AT521818A1 - Detection of unauthorized changes to printed documents - Google Patents

Abstract

The invention relates to a method for securing a document against unauthorized changes and for detecting such an unauthorized change. The invention is based on the idea of linking the sheets of the document to one another via hash values and to provide only the last sheet with at least one signature. A fraudster who intends to forge is thereby forced to replace all sheets of the document and to forge all signatures on the last sheet, which is an obstacle that cannot be overcome, or at least difficult, according to the invention.

Description

Detection of unauthorized changes to printed

Documents

Nowadays, the digital signature of a digital document is preferably carried out using an asymmetrical key pair. Such a key pair consists of a public and a private key. The private key is only known to the signature generator. The signature generator signs at least digital information of the document, in particular the entire document, with this private key. The signature created in this way can be published without any problems, since the private key cannot be reconstructed from it. However, anyone who owns the signature generator's public key can use it to lock the signature owner

authenticate.

In the age of digitization, countless documents are mostly created digitally, copied, signed, sent and deleted, but not necessarily printed out on paper. However, some documents are still available on paper, be it out of nostalgia, habit, or because the law requires it. In particular, documents that are subject to a notarial act will still be

printed, signed and saved. Also contracts in the private sector

are very often still signed and kept in print, too

if they were previously digitally generated, expanded and exchanged.

A document that consists of several sheets and must be signed is usually always signed on the last sheet. From a legal point of view, this signature also confirms the content of all preceding sheets, i.e. it is confirmed that they belong to the document. However, a signature at the end of the document cannot prevent pages from being read

the signing can be easily exchanged.

If two parties each receive a copy of the same document, the manipulation of at least one of the two copies creates the problem that it cannot subsequently be determined which of the two parties has manipulated the document. If more than two parties sign the document, if one copy differs from the other, identical copies, it can be assumed that the individual different copy has been manipulated, but that is not certain. For example, two out of three parties could fraudulently join together for the

harm third party. Analogous considerations apply to more than three parties.

A frequently practiced approach to solving this problem is to sign all sheets of the document on at least one side or at least to provide them with a handwritten abbreviation. As a result, a potential fraudster would not only have to change the content of the sheets and replace them, but also falsify the signature or the handwritten abbreviation on these sheets, which is a very big hurdle. Nowadays, graphologists are able to use state-of-the-art means, based on the printing pressure, the orientation of the letters of the signature, the writing style and others

Parameters to verify a signature or to expose it as a forgery.

The document can therefore be protected by signing all sheets on at least one page. Signing or marking a document with a very large number of sheets is, however, very tedious, especially if each of the signing parties insists on being allowed to put an abbreviation or signature on at least one side of each sheet. Furthermore, the effort increases when the document is shared by multiple parties

must be spent.

The prior art shows some solutions to this problem, of which

however, none anticipates the embodiment according to the invention.

US5157726A describes a method for authenticating an original document. The original document is digitized and digitally signed together with the information on an ID card. This connects the ID card to the document. The document is then printed out and the digital signature is printed on the document as a string. The document can be transported in this way. At the recipient's location, it is digitized again, together with the printed signature, unless it was already sent via an electrical channel, and the recipient verifies the signature. Digital keys must be used in this procedure in order to be able to carry out the signature or verification procedure. These digital keys must

be kept somewhere.

The document US5912974A describes a method in which a document which has already been printed out is scanned in, edited by a user with regard to its content and then digitally signed. The user uses a public hash algorithm to calculate a hash value for appropriately digitized areas of a document. A digital signature is generated using a private key and an authentication code is printed on the document. This document also uses digital keys, especially private ones

and public keys.

The publication US5926551 also describes a method for signing a document, but again only digitally. The document is scanned beforehand, the bitmap image is compressed and a hash value is calculated over the image. This publication also does not show how a printed document is signed

can be.

The publication WO2008150670A1, on the other hand, describes a method for recognizing the unauthorized modification of a printed document and therefore most closely describes a method that corresponds to the method disclosed and claimed here. Paragraph [0002], on the other hand, already refers to a so-called public-key method, which indicates that this prior-art method again requires a digital key. With

With the help of this key, a digital signature is generated again, which is on the

Document is attached true to the document. For their verification, however, the public key of the signature generator is required, which is published accordingly

and / or must be kept.

Since these methods are technologies in which algorithms for encryption and decryption, for signature, for authentication and for generating hash values must be used in all cases, the IPC classes H04K1 / 00 (2018.01), HO4L9 / 00 ( 2018.01) and their corresponding subclasses to be suitable for searching for further documents in the

To look for the state of the art.

The aforementioned methods from the prior art have several disadvantages. One of the biggest disadvantages is that keys, especially asymmetrical keys consisting of public and private keys, are always required for digital signatures. Parts of the document or the entire document are digitally signed, i.e. encoded with the private key of the signature generator. It is also conceivable that not the content itself, but a hash value that was calculated from the content, is encrypted and thus becomes a signature. Any owner of the public key of the signature generator can thus authenticate the signature generator. The storage of the private keys or the publication of the public keys naturally makes sense for systems that are to be digitally signed and can be carried out very efficiently using software or hardware, for example a key server. However, if you are looking for the simplest possible method to protect printed documents, another method must be used. In particular, the storage, storage or determination of such keys to determine the signature of a printed document is far too complex. Furthermore, documents can be archived for years or even decades. Nobody will be able or want to keep the required keys for such a long period of time. Even if the will to store is there, nobody guarantees that the keys will not be lost

go.

The prior art therefore primarily describes digital signing or the verification of the digital signature of documents using public and

private keys. This type of signature is not at the heart of the present invention.

It appears that the emerging digitalization has only generated the state of the art that deals with the problem of digital signatures. Procedure by means of which a printed document against manipulation

protection cannot seem to have been revealed.

It is therefore the object of the invention to show a method by means of which a number of sheets of a document, in particular a contract, can be signed without having to resort to key pairs. The actual signatures of all parties that the document is on one page of the

sign last sheet, replace the digital key pair according to the invention.

The method according to the invention thus shows how a document can be generated, which is more difficult, preferably not at all, after it has been signed

can be faked.

Furthermore, the method according to the invention shows how an unauthorized one

Change in the printed document can be determined.

It is therefore not the task of the method according to the invention to replace or improve digital signature methods, but rather a method for detecting unauthorized changes to printed documents and for

To demonstrate production of such documents.

These objects are achieved with the features of claims 1, 4 and 5. Advantageous developments of the invention are specified in the subclaims. All combinations of at least two of the features specified in the description, the claims and / or the figures also fall within the scope of the invention. In the case of specified value ranges, values lying within the stated limits are also to be considered disclosed as limit values and in any

Combination can be claimed.

The method according to the invention can theoretically be carried out entirely without hardware and / or software. All hash value calculations could be carried out manually, all sheets or pages of a document could be labeled manually with the hash value. In the course of digitization, however, these hash value calculations are preferably carried out using a computer. In particular, the computer and corresponding software serve, in particular

a word processor, also producing a printable one

Document. In this sense, the actually manual work can be done

of course, to be relieved immensely.

The method according to the invention can be very easily and without much effort into an already existing one, in particular by programming an additional program (plug-in) or an extension (add-on)

Word processing program can be integrated.

Under the terms physical or actual, the

Document understood a material, especially non-digital, condition.

A document is a set of sheets. The document preferably first exists only in digital form in software. The software is used in particular for writing the text, but also for implementing at least part of the method according to the invention. According to the invention, the document must, however, at the latest when it is signed in a printed i.e. physical condition. In the disclosure of the invention and in particular in the description of the figures, only one document labeled on one side is described in order to represent the inventive idea as simply as possible. Generally, documents are on the

most sheets labeled on both sides.

A sheet is part of a document. In particular, a sheet is a piece of paper. However, the idea of the invention is not limited to a piece of paper. A piece of cardboard, a writable metal plate, a clay tablet or a stone tablet can also be placed under a sheet

be understood.

A page is one of the two largest surfaces of the sheet.

Each sheet has a front and a back.

In the further course of the publication, the word signature is used as a synonym for all types of actual, i.e. non-digital, createable entities used that are non-solvable, i.e. document-safe, with a document to be protected, in particular on at least one side of a sheet, and with which the document can be signed. In particular, the signature can therefore be the handwritten signature of a person, but also a seal, a complicated stamp, etc. The signature must

counterfeit-proof or at least very difficult to counterfeit. Is the signature

counterfeitable, it should at least be guaranteed that this counterfeiting,

in particular as simple as possible.

A chain is understood to be a set of sheets of a document, the contents of which are to be protected are mathematically linked to one another by the method according to the invention. The amount of leaves that form a chain is preferably ordered. The term chain is chosen because the leaves are connected to one another like the links in a chain via the hash values of the method according to the invention. It is conceivable that from a set of leaves only those leaves are chained according to the invention, the protection of which is considered to be worth considering,

however, preferably all sheets of a document are chained together.

An amount of information is understood to mean the information of a sheet to be protected with the aid of the method according to the invention. This is preferably understood to mean only the set of all characters of the type area on the front and back. It is even more preferably the set of all characters on a sheet, i.e. around the characters of the type area, footbridges, outer ridges, flange bridges and

Headstones of the front and back of a sheet.

A hash algorithm is a mathematical mapping rule that calculates a hash value from information. The advantages of such an algorithm are known to the person skilled in the art and should only be mentioned briefly here. A hash algorithm has the property that the hash value can no longer be used to draw conclusions about the information about which the hash value was calculated. Furthermore, a small change in the information leads to a, in particular strong, change in the hash value. Classic examples of hash algorithms are the SHA-1, SHA-256, SHA-512, MD5, RIPEMD160, Snefru, GOST or the Whirlpool algorithm. According to the invention, however

any hash algorithm can be used.

A hash value is understood to mean the value generated by means of a hash algorithm, in particular an amount of information to be protected according to the invention. The hash value can either be a combination of characters, in particular as a sequence of letters and / or numbers, as a bar code, as a QR code or in any other

Form be applied in a document-safe manner on at least one side of a sheet.

Meta information is understood to mean every piece of information in a document

can be affixed to at least one of the sheets of the document, but the

not necessarily part of the amount of information. For example, the hashing algorithm used is written on at least one sheet of the document so that it can be immediately understood which hashing algorithm to use

must to check the document according to the invention.

It is the object of a method according to the invention to mark at least one page of a plurality of sheets of a document by means of an inscription process in such a way that falsification of at least one amount of information of a sheet means that all sheets have to be changed up to the inclusive last sheet of the document on which there is a change but that, ideally, very difficult or not at all

falsified, actual signatures.

In the embodiment according to the invention, the method according to the invention is thus used to mark at least one side of a plurality of sheets by means of a description process, in particular a printing process, in such a way that the sheets are linked in a manner which can no longer be falsified, which by

an actual signature on the last sheet is completed.

It is an important aspect according to the invention that the method according to the invention does not require a symmetrical or asymmetrical key, as in a digital signature or authentication method. Such a key would have to be saved and saved somewhere again. In the method according to the invention, the actual signature on the last sheet of the document replaces

this key.

To use the method according to the invention, at least two sheets must exist in the document. Each sheet should have an amount of information to protect. The amount of information must be expressible in characters and convertible into numbers. An example is a text that consists of letters that can be converted into numerical values according to an ASCII table, for example. The amount of information is protected by the inventive method to the extent that its change in the

Document can be made recognizable by a test procedure.

The sheets do not necessarily have to be arranged with each other, but one of the sheets must be selected as the last sheet. In the case of a document, however, it makes sense and is logical to use the individual sheets to be protected in accordance with your

Order page number and process accordingly according to the invention.

In particular, the first leaf of the chain can be distinguished by the fact that it has no hash value. In a special embodiment, however, the calculated hash value of the last sheet is attached to the first sheet in a document-correct manner. In this case the chain is called closed or cyclical. In this special case, however, care must be taken that the hash value of the last leaf is only calculated at the end and then attached to the first leaf. At this point, the hash value from the amount of information from the first sheet has already been calculated for the second sheet. In the further course of the invention notification, this special case will not be dealt with further and the first sheet will never have a hash value affixed to the document. The application of the hash value of the last leaf to the first leaf is actually a redundancy, since the last leaf of the chain is already closed by the signatures and is therefore already sufficiently protected. A sheet without a hash value affixed to the document is also immediately available as

first leaf of the chain identifiable.

In the further course of the disclosure, the individual method steps of the method according to the invention for producing a document will now be precise

described.

In a first method step according to the invention, a hash value is calculated from the amount of information on the first leaf of the chain. The name of the hash algorithm used is preferably attached as meta information somewhere on one of the leaves of the chain, preferably immediately on the first leaf, more preferably on all of the leaves of the chain. As a result, a person who wants to check the leaves in the chain for tampering immediately recognizes which one

Hash algorithm must be used for testing.

In a second method step according to the invention, the hash value from the first method step is connected to the next leaf in the chain. If the document is created with the aid of software in the computer, this means in particular first of all the digital assignment of the hash value to the respective sheet in the software, in particular in a word processing program. This hash value is then attached to at least one side of the sheet in a document-safe manner when printed. The hash value is preferably outside the text area, that is to say in

Head, foot, collar or outer web attached. A document becomes predominant

Printed on one side, it is conceivable to have the hash value on the back of the sheet. The hash value can also be applied as a watermark. It is important according to the invention that this hash value is now part of the

Amount of information of this sheet will.

If there are more than two sheets in the document, the two previous steps can be repeated accordingly, i.e. a hash value of the amount of information of the second sheet, to which the first hash value also belongs, is calculated, which is then connected to the third sheet and attached to the third sheet in a document-correct manner when the document is printed out. With a total of n sheets to be linked to one another, a hash value can be calculated (n-1) times for a non-cyclic chain, saved and attached in a document-correct manner when printed. If the sheets within the document are indexed with the index i, where the index | runs from one to n, then the hash value calculated from the sheet with the index (i + 1) always has the hash value of the sheet with the previous index | and the amount of information of the sheet with the index (i + 1). The hash value from the first sheet is accordingly only calculated from its amount of information, since the first sheet of the document is not a predecessor

owns.

In a third method step according to the invention, the document generated in this way on the computer must be printed out. In the unlikely event that the document is generated without a computer, the document must be manually

to be created.

In a fourth method step according to the invention, the last sheet

according to the invention with at least one signature.

The signature is preferably the handwritten signature of at least one party. To attach the signature, the document must be

the amount of leaves, materially present.

With this signature, the chain, i.e. the number of sheets that make up the document to be protected, is quasi provided with a lock. If the chain consists of only one sheet, the method according to the invention is of course obsolete, since the signature on one side of the single sheet of the document,

sufficiently protects the document itself.

In an improvement according to the invention, in particular on the last sheet, additional meta information relating to the method is stored and attached in a document-correct manner, which makes it easier for a test method to check the document. For example, the following meta information

The hash algorithm used to generate the hash value is also stored

e The amount of information used to calculate the hash value

e The number of sheets that were chained. e The name of the document creator. e The names of the signing parties

If this meta information is not applied to the last object in a document-correct manner, it can itself become part of the amount of information and be subject to it

thus also protection by the method according to the invention.

In a special embodiment of the method according to the invention

the meta information is saved on the back of a document.

The invention also includes a method for detecting an unauthorized modification of a document, according to the above

method according to the invention was produced.

In a first method step according to the invention, the hash value of a first sheet of the document, in particular the first sheet of the chain, is made up of the

Amount of information calculated.

In a second method step according to the invention, the hash value determined in the first method step is compared with the hash value of the second leaf following the first leaf. If the hash values do not match, an unauthorized change was found and the document was exposed as a forgery. The process can then already be terminated in this process step

will.

Otherwise, the two are in further process steps according to the invention

mentioned process steps applied to all other sheets.

In a last method step according to the invention, the signatures on the last sheet must be checked. If at least one of the signatures is forged, an unauthorized change was found and the document as a forgery

recognized.

The invention also relates to a device according to the invention for implementing the method according to the invention. The device is in particular a computer that uses the method according to the invention

to label individual sheets with the hash values in a document-safe manner.

The device has at least one control unit, in particular a hardware and / or firm and / or software, which is able to calculate the hash values from the information sets with the respective hash algorithm. The device must also be able to print out the individual sheets,

and to write on the hash values in a document-safe manner.

In a particularly preferred embodiment according to the invention

a computer and a printer.

In a particularly preferred embodiment according to the invention

a computer and a plotter.

The invention also relates to an article according to the invention which arises from the method according to the invention. The article according to the invention is a document whose sheets are document-safe using the method according to the invention, preferably also using the device according to the invention

were labeled.

In an embodiment according to the invention, the article is a general contract which is protected by the method according to the invention

has been.

In a special embodiment, the article is a

Contract between at least two different legal entities.

In a further special embodiment, the article is

a contract between at least two different natural persons.

In a further special embodiment, the article is a contract between at least one natural and at least one

legal person.

In a very special embodiment according to the invention,

the article about a certificate.

In a still special embodiment according to the invention,

the article about a notary contract.

In another embodiment according to the invention, the article is concerned

about a marriage contract.

Further advantages, features and details of the invention result from the following description of preferred exemplary embodiments and with reference to the

Drawings. These show in:

1 shows an exemplary document in a general embodiment according to the invention, FIG. 2 shows an exemplary, compromised document in a general,

embodiment according to the invention,

FIG. 3 shows an exemplary document in a first special,

embodiment according to the invention,

Figure 4 shows an exemplary, compromised document in a first

special embodiment according to the invention,

FIG. 5 shows an exemplary document in a second special,

embodiment according to the invention,

Figure 6 shows an exemplary, compromised document in a second

special embodiment according to the invention,

FIG. 7 shows an exemplary document in a third special,

embodiment according to the invention and

Figure 8 shows an exemplary, compromised document in a third

special embodiment of the invention.

The method of production according to the invention is described in more detail in the following description of the figures. In order to describe the method according to the invention as simply as possible, only one page, the front side, is shown for each sheet 1, 1 ″, 16 ″, 1 “, 1e“, 1 “, 1c’ “. So it is assumed that each of the

Documents 5, 5c, 5 ', 5e', 5 ", 5c", 5 ", 5c" * are always printed on one side only. The

The method according to the invention can of course also be applied to sheets 1 printed on two sides,

1 °, 16 °, 1 ", 1e", 1 ", 1c" can be expanded.

FIG. 1 shows an exemplary document 5 in a general embodiment according to the invention consisting of a set of exactly four sheets 1, 1 ″, 1 ″, 1 ″, in which there are four sets of information 2, 2 ″, 2 ″, 2 ″. The method according to the invention can of course be applied to a document 5 with any number of sheets. The last sheet 1 'has a signature line 4 on which an actual signature must be made as soon as the document 5 has been printed out. Most of the time, of course, a document 5 will have several signature lines 4, since a document 5 is preferably signed by several parties. In order not to complicate the illustration unnecessarily, only one signature line 4 is shown in all the following figures. The arrows 6 symbolize the hash algorithm for generating the hash values 3 ', 3 ", 3". The arrows 6 always start at the graphically represented information sets 2, 2 ″, 2 ″ in order to symbolize where the necessary data for generating the hash values 3 ″, 3 ″, 3 ″ come from. At least the data is used, the change of which must be demonstrable, in particular the data from the information sets 2, 2 ″, 2 “. However, preferably all data of the respective sheets 1, 1 ″, 1 ″ are used. If there is a hash value from a calculation of a previous sheet on one of the sheets (for example the hash value 3 'on sheet 1'), then this must always be included in the data stream from which a new hash value (for example the hash value 3 "is next) the sheet 1 ") is generated. The hash value 3 'is calculated from the amount of information 2 of the first sheet 1 and stored on the second sheet 1'. The storage can take place, for example, at a location specified by the user, in particular in the top land of one side of the sheet 1 ', in particular only shortly before the document 5 is printed. The amount of information 2 ″ of the second sheet 1 ″ is now larger than that

Information set 2 of the first sheet, since it also includes the hash value 3 '. This is symbolized graphically by the fact that the reference symbol 2 'now references the entire sheet 1' and the arrow which symbolizes the hash algorithm 6 begins at the upper edge of the sheet 1 '. The calculation of the hash value 3 "for sheet 1 'must

now with the information from the information set 2 ″ of the sheet 1 ″, that is also with the

Hash value 3 'can be performed. This principle is used to the last, in the present

Case, sheet 1 'continued, where the last hash value 3' is stored.

FIG. 2 shows an exemplary, compromised document 5c in a general embodiment according to the invention, in which a fraudster has changed part of the amount of information 2 ″ (see FIG. 1) of the second sheet 1 ″ (see FIG. 1) by a falsified information amount part 7. The amount of information 2 ″ (see FIG. 1) was thereby compromised and is now referred to as 2c ″. Likewise, the compromised sheet is now called 1c '. The change in the amount of information from 2c (see FIG. 1) to 2c ″ now results in the compromised hash values 3c ″, 3e ″ ″, in particular also the last hash value 3e ″ ″. The sheets 1 ″, 1 ″, 1 ″ (see FIG. 1) were and are thus compromised

C6ß

now referred to as 1e ‘, 1e’ and 1e ’’. The hash values 3c ", 3e" differ from the hash values 3 ", 3" from FIG. 1. The fraudster can create a new document 5c without problems in a computer, and all sheets 1, 1c ",

C6ß

1e ", 1e‘ "print out, but would then also have to forge the signature on signature line 4. It is irrelevant on which or how many

Scroll 1, 1 ', 1 ", 1" (see Figure 1) a change is made because the

C6ß C6ß

Change always affects at least the last sheet 1c "". No hash value is calculated from the last sheet 1c (for non-cyclic chains), but this is not necessary either, since this sheet is signed by at least one anyway

Party is verified and signed on a signature line 4.

Figures 1 and 2 show a general embodiment of the invention. In the further figures, three special embodiments according to the invention are now shown in order to illustrate the principle according to the invention even better and more clearly. All hash values are calculated using the MD5 algorithm as an example. The amount of information 2, 2 ', 2 ", 2" to be protected is limited to a very short, simple sequence of letters, consisting of three letters per page, per sheet, again only on the front side, in order not to unnecessarily complicate the examples. It is important that the principle according to the invention can be checked in a simple manner on the basis of the data and corresponding software for calculating the hash values, bar codes and QR codes. There are a great many on the Internet, publicly and free of charge

Websites where you can create hash values, barcodes and QR codes.

The MD5 is used as an example in all other figure descriptions

Hash algorithm used. The hash values are corresponding MD5 hash values.

The following two description of the figures show a specific embodiment of the invention. The first special embodiment according to the invention is characterized in that all hash values are attached in a document-correct manner as numbers and letter combinations, in particular as HEX values. The hash values are attached to the top left edge of a front of a sheet, rotated by 90 °. Of course, the hash values can be attached to any position on a page, especially on the back. Only the most important sections are shown

shown on one side of a sheet to simplify the presentation.

FIG. 3 shows an exemplary document 5 'in a first special embodiment according to the invention consisting of a quantity of exactly four

Scroll 1, 1 ', 1 ", 1", in which there are four sets of information 2, 2', 2 ", 2".

In the four sets of information 2, 2 ', 2 ", 2" are the exemplary texts ABC, DEF, CHI, JKL, which are to be protected against forgery using the method according to the invention. The last sheet 1 "has a signature line 4, on which at least one actual signature must be made as soon as the document 5" has been printed out. The arrows 6 symbolize the hash algorithm

Generation of hash values 3 ″, 3 “, 3“.

Sheet 1 has the text ABC to be protected in its information set 2. The hash value of the text ABC is 902fbdd2b1df0c4f70b4a5d23525e932. This hash value is now stored for the sheet 1 ° or when printing there

Attached to documents.

Sheet 1 ″ has the text DEF to be protected in its amount of information 2 ″. The hash value is now calculated, for example, using the text 902fbdd2b1df0c4f70b4a5d23525e932DEF (note that the text to be protected was simply appended behind the hash value 3 'of sheet 1) and is 65c9477cf9517405057298b8b8a87e9c. This hash value 3 "is now saved for sheet 1" or later also document-correct there in the printout

appropriate.

Sheet 1 "has in its information set 2" the text to be protected

GHI. The hash value is now, for example, over the text

65c9477cf9517405057298b8b8a87e9cGHI (note that the text GHI to be protected was simply appended after the hash value 3 "of sheet 1") and is 4f7e194c18576336b9f2c853cda25187. This hash value is now used for the

Sheet 1 'saved or attached to the document in a document-correct manner when printed.

The following table summarizes the calculation of the hash values again.

Sheet 1 1 ’1 ° a6

Text to be protected ABC DEF CHI JKL hash value from 902fbdd2b1df0c | 65c9477cf9517 | 4f7e194c1857 previous sheet 4f70b4a5d2352 | 405057298b8b | 6336b9f2c853 5e932 8a87e9c cda25187 amount of information | ABC 902fbdd2b1dfü0c | 65c9477cf9517 4f70b4a5d2352 | 405057298b8b 5e932DEF 8a87e9cGHI

FIG. 4 shows an exemplary, compromised document 5c 'in a first, special embodiment according to the invention, in which a fraudster submits part of the amount of information 2' (see FIG. 3) of the second sheet 1 '(see FIG. 3) by means of a forged information part 7 has changed. The amount of information 2 ″ (see FIG. 3) was thereby compromised and is now referred to as 2c ″. Likewise, the compromised sheet is now referred to as 1c '. In the present example, it is the fake information part

7 just by a single letter to make the example as simple as possible.

By changing the amount of information from 2c (see Figure 3) to 2c '

now the compromised hash values 3c ", 3e", in particular the last hash

C6ß

Hash value 3c "". The leaves 1 ″, 1 ″, 1 ″ (see FIG. 3) were thus compromised and

C6ß

are now referred to as 1e ’, 16” and 1e ’“ ”. Distinguish the hash values 3e “, 3e“ “

different from the hash values 3 ″, 3 ″ (see FIG. 3). The fraudster can get a new one

Generate document 5c 'without problems in a computer, and all sheets 1, 1c',

C6ß

1e ", 1e‘ ", but would also have to print the signature on the

Fake signature line 4. It is irrelevant on which or how many

C6ß

Scroll 1, 1c ', 1c', 1c '' a change is made because the change

C6ß C6ß

always affects at least the last sheet 1c ''. No hash value is calculated from the last sheet 1c ″ “(for non-cyclical chains), but this is not necessary either, since sheet 1c’ “anyway with the signature of at least one party

is verified and signed on a signature line 4. A counterfeiting fraud operation is described in detail below.

Sheet 1 has the text ABC to be protected in its information set 2. The hash value of the text ABC is 902fbdd2b1df0c4f70b4a5d23525e932. This hash value is now saved with the sheet 1 ° or when printing there

Attached to documents.

The forger now wants to change the amount of information 2 ″ (see FIG. 3) with the text DEF in DXF. So he fraudulently creates a new sheet 1c 'and adds the hash value 902fbdd2b1df0c4f70b4a5d23525e932 of the previous sheet 1

correctly on sheet 1c.

Sheet 1c 'now has the text DXF in its amount of information 2c'. The hash value is now calculated using the text 902fbdd2b1df0c4f70b4a5d23525e932DXF (note that the text to be falsified was simply added after the hash value of sheet 1) and is 8ff51c4b31d24100597e63cb8981ce5d. This hash value differs from the hash value 65c9477cf9517405057298b8b8a87e9c of sheet 1 ”(see FIG. 3). The counterfeiter is now forced to forge the sheet 1c too, otherwise the

Counterfeiting in the chain, by checking the hash values, would be immediately apparent.

The sheet 1c 'has the information GHI to be protected in its amount of information 2c ". The hash value is now calculated using the text 8ff51c4b31d24100597e63cb8981ce5dGHI (note that the text GHI to be protected was simply added after the hash value of sheet 1c ') and is b8b3886d34cb38b5c875bcd228fce / 742. This hash value also differs from the hash value 4f7e194c18576336b9f2c853cda25187 of leaf 1 ""

(see Figure 3). That is why the counterfeiter has to forge the last sheet.

At this point in time, the counterfeiter has counterfeited all the sheets from the sheet on which a forgery was carried out to the last sheet. The counterfeiter must now print out document 5c ‘and also forge all signatures on signature line 4. Counterfeiting, especially several

Signatures with several contracting parties, however, represents a very big hurdle

and the entire document 5c 'would be clearly recognizable as forged

do.

The following table summarizes the calculation of the hash values in the case of a forgery

together. Page 1 1c ‘1c *“ 16% Text to be protected | ABC DXF CHI JKL hash value from 902fbdd2b1df0c | 8ff51c4b31d24 | b8b3886d34cb previous sheet 4f70b4a5d2352 | 100597e63cb8 | 38b5c875bcd2 5e932 981ce5d 28fce742 amount of information | ABC 902fbdd2b1df0c | 8ff51c4b31d24 4f70b4a5d2352 | 100597e63cb8 5e932DXF 981ce5dGHl

The following two descriptions of the figures show a second special embodiment according to the invention. The second special embodiment according to the invention is characterized in that all hash values are calculated as numbers and letters, in particular as HEX values, but are attached in a document-correct manner in the form of a bar code. The barcodes are attached to the top left edge of the front of a sheet, rotated by 90 °. Of course, the bar codes can be attached to any position on a sheet, in particular also on the back. Only the most important sections of a page of a sheet are shown around the

Simplify representation.

FIG. 5 shows an exemplary document 5 ″ in a second special embodiment according to the invention consisting of a quantity of exactly four

Scroll 1, 1 ', 1 ", 1", in which there are four sets of information 2, 2', 2 ", 2".

The description of the figures is, with the exception of the representation of the hash values 3 ″, 3 ″, 3 ″ “

as bar codes, identical to the description of the figures in FIG. 3.

FIG. 6 shows an exemplary, compromised document 5c “in a second, special embodiment according to the invention, in which a fraudster passes through part of the amount of information 2 ″ (see FIG. 5) of the second sheet 1 ″ (see FIG. 5)

has changed a fake information part 7. The amount of information 2 '

(see Figure 5) was compromised as a result and is now referred to as 2c '.

Likewise, the compromised sheet is now called 1c '.

The description of the figures, with the exception of the representation of the hash values 3 ″, 3c “,

3e ″ ”as bar codes, identical to the figure description in FIG. 4.

The following two descriptions of the figures show a third special embodiment according to the invention. The third special embodiment according to the invention is characterized in that all hash values are calculated as numbers and letters, in particular as HEX values, but are attached in a document-correct manner in the form of a QR code. As an example, the QR codes are attached to the upper left edge of the front of a sheet. Of course, the QR codes can be placed anywhere on a sheet, especially on the back. Only the most important sections of one page of a sheet are shown in order to display them

simplify.

FIG. 7 shows an exemplary document 5 "in a third special embodiment according to the invention consisting of a quantity of exactly four

Scroll 1, 1 ', 1 ", 1", in which there are four sets of information 2, 2', 2 ", 2".

The description of the figures is, with the exception of the representation of the hash values 3 ″, 3 ″, 3 ″ “

as QR codes, identical to the description of the figures in FIG. 3.

CL

FIG. 8 shows an exemplary, compromised document 5c * “in a third, special embodiment according to the invention, in which a fraudster submits part of the amount of information 2 '(see FIG. 7) of the second sheet 1' (see FIG. 7) by means of a forged part of the amount of information 7 has changed. The amount of information 2 ″ (see FIG. 7) was thereby compromised and is now referred to as 2c ″.

Likewise, the compromised sheet is now called 1c '.

The description of the figures, with the exception of the representation of the hash values 3 ″, 3c “,

3e ‘” as QR codes, identical to the figure description in FIG. 4.

Reference numerals

1, 1 ’, 1”, 17 ”sheet

16 ’, 16”, 16 ° ”compromised blade

2.2, 2 ”, 2” amount of information

2e ’, 2e”, 2e ”compromised amount of information 3’, 3 “, 3“ hash value

36 ", 3e" compromised hash value

4 signature

5, 5 ', 5 ", 5" document

5c, be ', 560 ", 5c" "compromised document

6 hash algorithm

7 Counterfeit information part

Claims (6)

Expectations 1. Method for producing and marking a document using hash values with the following process steps: - establishing an order of the sheets of the document, Calculation of a hash value using an amount of information from one sheet, storing the calculated hash value with the following sheet, characterized in that the amount of information of the sheet at least one piece of information to be protected includes. 2. The method according to claim 1, characterized in that the production and The document is identified using software. 3 Method according to one of the preceding claims, characterized in that that the hash value is calculated using one of the following hashing algorithms - SHA-1 - SHA-256 - SHA-512 - MD5 - RIPEMD-160 - Snefru - GOST - whirlpool 4. A method for securing a physical document with the following steps - marking the document, - physical generation, in particular printing, of the document, - Signing by at least one party on the last page of the Document, characterized in that the identification of the document takes place according to claim 1 and at least the last sheet with a document-proof attached hash value is labeled. 5. Procedure for the detection of unauthorized changes to a secured Document with the following procedural steps: - Calculation of the hash value via the amount of information of a sheet of the Document, - Comparison of the calculated hash value with the document-correct one Hash value of the following sheet, characterized in that - The document is saved according to the method of claim 4 was and - If the calculated hash value is not the same as the document-correct one attached hash value the document is considered changed. 6. The method for detecting unauthorized changes to a secured document according to claim 5, characterized in that the Signatures of the last sheet are checked for forgery. 24/32