about physical watermarking, redux
Many years ago I posted an idea of mine about cryptographic physical watermarking of things, such as paper money, or maybe missiles. Whatnot. The idea was that you'd do some chaotic physical process in order to lay down a physical watermark, then image it, and finally digitally sign what was seen via asymmmetric cryptography. I imagined you'd then print the signature "on the bill" as a 2D barcode, to be verified. But I never worked out how you would deal with the inevitable "broken bill". I thought it'd take some kind of high end error correcting code. Now it finally came to me you don't need that at all. Instead, just repeat what you imaged from the bill, on the bill, verbatim, using whatever level of ECC you want, and then the signature. The verifier can utilize the digital, error corrected replica for hard crypto purposes, while separately verifying that it matches -- in any soft statistical knee -- a hard to mechanically replicate, unique signature, embedded in the "bill". My first and best idea about how to make this physical nonce is to mix a couple of dozen well cut differently fluorescent plastic fibers into the paper or plastic fiber pulp from which the bill/artifact is made. It would be rather difficult to replicate such a random arrangement of many fibers over, say, a 1200dpi scanned bill. Especially if the highest end scanner interferometrically made sure, that the fibers/chaff really are embedded in the paper, instead of having been printed on it. Any problems with my idea? I'd like to hear, especially since it has been a couple of decades coming. -- Sampo Syreeni, aka decoy - decoy@iki.fi, http://decoy.iki.fi/front +358-40-3751464, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2
Are you trying to make a physical cryptocurrency? You've defined electronic dependencies, features, sigs, etc. So how are people to do authentication? That would be against a central service, or against a central entity. Then how do you do issuance? How trust against printflation, etc? Then if fully distributed away from any form of that central, then you have thus defined a distributed electronic cryptocurrency and thus no need for a paper version, nor could such paper version be trusted by those who don't posess the digital devices to validate it, they'd be better off trusting gold or something they prefer.
thought it'd take some kind of high end error correcting code.
qrencode and other tools can encode ecc.
Any problems with my idea? I'd like to hear, especially since it has been a couple of decades coming.
This post indicates a larger project, can you link or post your original texts that introduce it overall?
watermarking ... missiles.
Government has zero interest in having others discover its involvement in murder, and it can just go on the news and claim the ones they do want to claim, just like terrorists do. Nor are manufacturers of war and murder machines going to embed such codes when their sovereign govt contract will only pay those who dont.
Hi Sampo, Thanks for your normal post to this list. I'm not a cryptographer but I find your idea interesting. I think these ideas came up a lot when people were imagining making cryptocurrency coins and bills. On Sun, Aug 1, 2021, 7:37 PM Sampo Syreeni <decoy@iki.fi> wrote:
Many years ago I posted an idea of mine about cryptographic physical watermarking of things, such as paper money, or maybe missiles. Whatnot.
The idea was that you'd do some chaotic physical process in order to lay down a physical watermark, then image it, and finally digitally sign what was seen via asymmmetric cryptography. I imagined you'd then print the signature "on the bill" as a 2D barcode, to be verified. But I never worked out how you would deal with the inevitable "broken bill". I thought it'd take some kind of high end error correcting code.
Now it finally came to me you don't need that at all. Instead, just repeat what you imaged from the bill, on the bill, verbatim, using whatever level of ECC you want, and then the signature. The verifier can utilize the digital, error corrected replica for hard crypto purposes, while separately verifying that it matches -- in any soft statistical knee -- a hard to mechanically replicate, unique signature, embedded in the "bill".
When I read this, I imagined a use case that wouldn't work for: when the secure features are too high definition for the printing media to fully reproduce. I think then it would make sense to make multiple signatures of different regions of the secure structures, and spread the signatures across the object.
My first and best idea about how to make this physical nonce is to mix a couple of dozen well cut differently fluorescent plastic fibers into the paper or plastic fiber pulp from which the bill/artifact is made. It would be rather difficult to replicate such a random arrangement of many fibers over, say, a 1200dpi scanned bill. Especially if the highest end scanner interferometrically made sure, that the fibers/chaff really are embedded in the paper, instead of having been printed on it.
I'm imagining studying errors made in the manufacturing process. Like the micropatterns of ink placement that rely on the relative arrangement of the underlying fibers, that we've all seen looking at printed material under a microscope. I don't imagine those things are securely random, but I imagine with study you could find secure sets of them. I like to think about errors because they get more detailed than what can be intentionally produced, and exist in all manufactured objects. Everything contains artefacts of the machine used to make it, and the age of that machine. I expect the flourescent fibers are a better idea. I've just had similar ideas. Any problems with my idea? I'd like to hear, especially since it has
been a couple of decades coming.
Sorry that I don't really know the discipline. I'm thinking a first step on implementing something like this might involve automating scanning of objects at very high resolution. A digital microscope could do two dimensions. I imagine there have been a lot of advances in getting high resolution 3d information. --
Sampo Syreeni, aka decoy - decoy@iki.fi, http://decoy.iki.fi/front +358-40-3751464 <http://decoy.iki.fi/front+358-40-3751464>, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2
On Sunday, August 1, 2021, 04:37:58 PM PDT, Sampo Syreeni <decoy@iki.fi> wrote:
Many years ago I posted an idea of mine about cryptographic physical watermarking of things, such as paper money, or maybe missiles. Whatnot.
The idea was that you'd do some chaotic physical process in order to lay down a physical watermark, then image it, and finally digitally sign what was seen via asymmmetric cryptography. I imagined you'd then print the signature "on the bill" as a 2D barcode, to be verified. But I never worked out how you would deal with the inevitable "broken bill". I thought it'd take some kind of high end error correcting code.
[snip]
Any problems with my idea? I'd like to hear, especially since it has been a couple of decades coming. -- Sampo Syreeni, aka decoy - decoy@iki.fi, http://decoy.iki.fi/front +358-40-3751464, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2
About 40 years ago, I bought the latest Pat Benatar album (yes, vinyl!) from Tower Records in Beaverton Oregon. Get Nervous | | | | | | | | | | | Get Nervous Get Nervous is the fourth studio album by American rock singer Pat Benatar, released in October 1982. It debuted... | | | Inside the plastic shrinkwrap, there was a white post-card-sized white card, printed with a return address, and an area on the card with a horizontal- and vertical- marked target, about an inch square. I believe it was an anti-bootleg device. I concluded that the cards were printed and given an ID number, and then scanned, perhaps on the surface or perhaps transmission through the card. That information was probably stored. People were to fill out the cards and return them to the manufacturer to re-scan. I think the intent was that it would be impossible to fake the card, because the information was embedded in the fibers in the structure of the card itself. If anybody tried to bootleg the album, they could not re-create the internal pattern of the paper. Jim Bell
On 8/1/21, jim bell <jdb10987@yahoo.com> wrote:
People were to fill out the cards and return them to the manufacturer to re-scan. I think the intent was that it would be impossible to fake the card, because the information was embedded in the fibers in the structure of the card itself. If anybody tried to bootleg the album, they could not re-create the internal pattern of the paper.
Maybe if a faker wanted to print and sell a vinyl clone... but there would have had to be a reply from the OEM back to the consumer to [dis]prove the authenticity of what they bought (postcards were mostly for fanclub signups and T-shirt and poster merch in those days). And enforcement would depend on the consumer, instead of just happily playing their clone, being pissed enough to rat out their lower cost vendor of choice to the OEM, and for what reward. Big store chains would not risk their OEM distrib contract and legal to knowingly buy and stock clones on open shelves. Cards may have been used to detect sales of cut-out lots that were supposed to be destroyed for credit. But the OEM still had to hunt down the offender, which they did try to do for bootlegs at concerts and indie stores. Were vinyl ever really printcloned (a fixed location and capital), vs when cassette was the real and popular p2p bootleg medium of the 80s and 90s?
About 40 years ago, I bought the latest Pat Benatar album (yes, vinyl!) from Tower Records in Beaverton Oregon. Get Nervous
https://www.youtube.com/watch?v=sXatoCG13tw official https://www.youtube.com/watch?v=TZ2hSQK8Ak0 advert https://www.youtube.com/watch?v=_72dG4B7Mhk live Maybe time for new blood to reboot the 70/80/90s genre.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 hello Sampo! ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, August 1st, 2021 at 3:54 PM, Sampo Syreeni <decoy@iki.fi> wrote:
Many years ago I posted an idea of mine about cryptographic physical watermarking of things, such as paper money, or maybe missiles. Whatnot. The idea was that you'd do some chaotic physical process in order to lay down a physical watermark, then image it, and finally digitally sign what was seen via asymmmetric cryptography.
...
My first and best idea about how to make this physical nonce is to mix a couple of dozen well cut differently fluorescent plastic fibers into the paper or plastic fiber pulp from which the bill/artifact is made.
check out physically unclonable functions: [ https://en.wikipedia.org/wiki/Physical_unclonable_function ] in particular optical PUFs. check out the integrated PUF from consumer hardware in this paper :) - https://eprint.iacr.org/2013/215.pdf best regards, -----BEGIN PGP SIGNATURE----- iNUEAREKAH0WIQRBwSuMMH1+IZiqV4FlqEfnwrk4DAUCYQhaGl8UgAAAAAAuAChp c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0NDFD MTJCOEMzMDdEN0UyMTk4QUE1NzgxNjVBODQ3RTdDMkI5MzgwQwAKCRBlqEfnwrk4 DD58AP402kQPTbjDJzMzm3uc4Dj6OXRIOzTTy7QtOuOLSSY3VwEAiZN78MRdUgdP vsRruJOiGaJH9S0IUfM6HnwB+eQv5Yg= =JnyH -----END PGP SIGNATURE-----
participants (6)
-
coderman -
grarpamp -
jim bell -
Karl Semich -
Punk-BatSoup-Stasi 2.0 -
Sampo Syreeni