CZ29124U1 - Physical carrier of cryptographic keys for digital currency - Google Patents

Description

Technical field

The present invention relates to the field of digital currencies and electronic payment networks based on cryptography and decentralization, such as Bitcoin, Litecoin, etc. The solution relates to the physical implementation of a payment instrument in the form of a cryptographic key carrier for digital currency.

Background Art

Since the inception of the digital cryptocurrency Bitcoin at the turn of 2008/2009, there have been attempts to transfer this electronic currency to the physical world. The simplest and most widespread way is to create a so-called papper wallet (Fig. 1). This is a de facto backup of a private encryption key on paper using commonly available office equipment. The paper wallet contains a private encryption key in human-readable text and usually even in a machine-readable QR code. Furthermore, the bitcoin address (again in the text and in the QR code) and possibly the number with the balance, or the field where the balance can be written. Everything is provided with additional text, or. instructions and color graphics. The paper wallet has no security features.

There are a number of web services / software programs for generating paper purses (lit. 1, 2, 3). The paper purse holder actually has a digital currency balance at the appropriate address. The problem is that there can be any number of copies of the paper purse and therefore the paper purse cannot be attributed to the value of the respective digital currency balance as a physical object. Also, it is not possible to pay the paper purse because the recipient could never be sure that the payer did not keep another copy for himself. It is really just a private key backup, just as if we were writing a password for electronic banking with a pencil pen. Also, we will not share or attempt to pay with anyone.

In 2011, Casascius bitcoin coins (Fig. 3) and Bitbills plastic cards (Fig. 2) appeared on the market. Both products represent a physical object that includes an integrated private key, covered by a destructive (tamper-evident) sticker. In 2013, bitcoin certificates of Bitcoin Suisse AG (Fig. 4) appeared, which have a private key glued between two layers of synthetic paper.

All of these three products suffer from a major drawback: the manufacturer knows the private keys of all manufactured means of a given payment instrument. Therefore, the current holder is not the sole agent of the digital currency represented by this physical object, there is always a second joint holder and thus the manufacturer. Although manufacturers are committed to destroying private key information or bragging that high security standards have been met and that private key information has not been missed, this fact cannot be independently verified and there is always a risk that an honest manufacturer in the future embezzling the coverage of part or all of the issued means of payment, which is equivalent to robbing its customers. The corresponding model of availability of funds is shown in Fig. 6.

This situation is being addressed by the BIP specification 38 (ref. 4), which allows you to generate a password-protected private key. The Casascius coin manufacturer has allowed its customers to order custom-made coins according to this specification for some time (2012-2013). The procedure was as follows: the customer generated a password-protected private key on his side. He sent a password-protected key to Casascius, who made a coin for him and integrated this protected key into it. The coin then went to its customer-customer. In this model, the manufacturer was unable to misappropriate the funds, as the only one who knew the private key password was the customer.

This model fills the scheme (Fig. 7), so the holder who ordered the coin may not be afraid of embezzling the appropriate digital currency coverage. However, a coin issued in this way cannot be used as a means of payment. The reason is simple: the potential recipient would not be the sole agent again, since the first holder who had the coin produced knows the private key pair and the password. The problem was not solved, but only moved one step further in the chain of holders, see (Fig. 8). Except first

-1 CZ 29124 U1 holder (or customer) is not the current holder of the respective digital currency coverage.

These manufacturers of articles based on BIP38 know and therefore offer their products not as a means of payment, but as offline storage (or cold storage), a method of safely storing the balance in a digital cryptocurrency physical way.

So far, there is no publicly known technical solution that would allow the production and use of a physical means of payment covered by a digital currency, the current holder being the sole agent of the cover. Thus, a solution that fulfills the essence of the scheme of FIGS. 7 and 9.

The essence of the technical solution

The above-mentioned disadvantages are eliminated by the physical encryption key carrier for the digital currency, which is formed by a base body in the form of a flat planar object of any shape, in particular a geometrical figure, made of compact material, in particular plastic, paper or metals and their alloys, wherein one of its main planar faces is designated by a unique alphanumeric identifier, wherein the phyotic carrier is, in a particular embodiment, provided with anti-counterfeiting features, wherein one or both of the main planar faces are further provided with fields for positioning the first authorization factor and a field for replenishing the digital signature.

Further, it is preferred that the base of the physical encryption key carrier for digital currency in the form of a flat planar object is in the form of a square, rectangle or circle.

Further, it is preferred that the base of the physical encryption key carrier for digital currency in the form of a flat planar object is in the form of standardized payment cards, coins or banknotes.

It is further preferred that the base body is provided with information on the nominal value and the currency unit on one of the two sides.

Furthermore, it is advantageous if the application of the anti-counterfeiting security features in the case of a paper-type design is in particular a special security paper with a watermark or metallic stripes, optically variable elements, the use of very fine graphic elements, so-called guilloches, iris color gradients, the use of UV or IR luminescence colors or chemically reactive colors or the use of inaccessible printing methods.

Furthermore, it is preferred that the application of anti-counterfeiting elements in the form of plastic cards is in particular holograms.

It is further preferred that the application of anti-counterfeiting security features in the case of the metal coin embodiment is a kinegram diffractive security element or an electronic RFID chip.

Furthermore, it is preferred that the unique alphanumeric identifier is provided in the form of a protected element, in particular by painting with an iridiscent varnish, as a perforation or as an optically variable element.

Further, it is preferred that the first authorization factor placement field and the digital signature supplement field form a single common field.

Further, it is preferred that there is further on the one or the other main planar surface an array containing a second authorization factor exited in the tamper-evident mode.

The proposed digital currency encryption key carrier has the following key benefits:

1. It is a very difficult to counterfeit physical representation of digital currency.

2. The current holder is the sole holder of the digital currency used to cover the piece of carrier. In other words, he is sure that none of the previous holders, nor the publisher's subject, has the ability to embezzle.

-2GB 29124 U1

3. Cover (expose) anyone by using commercially available office and computer equipment and internet access.

4. It can be verified by anyone using common mobile computing and pre-installed software, even without an internet connection.

5. In the tamper-evident mode, a second authorization factor solution can be abolished by anyone using commercially available (mobile) computing and Internet access, but only with simultaneous depreciation of the carrier.

Compared to existing physical products aimed at preserving the balance of digital currencies, the presented solution represents a fundamental qualitative step forward, mainly through points 2 and 4.

Compared to commonly available payment instruments, which are the product of banks and / or states (banknotes, coins, checks), the presented technical solution also brings a major innovation. Current available means of payment are directly based on trust (Fig. 5) and if trust in the publisher is lost, the payment instrument loses its function and value immediately. The Holder is not a direct (factual) holder of the respective coverage of the given payment instrument. His position vis-à-vis the publisher is not equal and, in the event of a publisher's bankruptcy or, for example, monetary reform, the holder usually comes to the value represented by these substitutes.

The technical solution of a physical encryption key carrier for a digital currency describes a payment instrument that stores value regardless of the publisher's economic status. In a variant where the physical carrier also includes a second authorization factor exerted in the tamper-evident mode, even the bankruptcy and eventual liquidation of the publisher's subject have no effect on the value of the exposed media.

The invented physical encryption key carrier for the digital currency, in contrast to the said monetary substitutes, has its intrinsic value equivalent to the digital currency balance. The intrinsic value, for example, is a situation in which precious metal (gold, silver) is used directly as a tender. Such a coin, usually a coin, also has its intrinsic value, which is independent of the publisher's entity.

The present solution allows metamorphism between electronic and physical representations of money to be performed at home and without the intermediary (bank). It is enough to have the necessary amount of uncovered pieces of the described carrier and with the help of common office and computer technology and internet connection we can change the electronic representation of the currency to physical. In a variant where the physical carrier includes a second authorization factor brought out in the tamper-evident mode, the reverse change is also possible without an intermediary, and it is sufficient to connect to the Internet and a mobile smart phone or tablet.

Explanation of the drawings of the technical solution in the attached figures

Figure 1 - Paper Wallet

Figure 2 - BitBills

Figure 3 - Casascius coins

Figure 4 - Bitcoin Certificates

Figure 5 - Indirect Availability Coverage

Figure 6 - Non-exclusive coverage coverage

Figure 7 - Exclusive coverage coverage

Figure 8 - Holders vs. joint holders

Figure 9 - Exclusive availability of the current holder

Figure 10 - The mere emergence of physical representation

Figure 11 - Transition between electronic and physical representation

Figure 12 - Encryption key carrier shapes

Figure 13 - Coin - Face

Figure 14 - Coins - reverse side

Figure 15 - Banknote

-3C 29124 U1

Figure 16 - Plastic card

Figure 17 - Digital Currency Encryption Key Lifecycle

Figure 18 - Procedure for issuing the encryption key carrier

Figure 19 - Encryption key carrier verification procedure

Figure 20 - How to decrypt the encryption key carrier.

Examples of technical solutions

In the examples and the accompanying figures, there is provided a physical encryption key carrier for a digital currency which is formed by a base body in the form of a flat planar object of any shape, in particular a geometrical figure, made of compact material, in particular plastic, paper or metals and their alloys, one it is designated by its unique alphanumeric identifier I from its main planar faces, and in accordance with a particular embodiment, the physical cryptographic key carrier is provided with counterfeit security features, and on one or both of the main planar faces there is a field 2 for placing the first authorization factor and further a field 3 to add a digital signature.

The base body in the form of a flat planar object is preferably in the form of a square, rectangle or circle, or is preferably in the form of standardized payment cards, coins or banknotes. On one of the two sides of the base body there is information 4 of nominal value and currency unit. On the physical carrier of the digital currency encryption keys, in the case of physical design, the application of anti-counterfeiting security features, especially security paper with watermark or metallic stripes, optically variable elements, the use of very fine graphic elements, so-called guilloches, iris gradients, color usage with UV or IR luminescence or chemically reactive colors, or the use of inaccessible printing methods, in the case of plastic card embodiments, the use of anti-counterfeiting elements is in particular holograms and, in the case of metal coin applications, the kinegram diffraction security element is preferably electronic RFID chip. The unique alphanumeric identifier i is provided in the form of a protected element, in particular by painting with an iridiscent varnish, as a perforation or as an optically variable element.

One variant of the solution is the field 2 for placing the first authorization factor and the field 3 for supplementing the digital signature, which forms one common field.

Another variant of the solution is an embodiment wherein on one or the other main planar surface there is a field 5 comprising a second authorization factor exited in the tamper-evident mode.

Definition of basic terms

To describe and explain the use of physical encryption key carrier for digital currency, some concepts need to be defined or clarified first.

Bitcoin is a digital currency and payment network, sometimes also referred to as a virtual currency, or more precisely, as a cryptocurrency. It operates on the basis of a decentralized P2P network of computer programs with a distributed data structure called blockchain and uses asymmetric cryptography to authorize transactions.

By digital (crypto) currencies in this text we mean the whole family of systems like Bitcoin. That is, all currencies and payment networks operating as Bitcoin, currencies and payment networks derived from it, or currencies and payment networks based on the same principles. For example, Litecoin, DogeCoin, PrimeCoin and many others.

Means of Payment - Unless otherwise stated, this is a tangible object occurring in the real world for the purpose of preserving and transferring value in payment transactions. It can be denoted by face value and currency unit. Typically, in the context of this document, these are coins, banknotes, checks, or the technical solution described.

Physical payment system - an act whereby a tangible payment instrument of a certain nominal value is transferred between two entities. E.g. paying a banknote in a shop.

-4C 29124 Uí

The digital currency encryption key physical carrier is an object that is associated with a particular financial balance in the payment currency of the respective digital currency. As a rule, it is fully legitimate only if it guarantees that it is the only existing tool to manipulate the relevant balance, ie that there are no more copies of that object with the same serial number.

The digital currency address is similar to that of a conventional financial system bank account.

A public and private (private) encryption key is a pair of information that makes it possible to implement asymmetric cryptography.

Tamper-evident is a designation for the general principle and a family of technologies that allow intrusion into a protected environment. Their goal is not to prevent penetration, but to detect it reliably. An example might be a seal on a letter, a seal used by the police to secure the door of a property, a seal used by electronics manufacturers to detect unauthorized equipment interference, a scratch box, and so on.

The publisher of the physical encryption key carrier for the digital currency is the entity that places the carrier under its name / brand on the market. It can be a business company, a bank or a state institution.

The issuer is a user / holder who uses an uncovered piece of physical encryption key carrier and issues it. Like a check, for example.

The design principle of the proposed solution

The technical solution of the physical encryption key carrier for the digital currency uses the following building blocks: protective security features, multi-factor authorization, digital signature, and possibly tamper-evident properties. The object of the present invention is a physical object which is protected against forgery by security features and is identified by a unique alphanumeric identifier 1. It also includes a field 2 to supplement the first authorization factor which, upon proper exposure of the carrier, constitutes at most half of the information required for availability of the digital coverage, and in addition, the object includes a field 3 to complete the digital signature. Complementing these two information happens on the customer's side, the customer also provides the means in digital currency that is needed to cover the carrier. Furthermore, it is preferred that the physical encryption key carrier object includes a second tamper-evident-protected second authorization factor field 5, in other words readable only with simultaneous evident devaluation / destruction of the entire object.

Detailed description of things

Dimensions, Weight, Material and Shape: The specific solution of the cryptographic key carrier for a digital currency can theoretically be of any size, but in order to be practical and convenient to use in physical payment between individuals, it can be assumed that individual pieces should be in units of up to tens of centimeters, and their volume should be kept to a minimum for storage.

Similarly, the weight should not exceed a few units of grams, since handling heavier masses of cryptographic key carriers would certainly lead to reduced payment system ergonomics. Theoretically, however, nothing prevents the production of an arbitrarily massive piece of carrier.

The material is not precisely determined. However, the use of a material that ensures durability, reasonable wear resistance and which offers acceptable manufacturing costs even in large-scale batches can be envisaged. Typically it is paper, plastic or metal.

Even the shape of the object of the given solution is not determined, but it can be assumed that it will be a flat (or rather flat) form.

Dimensions, weight, material, and shape are not critical to the implementation of the solution, but must not hinder the use of the key elements mentioned in the text that the physical encryption key carrier must contain.

In this text, we work with three possible physical implementations that are closest to existing well-established means of payment in terms of size, weight, material, and shape.

-5GB 29124 U1 on coin, banknote and plastic card (fig. 12). Again, however, we emphasize that the possible implementations of the solution are not limited to these three variants and, in theory, completely different variations of materials, weights, dimensions and shapes can be produced.

Protection against counterfeiting and imitation

The encryption key carrier must make it as difficult as possible to attempt counterfeiting. In the case of a paper (polymer / paper) design, a security printing is used, which is the collective name for manufacturing processes leading to the production and application of various protective elements, such as those known from banknote production. These include special security paper with watermarks and / or metallic strips, the application of optically variable elements (holograms, iridiscent varnish, special colors), the use of commonly unavailable printing methods such as gravure printing or high precision offset printing, the use of highly fine geometrical graphic elements (so-called guilloches), iris color transitions, colors with UV or IR luminescence, thermochromic colors, chemically reagent colors, etc. There are many protective elements and methods, and their choice depends on the choice and manufacturing capabilities of the payment instrument manufacturer.

Plastic cards can also be equipped with optically variable elements (holograms), or can be printed with special colors, embossing, etc.

Metal coins can be equipped with an optically variable KINEGRAM element (ref. 5) or an electronic RFID chip (ref. 6).

Distinguishability and uniqueness

Each individual piece of carrier must be labeled with a unique (alpha) numeric identifier i. The uniqueness is ensured by the manufacturer himself by selecting a suitable set of identifiers, the set not necessarily constituting a continuous series, on the contrary, it seems advantageous to use sufficiently long strings, which at first glance appear random, e.g. as follows:

4DaFvf3RumoW67B2rXAMdx72VycebHksU

KgtbGgaX2ngstNpvyv7LwpHSweV eqGbpM

NH9od4H3XQupviN8pRGQ6uteVmlqd9KF4, etc.

Such identifiers, if they are of sufficient length and thus provide a sufficiently large combinatorial space, basically preclude a potential counterfeiter from attempting to estimate them, thus producing counterfeits and pieces that are not available to them. Authentication (see below) includes an automated identifier check, and a forgery with an unsatisfactory, such as invented, alphanumeric identifier, i would be immediately detected.

Examples of the use of alphanumeric identifiers I are in Figures 13, 15 and 16.

Identifier Alteration Protection

In view of the nature of the present invention, where both open (empty) pieces of carrier and properly covered are present on the open market, and therefore it is not true that each piece of value in all circumstances has a value corresponding to the denomination indicated, making it more difficult to modify the identifier 1, since this way it would be possible to produce an imitation of a covered piece from an uncovered piece. In the specific case, if the identifier I was routed as an ordinary number from a continuous series and printed with a conventional printing technique, it would be sufficient for the attacker to obtain two original uncovered pieces provided with successive identification numbers. One would properly cover the digital currency to expose a valid encryption key carrier, but the second would alter the identifier I to match the first piece and pass on other key elements (see below) to get a very good fake . In the case of a numeric identifier from a continuous series, it is sufficient to modify a single (specifically end) digit for two consecutive numbers. Conversely, when using long alphanumeric identifiers from a discrete series, as outlined above, an attacker would have to change very many characters, often all

-6CZ 29124 U1 String. In addition, if the identifier I is brought out as a protected element, eg by iridiscent varnish painting, letterpress planting, punching, or in the form of an optically variable element, then the potential attacker will have trouble modifying attempts and will not be able to execute an attack on the valuation method by modifying identifier I.

Field to complete the first authorization factor

A clearly visible field 2 is provided on the digital currency encryption key carrier to supplement the first authorization factor 2A, or the first portion of information that is needed to dispose of the amount of digital currency that is used to cover the payment means. It is irrelevant how the first authorization factor 2A is connected: it can be printed on the carrier, glued, handwritten, engraved, punched, laser-burned, ground, and so on.

The first authorization factor 2A need not be protected by security features, only its legibility and reasonable durability and resilience for physical payment purposes must be ensured. Therefore, field 2 does not need to use any special technology to complete the first authorization factor. The element is shown in Figures 14, 15 and 16.

A field for adding a digital signature

A clearly visible field 3 for completing the digital signature is located on the digital currency encryption key carrier. It is not important how the 3A digital signature is connected: it can be printed, glued, handwritten, engraved, punched, laser-burned, grinded and so on.

The 3A digital signature need not be protected by security features, only its legibility and reasonable durability and durability for physical payment purposes must be ensured. The digital signature replenishment field 3 therefore does not need to use any special technology.

The 3A digital signature at this point refers to the physical representation of data generated by the digital signature method. The data can be represented in a binary, octal, decimal, hexadecimal, or other suitable system, and executed as an alphanumeric string readable to the naked eye, or machine readable graphic pattern (barcode, spatial barcode), or both.

Under certain circumstances, it may be practical to combine the first authorization factor 2A and the digital signature 3A into a single field to simplify both the exposure process and the carrier verification process. Thus, this variant of the encryption key carrier has only one field to complete both information at once. Shown in Figures 14 and 16.

Second Authorization Factor

The second part of the information protecting the digital currency coverage is provided by the carrier manufacturer, referred to as the second authorization factor of 5 A. Depending on whether the second authorization factor 5A is integrated into the carrier, there are two different variants of the implementation of the solution.

a) It is preferable to include the second authorization factor 5A in a tamper-evident-mode array carrier, such that penetration detection is reliably ensured, in which case the penetration is merely a reading of a second authorization factor of 5A. that a second authorization factor of 5A be carried out on the carrier such that when it is read, there is a simultaneous (evident) change of the respective element or the entire carrier so as to appear at first glance to be devalued. For example, a scratch field known from winning tickets or a destructive label used by banking companies to send a PIN to a payment card by mail. Alternatively, the second authorization factor 5A can be encapsulated within the body of the payment means so that it is necessary to disassemble / divide the composition into two parts to read it. This approach is used (ref. 7). It is important that the alteration process is irreversible and reliable, that is, it was not possible

-7EN 29124 U1 to obtain information without current evident alteration / deterioration, even by sophisticated physical or chemical methods.

If the digital currency encryption key carrier contains a second authorization factor 5A in the form of a tamper-evident mode 5 field, no middleman is required to reverse the representation of the currency from physical to electronic, and the last holder may lead the means used to cover the carrier. smart ”mobile phone or tablet with the appropriate software and Internet connection. At the same time, this variant of the solution for carrier manufacturers is both technically and financially more demanding.

b) A simpler and cheaper production variant can be a solution that assumes that the second authorization factor 5A remains known only to the encryption key carrier publisher and is not integrated into the carrier. At the same time, however, in this variation, the publisher becomes the only entity that is able to recover from the physical representation of the digital currency an encryption key carrier electronic representation, or lead back. In practice, this means that if the current holder of a properly issued (covered) carrier decides to change the representation of the currency from physical back to electronic, it must deliver the carrier back to the issuer and receive the appropriate funds from it. At the same time, the publisher must guarantee that when the carrier is withdrawn, it is finally destroyed.

The necessity of returning the carrier to the publisher to abolish the coverage makes this model more logistically and process-intensive and makes the publisher a central point for potential counterfeit attacks, but the cost of tamper-evident technology is no longer available, which can make the production of physical encryption keys significantly cheaper.

Nominal value

The encrypted key carrier of a digital currency in a covered state should always contain clearly legible information about the nominal value and the currency units, or the currency name itself, or the digital currency symbol 7.

The carrier can already be made with this information and delivered to the market in several different denominations, or the nominal value can be left to the issuer (similar to checks). In this case, the carrier must have adequate field 6 to complete the nominal value to complete this information (Fig. 16).

Layout of elements

The elements are deployed in accordance with the ergonomics of use within the digital currency encryption key carrier, taking into account, in particular, the carrier verification procedure as the most frequent operation performed with the carrier. Exposure and deterioration procedures are also taken into account secondary. Theoretically, however, the particular arrangement of the elements is irrelevant and does not affect the nature of the present invention. Thus, the paper form (Fig. 15) would not have to have all the elements on the face side, but both reprint fields could be moved to the reverse side. There are many options to adjust.

Encryption key lifecycle for digital currency

The encryption key carrier described is marketed uncharged (uncovered). This state is visible at first sight, as the field 2 for the first authorization factor and the field 3 for the digital signature are empty. In this state, only the selling price is worth. This may be a fraction of the nominal value indicated. The best metaphor for this is a comparison to a blank check.

The customer can charge the carrier, or cover the balance in the digital currency. At this point, the carrier acquires a value corresponding to the nominal value. Since the information of the first authorization factor 2A and the digital signature 3A is now added, the carrier is then at first glance distinguishable from the previous, empty state.

-8GB 29124 U1

In the charged state, a payment transaction can be made with the encryption key carrier for the digital currency, which requires authentication of the carrier and coverage of the carrier by the recipient.

The digital currency encryption key carrier may complete a series of payment transactions. There is no modification in contact.

The holder, who wishes to release the funds and continue to use them electronically, will degrade the carrier. Thus, the encryption key carrier for the digital currency ends its life cycle. The use is disposable in this sense and its functional recycling is not possible. Depending on the material used, it can be disposed of in an environmentally friendly manner. The life cycle is illustrated in the state diagram in Fig. 17.

The attached figures 18, 19 and 20 then show the procedure for displaying the encryption key carrier for the digital currency, the process for its verification, and finally the process of its devaluation.

Software infrastructure required

Auxiliary software infrastructure is needed to move from blank (covered) to covered, to validate, and to switch from covered to deteriorated (more precisely to cover the deteriorated encryption key carrier for digital currency). However, this software part of the process is not subject to the protection of this technical solution.

Digital Currency Encryption Key Carrier Features as a New Payment Instrument - Summary of Innovation

The proposed encryption key carrier for digital currency has the following key features:

1. It is a very difficult to counterfeit physical representation of digital currency.

2. The current holder is the sole holder of the digital currency used to cover the piece of carrier. In other words, he is sure that none of the previous holders, nor the publisher's subject, has the ability to embezzle.

3. Cover (expose) anyone by using commercially available office and computer equipment and internet access.

4. It can be verified by anyone using common mobile computing and pre-installed software, even without an internet connection.

5. In the tamper-evident mode 5A variant of the second authorization factor, anyone can use the commercially available (mobile) computing and Internet access to abandon coverage and funds, but only with the devaluation / evident destruction of the carrier.

Compared to existing physical products aimed at preserving the balance of digital currencies, the presented technical solution represents a fundamental qualitative step forward, mainly through points 2 and 4 of this chapter.

Compared to commonly available payment instruments, which are the product of banks and / or states (banknotes, coins, checks), the presented technical solution also brings a major innovation. Current available means of payment are directly based on trust (see Figure 5) and if trust in the publisher disappears, the payment instrument immediately loses its function and value. The Holder is not a direct (factual) holder of the respective coverage of the given payment instrument. His position vis-à-vis the publisher is not equal and, in the event of a publisher's bankruptcy or, for example, monetary reform, the holder usually comes to the value represented by these substitutes.

In contrast, the present technical solution describes a payment means that stores value regardless of the publisher's economic status. In a variant where the physical carrier also includes a second authorization factor 5A tamper-evident in the mode, even the bankruptcy and eventual liquidation of the publisher's subject have no effect on the value of the encryption key carriers for the di-9CZ 29124 U1 genuine currency as means of payment. They continue to serve as a value preserver and payment facilitator.

This digital currency encryption key carrier, unlike the above money substitutes, has its intrinsic value equivalent to the digital currency balance. The intrinsic value, for example, is a situation in which precious metal (gold, silver) is used directly as a tender. Such a coin, usually a coin, also has its intrinsic value, which is independent of the publisher's entity.

The digital currency encryption key carrier solution as a means of payment retains the same advantages as conventional modern physical means of payment - low weight and small size. Banknotes were introduced, among other things, because the manipulation of more physical gold seemed impractical. Likewise, the invented encryption key carrier is a tool for facilitating payments to persons for whom digital currency manipulation is impractical in its native electronic form. At the same time, however, it retains its intrinsic value, so it is not a substitute but rather a physical envelope for the electronic currency.

The proposed solution can be seen as a tool for digital currency metamorphosis from an electronic environment to a physical environment and back (Figure 11). It is important that the moment the currency moves into the physical world, there is still no one to dispose of it in the original electronic world. In this way it is possible to otherwise describe the principle of exclusive availability of the current holder. So far, the existing digital currency physical products use the schematic of Figure 6 where, at the moment of issuance of the device, there are two joint holders, namely the publisher and the holder, and can at any time in the future experience the situation shown in Figure 10, that is, the electronic dispatcher with the financial the funds are further disposed of and the physical dispatcher finds out that he is no longer a real dispatcher and that he has been robbed when attempting to depreciate the object and bringing the cover back to the electronic environment.

We perform metamorphosis between electronic and physical representation of money normally when we carry cash to a bank / cash machine and deposit it into an account, or vice versa, when we make a bank withdrawal and withdraw cash from a bank / cash machine.

The present solution allows this metamorphosis to be performed at home and without the intermediary (bank). It is enough to have the necessary amount of uncovered pieces of the described encryption key carrier for the digital currency, and with the help of common office and computer technology and internet connection we can change the electronic representation of the currency to physical. In a variant where the physical carrier also includes a second 5A authorization factor in the tamper-evident mode, a reverse change is possible and sufficient to connect to the Internet and a mobile smart phone or tablet.

At the same time, the presented solution lacks the secondary function of secure offline storage of the digital currency, thus replacing paper purses and other forms of private key backup. Thus, even if it is not used for payment, its function remains a value preserver.

Solution variants (1) The solution of the physical encryption key carrier for the digital currency also makes sense without the 3A digital signature part in a situation where only the recipient of the payment instrument is equipped with an internet connection and the payer does not. For example, this can be a purchase in a store. The recipient can own a terminal connected to the Internet and use it to verify the coverage of individual pieces of payment means directly online.

(2) In some circumstances, it may be advantageous to leave a second authorization factor of 5A at the publisher, but to integrate a secret password in the tamper-evident mode that proves remotely at the cancellation stage that the communicating party is the actual holder of the payment instrument. Thus, the modified model requires the publisher's cooperation to cancel the cover, but it can take place remotely without the publisher's physical contact with the payment instrument. There may be more motivation to make this adjustment, one of which is to reduce the size of the tamper-evident-protected information. E.g. if the cost of production and / or vulnerability increases with the range of protected information and the entire cryptographically strong second authorization factor of 5A would be difficult to integrate.

-10GB 29124 Ul (3) Third party may theoretically provide cover for exposed equipment. The issuer must inform the issuer during the issuance of the address at which the funds are to be deposited and then obtain the identifier of the relevant transaction. Covering can also be provided by the publisher himself, as this may in some cases speed up the exposure process. the process of issuing a digital signature. This modification of the model is based on the assumption that the issuer has previously deposited a certain amount of money with the publisher and then draws on it from the issuance of individual pieces of payment means, thus it is a form of custody of funds.

(4) Theoretically, the use of Physical Unclonable Function (PUF), a currently used aggregate name for ways to produce a physical object that cannot be copied, duplicated, could theoretically be significantly improved by the digital currency encryption key forgery protection. or functionally mimic (lit. 10, 11, 12, 13) even using the most advanced physical and chemical methods. Unique features are achieved by producing an electronic device with unique electromagnetic properties that stems from the arrangement of molecules and atoms and is therefore technically impossible to produce an identical copy. In practice, this would mean equipping the digital currency encryption key carrier with an electronic chip with PUF implementation and replacing it with the unique alphanumeric identifier 1 described above. At the same time, this option would also offer the realization of the connection of the first authorization factor 1 and the digital signature 3A by the issuer also in electronic form, the built-in chip could have a rewritable memory. Higher protection of the anti-counterfeiting device would be redeemed by higher equipment requirements for the verifier, as it would have to have a more advanced device for communicating with the electronics built into the encryption key carrier for the digital currency. Therefore, the resulting product was not so universally applicable. At the same time, a number of other implementation-related issues and issues would arise, as it is known from the chip and contact-free contact and contactless payment cards that many potential attacks and vulnerabilities are large.

Industrial usability

The physical encryption key carrier for the digital currency serves in the area of value retention and transfer in the payment system.

Literature or other sources used in the text:

Pour. 1. Bitaddress. [Online] https://www.bitaddress.org.

Pour. 2. BitcoinPaperwallet.com. [Online] https://bitcoinpaperwallet.com/.

Pour. 3. Wallet Geenrator. [Online] https://walletgenerator.net.

Pour. 4. BIP 38: Passphrase-protected private key. [Online] https://github.com/bitcoin/bips/blob/master/bip-0038.mediawiki.

Pour. 5. OVD Kinegram AG. [Online] http://www.kinegram.com/.

Pour. Soheil Hamedani, Gregor Innitzer. Coin having integrated rfid identification device and method for production thereof. US 20120055996 Mar. 3, 2012.

Pour. 7. Swiss Bitcoin Certificates. [Online] https://www.bitcoinsuisse.ch/en/about-certificates/. Pour. 8. Shamir, Adi. How to share a secret. Communications of the ACM. 1979, Vol. 22.

Pour. 9. BIP 16: Pay to Script Hash. [Online] https://github.com/bitcoin/bips/blob/master/bip-001 ó.mediawiki.

Pour. 10. Christoph, Boeh and Maximilian, Hofer. Physical Unclonable Functions in Theory and Practice. place unknown: Springer, 2012.

Pour. 11. Pappu, R., and others. Physical one-way functions. Science. 2002, 297.

Pour. 12. Naccache David, Frémanteau Patrice. Unforgeable identification device, identification device reader and method of identification. EP0583709 1992.

Pour. 13. Roel, Maes. Physically Unclonable Functions: Constructions, Properties and Applications. site unknown: Arenberg Doctoral School of Science, Engineering & Technology, 2012.

-11 CZ 29124 U1

Pour. 14. Feigelson, Douglas. Creating and using digital currency. US 20130166455 6 27, 2013.

Claims (10)

A physical bearer for encryption keys for a digital currency, characterized in that it comprises a base body in the form of a flat planar object of any shape, in particular a geometric figure, made of a compact material, in particular plastic, paper or metals and their alloys, the main planar surfaces are identified by a unique alphanumeric identifier (1), the physical carrier according to a particular embodiment being provided with anti-counterfeiting applications, wherein on one or both main planar surfaces there are fields (2) for positioning the first authorization factor (2A); a digital signature completion field (3A). 2. A digital currency encryption key carrier according to claim 1, wherein the base body in the form of a flat planar object is in the form of a square, rectangle or circle. A digital currency encryption key carrier according to claim 1 or 2, characterized in that it is in the form of standardized payment cards, coins or banknotes. The physical bearer of the encryption keys for digital currency according to claim 1, characterized in that on one of both sides it is provided with information (4) about the nominal value and the unit of currency. A digital currency encryption key carrier according to claim 1, characterized in that the application of anti-counterfeiting features in the paper version is in particular security paper with a watermark or metallic strips, optically variable elements, the use of very fine graphic elements, so-called guilloches , use of iris color gradients, UV or IR luminescence inks or chemically reagent inks, or using unavailable printing methods. 6. The physical currency encryption key carrier according to claim 1, wherein the application of the anti-counterfeiting elements in the case of plastic cards is in particular holograms. 7. A digital currency encryption key carrier as claimed in claim 1, wherein the application of the anti-counterfeiting security features in the case of metal coins is a diffractive security element, a kinegram or an electronic RFID chip. A digital currency encryption key carrier according to claim 1, characterized in that the unique alphanumeric identifier (1) is provided in the form of a protected element, in particular by iridiscence varnish coating, perforated or optically variable element. The physical currency encryption key carrier according to claim 1, characterized in that the first authorization factor placement field (2) and the digital signature completion field (3) form one common field. The digital currency encryption key carrier according to claim 1, characterized in that on one or the other main planar surface there is further a field (5) for the second authorization factor output in tamper-evident mode.