Would pure random + a central database not be more practical? Assuming the barcode is a 10-by-50 grid, that's 500 bits of entropy. With 100 bits of entropy, you need over 100 trillion codes to have a 0.4% chance of a collision. Every added bit makes it twice as unlikely.
There's no need to have crypto if you're the authority on both assigning and verifying the barcodes. That way, no attacker will be able to create a barcode and have any hope of it working.
They're not the only ones creating barcodes -- stamps come with non-specific data, but bulk mailers are allowed to create their own, with embedded routing and billing codes.
There's no need to have crypto if you're the authority on both assigning and verifying the barcodes. That way, no attacker will be able to create a barcode and have any hope of it working.