Method and apparatus for article authentication

US 7,137,000 B2
Filed: 06/06/2002
Issued: 11/14/2006
Est. Priority Date: 08/24/2001
Status: Active Grant

First Claim

Patent Images

1. An authentication method for authenticating an article in a device, the method comprising the steps of:

reading an identification number stored on the article;

reading an authentication number stored on the article;

determining an input number based at least in part on the identification number;

applying an authentication function to the input number to calculate an output number, wherein the authentication function is an encryption transformation of the input number, wherein the step of applying the authentication function further comprises the steps of;

providing a first prime number, Q;

providing a second prime number, M;

the second prime number being a primitive element of the prime Galois Field of the first prime number; and

calculating the output number according to the formula;

output number=M^NMOD Q,where N is the input number,wherein the second prime number is selected such that the second prime number is greater than 0, the second prime number is not equal to 1, and the second prime number is not equal to one-half of, the first prime number minus 1; and

determining that the article is authentic only if the authentication number corresponds to the output number.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication method for authenticating an article in a device includes the steps of a) reading an identification number stored on the article, b) reading an authentication number stored on the article, c) determining an input number based at least in part on the identification number, d) applying an authentication function to the input number to calculate an output number, e) determining that the article is authentic only if the authentication number corresponds to the output number, and f) permitting use of the article in the device if the article is authentic, and disabling use of the article in the device if the article is not authentic.

119 Citations

View as Search Results

108 Claims

1. An authentication method for authenticating an article in a device, the method comprising the steps of:
- reading an identification number stored on the article;
  
  reading an authentication number stored on the article;
  
  determining an input number based at least in part on the identification number;
  
  applying an authentication function to the input number to calculate an output number, wherein the authentication function is an encryption transformation of the input number, wherein the step of applying the authentication function further comprises the steps of;
  
  providing a first prime number, Q;
  
  providing a second prime number, M;
  
  the second prime number being a primitive element of the prime Galois Field of the first prime number; and
  
  calculating the output number according to the formula;
  
  output number=M^NMOD Q,where N is the input number,wherein the second prime number is selected such that the second prime number is greater than 0, the second prime number is not equal to 1, and the second prime number is not equal to one-half of, the first prime number minus 1; and
  
  determining that the article is authentic only if the authentication number corresponds to the output number.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The authentication method according to claim 1 further comprising the step of reading a media type number stored on the article.
  - 3. The authentication method according to claim 2 further comprising the step of determining the input number based at least in part on the media type number.
  - 4. The authentication method according to claim 1 further comprising the step of mounting an RFID transponder on the article wherein the identification number and the authentication number are stored in the RFID transponder.
  - 5. The authentication method according to claim 1 further comprising the step of mounting an RFID transceiver on the device.
  - 6. The authentication method according to claim 1 further comprising permitting use of the article in the device if the article is authentic, and disabling use of the article in the device if the article is not authentic.
  - 7. The authentication method according to claim 1 wherein the identification number is a unique, factory installed serial number.
  - 8. The authentication method according to claim 1, wherein calculating the output number comprises:
    - calculating a series of intermediate numbers utilizing one or more applications of the formula;
      
      intermediate number =M^NMOD Q,where N is initially the input number, and in each subsequent application of the formula, N is the prior intermediate number; and
      
      algorithmically transforming the last intermediate number to form the output number.

9. An authentication method for authenticating an article in a device, the method comprising the steps of:
- reading an identification number stored on the article;
  
  reading an authentication number stored on the article;
  
  determining an input number based at least in part on the identification number;
  
  applying an authentication function to the input number to calculate an output number, wherein the authentication function is an encryption transformation of the input number, wherein the step of applying the authentication function further comprises the steps of;
  
  providing a first prime number, Q;
  
  providing a second prime number, M;
  
  the second prime number being a primitive element of the prime Galois Field of the first prime number; and
  
  calculating the output number according to the formula;
  
  output number=M^NMOD Q,where N is the input number, anddetermining that the article is authentic only if the authentication number corresponds to the output number,wherein said calculating step comprises;
  
  a) initializing a partial product by;
  
  setting a multiplier equal to the second prime number;
  
  setting the partial product equal to 1 if the least significant bit of the input number is equal to 0;
  
  setting the partial product equal to the multiplier modulo the first prime number if the least significant bit of the input number is equal to 1;
  
  b) from the least significant bit to the most significant bit of the input number, for each such bit, iteratively evaluating the partial product by;
  
  doubling the multiplier;
  
  resetting the partial product equal to the prior partial product modulo the first prime number if a next unevaluated bit of the input number is equal to 0;
  
  resetting the partial product equal to (a) the prior partial product times the modulo of the multiplier over the second prime number (b) modulo the second prime number, if said next unevaluated bit of the input number is equal to 1; and
  
  c) concluding said iterative evaluation of the partial product after evaluating the partial product for the most significant bit of the input number.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The authentication method according to claim 9 further comprising permitting use of the article in the device if the article is authentic, and disabling use of the article in the device if the article is not authentic.
  - 11. The authentication method according to claim 9 wherein the identification number is a unique, factory installed serial number.
  - 12. The authentication method according to claim 9, wherein calculating the output number comprises:
    - calculating a series of intermediate numbers utilizing one or more applications of the formula;
      
      intermediate number=M^NMOD Q,where N is initially the input number, and in each subsequent application of the formula, N is the prior intermediate number; and
      
      algorithmically transforming the last intermediate number to form the output number.
  - 13. The authentication method according to claim 9 further comprising the step of reading a media type number stored on the article.
  - 14. The authentication method according to claim 13 further comprising the step of determining the input number based at least in part on the media type number.
  - 15. The authentication method according to claim 9 further comprising the step of mounting an RFID transponder on the article wherein the identification number and the authentication number are stored in the RFID transponder.
  - 16. The authentication method according to claim 9 further comprising the step of mounting an RFID transceiver on the device.

17. An authentication method for authenticating an article in a device, the method comprising the steps of:
- reading an identification number stored on the article;
  
  reading an authentication number stored on the article;
  
  determining an input number based at least in part on the identification number;
  
  applying an authentication function to the input number to calculate an output number;
  
  determining that the article is authentic only if the authentication number corresponds to the output number; and
  
  providing a counter on the article, the counter configured to be read by the device;
  
  periodically updating an article usage value in the counter as the article is used to reflect an extent of usage or depletion of the article;
  
  reading the article usage value by the device; and
  
  determining that the article is authentic only if the article usage value is greater than a predetermined value.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
- - 18. The authentication method according to claim 17 further comprising the steps of:
    - providing a table accessible by the device, the table containing the identification numbers corresponding to a plurality of the articles used in the device;
      
      each identification number having an associated entry in the table corresponding to a last read article usage value of each article used in the device;
      
      determining that the article installed in the device is authentic only if its article usage value is less than the last read article usage value for the corresponding identification number in the table; and
      
      permitting use of the article in the device if the article is authentic, and disabling use of the article in the device if the article is not authentic.
  - 19. The authentication method according to claim 17 further comprising permitting use of the article in the device if the article is authentic, and disabling use of the article in the device if the article is not authentic.
  - 20. The authentication method according to claim 17 wherein the identification number is a unique, factory installed serial number.
  - 21. The authentication method according to claim 17, wherein calculating the output number comprises:
    - calculating a series of intermediate numbers utilizing one or more applications of the formula;
      
      intermediate number=M^NMOD Q,where N is initially the input number, and in each subsequent application of the formula, N is the prior intermediate number; and
      
      algorithmically transforming the last intermediate number to form the output number.
  - 22. The authentication method according to claim 17 further comprising the step of reading a media type number stored on the article.
  - 23. The authentication method according to claim 22 further comprising the step of determining the input number based at least in part on the media type number.
  - 24. The authentication method according to claim 17 further comprising the step of mounting an RFID transponder on the article wherein the identification number and the authentication number are stored in the RFID transponder.
  - 25. The authentication method according to claim 17 further comprising the step of mounting an RFID transceiver on the device.

26. A device configured to authenticate an article installable in the device, the device comprising:
- a reader adapted to read an identification number stored on the article, the identification number corresponding to an identification of the article, the reader further adapted to read an authentication number stored on the article; and
  
  a memory of the device containing a computer program configured to transform the identification number into an output number and compare the output number to the authentication number, and the article being authenticated only if the output number is equal to the authentication number,wherein the computer program that transforms the identification number into an output number comprises;
  
  a preparatory computer program in a memory of the device configured to transform the identification number into an intermediate number; and
  
  an encryption computer program in a memory of the device configured to encrypt the intermediate number to provide the output number, andwherein the output number is compared to the authentication number to determine the authenticity of the article in the device.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34)
- - 27. The device according to claim 26 wherein the reader is a transceiver mounted on the device.
  - 28. The device according to claim 26 in which the preparatory computer program performs a one-to-one transform so that the intermediate number is equal to the identification number.
  - 29. The device according to claim 28 wherein the preparatory computer program uses a media type number as input to calculate the intermediate number.
  - 30. The device according to claim 26 wherein the encryption computer program is contained in the memory and calculates (a) a second prime number raised to the power of the intermediate number (b) modulo a first prime number.
  - 31. The device according to claim 30 wherein the second prime number is selected such that the second prime number is greater than 0, the second prime number is not equal to 1, and the second prime number is not equal to one-half of, the first prime number minus 1.
  - 32. The device according to claim 30 wherein the encryption computer program further comprises:
    - a) a computer program initialization code segment that (i) sets a multiplier equal to the second prime number;
      
      (ii) sets the partial product equal to 1 if the least significant bit of the intermediate number is equal to 0;
      
      (iii) sets the partial product equal to the multiplier modulo the first prime number if the least significant bit of the intermediate number is equal to 1; and
      
      b) a computer program partial product evaluation code segment that evaluates the partial product iteratively from the least significant bit of the intermediate number to the most significant bit of the intermediate number by (i) doubling the multiplier;
      
      (ii) resetting the partial product equal to the prior partial product modulo the first prime number if a next unevaluated bit of the intermediate number is equal to 0;
      
      (iii) resetting the partial product equal to (a) the prior partial product times the modulo of the multiplier over the second prime number (b) modulo the second prime number, if said next unevaluated bit of the intermediate number is equal to 1,wherein said encryption computer program;
      
      c) terminates an iterative evaluation of the partial product after evaluating the partial product corresponding to the most significant bit of the intermediate number; and
      
      d) outputs the final partial product as the output number.
  - 33. The device according to claim 32 further comprising a memory for storing a table with an entry for each bit of the intermediate number, the contents of the entry being equal to the multiplier corresponding to that bit, modulo the first prime number.
  - 34. The device according to claim 26 wherein the computer program includes code configured to produce a plurality of output numbers, and wherein the article is authenticated only if one of the plurality of output numbers is equal to the authentication number.

35. A device configured to authenticate an article installable in the device, the device comprising:
- a reader adapted to read an identification number stored on the article, the identification number corresponding to an identification of the article, the reader further adapted to read an authentication number stored on the article; and
  
  a memory of the device containing a computer program configured to transform the identification number into an output number and compare the output number to the authentication number, and the article being authenticated only if the output number is equal to the authentication number,wherein the reader is configured to read a media type number stored on the article.
- View Dependent Claims (36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46)
- - 36. The device according to claim 35, wherein use of the article in the device is permitted if the article is authentic, and use of the article in the device is not permitted if the article is not authentic.
  - 37. The device according to claim 35 wherein the identification number is a unique, factory installed serial number.
  - 38. The device according to claim 35 wherein the reader is a transceiver mounted on the device.
  - 39. The device according to claim 35, wherein the computer program that transforms the identification number into an output number comprises:
    - a preparatory computer program in a memory of the device configured to transform the identification number into an intermediate number;
      
      an encryption computer program in a memory of the device configured to encrypt the intermediate number to provide the output number, andwherein the output number is compared to the authentication number to determine the authenticity of the article in the device.
  - 40. The device according to claim 39 in which the computer program performs a one-to-one transform so that the intermediate number is equal to the identification number.
  - 41. The device according to claim 40 wherein the program uses the media type number as input to calculate the intermediate number.
  - 42. The device according to claim 39 wherein the computer program calculates (a) a second prime number raised to the power of the intermediate number (b) modulo a first prime number.
  - 43. The device according to claim 42 wherein the second prime number is selected such that the second prime number is greater than 0, the second prime number is not equal to 1, and the second prime number is not equal to one-half of, the first prime number minus 1.
  - 44. The device according to claim 43 wherein the computer program further comprises:
    - a) a computer program initialization code segment that (i) sets a multiplier equal to the second prime number;
      
      (ii) sets the partial product equal to 1 if the least significant bit of the intermediate number is equal to 0;
      
      (iii) sets the partial product equal to the multiplier modulo the first prime number if the least significant bit of the intermediate number is equal to 1; and
      
      b) a computer program partial product evaluation code segment that evaluates the partial product iteratively from the least significant bit of the intermediate number to the most significant bit of the intermediate number by (i) doubling the multiplier;
      
      (ii) resetting the partial product equal to the prior partial product modulo the first prime number if a next unevaluated bit of the intermediate number is equal to 0;
      
      (iii) resetting the partial product equal to (a) the prior partial product times the modulo of the multiplier over the second prime number (b) modulo the second prime number, if said next unevaluated bit of the intermediate number is equal to 1,wherein said computer program;
      
      c) terminates an iterative evaluation of the partial product after evaluating the partial product corresponding to the most significant bit of the intermediate number; and
      
      d) outputs the final partial product as the output number.
  - 45. The device according to claim 44, wherein said memory stores a table with an entry for each bit of the intermediate number, the contents of the entry being equal to the multiplier corresponding to that bit, modulo the first prime number.
  - 46. The device according to claim 35 wherein the computer program includes code configured to produce a plurality of output numbers, and wherein the article is authenticated only if one of the plurality of output numbers is equal to the authentication number.

47. A device configured to authenticate an article installable in the device, the device comprising:
- a reader adapted to read an identification number stored on the article, the identification number corresponding to an identification of the article, the reader further adapted to read an authentication number stored on the article;
  
  a memory of the device containing a computer program configured to transform the identification number into an output number and compare the output number to the authentication number, and the article being authenticated only if the output number is equal to the authentication number; and
  
  a counter on the article, the counter configured to be read by the device wherein the reader reads an article usage value in the counter, the article usage value reflecting an extent of usage or depletion of the article.
- View Dependent Claims (48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58)
- - 48. The device according to claim 47, wherein use of the article in the device is permitted if the article is authentic, and use of the article in the device is not permitted if the article is not authentic.
  - 49. The device according to claim 47 wherein the identification number is a unique, factory installed serial number.
  - 50. The device according to claim 47 wherein the reader is a transceiver mounted on the device.
  - 51. The device according to claim 47, wherein the computer program that transforms the identification number into an output number comprises:
    - a preparatory computer program in a memory of the device configured to transform the identification number into an intermediate number;
      
      an encryption computer program in a memory of the device configured to encrypt the intermediate number to provide the output number, andwherein the output number is compared by the computer program to the authentication number to determine the authenticity of the article in the device.
  - 52. The device according to claim 51 in which the computer program performs a one-to-one transform so that the intermediate number is equal to the identification number.
  - 53. The device according to claim 52 wherein the computer program uses a media type number as input to calculate the intermediate number.
  - 54. The device according to claim 51 wherein the computer program calculates (a) a second prime number raised to the power of the intermediate number (b) modulo a first prime number.
  - 55. The device according to claim 54 wherein the second prime number is selected such that the second prime number is greater than 0, the second prime number is not equal to 1, and the second prime number is not equal to one-half of, the first prime number minus 1.
  - 56. The device according to claim 55 wherein the computer program further comprises:
    - a) a computer program initialization code segment that (i) sets a multiplier equal to the second prime number;
      
      (ii) sets the partial product equal to 1 if the least significant bit of the intermediate number is equal to 0;
      
      (iii) sets the partial product equal to the multiplier modulo the first prime number if the least significant bit of the intermediate number is equal to 1; and
      
      b) a computer program partial product evaluation code segment that evaluates the partial product iteratively from the least significant bit of the intermediate number to the most significant bit of the intermediate number by (i) doubling the multiplier;
      
      (ii) resetting the partial product equal to the prior partial product modulo the first prime number if a next unevaluated bit of the intermediate number is equal to 0;
      
      (iii) resetting the partial product equal to (a) the prior partial product times the modulo of the multiplier over the second prime number (b) modulo the second prime number, if said next unevaluated bit of the intermediate number is equal to 1,wherein said computer program;
      
      c) terminates an iterative evaluation of the partial product after evaluating the partial product corresponding to the most significant bit of the intermediate number; and
      
      d) outputs the final partial product as the output number.
  - 57. The device according to claim 56, wherein said memory stores a table with an entry for each bit of the intermediate number, the contents of the entry being equal to the multiplier corresponding to that bit, modulo the first prime number.
  - 58. The device according to claim 47 wherein the computer program includes code configured to produce a plurality of output numbers, and wherein the article is authenticated only if one of the plurality of output numbers is equal to the authentication number.

59. A device configured to authenticate an article installable in the device, the device comprising:
- a reader adapted to read an identification number stored on the article, the identification number corresponding to an identification of the article, the reader further adapted to read an authentication number stored on the article; and
  
  a memory of the device containing a computer program configured to transform the identification number into an output number and compare the output number to the authentication number, and the article being authenticated only if the output number is equal to the authentication number,wherein the memory further includes a table accessible by the device, the table containing the identification numbers corresponding to a plurality of the articles used in the device; and
  
  each identification number having an associated entry in the table corresponding to a last read article usage value of each article used in the device, andwherein the computer program determines that the article installed in the device is authentic only if its article usage value is less than the last read article usage value for the corresponding identification number in the table.
- View Dependent Claims (60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70)
- - 60. The device according to claim 59, wherein the computer program permits use of the article in the device if the article is authentic and disables use of the article in the device if the article is not authentic.
  - 61. The device according to claim 59 wherein the identification number is a unique, factory installed serial number.
  - 62. The device according to claim 59 wherein the reader is a transceiver mounted on the device.
  - 63. The device according to claim 59, wherein the computer program that transforms the identification number into an output number comprises:
    - a preparatory computer program in a memory of the device configured to transform the identification number into an intermediate number;
      
      an encryption computer program in a memory of the device configured to encrypt the intermediate number to provide the output number, andwherein the output number is compared to the authentication number to determine the authenticity of the article in the device.
  - 64. The device according to claim 63 in which the computer program performs a one-to-one transform so that the intermediate number is equal to the identification number.
  - 65. The device according to claim 64 wherein the computer program uses a media type number as input to calculate the intermediate number.
  - 66. The device according to claim 63 wherein the computer program calculates (a) a second prime number raised to the power of the intermediate number (b) modulo a first prime number.
  - 67. The device according to claim 66 wherein the second prime number is selected such that the second prime number is greater than 0, the second prime number is not equal to 1, and the second prime number is not equal to one-half of, the first prime number minus 1.
  - 68. The device according to claim 67 wherein the computer program contained in a computer readable medium further comprises:
    - a) a computer program initialization code segment that (i) sets a multiplier equal to the second prime number;
      
      (ii) sets the partial product equal to 1 if the least significant bit of the intermediate number is equal to 0;
      
      (iii) sets the partial product equal to the multiplier modulo the first prime number if the least significant bit of the intermediate number is equal to 1; and
      
      b) a computer program partial product evaluation code segment that evaluates the partial product iteratively from the least significant bit of the intermediate number to the most significant bit of the intermediate number by (i) doubling the multiplier;
      
      (ii) resetting the partial product equal to the prior partial product modulo the first prime number if a next unevaluated bit of the intermediate number is equal to 0;
      
      (iii) resetting the partial product equal to (a) the prior partial product times the modulo of the multiplier over the second prime number (b) modulo the second prime number, if said next unevaluated bit of the intermediate number is equal to 1,wherein said computer program;
      
      c) terminates an iterative evaluation of the partial product after evaluating the partial product corresponding to the most significant bit of the intermediate number; and
      
      d) outputs the final partial product as the output number.
  - 69. The device according to claim 68, wherein said memory stores a table with an entry for each bit of the intermediate number, the contents of the entry being equal to the multiplier corresponding to that bit, modulo the first prime number.
  - 70. The device according to claim 59 wherein the computer program includes code configured to produce a plurality of output numbers, and wherein the article is authenticated only if one of the plurality of output numbers is equal to the authentication number.

71. An article adapted to be authenticated by a host device, the article comprising a memory system configured to store a first predetermined number and an authentication number, the first predetermined number corresponding to an identification of the article,wherein the authentication number is calculated by:
- providing a first prime number, Q;
  
  providing a second prime number, M;
  
  the second prime number being a primitive element of the prime Galois Field of the first prime number; and
  
  calculating the output number according to the formula;
  
  output number=M^NMOD Q,where N is the first predetermined number,wherein the second prime number is selected such that the second prime number is greater than 0, the second prime number is not equal to 1, and the second prime number is not equal to one-half of, the first prime number minus 1.
- View Dependent Claims (72, 73, 74)
- - 72. The article according to claim 71 wherein the first predetermined number is a unique, factory installed serial number.
  - 73. The article according to claim 71, wherein said memory system further comprises a media type number.
  - 74. The article according to claim 71, wherein said memory system comprises an RFID transponder on the article wherein the identification number and the authentication number are stored in the RFID transponder.

75. An article adapted to be authenticated by a host device, the article comprising a memory system configured to store a predetermined number and an authentication number, the predetermined number corresponding to an identification of the article,wherein the authentication number is calculated by:
- providing a first prime number, Q;
  
  providing a second prime number, M;
  
  the second prime number being a primitive element of the prime Galois Field of the first prime number; and
  
  calculating the output number according to the formula;
  
  output number=M^NMOD Q,where N is the predetermined number,wherein the step of calculating the output number further comprises the steps of;
  
  a) initializing a partial product by;
  
  setting a multiplier equal to the second prime number;
  
  setting the partial product equal to 1 if the least significant bit of the predetermined number is equal to 0;
  
  setting the partial product equal to the multiplier modulo the first prime number if the least significant bit of the predetermined number is equal to 1;
  
  b) evaluating the partial product iteratively from the least significant bit of the predetermined number to the most significant bit of the predetermined number by;
  
  doubling the multiplier;
  
  resetting the partial product equal to the prior partial product modulo the first prime number if a next unevaluated bit of the predetermined number is equal to 0;
  
  resetting the partial product equal to (a) the prior partial product times the modulo of the multiplier over the second prime number (b) modulo the second prime number, if said next unevaluated bit of the predetermined number is equal to 1; and
  
  c) terminating the iteratively evaluation of the partial product after evaluating the partial product for the most significant bit of the predetermined number.
- View Dependent Claims (76, 77, 78)
- - 76. The article according to claim 75 wherein the predetermined number is a unique, factory installed serial number.
  - 77. The article according to claim 75, wherein said memory system further comprises a media type number.
  - 78. The article according to claim 75, wherein said memory system comprises an RFID transponder on the article wherein the identification number and the authentication number are stored in the RFID transponder.

79. An authentication method for authenticating an article in a device, the method comprising the steps of:
- reading a selected number;
  
  reading an authentication number, wherein at least one of the selected number or authentication number are stored on the article;
  
  determining an input number based at least in part on the selected number;
  
  applying an authentication function to the input number to calculate an output number, wherein the authentication function is an encryption transformation of the input number, wherein the step of applying the authentication function further comprises the steps of;
  
  providing a first prime number, Q;
  
  providing a second prime number, M;
  
  the second prime number being a primitive element of the prime Galois Field of the first prime number; and
  
  calculating the output number according to the formula;
  
  output number=M^NMOD Q,where N is the input number,wherein the second prime number is selected such that the second prime number is greater than 0, not equal to 1, and not equal to one-half of, the first prime number minus 1; and
  
  determining that the article is authentic only if the authentication number corresponds to the output number.
- View Dependent Claims (80, 81, 82, 83, 84)
- - 80. The authentication method according to claim 79 further comprising the step of reading a media type number stored associated with the article.
  - 81. The authentication method according to claim 80 further comprising the step of determining the input number based at least in part on the media type number.
  - 82. The authentication method according to claim 79 further comprising permitting use of the article in the device if the article is authentic, and disabling use of the article in the device if the article is not authentic.
  - 83. The authentication method according to claim 79, wherein the selected number is a unique, factory installed serial number.
  - 84. The authentication method according to claim 79, wherein calculating the output number comprises:
    - calculating a series of intermediate numbers utilizing one or more applications of the formula;
      
      intermediate number=M^NMOD Q,where N is initially the input number, and in each subsequent application of the formula, N is the prior intermediate number; and
      
      algorithmically transforming the last intermediate number to form the output number.

85. An authentication method for authenticating an article in a device, the method comprising the steps of:
- reading a selected number;
  
  reading an authentication number, wherein at least one of the selected number or authentication number are stored on the article;
  
  determining an input number based at least in part on the selected number;
  
  applying an authentication function to the input number to calculate an output number, wherein the authentication function is an encryption transformation of the input number, wherein the step of applying the authentication function further comprises the steps of;
  
  providing a first prime number, Q;
  
  providing a second prime number, M;
  
  the second prime number being a primitive element of the prime Galois Field of the first prime number; and
  
  calculating the output number according to the formula;
  
  output number=M^NMOD Q,where N is the input number, anddetermining that the article is authentic only if the authentication number corresponds to the output number,wherein said calculating step comprises;
  
  a) initializing a partial product by;
  
  setting a multiplier equal to the second prime number;
  
  setting the partial product equal to 1 if the least significant bit of the input number is equal to 0;
  
  setting the partial product equal to the multiplier modulo the first prime number if the least significant bit of the input number is equal to 1;
  
  b) from the least significant bit to the most significant bit of the input number, for each such bit, iteratively evaluating the partial product by;
  
  doubling the multiplier;
  
  resetting the partial product equal to the prior partial product modulo the first prime number if a next unevaluated bit of the input number is equal to 0;
  
  resetting the partial product equal to (a) the prior partial product times the modulo of the multiplier over the second prime number (b) modulo the second prime number, if said next unevaluated bit of the input number is equal to 1; and
  
  c) concluding said iterative evaluation of the partial product after evaluating the partial product for the most significant bit of the input number.
- View Dependent Claims (86, 87, 88, 89, 90, 91)
- - 86. The authentication method according to claim 85 further comprising permitting use of the article in the device if the article is authentic, and disabling use of the article in the device if the article is not authentic.
  - 87. The authentication method according to claim 85 wherein the selected number is a unique, factory installed serial number.
  - 88. The authentication method according to claim 85, wherein calculating the output number comprises:
    - calculating a series of intermediate numbers utilizing one or more applications of the formula;
      
      intermediate number=M^NMOD Q,where N is initially the input number, and in each subsequent application of the formula, N is the prior intermediate number; and
      
      algorithmically transforming the last intermediate number to form the output number.
  - 89. The authentication method according to claim 85 further comprising the step of reading a media type number stored on the article.
  - 90. The authentication method according to claim 89 further comprising the step of determining the input number based at least in part on the media type number.
  - 91. The authentication method according to claim 85 further comprising the step of mounting an RFID transponder on the article wherein at least one of the selected number or the authentication number are stored in the RFID transponder.

92. An authentication method for authenticating an article in a device, the method comprising the steps of:
- reading a selected number;
  
  reading an authentication number, wherein at least one of the selected number or authentication number are stored on the article;
  
  determining an input number based at least in part on the selected number;
  
  applying an authentication function to the input number to calculate an output number;
  
  determining that the article is authentic only if the authentication number corresponds to the output number; and
  
  providing a counter on the article, the counter configured to be read by the device;
  
  periodically updating an article usage value in the counter as the article is used to reflect an extent of usage or depletion of the article;
  
  reading the article usage value by the device; and
  
  determining that the article is authentic only if the article usage value is greater than a predetermined value.
- View Dependent Claims (93, 94, 95, 96, 97, 98)
- - 93. The authentication method according to claim 92 further comprising permitting use of the article in the device if the article is authentic, and disabling use of the article in the device if the article is not authentic.
  - 94. The authentication method according to claim 92 wherein the selected number is a unique, factory installed serial number.
  - 95. The authentication method according to claim 92, wherein calculating the output number comprises:
    - calculating a series of intermediate numbers utilizing one or more applications of the formula;
      
      intermediate number=M^NMOD Q,where N is initially the input number, and in each subsequent application of the formula, N is the prior intermediate number; and
      
      algorithmically transforming the last intermediate number to form the output number.
  - 96. The authentication method according to claim 92 further comprising the step of reading a media type number stored on the article.
  - 97. The authentication method according to claim 96 further comprising the step of determining the input number based at least in part on the media type number.
  - 98. The authentication method according to claim 92 further comprising the step of mounting an RFID transponder on the article wherein at least one of the identification number or the authentication number are stored in the RFID transponder.

99. An article adapted to be authenticated by a host device, the article comprising a memory configured to store at least one of a selected number or an authentication number,wherein the authentication number is calculated by:
- providing a first prime number, Q;
  
  providing a second prime number, M;
  
  the second prime number being a primitive element of the prime Galois Field of the first prime number; and
  
  calculating the output number according to the formula;
  
  output number=M^NMOD Q,where N is the selected number,wherein the second prime number is greater than 0, not equal to 1, and not equal to one-half of, the first prime number minus 1.
- View Dependent Claims (100, 101, 102, 103)
- - 100. The article according to claim 99, wherein said memory comprises both the selected number and authentication number.
  - 101. The article according to claim 99, wherein said memory further comprises a media type number.
  - 102. The article according to claim 99, wherein said memory comprises an RFID transponder on the article wherein the selected number or authentication number are stored in the RFID transponder.
  - 103. The article according to claim 99, wherein the selected number corresponds to an identification of the article.

104. An article adapted to be authenticated by a host device, the article comprising a memory system configured to store at least one of a selected number or an authentication number,wherein the authentication number is calculated by:
- providing a first prime number, Q;
  
  providing a second prime number, M;
  
  the second prime number being a primitive element of the prime Galois Field of the first prime number; and
  
  calculating the output number according to the formula;
  
  output number=M^NMOD Q,where N is the selected number,wherein the step of calculating the output number further comprises the steps of;
  
  a) initializing a partial product by;
  
  setting a multiplier equal to the second prime number;
  
  setting the partial product equal to 1 if the least significant bit of the predetermined number is equal to 0;
  
  setting the partial product equal to the multiplier modulo the first prime number if the least significant bit of the predetermined number is equal to 1;
  
  b) evaluating the partial product iteratively from the least significant bit of the predetermined number to the most significant bit of the predetermined number by;
  
  doubling the multiplier;
  
  resetting the partial product equal to the prior partial product modulo the first prime number if a next unevaluated bit of the predetermined number is equal to 0;
  
  resetting the partial product equal to (a) the prior partial product times the modulo of the multiplier over the second prime number (b) modulo the second prime number, if said next unevaluated bit of the predetermined number is equal to 1; and
  
  c) terminating the iteratively evaluation of the partial product after evaluating the partial product for the most significant bit of the predetermined number.
- View Dependent Claims (105, 106, 107, 108)
- - 105. The article according to claim 104, wherein said memory system comprises both the selected number and authentication number.
  - 106. The article according to claim 104, wherein said memory system further comprises a media type number.
  - 107. The article according to claim 104, wherein said memory system comprises an RFID transponder on the article wherein the selected number or authentication number are stored in the RFID transponder.
  - 108. The article according to claim 104, wherein the selected number corresponds to an identification of the article.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Zebra Technologies Corporation
Original Assignee
ZIH Corp. (Zebra Technologies Corporation)
Inventors
Tsirline, Boris Y., Hohberger, Clive P.
Primary Examiner(s)
Barrón, Jr., Gilberto
Assistant Examiner(s)
Perungavoor, Venkat

Application Number

US10/164,070
Publication Number

US 20030059050A1
Time in Patent Office

1,622 Days
Field of Search

700/219, 700/220, 700/221, 700/222, 700/225, 380/28, 380/51, 380/270, 713/168
US Class Current

713/168
CPC Class Codes

B41J 17/36   Alarms, indicators, or feed...

B41J 35/36   Alarms, indicators, or feed...

G07D 7/0047   using checkcodes, e.g. code...

G07F 7/08   by coded identity card or c...

G07F 7/12   Card verification

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/3226   using a predetermined code,...

H04L 9/3236   using cryptographic hash fu...

Method and apparatus for article authentication

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

119 Citations

108 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for article authentication

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

119 Citations

108 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others