TAMPER DETECTION METHOD

Technical Field

The present invention relates to an anti-tampering medium, an anti-tampering authentication system and an authentication method by comparing the code in the blockchain and the dynamic code on the rewritable memory chip and a system applying the method. The anti-tampering medium, the authentication system and the authentication method according to the invention can be applied to authentication in many technical fields such as anti-tapering stamps affixed to products, important documents that need to be secured authenticity and uniqueness such as identity cards, certificates, ATM cards, secure access cards.

Background Art

In the prior art, there are many authentication methods that are being applied, such as using holographic stamps, SMS scratching stamps, and the latest one is QR Code traceable stamps. However, there still exist many weaknesses in these methods that cannot be overcome.

Stamps printed with hologram technology can be easily copied and forged. SMS scratching stamps have disadvantages that they can only be used once and are quite inconvenient because they has to scratch to get the code and compose a message to the switchboard. Moreover, SMS is attached to the telecommunication infrastructure of each country so many separate systems need to be deployed with large costs to spread in many countries.

The recently proposed detection and antitampering method is a stamp traceability system containing 2-dimensional barcodes (QR Code). By scanning the QR code, it is possible to access an online data storage system to retrieve information about the origin and historical evolution of the goods, thereby identifying the real/fake. However, this method only helps to retrieve information about “real goods” but has a little value in asserting that the object to be verified is “real” or not. The reason is because the QR Code itself is easily duplicated as it is printed on a product using conventional printing methods. When a forged object also prints the QR Code of the “real product”, the system still retrieves information of “real goods”, leading to the fact that all information of “real goods” will be assigned to the fake goods. In other words, the stamp traceability method containing the QR Code does not help detecting and preventing counterfeiting goods as for the purpose for which it was created. To solve the above problem, this invention proposes an authentication system and method by comparing a dynamic code in the blockchain and a dynamic code on the rewritable memory chip.

Summary of Invention

An object of the present invention is detecting tamper and antitampering, support in overcoming technical vulnerabilities of the anti-tampering methods in the prior art, meanwhile provides an anti-tampering medium, an anti-tampering authentication system and an authentication method.

In order to achieve the above object, the invention provides an anti-tampering medium on which an anti-tampering authentication system can read and write data.

The anti-tampering medium on which the anti-tampering authentication system can read and write data according to the invention comprises a static code and a dynamic code. The static code is a string of numbers generated by the anti-tampering authentication system and assigned to an object to be authenticated, used to address to the block chain containing the information of the object to be authenticated for anti-tampering. The dynamic code is a string of numbers generated by the anti-tampering authentication system writing to the anti-tampering medium the dynamic code of the triggering event information block if the anti-tampering authentication system only has the triggering event information block, or the dynamic code of the last event information block if the anti-tampering authentication system has more than one event information block and the anti-tampering medium is validated by the anti-tampering authentication system.

The dynamic codes of the anti-tampering authentication system is generated in any way by the anti-tampering authentication system and recorded on the triggering event information block if the anti-tampering authentication system only has the triggering event information block, or recorded on the last event information block if the last authentication time is a valid result of the anti-tampering medium, or the dynamic code of the last event information block assigned by the dynamic code of the preceding event information block if the last authentication result of the anti-tampering medium is invalid. The dynamic code of the anti-tampering authentication system may be generated by the anti-tampering authentication system in any manner or convention. Any possible ways include generating a dynamic code by a random function, by the SHA function, by assigning a dynamic code equal to the seal or a coefficient of the seal of the triggering event information block or the check event information block. In which the triggering event information block and the check event information block also include the seal generated by the SHA512 hash of the cryptographic key (Cypherkey), the seal of the preceding block and the digital signature of the block according to the following formula: block-seal - SHA512(CypherKey, prev-block-seal, block-info-hash); wherein, the cryptographic key Cypherkey is generated by the SHA512 hash of the private key components of members of the Authentication Council and the secret key of the system according to the following formula:

CypherKey = SHA512 (secret-key, council-key- 1, ..., council-key-k); wherein the seal of the preceding block (prev-block-seal) is defaulted to a null value (nul) in the triggering event information block; wherein, the digital signature of the triggering event information block is generated by the SHA512 hash of the triggering event information, according to the following formula: block-info-hash = SHA512 (block-info, ref-info-hash).

According to an aspect of the invention, the anti-tampering medium also comprises a quick check code (quick-code) generated by the anti-tampering authentication system from three parameters including the cryptographic key (secret-key), the static code (dynamic-id) and the dynamic code (static-id) according to the following formula: quick-code = SHA256(secret-key, dynamic-id, static-id).

According to another aspect of the invention, the anti-tampering medium is made in form of a stamp with a static code printed on the stamp in the form of a QR code.

The invention also provides an anti-tampering authentication system comprising: an information reading and writting device, a triggering module and an authentication module. The information reading and writting device can read the static code and the dynamic code of the anti-tampering medium and overwrite a new dynamic code with the existing dynamic code of the anti-tampering medium.

The triggering module to generate a triggering event information block, wherein the triggering event information block includes: information of the anti-tampered object (ref-info) and event information (block-info); a digital signature of the event information (block-info-hash) calculated according to the following formula: block-info-hash = SHA512 block-info, ref-info-hash) wherein ref-info-hash is the result of the SHA512 hash of the information of the antitampered object (ref-info); a seal of the triggering event information block according to the following formula: block-seal = SHA512(CypherKey, prev-block-seal, block-info-hash) wherein, the seal of the preceding block is defaulted as null value (nul); wherein the cryptographic key (Cypherkey) is calculated by the private key of the members of the Authentication Council and the secret key of the system (secretkey), according to the following formula:

Cypher Key = SHA512 (secret-key, council-key- 1, ..., council-key-k) wherein: council-key- 1 , ... , council-key-k la the private key components of the members of the Authentication Council, caculated according to the following formula : council-key-k = SHA512(secret-key, council-private-key, block-info-hash) a dynamic code generated as an arbitrary string of numbers and stored in the triggering event information block. whereby during the initialization cycle, the triggering module generates the triggering event information block, while also sends a control command to assign the static code on the anti-tampering medium to address to the block chain of the anti-tampering authentication system.

An authentication module performs authentication each time the anti-tampering medium inserted into the reading and writting device as follows: generate a new event information block, wherein the new event information block contains the following components: a seal of the preceding block (pre-block-seal), wherein the preceding block can be either the triggering event information block or the event information block generated at the previous authentication; an event information of the dynamic code check (block-info); a digital signature of the check event information calculated according to the following formula block-info-hash = SHA512 (block-info, ref-info-hash) a new cryptographic key of the new event information block calculated according to the following formula CypherKey = SHA512 (secret-key, council-key- 1, ..., council-key-k),' wherein, secret-key is the secret key of the anti-tampering authentication system; wherein: council-key- 1, council-key-k are the private key components of the members of the Authentication Council, calculated according to the following formula : council-key-k = SHA512(secret-key, council-private-key, block-info-hash) the seal of the new event information block calculated according to the following formula: block-seal = SHA512(CypherKey, prev-block-seal, block-info-hash) detect an anti-tampering medium being valid or invalid by comparing the dynamic code stored on the anti-tampering medium with the dynamic code stored on the last event information block,

+ if the two dynamic codes match with each other, the authentication module generates the new dynamic code and store it in the new event information block, and instructs the reading and writting device overwrite the dynamic code of the new event information block on the existing dynamic code of the anti-tampering medium, and display the result “the antitampering medium is valid” on the interface of the information reading and writting device;

+ if the two dynamic codes do not match with each other, then assign the dynamic code of the preceding block to the dynamic code of the new event information block, and instruct the reading and writting device to display the result “the anti-tampering medium is invalid” on the interface of the information reading and writting device.

The block chain of the anti-tampering authentication system comprises the triggering event information block and the new event information blocks are generated each time the antitampering authentication system authenticates the anti-tampering medium. In one preferable embodiment, the dynamic code (dynamic-id) of the triggering event information block is assigned the seal of the triggering event information block, the dynamic code (dynamic-id) of the new event information block is assigned equal to the seal of the new event information block.

In one preferable aspect of the invention, the event information (block-info) includes one or more of or all parameters including who affects, what affects, when it occurs, location (who, what, when, where). However, the present invention is not specifically limited to the event information listed here, but may include many other information such as information about sale agents, carrier information etc., or other impact events such as transfer, purchase and sale depending on each type of object to be anti-tampering. Anti-tapering objects are also very diverse, not limited to goods such as apples, shoes, and clothes, but also include high-end products such as watches, phones, important or priced documents, etc.

In one preferable aspect of the invention, the new event information block of the antitampering authentication system also comprises the quick code is generated by the SHA512 hash of the secret key of the system, the static code and the dynamic code according to the following formula: quick-code = SHA256(secret-key, dynamic-id, static-id), then write the quick code on the anti-tampering medium. In another preferable aspect of the invention, the information reading and writting device of the anti-tampering authentication system also has the ability to display all information related to the object to be authenticated, retrieved from the information storage and processing system. According to a preferable aspect, the information reading and writting device is a smartphone capable of performing the function of information reading and writing device. However, the present invention is not limited to any particular device, the anti-tampering authentication system as well as the information reading and writting device can be any type of device as long as it guarantees the functions mentioned above.

The invention also provides a tamper detection method (authentication) to operate the antitampering authentication system using the above-mentioned anti-tampering medium. The tamper detection method of the invention authenticates by comparing the dynamic code in the last event information block of the block chain of the anti-tampering authentication system and the dynamic code on the anti-tampering medium, comprises an initialization cycle and an authentication cycle.

The tamper detection method authenticates by comparing the dynamic code in the block chain and the dynamic code on the anti-tampering medium , comprises the initialization cycle, includes steps (1) generating a triggering event information block including information of object to be anti-tamperred (ref-info) and the event information (block-info) on the antitampering authentication system, generating a static code and recording it on the anti-tampering medium wherein the static code is a string of numbers assigned the block chain of the antitampering authentication system; (2) storing the triggering event information on the triggering event information block; (3) generating a digital signature of the triggering event information block by SHA512 hash of the triggering event information; (4) generating a seal of the triggering event information block with the SHA512 hash of the cryptographic key Cypherkey, the seal of the preceding block and the digital signature of the block; (5) recording the seal of the triggering event information block computed in step 4 into the "dynamic code" information field with the static code on the stamp, and storing the calculated dynamic code and the encryption results in the triggering event information block, and ending the initialization cycle.

When an user scans a stamp for authentication, an authentication cycle is performed, comprising (1) the information reading and writting device simultaneously reads the static code and the dynamic code on the anti-tampering medium; (2) basing on the static code, the system finds the last event block in the blockchain of the object attached with the anti-tampering medium to be authenticated to retrieve the dynamic code information; (3) comparing the dynamic code stored on the anti-tampering medium and the dynamic code stored on the last event block of the object attached with the anti-tampering medium to be authenticated; (4) analyzing and processing the information.

If the two dynamic codes (on the anti-tampering medium and on the last event block of the blockchain) match, the system creates a new block based on the new event information, obtained from scanning the code in step 1 of this cycle; basing on the new event information, the system calculates the digital signature of the new event information and the seal of the new block, then the new block's seal will be recorded as a dynamic code on the new block and transmitted to the information reading and writting device to update the new dynamic code on the anti-tampering medium, and display the “valid stamp” result on the interface of the information reading and writting device.

If the two dynamic codes do not match, then the system performs the same steps as in the case of the matching dynamic codes, characterized in that, the dynamic code of the previous block is copied into the dynamic code field of the new block, without updating the new dynamic code on the anti-tampering medium, and the "invalid stamp" result is displayed on the interface of the information reading and writting device.

The present invention also provides a tamper detection method by comparing the quick code on the recordable memory chip stamp and the quick code that a information reading and writting device can caculate, including: initiating a cycle, comprising the same steps as the tamper detection method (authentication) by comparing the dynamic code in the chainblock and the dynamic code on the recordable memory chip stamp mentioned above, characterized in that, the system includes an additioned step 5a, accordingly, the quick code of the system is made by the SHA512 hash of the secret key of the system, the static code and the dynamic code, then recording the quick code on the anti-tampering medium.

After the initialization cycle, when an user scans the anti-tampering medium for authentication, a authentication cycle is performed, comprising the following steps: (1) The information reading and writting device simultaneously reads the dynamic code, the static code and the quick code on the anti-tampering medium; (2) The information reading and writting device uses the pre-installed secret key of the system, combining the static code and the dynamic code read from the anti-tampering medium, to compute a quick code; and (3) Comparing the quick code calculated by the information reading and writting device with the quick code written on the anti-tampering medium. If the two codes match, the information reading and writting device will display a result “the anti-tampering medium is valid”; otherwise, it will display a result “the anti-tampering medium is invalid”.

The invention also provides a calculable information reading and writting device to apply the tamper detection method quickly. The calculable information reading and writting device comprises: an information reading and writting unit for reading the static code and the dynamic code of an anti-tampering medium; and a calculation unit for calculating a quick code (quick-code) according to the following formula: quick-code = SHA256(secret-key, dynamic- id, static-id) ; wherein secret-key is the secret key of the anti-tampering authentication system; wherein dynamic-id is the dynamic code and static-id is the static code of the anti-tampering medium.

The invention also provides a tamper detection method by comparing the quick code, by comparing the dynamic code on the block chain and the dynamic code on the anti-tampering medium attached a rewritable memory chip, comprising: an initialization cycle which creates a triggering event information block, generates a static code locating a blockchain including the triggering event information block, assigns each anti-tampering medium with the static code corresponding to an object to be authenticated and creating a data file containing an event information of the object, generates a digital signature and a seal of the triggering event information block. At the initialization cycle, when an user scans the anti-tampering medium for authentication, the initialization cycle is operated, comprising the following steps: (1) The information reading and writting device reads the dynamic code, the static code and the quick code on the anti-tampering medium; (2) The information reading and writting device will use the preinstalled secret key of the system, with the static code and the dynamic code read from the anti-tampering medium, to calculate the quick code; (3) comparing the quick code calculated by the formula: quick-code = SHA256 (secret-key, dynamic-id, static-id) on the information reading and writting device with the quick code recored on the anti-tampering medium: if the two quick codes match, go to step 4, if the two quick codes do not match, go to step 5); (4) comparing the dynamic code stored on the anti-tampering medium and the dynamic code stored on the last event information block of the object to be authenticated ; (5) Analysing and processing information :

+ If the two dynamic code match, the system generates a new event information block based on the new event information; based on the new event information, the digital signature of the new event information, the seal of the new event information block and the quick code is calculated. After that, the seal of the new event information block is assigned as the dynamic code on the event information block and updated on the anti-tampering medium with a new quick code, and display the result “the anti-tampering medium is valid” on the interface of the information reading and writting device;

+ If the quick code calculated by the system is different from the quick code recorded on the anti-tampering medium or the dynamic code on the anti-tampering medium and is different from the dynamic code on the last event information block of the block chain, a new event information block is generated based on the new event information. The digital signature of the new event information the seal of the new event information block is calculated and stored on the new event information block. The tamper detection method is characterized in that the dynamic code of the preceding block is copied into the dynamic code field of the new event information block, but not update the new dynamic code and fast code on the antitampering medium, and display the result “the anti-tampering medium is invalid” on the interface of the information reading and writting device.

The invention also provides the anti-tampering medium affixed to a product to be protected against tampering, including a chip having a NVM memory suficient to contain a dynamic code, a static code, and a quickcheck code, which can store and record information when the power is not supplied.

The invention also provides a system to perform the tamper detection method. The system also comprises an information storage and processing system and an information reading and writting device. The information storage and processing system is capable of storing the event history information in a blockchain form, allowing access and recording of information via the internet, and capable of calculating the SHA512 hash function. The information reading and writting device reads and record the static and dynamic codes on the NVM memory chip on the anti -tampering medium. The information reading and writting device containing the secret key of the system is capable of calculating the SHA512 function and comparing the quick code on the anti-tampering medium with the calculated quick code results. The information reading and writting device connects to the information storage and processing system via the internet and has the interface necessary to display the results (a valid stamp or an invalid stamp).

Brieft Discription of the Drawings Figure 1 is a flowchart illustrating a tamper detection method (authentication) by comparing a dynamic code in a blockchain and a dynamic code on a recordable memory chip stamp;

Figure 2 is a flowchart illustrating a tamper detection method by comparing a quick code on the recordable memory chip stamp and a quick code calculated by an information reading and writting device ;

Figure 3 is a flowchart illustrating a tamper detection method by comparing the quick code, combining comparing a dynamic code in the blockchain and a dynamic code on a recordable memory chip stamp ;

Figure 4 is a diagram illustrating a memory chip stamp; and

Figure 5 is a schematic diagram of the blockchain of the invention when initializing and validating a stamp.

Detailed Description of Embodiments

In the following, the invention will be described embodiments in details. The specific embodiments of the invention is expressed by way of examples for disclosing entire of the invention to one ordinary person skilled in the art. However, the examples do not limit invention. The present invention includes all variations, equivalents and alternatives without departing from the scope and spirit of the invention.

It would be understood that, unless otherwise indicated, the terms used in the description should be construed as generally understood and widely used by those skilled in the art. The terms used in the description are intended to describe specific embodiments and are not intended to be limited to the terms. The terms such as Cypherkey, block-seal, block-info, etc. are used to distinguish objects, parameters, functions, algorithms and the invention is not limited to them. The parts of the description that are known or may obscure important points of the invention are ignored.

Tamper detection methods by comparing the code in the blockchain and and the code on the recordable memory chip stamp are constituted by three main components, including (i) a stamp affixed to a product to be protected against tampering, including a memory chip containing a dynamic code, a static code and a quick code; (ii) an information storage and processing system; (iii) an information reading and writting device.

Hereafter, an anti-tampering medium of the invention is in the form of a specific application with a specific form such as a stamp affixed to products as original products as shown in Figure 4. Referring to Figure 4, the anti-tampering medium is illustrated as a specific form of a stamp having a memory chip according to one specific embodiment of the invention. The stamp affixed to a product to be protected against tampering is a memory chip container. The memory chip can be an RFID chip or an NFC chip with a NVM (Non Volatile Memory) memory, which can store and record information without a power supply, with enough capacity to store a static code (static-id), a code dynamic-id and a quick-code of an object to be authenticated.

The static code (static-id) is a number used to identify an object to be tracked in an event history, which is the product that needs to be antitampered. The static code is stored in the NVM memory, allocated to a blockchain (blockchain) containing a historical information and an updated information of the object. According to a preferred embodiment, the static code is also shown in the form of a QR code and printed on the stamp attached to the object to be authenticated.

A dynamic code is a number that is generated according to a rule, specified by the antitampering authentication system, equal to or equal to a factor multiplied by the block-seal of the the triggering event information block or the last check event information block, or a dynamic code randomly generated by the anti-tampering authentication system, by the SHA function, or by any other rules that makes it impossible to predict the code, is stored in the NVM memory of the stamp, updated after each validation scan gives the correct result. In a preferred embodiment, the dynamic code has a capacity of 512 bits. The rule for generating the dynamic code of an anti-tampering authentication system can be generating the dynamic code by a random function, by the SHA function, by assigning a dynamic code equal to the seal or a coefficient of the seal of the triggering event information block etc.

A dynamic code calculation formula will be expressed in the following.

A quickcheck code (quick-code) is a number of computational systems for checking the stamp on-site without an Internet connection. With the information contained on the quickcheck code, it is possible to determine whether or not a pair of the static code and the dynamic code on stamp are issued by the system. 256-bit quickcheck code stored in the NVM memory on the stamp has a tamper detection and check function with relatively high accuracy without requiring an internet connection. The quickcheck code is composed of three parameters including a secret-key, a static code and a dynamic code according to the following formula:

Formula 1: quick-code = SHA256 (secret-key, dynamic-id, static-id)

In which, secret-key is a secret key of the system.

Since the stamp only needs using NVM memory, it is not neccessary to have a complicated chip, so its cost is low. In recent years, the technology of manufacturing RFID chip tags and NFC chip tags has been improved, helping to increase production efficiency and reduce costs. Since then, the price of stamps is decreasing day by day, thus applicability of the invention for many different products is increased.

Although illustrated as a stamp with a memory or memory chip inside to store a dynamic code, the anti-tampering medium is not limited to a specific form such as a memory, memory chip, but the anti-tampering medium can be in the form of packets containing dynamic and static codes that are attached in a product packet, for example identifying a correct software or standard packets from the vendor, or encrypted artwork as long as the anti-tampering medium can update the new dynamic code each time the anti-tampering authentication system successfully authenticates on the anti-tampering medium.

The present invention further provides an anti-tampering authentication system in which the anti-tampering authentication system is a system capable of authenticating, determining that the anti-tampering medium is valid, i.e. true from the manufacturer, provided by a product distributor, or that the anti-tampering medium is invalid, i.e. the anti-counterfeiting means created by another party to pretend that it is an anti-tampering medium of the manufacturer, distributor attached to objects that need anti-counterfeiting, such as branded bags, software products, etc.

The anti-tampering authentication system in one preferred embodiment of the invention is a computer system connected to the internet. On the system there are information technology platforms to store and update all data relating to the object that needs to be authenticated, allowing access to data, encrypting and authenticating the data over the internet.

The anti-tampering authentication system of the present invention comprises a information reading and writting device that can read the static code and the dynamic code of the anti-tampering medium and overwrites the existing dynamic code of the anti-tampering medium with a new dynamic code. The triggering module to generate the triggering event information block and the authentication module to perform authentication each time antitampering medium is inserted into the information reading and writting device. The triggering module and the authentication module have the function of calculating the parameters required for authentication. However, in one embodiment, the triggering module and the authentication module can be integrated into one module with the two functions of initialization and authentication because the same computation can be used as described below.

Information storage is performed using the blockchain technology (blockchain). Accordingly, information relating to the object will be stored in the information blocks linked by encryption and expanding over time. Each block of the blockchain stores an event information of a feed or stamp scan. New event blocks are formed based on parameters from its preceding block using the SHA512 hash function, so the information between the blocks is closely connected and cannot be separated, forming a linked blockchain.

The block chain according to the invention as shown in Figure 5 consists of the triggering event information block and the check event information block(s), in which the triggering module generates a triggering event information block together with the its parameter information and the authentication module generates check event information blocks in which, after each authentication test, or insert the anti-tampering medium into the information reading and writting device, the authentication module will generate the check event information block accordingly.

The triggering event information block is also the first event information block of the blockchain, defined as the first loading of information about the object or information scan that alters all or part of the nature of the object, containing the following components: information of the anti-tampered object (ref-info) and the event information (block-info); the digital signature of the event information (block-info-hash); the seal of the triggering event information block (block-seal); the cryptographic key (Cypherkey); the dynamic code (dynamic-id), assigned with the seal of the triggering event information block matching the dynamic code on the stamp (the anti-tampering medium). The components of the triggering event information block have specific relationships as follows:

The information of the object to be anti-tamperred and the event information (blockinfo) is in the block. The information of the object to be anti-tampering (ref-info) includes information about the shoes, including the type of shoe, which factory (who); shoe specifications such as shoe type, size, material... (what); when produced (when); where (where); other information about the shoes such as pictures or videos of the shoes at the factory, etc. (ref-info). The object to be anti-tampering can also be what kind of apple, where it is grown, by whom, by what technology, fertilizers, chemicals used, etc., or it can also be a digital picture with who the author is, when it was drawn, who owns it, etc., or computer software.

The digital signature of the event information (block-info-hash) is calculated according to the following formula: block-info-hash = SHA512 (block-info, ref-info-hash) wherein ref-info-hash is the result of SHA512 hash of the information of the object to be anti-tamperred (ref-info). The seal of the triggering event information block is calculated according to the following formula: block-seal = SHA512(CypherKey, prev-block-seal, block-info-hash) wherein, the seal of the preceding block is defaulted as null value (nul); wherein the cryptographic key (Cypherkey) is calculated by the private key of the members of the Authentication Council and the secret key of the system (secret-key), according to the following formula:

CypherKey = SHA512 (secret-key, council-key- 1, ..., council-key-k) wherein: council-key- 1, ..., council-key-k are the private key components of the members of the Authentication Council, calculated according to the following formula : council-key-k = SHA512(secret-key, council-private-key, block-info-hash).

The dynamic code (dynamic-id) is assigned by the seal of the triggering event information block.

The authentication module will perform authentication each time the anti-tampering medium inserted into the reading and writting device, meanwhile generate a new event information block, so called as a check event information block. The check event information block will check the dynamic code of the stamp (authenticate stamp), that is the new event information block is generated after each stamp scans to verify the truth/fake (valid or not). The check event information block contains the following paramaters: the seal of the preceding block (pre-block- seal), wherein the preceding block may be the triggering event information block or the event information block generated in the previous authentication; the event information of the dynamic code check (block-info); the digital signature of the check event information calculated according to the following formula block-info-hash = SHA512 (block-info, ref-info-hash); the cryptographic key of the check event information block (the new event information block) calculated according to the following formula CypherKey = SHA512 (secret-key, council-key- 1, ..., council-key-k), -wherein secret-key are the secret key of the system and council-key- 1, ..., council-key-k are the private key components of the members of the Authentication Council; the seal of the check event information block calculated according to the following formula: block-seal = SHA512(CypherKey, prev-block-seal, block-info-hash), wherein the cryptographic key (CypherKey), the seal of the preceding block (prev-block-seal) and the digital signature (block-info-hash); the dynamic code of the check event information block is generated in any rules of the anti-tampering authentication system or is assigned equal to value of the seal of the check event information block if the anti-tampering authentication system concludes the stamp is valid and and will updated on the current dynamic code of stamp, but the dynamic code of the check event information block will is assigned equal to the dynamic code of the preceding event information block if the anti-tampering authentication system defined that stamp is invalid and will NOT update on the dynamic code of stamp.

The anti-tampering authentication system according to the invention operates following the initialization cycle and the authentication cycle.

Initialization cycle: At the beginning to attach the anti-tampering medium (stamp) to a specific anti-tampering object, the initialization module of the anti-tampering authentication system will proceed to generate a triggering event information block containing the triggering event information and other components including: information of the object to be antitampered with (ref-info) and the event information (block-info), the digital signature of the event information (block-info-hash), the seal of the triggering event information block, the dynamic code is generated by a rule or any ways of the anti-tampering authentication system or is assigned equal to the seal of the triggering event information block, meanwhile the initialization module will generates a static code, which is a string of numbers, and assign the static code with the block chain of of the object to be authenticated, and the information reading and writting device will record the static code on the anti-tampering medium (stamp).

Authentication cycle: When insert the stamp (the anti-tampering medium) into the information reading and writting device, the authentication module will authenticate to determine the stamp is fake or not. The authentication module will generate a new event information block, wherein the new event information block includes the following components: the seal of the preceding block (pre-block-seal), the event information of the dynamic code check (block-info), the digital signature of the check event information, the new cryptographic key of the new event information block, and the seal of the new event information block, and detect the anti-tampering medium is valid or is invalid by comparing the dynamic code of stamp (the anti-tampering medium) with the dynamic code of the last event information block on the anti-tampering authentication system. If the two dynamic codes match with each other, the anti-tampering medium is valid, the authentication module will generate a new dynamic code, which is any sequence of numbers in some way of the anti-tampering authentication system or assigned the seal of the new event information block to the dynamic code on the new event information block, and instructs the reading and writting device to overwrite the dynamic code of the new event information block on the existing dynamic code of the anti-tampering medium, and displays the result “the anti-tampering medium is valid” on the interface of the information reading and writting device. If the two dynamic codes do not match with each other, then the anti-tampering medium is invalid, then the dynamic code of the preceding block is assigned to the dynamic code of the new event information block, and instruct the reading and writting device to display the result “the anti-tampering medium is invalid” on the interface of the information reading and writting device, but NOT record the dynamic code on the anti-tampering medium. With such a operation, the anti-tampering authentication system will generate the block chain wherein the block chain comprises the triggering event information block and the new event information blocks (the check event information block) which are generated each time the anti-tampering authentication system authenticating the anti-tampering medium.

In addition, the invention also provides the anti-tampering authentication system with the event information block scanning the static code but not authenticating the stamp for the quickcheck case of the stamp. The event information block scans the static code without authenticating the stamp, i.e. the event block checks information about the object without scanning the dynamic code to authenticate the true/fake stamp. This event block contains all the same components as those of the dynamic code checking event block, characterized in that the dynamic code is copied from the dynamic code of the preceding dynamic code checking event block, that is, the dynamic code of the dynamic code checking event block is not changed from the preceding dynamic code checking event block and remains the same as the dynamic code stored on the anti-tampering medium (because when scanning the static code without authenticating the antitampering medium, the new dynamic code is not updated).

A stamped mechanism (or Authentication Council):

In the information storage and processing system, there is a stamped mechanism, or also known as an Authentication Council having many members. Each member is assigned an account that contains information about their name (council-account-name)- chosen by the member and registered with the system; and the council password (council-password ) - it is created by members and can be changed freely.

On the assigned account, each member has his own digital signature, calculated by the following formula:

Formula 2: council-private-key = SHA512 (council-account-name, council-password)

The number of members of the Authentication Council is not limited, however, it is better to have a minimum of three members with three levels as below:

+ First level: being authorized to control all of the object's data files at the highest level. This level can be authorized and operated by a state agency or a stamp-issuing organization. + Second level: being authorized to control one or more of the object's data files managed by that level. This level is usually operated by the manufacturer or by an authorized person or organization from the manufacturer.

+ Third level: being authorized to control one or more of the object's data files managed by that level. This level is usually the authorized dealer from the manufacturer.

Each account granted to a member of the Authentication Council who is a human or an organization can activate a separate channel on the system or software running independently on the computer. This software may be packaged individually or bundled with the Information Processing and Storage System software of the present invention.

All members of the Authentication Council independently store their log-in/log-out history and have a statistical mechanism reporting these events for verification.

The information reading and writting device

The information reading and writting device including devices that can read static codes and dynamic codes by a device reading or writing RFID or NFC codes; scanning QR Code and having ability to connect to the internet.

The information reading and writting device can be specialized scanners located in shops, supermarkets or public places; handheld scanning devices, or even smartphones that can read, write RFID or NFC codes, or can read QR codes.

Referring to Figure 1, a flowchart illustrating a tamper detection method (authentication) by comparing a dynamic code in a blockchain and a dynamic code on a recordable memory chip stamp.

A tamper detection method by comparing the dynamic code in the blockchain and the dynamic code on the recordable memory chip stamp is operated in two cycles as follows:

Cycle 1; Initiating

The purpose of the initialization cycle is loading an initial information (triggering event) into the first block of the blockchain.

The initialization cycle comprising the following steps:

Step 1: generating a triggering event information block including information of object to be anti-tamperred (ref-info) and the event information (block-info) on the anti-tampering authentication system, generating a static code and recording it on the anti-tampering medium wherein the static code is a string of numbers assigned the block chain of the anti-tampering authentication system.

Step 2: : storing the triggering event information on the triggering event information block. The triggering event information (block-info) in the block may include the following information: impacted by who (who); what is this impact (what); the time of the event (when); where the event occurred (where); referenced information attached (ref-info)... However, depending on demands that triggering information may include additional information.

For example, the object’s striggering information is a pair of shoes with an anti-tamper stamp that could be factory made (who); specifications of the shoe such as type of shoe, size, material... (what); when the shoes is produced (when); where the shoes is produced (where); other information about the shoes such as pictures or videos of the shoes at the factory, etc. (ref- info)

Step 3: Generating a digital signature of the triggering event information.

From the above data, the triggering event information is encrypted with the SHA512 hash function to form a digital signature of the event information (block-info-hash), specifically as follows:

Formula 3: block-info-hash = SHA512 (who, what, when, where, ref-info-hash)

Wherein, ref-info-hash is the result of SHA512 hash of the attached reference information (ref-info) when the event has the reference information attached in the form of images, audio, video, text, etc.

Step 4: Generating a seal of the triggering event information block.

A seal of the triggering event information block (block-seal) is calculated as follows:

Formula 4: block-seal = SHA512(CypherKey, prev-block-seal, block-info-hash)

Wherein,

(i) CypherKey is a cryptographic key calculated based on private keys of the members of the Authentication Council and the secret key of the system (secretkey), according to the following formula:

Formula 5:

CypherKey = SHA512 (secret-key, council-key- 1, ..., council-key-k)

Wherein: council-key- 1, ..., council-key-k are the private key components of council members., calculated according to the following formula:

Formula 6: council-key-k = SHA512 (secret-key, council-private-key, block-info-hash) Wherein:

- block-info-hash is calculated according to Formula 3 ;

- council-private-key is the private digital signature of all the members of the Authentication Council who have logged in the system and activated, calculated according to Formula 2.

(ii) Prev-block-seal is the seal of the preceding block. However, since this is the first block, its value is defaulted to the null value (nul).

Step 5: Recording the seal (block-seal) of the triggering event information block calculated in Step 4 as a dynamic code with the static code on the anti-tampering medium, and storing the computed dynamic code and encryption results in the triggering event information block.

The initialization cycle is ended.

When the user scans the anti-tampering medium for authentication, Cycle 2 is operated as follows:

Cycle 2: Detecting real/fake stamps (authentication )

The purpose of this cycle is to determine whether or not the anti-tampering medium attached on the product is valid (the real one) by comparing the dynamic code on the antitampering medium with the dynamic code stored on the system. If the two codes match with each other, the anti-tampering medium will be authenticated (real stamp), otherwise, if the two codes do not match with each other, the anti-tampering medium will not be authenticated (fake stamp).

The authentication cycle (detecting real/fake stamps) include the following steps:

Step 1 : The information reading and writting device is initiated to simultanously read the static code and the dynamic code on the anti-tampering medium.

Step 2: Basing on the static code, the system finds the last event block in the blockchain of the object attached with the anti-tampering medium to be authenticated to retrieve the dynamic code information on the current dynamic code of the object attached with the antitampering medium to be authenticated.

Step 3: Comparing the dynamic code stored on the anti-tampering medium and the dynamic code stored on the last event block of the object attached with the anti-tampering medium to be authenticated;

Step 4: Analyzing and processing the information: + If the two dynamic codes (on the anti-tampering medium and on the last event block of the blockchain) match with each other, the system creates a new block based on the new event information, obtained from scanning the code in step 1; The new event information (block-info) includes the following information: who scan the code (who); how to scan; when scanning (when); scanning location (where); and the attached reference information (ref- info)... However, depending on the demands, the event information may include other additional information.

Based on the new event information, the system calculates the digital signature of the new event information according to Formula 3 and the seal of the new block according to Formula 4, then a new dynamic code is generated and recorded on the new event informaton block or assigned the new dynamic code equal to the seal of the new event informaton block and transmit to the information reading and writting device to update the new dynamic code on the anti-tampering medium, and displays the “valid Stamp” result on the interface of the information reading and writting device;

+ If the two dynamic codes (on stamp and on the last event information block of the block chain) do not match with each other, then the system performs the same steps as in the case of the matching dynamic codes, characterized in that, the dynamic code of the previous block is copied into the dynamic code field of the new block, without updating the new dynamic code on the anti-tampering medium, and the "invalid stamp" result is displayed on the interface of the information reading and writting device.

Authentication can be repeated indefinitely according to Cycle 2.

With the mechanism for authenticating the information on the anti-tampering medium as stated above, if someone wants to counterfeit the anti-tampering medium, he/she must compute the dynamic code. Computing the dynamic code is extremely difficult, however, as it is necessary to compute the CypherKey, which is equivalent to break the SHA512 code. With the reason, it is virtually impossible to compute the dynamic code, making tampering impossible.

It is possible to be tampered by copying all information on the anti-tampering medium. By the way, on the copied stamp there will be a dynamic code issued by the system. However, this dynamic code is the dynamic code at the time of copy, which is not updated. Therefore, when the real stamp is scanned and authenticated, the system generates a new dynamic code and stores it on the event chain, and stored on the real stamp at the same time, the copied stamp carrying the dynamic code of the past will be identified as a fake stamp due to the dynamic code (real in the past) different from the current dynamic code on the system. Not only that, by comparing the copied dynamic code (not updated) with the dynamic code recorded in the blockchain, it is possible to find out the fake dynamic code (not updated) coincides with the dynamic code in which block in the blockchain, it is deduced that the real stamp was copied from the real stamp and at what time and place, thereby helping to find out the object of fake acts.

The tamper detection method provided in the present invention as mentioned above eliminates almost attacking ways, ensures a very high level of security, but only works when the system is connected to the internet.

In order to overcome the above-mentioned drawback, the present invention provides a simplified tamper detection method by using a quick code, a static code and a dynamic code, combining a secret key of the system (secret-key) for authenticatiing true/fake stamps are relatively accurate without an internet connection at the time of authentication.

Referring to Figure 2, a flowchart illustrates a tamper detection method by comparing a quick code on the recordable memory chip stamp and the quick code calculated by the information reading and writting device.

Specifically, the system will determine with relative accuracy that the anti-tampering medium on the product conforms to the system's criteria by the following:

Cycle 1: Cycle 1 of the shortened tamper detection method is the same as cycle 1 of the tamper detection method by comparing the dynamic code in the blockchain and the dynamic code on the recordable memory chip stamp as shown in the above, the difference is that cycle 1 is added with one step, Step 5a, right after Step 5.

Accordingly, at Step 5 a of cycle 1, the system will calculate a quick code according to Formula 1 based on the system's secret key (secret-key), the static code and the dynamic code; then, record the quick code on the anti-tampering medium.

Cycle 2:

The purpose of the cycle is to quickly and simply determine whether or not the antitampering medium is valid (real stamp) by determining whether or not the static code, the dynamic code, and the quick code of the anti-tampering medium match with each other.

The cycle of detecting real/fake stamps compacted by the method includes the following steps:

Step 1: The information reading and writting device simultaneously reads the dynamic code, static code and the quick code on the anti-tampering medium.

Step 2: The information reading and writting device uses the pre-installed secret key of the system, combining the static code and the dynamic code read from the anti-tampering medium, to compute a quick code according to Formula 1. Step 3: Comparing the quick code calculated by Formula 1 on the information reading and writting device with the quick code written on the anti-tampering medium. If the two codes match, the information reading and writting device will display a "valid stamp" result; otherwise, it will display an "invalid stamp" result.

It should be noted that in the shortened tamper detection method provided in the invention, the information reading and writting device will only process the information on-site without connecting to internet, therefore, without generating a new event block in the blockchain of the object to be authenticated, unchanging the static code, dynamic code and the quick code on the anti-tampering medium.

The remarkable advantage of the shortened tamper detection method is that it quickly identifies real/fake stamps with relative accuracy even without an internet connection. This method has a disadvantage as not completely eliminating the possibility of tempering a stamp, namely, if someone can copy three codes of the anti-tampering medium at the same time, including the static code, the dynamic code and the quick code, the system is not able to detect the tamper. However, this method also makes it more difficult to replicate than the prior-art anti-tampering methods, because if any one of the three codes is not fully and accurately replicated, including the static code, the dynamic code and the quick code, the system is able to detect tampering.

In a preferred embodiment, a method combining the two above mentioned tamper detection methods into a unified tamper detection method is provided.

Referring to Figure 3, a flowchart illustrates a tamper detection method by comparing the quick code, combining comparing a dynamic code in the blockchain and a dynamic code on a recordable memory chip stamp.

The tamper detection method by comparing the quick code, combining comparing the dynamic code in the blockchain and the dynamic code on the recordable memory chip stamp is operated as follows:

Cycle 1 includes 6 steps (from step 1 to step 5 a) as described in the cycle of the shortened tamper detection method.

Cycle 2: Steps from 1 to 3 of the shortened tamper detection method will be performed in advance.

If the result of quick code comparison shows "valid stamp" (i.e. the quick code on the anti-tampering medium and the quick code computed by the scanning and recording device match), go to Step 4. At Step 4, the system compares the dynamic code stored on the antitampering medium and the dynamic code stored on the last event block of the object attached with the anti-tampering medium to be authenticated. The comparison results will be analyzed and processed in Step 5 to conclude whether the anti-tampering medium is valid or not, accordingly:

+ If the two dynamic codes (on the anti-tampering medium and on the last event block of the blockchain) match, the system generates a new block based on the new event information; obtained from scanning the code in Step 1.

On the basis of the new event information, the system calculates the digital signature of the new event information according to Formula 3, the seal of the new block according to Formula 4, then recalculates the quick code according to Formula 1, then the new block's seal will be recorded as the dynamic code on the block and transmitted to the information reading and writting device along with the quick code to update the new dynamic code and quick code on the anti-tampering medium, and displays the “valid stamp” result is displayed on the interface of the information reading and writting device.

+ If the two dynamic codes (on the anti-tampering medium and on the last event block of the blockchain) do not match, the system processes the same as in the case of the two codes matching, characterized in that the seal of the new block will not be recorded as a dynamic code on the new block, but the system copies the dynamic code of the previous block without updating the dynamic code on the anti-tampering medium, and displays the "invalid stamp" result on the interface of the information reading and writting device.

If the result of comparising the quick codes shows "invalid stamp" (i.e. the quick code on the anti-tampering medium does not match the quick code calculated by the information reading and writting device), the Step 4 is not operated, but Step 5 is operated instead, applied for the case that the dynamic code on the anti-tampering medium does not match the dynamic code on the system. Specifically, if the quick code on the anti-tampering medium does not match the calculation results of the information reading and writting device, the system will record as "invalid stamp", generating a new block with the digital signature of the new event information calculated according to Equation 3 and the seal of the new block calculated according to Equation 4; recording the new event information in the new event block in the blockchain; and copying the the dynamic code information of the preceding block into the corresponding information field on the new block without updating the new dynamic code on the anti-tampering medium.

The application of the shortened tamper detection method can quickly categorize simple forgery cases, copying only a part of the information or incorrectly copying the information of the anti-tampering medium. Together with the shortened tamper detection method, the invention also provides a calculable information reading and writting device to apply the shortened tamper detection method. The calculable information reading and writting device comprises: an information reading and writting unit for reading the static code and the dynamic code of the anti-tampering medium; and a calculation unit for calculating a quick code (quick-code) according to the following formula: quick-code = SHA256(secret-key, dynamic-id, static-id) ; wherein secretkey is the secret key of the anti-tampering authentication system.

In a preferred embodiment, the invention also provides a method of detecting the manner and time of forging. Accordingly, after the system detects the invalid stamp by comparing the dynamic code of the anti-tampering medium with the dynamic code of the block and finds that they do not match, the system will continue comparing the dynamic code of the anti-tampering medium with the dynamic code and the seal of all previous blocks. If the dynamic code of the anti-tampering medium does not match with any dynamic code and the seal of any blocks since the initiating block, it is concluded that the anti-tampering medium is completely temperred, not issued by the system; If the dynamic code of the anti-tampering medium matches with the dynamic code and the seal of a block, it is concluded that the antitampering medium has been copied from the time associated with the event information of that block.

By the way, the system will accurately track the time, location and information related to the tampering.

The invention also proposes a system applying the tamper detection method by using an event history associated with the recordable memory chip stamp including three components: (i) the anti-tampering medium affixed to the product to be protected against counterfeiting, including memory chips containing a dynamic code, a static code and a quickcheck code (quick code); (ii) a information storage and processing system; (iii) an information reading and writting device. Details of these components and how the system works have been described above.