If I was looking to "tag" items to prove uniqueness/authenticity, it'd be easiest to register them on the blockchain (public key) and then verify them through signing with the private key, right?
It seems the best way to do this would be to hide the private key behind a microchip so that it can never be duplicating, but that raises costs. Are there any unique ways to do something like this without implementing a microchip to hide the private key for verification?
CPU based
Modern embedded CPUs, e.g. ARM ones, may have "security enclave" or "trust zone" directly on System on chip (SoC) or as an external chip. They have a section of a chip that is locked down during manufacturing with some specific hardware keys. The keys are impossible to extract out from the chip.
The fool proof path would be here to have a security enclave enablde microchip that contains a private key set during the manufacturing. The private key never leaves the device. Instead, the chip reports the public key back to the inventory management system at the end of the production line when the item has been manufactured.
When the item changes owners the associated transaction is made to a blockchain. This transaction is signed with the embedded CPU and its private key and the transaction contains the id of old owner and the id of the new owner (either names, public keys, etc.)
Security enclave enabled chips are expensive. However if you do not have security process your foundation right nothing stops the copying of private keys and causing a mess.
NFC based
Near field communication chips, also known as RFID tags, have some cryptography and authentication built into them. It is in theory possible to have an NFC chip attached to your item and then you can do a blockchain transaction by touching the chip with your NFC enabled Android smartphone and special app that does the transaction.
However I am not aware of NFC chips that would do ECDSA signing that is the base of all known blockchain transactions currently. Mostly NFC chip based security is designed to protect the traffic between the chip and the reader for eavesdropping and they use symmetric ciphers. Someone with better, up-to-date, information can correct me if I am wrong here.
More information:
