ISO/IEC 20248
ISO/IEC 20248 Automatic Identification and Data Capture Techniques – Data Structures – Digital Signature Meta Structure is an international standard specification under development by ISO/IEC JTC1 SC31 WG2. This development is an extension of SANS 1368, which is the current published specification. ISO/IEC 20248 and SANS 1368 are equivalent standard specifications. SANS 1368 is a South African national standard developed by the South African Bureau of Standards.
ISO/IEC 20248 [and SANS 1368] specifies a method whereby data stored within a barcode and/or RFID tag is structured and digitally signed. The purpose of the standard is to provide an open and interoperable method, between services and data carriers, to verify data originality and data integrity in an offline use case. The ISO/IEC 20248 data structure is also called a "DigSig" which refers to a small, in bit count, digital signature.
ISO/IEC 20248 also provides an effective and interoperable method to exchange data messages in the Internet of Things [IoT] and machine to machine [M2M] services allowing intelligent agents in such services to authenticate data messages and detect data tampering.
Description
ISO/IEC 20248 can be viewed as an X.509 application specification similar to S/MIME. Classic digital signatures are typically too big (the digital signature size is typically more than 2k bits) to fit in barcodes and RFID tags while maintaining the desired read performance. ISO/IEC 20248 digital signatures, including the data, are typically smaller than 512 bits. X.509 digital certificates within a public key infrastructure (PKI) is used for key and data description distribution. This method ensures the open verifiable decoding of data stored in a barcode and/or RFID tag into a tagged data structure; for example JSON and XML.
ISO/IEC 20248 addresses the need to verify the integrity of physical documents and objects. The standard counters verification costs of online services and device to server malware attacks by providing a method for multi-device and offline verification of the data structure. Examples documents and objects are education and medical certificates, tax and share/stock certificates, licences, permits, contracts, tickets, cheques, border documents, birth/death/identity documents, vehicle registration plates, art, wine, gemstones and medicine.
A DigSig stored in a QR code or near field communications (NFC) RFID tag can easily be read and verified using a smartphone with an ISO/IEC 20248 compliant application. The application only need to go online once to obtain the appropriate DigSig certificate, where after it can offline verify all DigSigs generated with that DigSig certificate.
A DigSig stored in a barcode can be copied without influencing the data verification. For example; a birth or school certificate containing a DigSig barcode can be copied. The copied document can also be verified to contain the correct information and the issuer of the information. A DigSig barcode provides a method to detect tampering with the data.
A DigSig stored in an RFID/NFC tag provides for the detection of copied and tampered data, therefore it can be used to detect the original document or object. The unique identifier of the RFID tag is used for this purpose.
The DigSig Envelope
ISO/IEC 20248 calls the digital signature meta structure a DigSig envelope. The DigSig envelope structure contains the DigSig certificate identifier, the digital signature and the timestamp. Fields can be contained in a DigSig envelope in 3 ways; Consider the envelope DigSig{a, b, c} which contains field sets a, b and c.
- a fields are signed and included in the DigSig envelope. All the information (the signed field value and the field value is stored on the AIDC) is available to verify when the data structure is read from the AIDC (barcode and/or RFID).
- b fields are signed but NOT included in the DigSig envelope - only the signed field value is stored on the AIDC. Therefore the value of a b field must be collected by the verifier before verification can be performed. This is useful to link a physical object with an barcode and/or RFID tag to be used as an anti-counterfeiting measure; for example the seal number of a bottle of wine may be a b field. The verifier needs to enter the seal number for a successful verification since it is not stored in the barcode on the bottle. When the seal is broken the seal number may also be destroyed and yielded unreadable; the verification can therefore not take place since it requires the seal number. A replacement seal must display the same seal number; using holograms and other techniques may make the generation of a new copied seal number not viable. Similarly the unique tag ID, also known is the TID in ISO/IEC 18000, can be used in this manner to prove that the data is stored on the correct tag. In this case the TID is a b field. The interrogator will read the DigSig envelope from the changeable tag memory and then read the non-changeable unique TID to allow for the verification. If the data was copied from one tag to another, then the verification process of the signed TID, as stored in the DigSig envelope, will reject the TID of the copied tag.
- c fields are NOT signed but included in the DigSig envelope - only the field value is stored on the AIDC. A c field can therefore NOT be verified, but extracted from the AIDC. This field value may be changed without affecting the integrity of the signed fields.
The DigSig Data Path
Typically data stored in a DigSig originate as structured data; JSON or XML. The structured data field names maps directly on the DigSig Data Description [DDD]. This allows the DigSig Generator to digitally sign the data, store it in the DigSig envelope and compact the DigSig envelope to fit in the smallest bits size possible. The DigSig envelope is then programmed in an RFID tag or printed within a barcode symbology.
The DigSig Verifier reads the DigSig envelope from the barcode or RFID tag. It then identifies the relevant DigSig certificate, which it uses to extract the fields from the DigSig envelope and obtain the external fields. The Verifier then performs the verification and makes the fields available as structured data for example JSON or XML.
Examples
QR example
The following education certificate examples use the URI-RAW DigSig envelope format. The URI format allows a generic barcode reader to read the DigSig where after it can be verified online using the URI of the trusted issuer of the DigSig. Often the ISO/IEC 20248 compliant smartphone application (App) will be available on this website for down load, where after the DigSig can be verified offline. Note, a compliant App must be able to verify DigSigs from any trusted DigSig issuer.
The university certificate example illustrates the multi-language support of SANS 1368.
RFID and QR Example
In this example a vehicle registration plate is fitted with an ISO/IEC 18000-63 (Type 6C) RFID tag and printed with a QR barcode. The plate is both offline verifiable using a smartphone, when the vehicle is stopped; or using an RFID reader, when the vehicle drive past the reader.
Note the 3 DigSig Envelope formats; RAW, URI-RAW and URI-TEXT.
The DigSig stored in the RFID tag is typically in a RAW envelope format to reduce the size from the URI envelope format. Barcodes will typically use the URI-RAW format to allow generic barcode readers to perform an online verification. The RAW format is the most compact but it can only be verified with a SANS 1368 compliant application.
The DigSig stored in the RFID tag will also contain the TID (Unique Tag Identifier) within the signature part. A DigSig Verifier will therefore be able to detect data copied onto another tag.
QR with External data example
The following QR barcode is attached to a computer or smartphone to prove it belongs to a specific person. It uses a b type field, described above, to contain a secure personal identification number [PIN] remembered by the owner of the device. The DigSig Verifier will ask for the PIN to be entered, before the verification can take place. The verification will be negative if the PIN is incorrect. The PIN for the example is "123456".
The DigSig Data Description for the above DigSig is as follows:
{ "defManagementFields":
{ "mediasize":"50000",
"specificationversion":1,
"country":"ZAR",
"DAURI":"https://www.idoctrust.com/",
"verificationURI":"http://sbox.idoctrust.com/verify/",
"revocationURI":"https://sbox.idoctrust.com/chkrevocation/",
"optionalManagementFields":{}}},
"defDigSigFields":
[{ "fieldid":"cid",
"type":"unsignedInt",
"benvelope":false},
{ "fieldid":"signature",
"type":"bstring",
"binaryformat":"{160}",
"bsign":false},
{ "fieldid":"timestamp",
"type":"date",
"binaryformat":"Tepoch"},
{ "fieldid":"name",
"fieldname":{"eng":"Name"},
"type":"string",
"range":"[a-zA-Z ]",
"nullable":false},
{ "fieldid":"idnumber",
"fieldname":{"eng":"Employee ID Number"},
"type":"string",
"range":"[0-9 ]"},
{ "fieldid":"sn",
"fieldname":{"eng":"Asset Serial Number"},
"type":"string",
"range":"[0-9a-zA-Z ]"},
{ "fieldid":"PIN",
"fieldname":{"eng":"6 number PIN"},
"type":"string",
"binaryformat":"{6}",
"range":"[0-9]",
"benvelope":false,
"pragma":"enterText"}]}
References
- SANS 1368, Automatic identification and data capture techniques — Data structures — Digital Signature meta structure
- FIPS PUB 186-4, Digital Signature Standard (DSS) – Computer security – Cryptography
- IETF RFC 3076, Canonical XML Version 1.0
- IETF RFC 4627, The application/JSON media type for JavaScript Object Notation (JSON)
- IETF RFC 3275, (Extensible Markup Language) XML-Signature syntax and processing
- IETF RFC 5280, Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
- ISO 7498-2, Information processing systems – Open systems interconnection – Basic reference model – Part 2: Security architecture
- ISO/IEC 9594-8 (ITU X.509), Information technology – Open Systems Interconnection – The Directory: Public-key and attribute certificate frameworks
- ISO/IEC 10181-4, Information technology – Open Systems Interconnection – Security frameworks for open systems: Non-repudiation framework
- ISO/IEC 11770-3, Information technology – Security techniques – Key management – Part 3: Mechanisms using asymmetric techniques
- ISO/IEC 11889 (all parts), Information technology – Trusted Platform Module
- ISO/IEC 15415, Information technology – Automatic identification and data capture techniques – Bar code print quality test specification – Two-dimensional symbols
- ISO/IEC 15419, Information technology – Automatic identification and data capture techniques – Bar code digital imaging and printing performance testing
- ISO/IEC 15423, Information technology – Automatic identification and data capture techniques – Bar code scanner and decoder performance testing
- ISO/IEC 15424, Information technology – Automatic identification and data capture techniques – Data Carrier Identifiers (including Symbology Identifiers)
- ISO/IEC 15963, Information technology – Radio frequency identification for item management – Unique identification for RF tags
- ISO/IEC 16022, Information technology – Automatic identification and data capture techniques – Data Matrix bar code symbology specification
- ISO/IEC 16023, Information technology – International symbology specification – MaxiCode
- ISO/IEC 18000 (all parts), Information technology – Radio frequency identification for item management
- ISO/IEC 18004, Information technology – Automatic identification and data capture techniques – QR Code 2005 bar code symbology specification
- ISO/IEC TR 14516, Information technology – Security techniques – Guidelines for the use and management of Trusted Third Party services
- ISO/IEC TR 19782, Information technology – Automatic identification and data capture techniques– Effects of gloss and low substrate opacity on reading of bar code symbols
- ISO/IEC TR 19791, Information technology – Security techniques – Security assessment of operational systems
- ISO/IEC TR 29162, Information technology – Guidelines for using data structures in AIDC media
- ISO/IEC TR 29172, Information technology – Mobile item identification and management –Reference architecture for Mobile AIDC services