WO2014090804A1 - Method for securing a document comprising printed information and corresponding document - Google Patents

Method for securing a document comprising printed information and corresponding document Download PDF

Info

Publication number
WO2014090804A1
WO2014090804A1 PCT/EP2013/076088 EP2013076088W WO2014090804A1 WO 2014090804 A1 WO2014090804 A1 WO 2014090804A1 EP 2013076088 W EP2013076088 W EP 2013076088W WO 2014090804 A1 WO2014090804 A1 WO 2014090804A1
Authority
WO
WIPO (PCT)
Prior art keywords
document
information
code
reference information
printed
Prior art date
Application number
PCT/EP2013/076088
Other languages
French (fr)
Inventor
Olivier Akli
Yolanda Varuhaki
Original Assignee
Gemalto Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemalto Sa filed Critical Gemalto Sa
Publication of WO2014090804A1 publication Critical patent/WO2014090804A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07DHANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
    • G07D7/00Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
    • G07D7/004Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07DHANDLING OF COINS OR VALUABLE PAPERS, e.g. TESTING, SORTING BY DENOMINATIONS, COUNTING, DISPENSING, CHANGING OR DEPOSITING
    • G07D7/00Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency
    • G07D7/004Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip
    • G07D7/0047Testing specially adapted to determine the identity or genuineness of valuable papers or for segregating those which are unacceptable, e.g. banknotes that are alien to a currency using digital security elements, e.g. information coded on a magnetic thread or strip using checkcodes, e.g. coded numbers derived from serial number and denomination

Definitions

  • the field of the invention is that of the securing of documents comprising printed information, this security having the purpose of combating the falsification of printed information.
  • a medical receipt (such as a medical prescription or certificate), an electricity receipt, includes printed information, subsequently referred to as "reference information", which may be more or less easily forged by a malicious person.
  • This reference information is for example a name, a first name, a date, a number, an address, a photograph or the name of a medicine.
  • the falsification of one or more of these reference information may in particular allow an identity theft.
  • changing the name of a drug or the amount of prescription drugs can also have serious health consequences.
  • Falsification of the information printed on a diploma can also lead to illegal access to a job.
  • the means used by the falsifiers are numerous and include solvent-type chemical agents, scraping and scrubbing means, which are intended to delete or erase certain information printed on a document to replace them. by others, such as for example, for a check, a sum and / or the beneficiary.
  • the present invention is intended to overcome these disadvantages.
  • one of the objectives of the invention is to provide a method of securing a document containing reference information, very inexpensive and secure, allowing anyone to verify the authenticity of this document.
  • reference information a document comprising printed information, called reference information
  • method comprises: - sign the digital representation of the reference information by a cryptographic key to obtain signed information
  • the reference information is preferably letters, figures, a photograph or a handwritten signature.
  • the cryptographic key is a secret key.
  • the cryptographic key is a private key.
  • the document is preferably a passport, an identity card or a printed document.
  • the method according to the invention also consists in printing on the document a second code readable by a machine corresponding to the reference information.
  • the invention also proposes to print on the document a third machine readable code comprising at least one identifier of the cryptographic key.
  • the third code comprises the public key for decrypting the first code.
  • the invention also relates to a document comprising printed information, called reference information, this document comprising a first code readable by a machine, the first code comprising the reference information signed by a cryptographic key.
  • FIG. 1 represents a model of driving license comprising printed reference information as well as a code according to the present invention
  • FIG. 1 shows a model of a driving license comprising printed reference information as well as a code according to the present invention.
  • a model of a driving license for example in the form of a plastic card 10, conventionally includes the photo 1 1 of its holder, his name (in point 1), his name (in point 2), his date and place of birth (in point 3), its date of obtaining the permit (in point 4a), the date of validity of the permit (in point 4b), the name of the city which issued the permit (in point 4c) , the license number (point 5) and the signature of the holder (point 6).
  • the information from points 1 to 5 are printed characters, the signature being printed information. At least some of these characters or printed information, generically referred to as reference information, are information that the invention proposes to secure against modification, for example following a theft of the driving license.
  • the invention proposes to secure this reference information by signing (actually in signing their digital representation) by a cryptographic key K (key only in possession of the issuer of the driving license 10) to obtain information signed IS.
  • the IS signed information is, in a first mode of implementation, converted into a first code readable by a machine.
  • This code is here a QR code referenced 12.
  • the QR code is simply printed on the license 10 during its manufacture.
  • the verification of the integrity of the permit 10 can for example be carried out during a roadside check by a police officer: he scans, with the help of a terminal (for example using a mobile phone, a PDA or a smartphone) the QR code 12.
  • a dedicated application installed in its terminal includes (or downloads, for example via the Internet, in a signature scheme by shared key - PKI) the paired decryption key Kd with the key K used to sign the reference information.
  • the police officer can visually compare the reference information printed on the allowed 10 with those from decryption. Thus, if a malicious person had to change the name, first name or license number, there would be no identity between the printed reference information and those derived from the decryption.
  • the malicious person can not modify the QR code 12 since it does not have the key of the body that manufactured the permit 10, this key being confidential.
  • the reference information may be letters and / or numbers and / or a photograph.
  • the signature keys K and Kd decryption can be identical (in a secret key scheme) but they are preferably different (public key scheme). Indeed, a secret key signature scheme is only safe if the secret key is not revealed. This can not be guaranteed if the secret key is present in the terminals of the persons authorized to carry out authenticity checks of documents. On the other hand, if the signature key is a private key, anyone can decrypt the QR code 12 using the associated public key. Key diversification schemes are also possible.
  • the invention also proposes, on an ancillary basis, printing on the document 10 a second code 13 readable by a machine corresponding to the reference information. In this case, there is no signature of the reference information which is simply converted into the code 13.
  • the invention proposes to print on the document 10 a third code 14 readable by a machine comprising at least one identifier of the cryptographic key used to sign this reference information.
  • the identifier is for example the version of the key, or why not, in a PKI scheme, the decryption key Kd.
  • the person wishing to verify that the document 10 has not been forged can then simply scan the code 14 (to reconstitute the public key) before scanning the code 12 to verify the authenticity of the reference information.
  • the code 14 may comprise the decryption key or a link to this decryption key.
  • the code 14 When a secret key scheme is used, it is possible to send to the issuer of the license 10 the signed information for it to decipher and retransmitted to the person who checks the document 10.
  • the code 14 then includes a simple link (Internet address) to a site of the issuer of the document 10.
  • the printed code is obtained from information including the signed information.
  • the signed information is concatenated with other information, for example with the data to identify the signature key used or a link to this signature key (that to obtain the code 14 in Figure 1) and / or with the printed information (reference information or all printed information),
  • a handwritten signature and a photograph can therefore also constitute reference information, the essential being that they are in a digital format (for example jpeg or gif) when editing the document.
  • a digital format for example jpeg or gif
  • QR codes any type of code can be used (Aztec, Maxicode, Datamatrix, Code One, ...), preferably two-dimensional, the important thing is that the information we want to protect integrity are signed by a key only in the possession of the issuer of the document on which this information is printed.
  • the document is not necessarily a driver's license and may be a passport, an identity card or any printed document, for example a diploma, a medical prescription, etc.
  • the invention also makes it possible to verify the integrity of a document transmitted by e-mail or by fax, as long as the printed code or codes are not altered.
  • the invention also relates to a document comprising reference information, this document also comprising a first code readable by a machine, the first code comprising the reference information signed by a cryptographic key, this first code being obtained according to the method of the invention.
  • FIG. 2 shows schematically an implementation of the method according to the invention.
  • the reference information to be protected against forgery, denoted 20, is converted by an algorithm 21 into a code 13 (previously called second code) printed on the document 10.
  • a code 13 previously called second code
  • the integrity of the holder's handwritten signature 22 is also guaranteed. of the document 10 by signing this handwritten signature by the cryptographic key (secret or preferentially private) of the authority from which the document 10 emanates.
  • the resulting code is referenced 23 and also printed on the document 10.
  • the authority signature 24 is also used to sign the reference information and the handwritten signature of the holder of the document 10. This signed set is converted to obtain the first code 12 which is printed on the document 10.
  • the identifier 25 of the authority signature is converted by the algorithm 21 to obtain the third code 14 which is printed on the document 10.
  • the invention makes it possible to guarantee the integrity of the information printed on a document, by encrypting this information and coding it in the form of a machine-readable code.
  • the method is very simple to implement and the verification of the printed information (name, date, photograph, signature, ...) can be performed from any mobile terminal including an application dedicated to the recognition of codes ( QR for example) and decryption of a cryptographic signature key.

Abstract

The invention concerns, in particular, a method for securing a document (10) comprising printed information, called reference information, said method consisting of: - signing the digital representation of said reference information with a cryptographic key in order to obtain signed information; - forming a set of information including the signed information; - converting the set of information into a first machine-readable code (12); - printing the first code (12) on the document (10).

Description

Procédé de sécurisation d'un document comprenant des informations imprimées et document correspondant  Method of securing a document comprising printed information and corresponding document
Le domaine de l'invention est celui de la sécurisation de documents comprenant des informations imprimées, cette sécurisation ayant pour objectif de lutter contre la falsification des informations imprimées. The field of the invention is that of the securing of documents comprising printed information, this security having the purpose of combating the falsification of printed information.
De nombreux documents (administratifs ou officiels par exemple) comprennent des informations importantes qu'il est souhaitable de protéger contre leur falsification. A titre d'exemple, une carte d'identité, un passeport, un permis de conduire, une carte grise, un chèque, un bulletin de salaire, un relevé bancaire, un diplôme, un acte de naissance, un acte notarié ou un document médical (tel qu'une ordonnance médicale ou une attestation), une quittance d'électricité, comprennent des informations imprimées, appelées par la suite des « informations de référence », qui peuvent être plus ou moins facilement falsifiées par une personne mal intentionnée. Ces informations de référence sont par exemple un nom, un prénom, une date, un numéro, une adresse, une photographie ou le nom d'un médicament.  Many documents (administrative or official, for example) contain important information that it is desirable to protect against falsification. For example, an identity card, passport, driver's license, registration card, check, pay slip, bank statement, diploma, birth certificate, deed or document A medical receipt (such as a medical prescription or certificate), an electricity receipt, includes printed information, subsequently referred to as "reference information", which may be more or less easily forged by a malicious person. This reference information is for example a name, a first name, a date, a number, an address, a photograph or the name of a medicine.
La falsification d'une ou de plusieurs de ces informations de référence peut notamment permettre une usurpation d'identité. Dans le cas d'une ordonnance médicale, la modification du nom d'un médicament ou de la quantité de médicaments prescrits peut également avoir des conséquences graves au niveau de la santé. La falsification des informations imprimées sur un diplôme peut également permettre d'accéder illégalement à un emploi.  The falsification of one or more of these reference information may in particular allow an identity theft. In the case of a medical prescription, changing the name of a drug or the amount of prescription drugs can also have serious health consequences. Falsification of the information printed on a diploma can also lead to illegal access to a job.
Comme mentionné dans le brevet EP-727.316 B1 , les moyens utilisés par les falsificateurs sont nombreux et incluent les agents chimiques du type solvant, les moyens de grattage et de gommage, qui visent à supprimer ou effacer certaines informations imprimées sur un document pour les remplacer par d'autres, telles que par exemple, pour un chèque, une somme et/ou le bénéficiaire.  As mentioned in patent EP-727,316 B1, the means used by the falsifiers are numerous and include solvent-type chemical agents, scraping and scrubbing means, which are intended to delete or erase certain information printed on a document to replace them. by others, such as for example, for a check, a sum and / or the beneficiary.
Afin de déceler sur le document lui-même une tentative de falsification, on peut faire appel à des encres spéciales, telles que des encres magnétiques pour, par exemple, inscrire le code C C7 (Caractères Magnétiques Codés à 7 bâtonnets) du numéro de chèque sur le chèque lui-même. Cependant, un falsificateur peut se procurer cette encre spéciale et, après avoir supprimé par grattage ou gommage l'ancienne information, peut imprimer un autre code sur le chèque. Il est également connu de protéger un document à l'aide de guiiloches ou de prévoir un motif de fond complexe et dense. Si ce moyen permet de dissuader en partie et/ou de rendre difficile et fastidieux tout effacement et recopiage du motif de fond, il n'est cependant pas totalement fiable, compte tenu de l'opiniâtreté et la patience de certains falsificateurs. In order to detect on the document itself an attempt to falsify, special inks, such as magnetic inks, can be used to, for example, enter the C7 code (7-stick coded magnetic characters) of the check number. on the check itself. However, a falsifier may obtain this special ink and, after having removed by scratching or scrubbing the old information, may print another code on the check. It is also known to protect a document using guiiloches or to provide a complex and dense background pattern. Although this means partly dissuades and / or makes it difficult and tedious to delete and copy the underlying motive, it is not entirely reliable, given the obstinacy and patience of certain falsifiers.
Il est connu également de la demande de brevet WO 95/02512 de revêtir la couche support de papier d'une couche de coloration contenant des microcapsules aptes à se briser sous l'effet de la pression lors de l'impression/écriture pour libérer une substance colorante apte à réagir avec un réactif incorporé également dans la couche de coloration. De tels papiers, appelés autocopiants, sont utilisés en liasse comprenant une première feuille de papier ordinaire à titre d'original et une ou plusieurs feuilles additionnelles associées servant de duplicata. Cependant, ce papier est d'une relativement grande fragilité, du fait de l'extrême sensibilité de la couche de coloration, ce qui oblige de prendre de grandes précautions lors des manipulations du papier pour éviter les frottements, créateurs d'inscriptions intempestives.  It is also known from patent application WO 95/02512 to coat the paper support layer with a coloring layer containing microcapsules capable of breaking under the effect of pressure during printing / writing to release a coloring substance capable of reacting with a reagent also incorporated in the coloring layer. Such papers, called carbonless papers, are used in a bundle comprising a first sheet of plain paper as an original and one or more additional sheets as a duplicate. However, this paper is relatively fragile, because of the extreme sensitivity of the coloring layer, which requires taking great care when handling paper to avoid friction, creators of untimely inscriptions.
Il a également été proposé de signer électroniquement un document, tel qu'un document PDF. Cependant, cette solution ne s'applique qu'à des documents électroniques et pas à des documents imprimés.  It was also proposed to electronically sign a document, such as a PDF document. However, this solution only applies to electronic documents and not to printed documents.
Enfin, il a été proposé de protéger des documents, tels que des passeports, à l'aide d'une puce sécurisée comportant les mêmes informations que celles imprimées. Une comparaison des données lues dans la puce avec celles imprimées permet de détecter une modification des informations imprimées. Cette solution nécessite cependant une puce pour le stockage des informations à protéger (les informations de référence) ainsi qu'un lecteur spécifique.  Finally, it was proposed to protect documents, such as passports, using a secure chip with the same information as printed. A comparison of the data read in the chip with the printed data makes it possible to detect a modification of the printed information. However, this solution requires a chip for storing the information to be protected (the reference information) and a specific reader.
La présente invention a notamment pour objectif de remédier à ces inconvénients.  The present invention is intended to overcome these disadvantages.
Plus précisément, un des objectifs de l'invention est de fournir un procédé de sécurisation d'un document comportant des informations de référence, très peu coûteux et sûr, permettant à toute personne de vérifier l'authenticité de ce document.  More specifically, one of the objectives of the invention is to provide a method of securing a document containing reference information, very inexpensive and secure, allowing anyone to verify the authenticity of this document.
Cet objectif, ainsi que d'autres qui apparaîtront par la suite, est atteint grâce à un procédé de sécurisation d'un document comportant des informations imprimées, appelées informations de référence, ce procédé consistant à : - signer la représentation numérique des informations de référence par une clé cryptographique pour obtenir des informations signées ; This objective, as well as others that will appear later, is achieved by a method of securing a document comprising printed information, called reference information, which method comprises: - sign the digital representation of the reference information by a cryptographic key to obtain signed information;
- constituer un ensemble d'informations incluant les informations signées ;  - constitute a set of information including the signed information;
- convertir l'ensemble d'informations en un premier code lisible par une machine ; - imprimer le premier code sur le document.  converting the set of information into a first machine-readable code; - print the first code on the document.
Les informations de référence sont préférentiellement des lettres, des chiffres, une photographie ou une signature manuscrite.  The reference information is preferably letters, figures, a photograph or a handwritten signature.
Dans un mode de mise en œuvre, la clé cryptographique est une clé secrète.  In one implementation mode, the cryptographic key is a secret key.
Dans un second mode de mise en œuvre, la clé cryptographique est une clé privée.  In a second mode of implementation, the cryptographic key is a private key.
Le document est préférentiellement un passeport, une carte d'identité ou un document imprimé.  The document is preferably a passport, an identity card or a printed document.
Dans un mode de mise en œuvre avantageux, le procédé selon l'invention consiste également à imprimer sur le document un deuxième code lisible par une machine correspondant aux informations de référence.  In an advantageous mode of implementation, the method according to the invention also consists in printing on the document a second code readable by a machine corresponding to the reference information.
Dans un autre mode de mise en œuvre, complémentaire des précédents, l'invention propose également d'imprimer sur le document un troisième code lisible par une machine comprenant au moins un identifiant de la clé cryptographique.  In another embodiment, complementary to the above, the invention also proposes to print on the document a third machine readable code comprising at least one identifier of the cryptographic key.
Avantageusement, le troisième code comprend la clé publique permettant de déchiffrer le premier code.  Advantageously, the third code comprises the public key for decrypting the first code.
L'invention concerne également un document comportant des informations imprimées, appelées informations de référence, ce document comprenant un premier code lisible par une machine, le premier code comprenant les informations de référence signées par une clé cryptographique.  The invention also relates to a document comprising printed information, called reference information, this document comprising a first code readable by a machine, the first code comprising the reference information signed by a cryptographic key.
D'autres caractéristiques et avantages de l'invention apparaîtront à la lecture de la description suivante d'un mode de mise en œuvre de l'invention, donné à titre illustratif et non limitatif, et des figures annexées dans lesquelles :  Other features and advantages of the invention will appear on reading the following description of an embodiment of the invention, given by way of illustration and not limitation, and the appended figures in which:
- La figure 1 représente un modèle de permis de conduire comprenant des informations de référence imprimées ainsi qu'un code selon la présente invention ;  FIG. 1 represents a model of driving license comprising printed reference information as well as a code according to the present invention;
- La figure 2 montre schématiquement une mise en œuvre du procédé selon l'invention. La figure 1 représente un modèle d'un permis de conduire comprenant des informations de référence imprimées ainsi qu'un code selon la présente invention. - Figure 2 shows schematically an implementation of the method according to the invention. Fig. 1 shows a model of a driving license comprising printed reference information as well as a code according to the present invention.
Un modèle de permis de conduire, se présentant par exemple sous la forme d'une carte en plastique 10, comprend classiquement la photo 1 1 de son titulaire, son nom (au point 1 ), son prénom (au point 2), sa date et lieu de naissance (au point 3), sa date d'obtention du permis (au point 4a), la date de validité du permis (au point 4b), le nom de la ville qui a délivré le permis (au point 4c), le numéro du permis (au point 5) et la signature de son titulaire (au point 6).  A model of a driving license, for example in the form of a plastic card 10, conventionally includes the photo 1 1 of its holder, his name (in point 1), his name (in point 2), his date and place of birth (in point 3), its date of obtaining the permit (in point 4a), the date of validity of the permit (in point 4b), the name of the city which issued the permit (in point 4c) , the license number (point 5) and the signature of the holder (point 6).
Les informations des points 1 à 5 sont des caractères imprimés, la signature étant une information imprimée. Au moins une partie de ces caractères ou informations imprimés, appelés génériquement informations de référence, sont des informations que l'invention propose de sécuriser contre leur modification, par exemple suite à un vol du permis de conduire.  The information from points 1 to 5 are printed characters, the signature being printed information. At least some of these characters or printed information, generically referred to as reference information, are information that the invention proposes to secure against modification, for example following a theft of the driving license.
A cet effet, en considérant par exemple que l'on veuille sécuriser le nom, le prénom et le numéro du permis (points 1 , 2 et 5), l'invention propose de sécuriser ces informations de référence en les signant (en réalité en signant leur représentation numérique) par une clé cryptographique K (clé uniquement en possession de l'émetteur du permis de conduire 10) afin d'obtenir des informations signées IS.  For this purpose, considering for example that we want to secure the surname, first name and license number (points 1, 2 and 5), the invention proposes to secure this reference information by signing (actually in signing their digital representation) by a cryptographic key K (key only in possession of the issuer of the driving license 10) to obtain information signed IS.
On aura donc :  We will have:
(SAMPLE SUSAN BO72RRE2155, K) -> IS  (SAMPLE SUSAN BO72RRE2155, K) -> IS
avec IS = sig(K, SAMPLE SUSAN BO72RRE2155)  with IS = sig (K, SAMPLE SUSAN BO72RRE2155)
Les informations signées IS sont, dans un premier mode de mise en œuvre, converties en un premier code lisible par une machine. Ce code est ici un code QR référencé 12. Le code QR est simplement imprimé sur le permis 10 lors de sa fabrication.  The IS signed information is, in a first mode of implementation, converted into a first code readable by a machine. This code is here a QR code referenced 12. The QR code is simply printed on the license 10 during its manufacture.
La vérification de l'intégrité du permis 10 (vérification que celui-ci n'a pas été falsifié) peut par exemple s'opérer lors d'un contrôle routier par un agent de police : celui-ci scanne, à l'aide d'un terminal (par exemple à l'aide d'un téléphone mobile, un PDA ou un smartphone) le code QR 12. Une application dédiée installée dans son terminal comprend (ou télécharge, par exemple via Internet, dans un schéma de signature par clé partagée - PKI) la clé de déchiffrement appairée Kd avec la clé K ayant servi à signer les informations de référence. Après déchiffrement, l'agent de police peut visuellement comparer les informations de référence imprimées sur le permis 10 avec celles issues du déchiffrement. Ainsi, si une personne mal intentionnée venait à modifier le nom, le prénom ou le numéro du permis, il n'y aurait pas identité entre les informations de référence imprimées et celles issues du déchiffrement. The verification of the integrity of the permit 10 (verification that it has not been falsified) can for example be carried out during a roadside check by a police officer: he scans, with the help of a terminal (for example using a mobile phone, a PDA or a smartphone) the QR code 12. A dedicated application installed in its terminal includes (or downloads, for example via the Internet, in a signature scheme by shared key - PKI) the paired decryption key Kd with the key K used to sign the reference information. After decryption, the police officer can visually compare the reference information printed on the allowed 10 with those from decryption. Thus, if a malicious person had to change the name, first name or license number, there would be no identity between the printed reference information and those derived from the decryption.
La personne malveillante ne peut pas modifier le code QR 12 puisqu'elle ne dispose pas de la clé de l'organisme ayant fabriqué le permis 10, cette clé étant confidentielle.  The malicious person can not modify the QR code 12 since it does not have the key of the body that manufactured the permit 10, this key being confidential.
Les informations de référence peuvent être des lettres et/ou des chiffres et/ou encore une photographie.  The reference information may be letters and / or numbers and / or a photograph.
En ce qui concerne les clés de signature K et de déchiffrement Kd, elles peuvent être identiques (dans un schéma à clé secrète) mais elles sont de préférence différentes (schéma à clés publiques). En effet, un schéma de signature à clé secrète n'est sûr que si la clé secrète n'est pas révélée. Ceci ne peut être garanti si la clé secrète est présente dans les terminaux des personnes autorisées à effectuer des contrôles d'authenticité de documents. En revanche, si la clé de signature est une clé privée, tout le monde peut déchiffrer le code QR 12 à l'aide de la clé publique associée. Des schémas de diversification de clés sont également possibles.  As regards the signature keys K and Kd decryption, they can be identical (in a secret key scheme) but they are preferably different (public key scheme). Indeed, a secret key signature scheme is only safe if the secret key is not revealed. This can not be guaranteed if the secret key is present in the terminals of the persons authorized to carry out authenticity checks of documents. On the other hand, if the signature key is a private key, anyone can decrypt the QR code 12 using the associated public key. Key diversification schemes are also possible.
L'invention propose également, et ce à titre accessoire, d'imprimer sur le document 10 un deuxième code 13 lisible par une machine correspondant aux informations de référence. Il n'y a dans ce cas pas de signature des informations de référence qui sont simplement converties dans le code 13.  The invention also proposes, on an ancillary basis, printing on the document 10 a second code 13 readable by a machine corresponding to the reference information. In this case, there is no signature of the reference information which is simply converted into the code 13.
Enfin, l'invention propose d'imprimer sur le document 10 un troisième code 14 lisible par une machine comprenant au moins un identifiant de la clé cryptographique ayant servi à signer ces informations de référence. L'identifiant est par exemple la version de la clé, ou pourquoi pas, dans un schéma de PKI, la clé de déchiffrement Kd. La personne désirant vérifier que le document 10 n'a pas été falsifié peut alors simplement scanner le code 14 (pour reconstituer la clé publique) avant de scanner le code 12 pour vérifier l'authenticité des informations de référence. Le code 14 peut comprendre la clé de déchiffrement ou un lien vers cette clé de déchiffrement.  Finally, the invention proposes to print on the document 10 a third code 14 readable by a machine comprising at least one identifier of the cryptographic key used to sign this reference information. The identifier is for example the version of the key, or why not, in a PKI scheme, the decryption key Kd. The person wishing to verify that the document 10 has not been forged can then simply scan the code 14 (to reconstitute the public key) before scanning the code 12 to verify the authenticity of the reference information. The code 14 may comprise the decryption key or a link to this decryption key.
Lorsqu'un schéma à clé secrète est utilisé, il est possible d'envoyer à l'émetteur du permis 10 les informations signées afin que celui-ci les déchiffre et les retransmette à la personne qui effectue le contrôle du document 10. Le code 14 comprend alors un simple lien (adresse Internet) vers un site de l'émetteur du document 10. When a secret key scheme is used, it is possible to send to the issuer of the license 10 the signed information for it to decipher and retransmitted to the person who checks the document 10. The code 14 then includes a simple link (Internet address) to a site of the issuer of the document 10.
Dans un autre mode de mise en œuvre de l'invention, le code imprimé est obtenu à partir d'informations incluant les informations signées. Cela signifie que les informations signées sont concaténées avec d'autres informations, par exemple avec les données permettant d'identifier la clé de signature utilisée ou un lien vers cette clé de signature (celle permettant d'obtenir le code 14 dans la figure 1 ) et/ou avec les informations imprimées (informations de référence ou toutes les informations imprimées),  In another embodiment of the invention, the printed code is obtained from information including the signed information. This means that the signed information is concatenated with other information, for example with the data to identify the signature key used or a link to this signature key (that to obtain the code 14 in Figure 1) and / or with the printed information (reference information or all printed information),
II est également possible de générer autant de codes qu'il y a d'informations de référence.  It is also possible to generate as many codes as there is reference information.
Il est également possible de protéger la photographie 1 1 du détenteur du document 10 par le mécanisme exposé ci-dessus, ainsi que la signature (point 6).  It is also possible to protect the photograph 11 of the holder of the document 10 by the mechanism explained above, as well as the signature (point 6).
Une signature manuscrite et une photographie peuvent donc également constituer des informations de référence, l'essentiel étant qu'elles se présentent sous un format numérique (par exemple jpeg ou gif) lors de l'édition du document. Après impression de l'image (photographie et/ou signature), sa représentation numérique est signée (avec ou sans d'autres informations à protéger) et convertie en un code lisible par une machine, ce code étant ensuite imprimé sur le document. On garantit ainsi une impossibilité de falsification (non détectable) d'une photographie ou d'une signature.  A handwritten signature and a photograph can therefore also constitute reference information, the essential being that they are in a digital format (for example jpeg or gif) when editing the document. After printing the image (photograph and / or signature), its digital representation is signed (with or without other information to protect) and converted into a machine readable code, which code is then printed on the document. This guarantees an impossible falsification (not detectable) of a photograph or a signature.
Les codes présentés jusqu'ici sont des codes QR mais tout type de code peut être utilisé (Aztec, Maxicode, Datamatrix, Code One,...), de préférence à deux dimensions, l'important étant que les informations dont on souhaite protéger l'intégrité soient signées par une clé uniquement en possession de l'émetteur du document sur lequel sont imprimées ces informations.  The codes presented so far are QR codes but any type of code can be used (Aztec, Maxicode, Datamatrix, Code One, ...), preferably two-dimensional, the important thing is that the information we want to protect integrity are signed by a key only in the possession of the issuer of the document on which this information is printed.
Le document n'est pas nécessairement un permis de conduire et peut être un passeport, une carte d'identité ou tout document imprimé, par exemple un diplôme, une ordonnance médicale,...  The document is not necessarily a driver's license and may be a passport, an identity card or any printed document, for example a diploma, a medical prescription, etc.
L'invention permet également de vérifier l'intégrité d'un document transmis par e-mail ou par télécopie, tant que le ou les codes imprimés ne sont pas altérés.  The invention also makes it possible to verify the integrity of a document transmitted by e-mail or by fax, as long as the printed code or codes are not altered.
L'invention concerne également un document comportant des informations de référence, ce document comprenant également un premier code lisible par une machine, le premier code comprenant les informations de référence signées par une clé cryptographique, ce premier code étant obtenu selon le procédé de l'invention. The invention also relates to a document comprising reference information, this document also comprising a first code readable by a machine, the first code comprising the reference information signed by a cryptographic key, this first code being obtained according to the method of the invention.
La figure 2 montre schématiquement une mise en œuvre du procédé selon l'invention.  Figure 2 shows schematically an implementation of the method according to the invention.
Les informations de référence à protéger contre leur falsification, notées 20, sont converties par un algorithme 21 en un code 13 (appelé précédemment deuxième code) imprimé sur le document 10. Ici, on garantit également l'intégrité de la signature manuscrite 22 du détenteur du document 10 en signant cette signature manuscrite par la clé cryptographique (secrète ou préférentiellement privée) de l'autorité d'où émane le document 10. Le code résultant est référencé 23 et également imprimé sur le document 10.  The reference information to be protected against forgery, denoted 20, is converted by an algorithm 21 into a code 13 (previously called second code) printed on the document 10. Here, the integrity of the holder's handwritten signature 22 is also guaranteed. of the document 10 by signing this handwritten signature by the cryptographic key (secret or preferentially private) of the authority from which the document 10 emanates. The resulting code is referenced 23 and also printed on the document 10.
La signature 24 de l'autorité est également utilisée pour signer les informations de référence et la signature manuscrite du détenteur du document 10. Cet ensemble signé est converti pour obtenir le premier code 12 qui est imprimé sur le document 10.  The authority signature 24 is also used to sign the reference information and the handwritten signature of the holder of the document 10. This signed set is converted to obtain the first code 12 which is printed on the document 10.
Enfin, l'identifiant 25 de la signature de l'autorité est converti par l'algorithme 21 pour obtenir le troisième code 14 qui est imprimé sur le document 10.  Finally, the identifier 25 of the authority signature is converted by the algorithm 21 to obtain the third code 14 which is printed on the document 10.
L'invention permet de garantir l'intégrité des informations imprimées sur un document, grâce au chiffrement de ces informations et leur codage sous la forme d'un code lisible par une machine. Le procédé est très simple à mettre en œuvre et la vérification des informations imprimées (nom, date, photographie, signature,...) peut être réalisée à partir de n'importe quel terminal mobile comprenant une application dédiée à la reconnaissance de codes (QR par exemple) et au déchiffrement d'une clé de signature cryptographique.  The invention makes it possible to guarantee the integrity of the information printed on a document, by encrypting this information and coding it in the form of a machine-readable code. The method is very simple to implement and the verification of the printed information (name, date, photograph, signature, ...) can be performed from any mobile terminal including an application dedicated to the recognition of codes ( QR for example) and decryption of a cryptographic signature key.

Claims

Revendications claims
1 . Procédé de sécurisation d'un document (10) comportant des informations imprimées, appelées informations de référence, caractérisé en ce qu'il consiste à : 1. Method for securing a document (10) comprising printed information, called reference information, characterized in that it consists of:
- signer la représentation numérique desdites informations de référence par une clé cryptographique pour obtenir des informations signées ;  - Sign the digital representation of said reference information by a cryptographic key to obtain signed information;
- constituer un ensemble d'informations incluant lesdites informations signées ; - constitute a set of information including said signed information;
- convertir ledit ensemble d'informations en un premier code (12) lisible par une machine ; converting said set of information into a first code (12) readable by a machine;
- imprimer ledit premier code (12) sur ledit document (10)  - printing said first code (12) on said document (10)
- imprimer sur ledit document (10) un deuxième code (13) lisible par une machine correspondant à la représentation numérique desdites informations de référence.  - Printing on said document (10) a second code (13) readable by a machine corresponding to the digital representation of said reference information.
2. Procédé selon la revendication 1 , caractérisé en ce que lesdites informations de référence sont des lettres. 2. Method according to claim 1, characterized in that said reference information is letters.
3. Procédé selon la revendication 1 , caractérisé en ce que lesdites informations de référence sont des chiffres. 3. Method according to claim 1, characterized in that said reference information is numbers.
4. Procédé selon la revendication 1 , caractérisé en ce que lesdites informations de référence sont une photographie. 4. Method according to claim 1, characterized in that said reference information is a photograph.
5. Procédé selon la revendication 1 , caractérisé en ce que lesdites informations de référence sont une signature manuscrite. 5. Method according to claim 1, characterized in that said reference information is a handwritten signature.
6. Procédé selon l'une des revendications 1 à 5, caractérisé en ce que ladite clé cryptographique est une clé secrète. 6. Method according to one of claims 1 to 5, characterized in that said cryptographic key is a secret key.
7. Procédé selon l'une des revendications 1 à 5, caractérisé en ce que ladite clé cryptographique est une clé privée. 7. Method according to one of claims 1 to 5, characterized in that said cryptographic key is a private key.
8. Procédé selon l'une des revendications 1 à 7, caractérisé en ce que ledit document (10) est un passeport, une carte d'identité ou un document imprimé. 8. Method according to one of claims 1 to 7, characterized in that said document (10) is a passport, an identity card or a printed document.
9. Procédé selon l'une des revendications 1 à 8, caractérisé en ce qu'il consiste également à imprimer sur ledit document un troisième code (14) lisible par une machine comprenant au moins un identifiant de ladite clé cryptographique. 9. Method according to one of claims 1 to 8, characterized in that it also consists in printing on said document a third code (14) readable by a machine comprising at least one identifier of said cryptographic key.
10. Procédé selon la revendication 9, caractérisé en ce que ledit troisième code (14) comprend la clé publique permettant de déchiffrer ledit premier code (12). 10. The method of claim 9, characterized in that said third code (14) comprises the public key for decrypting said first code (12).
1 1 . Document (10) comportant des informations imprimées, appelées informations de référence, caractérisé en ce qu'il comprend un premier code (12) lisible par une machine, ledit premier code (12) comprenant la représentation numérique desdites informations de référence signées par une clé cryptographique et en ce qu'il comprend un deuxième code (13) lisible par une machine correspondant à la représentation numérique desdites informations de référence. 1 1. Document (10) comprising printed information, called reference information, characterized in that it comprises a first code (12) readable by a machine, said first code (12) comprising the digital representation of said reference information signed by a key cryptographic and in that it comprises a second code (13) readable by a machine corresponding to the digital representation of said reference information.
PCT/EP2013/076088 2012-12-12 2013-12-10 Method for securing a document comprising printed information and corresponding document WO2014090804A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP12306575.7A EP2743893A1 (en) 2012-12-12 2012-12-12 Method for securing a document including printed information and corresponding document
EP12306575.7 2012-12-12

Publications (1)

Publication Number Publication Date
WO2014090804A1 true WO2014090804A1 (en) 2014-06-19

Family

ID=47632767

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2013/076088 WO2014090804A1 (en) 2012-12-12 2013-12-10 Method for securing a document comprising printed information and corresponding document

Country Status (2)

Country Link
EP (1) EP2743893A1 (en)
WO (1) WO2014090804A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110073368A (en) * 2016-11-09 2019-07-30 苏伊斯公司 Method for authenticating illustration
US11042792B2 (en) * 2017-07-24 2021-06-22 Surys Methods for encoding a source color illustration, for authenticating an illustration, and related computer media

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3424024A1 (en) 2016-03-02 2019-01-09 OVD Kinegram AG Security document and method for the authentication thereof
DE102019129490A1 (en) * 2019-10-31 2021-05-06 Bundesdruckerei Gmbh Method and system for the production and verification of a security document

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3990558A (en) * 1973-10-08 1976-11-09 Gretag Aktiengesellschaft Method and apparatus for preparing and assessing payment documents
EP0154972A2 (en) * 1984-03-12 1985-09-18 Pitney Bowes Inc. Method and apparatus for verifying postage
WO1995002512A1 (en) 1993-07-16 1995-01-26 Francesco Bosisio Process for incorporating and protecting writing on paper documents, especially on bank cheques
US5426700A (en) * 1993-08-23 1995-06-20 Pitney Bowes Inc. Method and apparatus for verification of classes of documents
EP0889448A2 (en) * 1997-07-01 1999-01-07 Pitney Bowes Inc. Method for preventing counterfeiting of articles of manufacture
EP0727316B1 (en) 1995-02-17 2000-06-14 Ahlstrom Industries SA Printable document comprising means for revealing forgery
US6212504B1 (en) * 1998-01-12 2001-04-03 Unisys Corporation Self-authentication of value documents using encoded indices

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US3990558A (en) * 1973-10-08 1976-11-09 Gretag Aktiengesellschaft Method and apparatus for preparing and assessing payment documents
EP0154972A2 (en) * 1984-03-12 1985-09-18 Pitney Bowes Inc. Method and apparatus for verifying postage
WO1995002512A1 (en) 1993-07-16 1995-01-26 Francesco Bosisio Process for incorporating and protecting writing on paper documents, especially on bank cheques
US5426700A (en) * 1993-08-23 1995-06-20 Pitney Bowes Inc. Method and apparatus for verification of classes of documents
EP0727316B1 (en) 1995-02-17 2000-06-14 Ahlstrom Industries SA Printable document comprising means for revealing forgery
EP0889448A2 (en) * 1997-07-01 1999-01-07 Pitney Bowes Inc. Method for preventing counterfeiting of articles of manufacture
US6212504B1 (en) * 1998-01-12 2001-04-03 Unisys Corporation Self-authentication of value documents using encoded indices

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110073368A (en) * 2016-11-09 2019-07-30 苏伊斯公司 Method for authenticating illustration
US11055589B2 (en) * 2016-11-09 2021-07-06 Surys Method for authenticating an illustration
CN110073368B (en) * 2016-11-09 2023-07-04 苏伊斯公司 Method for authenticating an illustration
US11042792B2 (en) * 2017-07-24 2021-06-22 Surys Methods for encoding a source color illustration, for authenticating an illustration, and related computer media

Also Published As

Publication number Publication date
EP2743893A1 (en) 2014-06-18

Similar Documents

Publication Publication Date Title
EP1716520B1 (en) Use of a digital signature obtained from at least one structural characteristic of a hardware element in order to protect direct reading of sensitive information and method for reading protected sensitive information
US20160210621A1 (en) Verifiable credentials and methods thereof
EP1964077A1 (en) Method for certifying and subsequently authenticating original paper or digital documents for the constitution of evidence
WO2005091232A1 (en) Method for authentication of products
US10279583B2 (en) System and method for storing digitally printable security features used in the creation of secure documents
TW200907864A (en) Authenticity validation subject, authenticity validation chip reader, and authenticity judging method
US11314999B2 (en) Data carrier and a method for producing such data carrier
WO2007072793A1 (en) Card capable of authentication
WO2014090804A1 (en) Method for securing a document comprising printed information and corresponding document
EP1788516B1 (en) Method and device for authentication and identification
EP2605218A1 (en) Method for securing an electronic document
WO2006042913A1 (en) Method for making secure transactions and authentication of objects or documents
FR3061582A1 (en) SYSTEM AND METHOD FOR TRACEABILITY AND AUTHENTICATION OF A PRODUCT
FR3070082A1 (en) AUTONOMOUS AUTHENTICATION DEVICE FOR OPTICAL MARKING AND METHODS
EP3017421B1 (en) Method for printing interdependent security graphics
WO2016177943A1 (en) Smartphone-authenticatable paper
FR3070215A3 (en) AUTONOMOUS AUTHENTICATION DEVICE FOR OPTICAL MARKING AND METHODS
CN112840595B (en) System and method for binding information to a tangible object
FR2734655A1 (en) Formation of cheque protected against falsification
EP2073175A1 (en) Secure identification medium and method of securing such a medium
WO2016207536A1 (en) Methods of affiliation, emancipation and verification between a tutor and a tutee
WO2022122821A1 (en) Device and method for authenticating products
FR2989798A1 (en) SECURITY DEVICE AND IDENTITY DOCUMENT
WO2013179265A1 (en) Method and system for securing an original document
FR3069939A3 (en) MARKING OF AUTHENTICITY

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13802387

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 13802387

Country of ref document: EP

Kind code of ref document: A1