Method, apparatus and system for verifying authenticity of an object
First Claim
1. A method for proving authenticity of a prover device to a verifier device, the method comprising acts of:
- generating, by the prover device, a secret using a physical token, the physical token being challengeable in order to evoke a unique response from the physical token, the physical token is a physical unclonable function and comprises many randomly distributed components in a complex physical system, when challenged complex physics governing the interaction between the physical token and the challenge leads to the response, the secret being generated from said response, generating the secret further comprises acts of;
generating a response using the physical token, combining the response with a helper data, and applying an Error Correcting Code;
obtaining, by the verifier device, a public value in a form of a certificate which has been derived from the secret using a function, and where the function is selected such that it is computationally expensive to establish the secret given the public value; and
conducting a zero knowledge protocol between the prover device and the verifier device in order to prove to the verifier device that the prover device has access to the physical token, where the prover device makes use of the secret and the verifier device makes use of the public value.
2 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to a method for proving authenticity of a prover PRV to a verifier VER, the method comprising generating a secret S using a physical token by the prover PRV. Obtaining a public value PV by the verifier, where the public value PV has been derived from the secret S using a function for which the inverse of said function is computationally expensive. The method further comprising a step for conducting a zero knowledge protocol between the prover PRV and the verifier VER in order to prove to the verifier VER, with a pre-determined probability, that the prover PRV has access to the physical token, where the prover PRV makes use of the secret S and the verifier VER makes use of the public value PV. The invention further relates to a system employing the method, and an object for proving authenticity.
12 Citations
26 Claims
-
1. A method for proving authenticity of a prover device to a verifier device, the method comprising acts of:
-
generating, by the prover device, a secret using a physical token, the physical token being challengeable in order to evoke a unique response from the physical token, the physical token is a physical unclonable function and comprises many randomly distributed components in a complex physical system, when challenged complex physics governing the interaction between the physical token and the challenge leads to the response, the secret being generated from said response, generating the secret further comprises acts of;
generating a response using the physical token, combining the response with a helper data, and applying an Error Correcting Code;obtaining, by the verifier device, a public value in a form of a certificate which has been derived from the secret using a function, and where the function is selected such that it is computationally expensive to establish the secret given the public value; and conducting a zero knowledge protocol between the prover device and the verifier device in order to prove to the verifier device that the prover device has access to the physical token, where the prover device makes use of the secret and the verifier device makes use of the public value. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. An object for proving authenticity, the object comprising:
-
a physical token; a secret generator configured to generate a secret using the physical token, the physical token being challengeable in order to evoke a unique response from the physical token, the physical token is a physical unclonable function and comprises many randomly distributed components in a complex physical system, when challenged complex physics governing the interaction between the physical token and the challenge leads to the response, the secret being generated from said response, the secret generator being further configured to;
generate a response using the physical token, combine the response with a helper data, and apply an Error Correcting Code;a storage configured to store a public value in a form of a certificate; and a first zero knowledge protocol conductor configured to conduct a zero knowledge protocol using the secret, with an apparatus for verifying authenticity, in order to prove to the apparatus for verifying authenticity that the object has access to the physical token, the apparatus for verifying authenticity using the public value. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. A system for proving the authenticity of an object to an apparatus for verifying authenticity, the system comprising:
-
an object comprising; a physical token, a secret generator configured to generate a secret using the physical token, the physical token being challengeable in order to evoke a unique response from the physical token, the physical token is a physical unclonable function and comprises many randomly distributed components in a complex physical system, when challenged complex physics governing the interaction between the physical token and the challenge leads to the response, the secret being generated from said response, the secret generator being further configured to;
generate a response using the physical token, combine the response with a helper data, and apply an Error Correcting Code;a first zero knowledge protocol conductor configured to conduct a zero knowledge protocol with an apparatus for verifying authenticity, in order to prove to the apparatus for verifying authenticity that the object has access to the physical token, using the secret; and an apparatus for verifying authenticity, wherein the apparatus for verifying authenticity comprises; an obtainer configured to obtain a public value, in a form of a certificate, which has been derived from the secret, a second zero knowledge protocol conductor configured to conduct the zero knowledge protocol with the first zero knowledge protocol conductor, in order to verify that the object has access to the physical token, using the public value. - View Dependent Claims (25, 26)
-
Specification