter (RAND);

receiving a second cryptographic key (Ks) generated on the basis of the at least one cryptographic parameter (RAND) and a secret key (CK, IK) associated with the device identifier (Device ID);

applying the second cryptographic key (Ks) to at least one of the cryptographic parameters (NAFJD, gba-me) to derive a third cryptographic key (KsNAF);

applying the third cryptographic key (KsNAF) to at least one of the first CPDR (SI) so as to obtain a second EPDR (HS1) and the first EPDR (H3) so as to obtain a second CPDR (SHI), wherein

- a first verification parameter set comprises at least one of the first CPDR (SI) and the second EPDR (HS1);

- a second verification parameter set comprises at least one of the first EPDR (H3) and the second CPDR (SHI); and

- a third parameter set comprises at least one of a third EPDR (H2) of the original document that was to be protected (112, 114) and a third CPDR (S2) derived by applying a fourth cryptographic key (KsNAF) associated with the device identifier to the third EPDR (H2), wherein the third parameter set is received with the verification request; and

verifying the physical document (118)based on a parameter correspondence between the first parameter set, the second parameter set and the third parameter set.

43. A computer program product configured to perform the steps of the method of any of claims 38 to 42 when the computer program product is executed on one or more processors.