to find the limits of the authentication systems based on CSGC
Copy sensitive graphical codes (CSGC) are used as anti-counterfeiting solution in packaging and document protection. Nevertheless, the security aspects of these elements are not fully studied. The security of CSGC is based on the stochastic nature of print-and-scan (P&S) process. It can be easily shown that every time when an image is printed and scanned some information is lost in comparison with its digital version. Using this property, the authentication test can distinguish the original CSGC (printed once) from copied/counterfeited (printed several times).
The authentication test can be performed as 1) a comparison of the binary CSGC with an estimated binary code that is obtained by binarization of grayscale image during the authentication test or as 2) a comparison of binary CSGC with its degraded (graylevel) version.
Most of the attacks are produced between printing and scanning processes. An opponent needs to correctly predict a binarized version of CSGC that then will be re-printed and re-scanned using the same devices (in the case of the worst type attack) and the authentication test will process a grayscale counterfeited image. Thus, the comparison function might be sensitive to distortions added during Print-and-Scan (P&S) process and must correctly discriminate CSGC printed ones and CSGC printed twice or counterfeited.
The security of this authentication system is based on the fact that a P&S process cannot be fully controlled and the hardness of reversing it. That is why the task to estimate a CSGC structure with precision is hard. Nevertheless, an opponent can try to create CSGC copies as close as possible to the original aiming to pass an authentication test. For this purpose the opponent can use different strategies depending on his/her practical skills.
Taking into account the opponent attacks, an authentication test have to be improved :