Enhanced RFID tag authentication

US 10,121,033 B1
Filed: 03/05/2018
Issued: 11/06/2018
Est. Priority Date: 11/30/2011
Status: Active Grant

First Claim

Patent Images

1. A method for a Radio Frequency Identification (RFID) system to cause an RFID integrated circuit (IC) having a first parameter to execute an action, the method comprising:

sending a first command to the IC;

receiving from the IC at least an identifier and an encrypted version of the first parameter;

determining a key using the received identifier;

recovering the first parameter from the encrypted version using the key;

sending to the IC a single second command including at least a first portion of the first parameter; and

causing the IC to execute an action defined by at least the second command upon verifying at least the first portion of the first parameter.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An authentication method includes RFID tags authenticating RFID readers. A tag sends a tag identifier and a reader challenge to a reader in response to one or more commands from the reader. The reader then either derives a response to the reader challenge itself or has a verification authority derive the response. The response may be derived from parameter(s) in the reader challenge, and may be derived using a cryptographic key. The reader then sends the response to the tag along with one or more commands. The tag verifies the response before executing action(s) associated with the command(s).

36 Citations

View as Search Results

20 Claims

1. A method for a Radio Frequency Identification (RFID) system to cause an RFID integrated circuit (IC) having a first parameter to execute an action, the method comprising:
- sending a first command to the IC;
  
  receiving from the IC at least an identifier and an encrypted version of the first parameter;
  
  determining a key using the received identifier;
  
  recovering the first parameter from the encrypted version using the key;
  
  sending to the IC a single second command including at least a first portion of the first parameter; and
  
  causing the IC to execute an action defined by at least the second command upon verifying at least the first portion of the first parameter.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising sending to the IC a single third command including at least a second portion of the first parameter, wherein the first and second portions are different, and wherein:
    - the action is defined by at least the second and third commands, andcausing the IC to execute the action comprises causing the IC to execute the action upon verifying at least the first and second portions.
  - 3. The method of claim 1, wherein the action is not defined by the first parameter.
  - 4. The method of claim 1, further comprising:
    - sending the encrypted version of the first parameter to a verification authority; and
      
      receiving the first portion of the first parameter from the verification authority, wherein the verification authority determines the key and recovers the first parameter from the encrypted version.
  - 5. The method of claim 1, further comprising:
    - sending a random number to the IC with the first command;
      
      receiving a cryptographic function of the random number from the IC;
      
      verifying an authenticity of the IC using the cryptographic function; and
      
      sending the second command to the IC only if the authenticity of the IC is verified.
  - 6. The method of claim 1, wherein the action includes at least one of:
    - reading from an IC memory;
      
      writing to an IC memory;
      
      adjusting an IC counter value;
      
      adjusting a pointer to a memory location;
      
      adjusting a value of a key; and
      
      causing the IC to change state.
  - 7. The method of claim 1, wherein causing the IC to execute the action includes at least one of:
    - sending the second command;
      
      sending a third command; and
      
      specifying a trigger event.

8. A method for a Radio Frequency Identification (RFID) system to cause an RFID integrated circuit (IC) having a first parameter to execute an action, the method comprising:
- sending a first command to the IC;
  
  receiving from the IC at least an identifier and an encrypted version of the first parameter;
  
  determining a key using the received identifier;
  
  recovering the first parameter from the encrypted version using the key;
  
  deriving a second parameter from the first parameter using a deriving operation that includes one of;
  
  setting the second parameter equal to the first parameter;
  
  incorporating the first parameter into a string; and
  
  computing an arithmetic function of at least the first parameter;
  
  sending to the IC a single second command including at least a first portion of the second parameter; and
  
  causing the IC to, upon verifying at least the first portion of the second parameter using the deriving operation and the first parameter, execute an action defined by at least the second command, wherein the first parameter and the second parameter do not define the action.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, further comprising sending to the IC a single third command including at least a second portion of the second parameter, wherein the first and second portions are different, and wherein:
    - the action is defined by at least the second and third commands, andcausing the IC to execute the action comprises causing the IC to execute the action upon verifying at least the first and second portions.
  - 10. The method of claim 8, wherein deriving the second parameter comprises:
    - sending the encrypted version of the first parameter to a verification authority; and
      
      receiving the derived second parameter from the verification authority, wherein the verification authority determines the key, recovers the first parameter from the encrypted version, and derives the second parameter from the first parameter.
  - 11. The method of claim 8, further comprising:
    - sending a random number to the IC with the first command;
      
      receiving a cryptographic function of the random number from the IC;
      
      verifying an authenticity of the IC using the cryptographic function; and
      
      sending the second command to the IC only if the authenticity of the IC is verified.
  - 12. The method of claim 11, wherein verifying the authenticity of the IC comprises:
    - sending the cryptographic function to a verification authority; and
      
      receiving an indication of tag authenticity from the verification authority.
  - 13. The method of claim 8, wherein the action includes at least one of:
    - reading from an IC memory;
      
      writing to an IC memory;
      
      adjusting an IC counter value;
      
      adjusting a pointer to a memory location;
      
      adjusting a value of a key; and
      
      causing the IC to change state.
  - 14. The method of claim 8, wherein causing the IC to execute the action includes at least one of:
    - sending the second command;
      
      sending a third command; and
      
      specifying a trigger event.

15. A method for a Radio Frequency Identification (RFID) system to cause an RFID integrated circuit (IC) having a first parameter to execute an action, the method comprising:
- sending a first command to the IC;
  
  receiving from the IC at least an identifier and an encrypted version of the first parameter;
  
  determining a key using the received identifier;
  
  recovering the first parameter from the encrypted version using the key;
  
  deriving a second parameter from the first parameter;
  
  sending to the IC a single second command including at least a portion of the second parameter and defining at least part of an IC action; and
  
  causing the IC to, upon verifying at least the first portion of the second parameter using the deriving operation and the first parameter, execute the IC action, wherein the first parameter and the second parameter do not define the IC action.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, further comprising sending to the IC a single third command including at least a second portion of the second parameter, wherein the first and second portions are different, and wherein:
    - the IC action is defined by at least the second and third commands, andcausing the IC to execute the IC action comprises causing the IC to execute the IC action upon verifying at least the first and second portions.
  - 17. The method of claim 15, wherein determining the key, recovering the first parameter, and deriving the second parameter comprises:
    - sending the encrypted version of the first parameter to a verification authority; and
      
      receiving the derived second parameter from the verification authority, wherein the verification authority determines the key, recovers the first parameter from the encrypted version, and derives the second parameter from the first parameter.
  - 18. The method of claim 15, further comprising:
    - sending a random number to the IC with the first command;
      
      receiving a cryptographic function of the random number from the IC;
      
      verifying an authenticity of the IC using the cryptographic function; and
      
      sending the second command to the IC only if the authenticity of the IC is verified.
  - 19. The method of claim 15, wherein the IC action includes at least one of:
    - reading from an IC memory;
      
      writing to an IC memory;
      
      adjusting an IC counter value;
      
      adjusting a pointer to a memory location;
      
      adjusting a value of a key; and
      
      causing the IC to change state.
  - 20. The method of claim 15, wherein causing the IC to execute the IC action includes at least one of:
    - sending the second command;
      
      sending a third command; and
      
      specifying a trigger event.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Impinj, Inc.
Original Assignee
Impinj, Inc.
Inventors
Robshaw, Matthew, Diorio, Christopher J.
Primary Examiner(s)
Zimmerman, Brian
Assistant Examiner(s)
Samson, Sara

Application Number

US15/911,730
Time in Patent Office

246 Days
Field of Search
US Class Current
CPC Class Codes

G06K 7/10198   setting parameters for the ...

G06K 7/10366   the interrogation device be...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/3247   involving digital signatures

H04L 9/3271   using challenge-response

Enhanced RFID tag authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

36 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Enhanced RFID tag authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links