RFID SECURITY SYSTEM

US 20070206786A1
Filed: 01/18/2006
Published: 09/06/2007
Est. Priority Date: 08/31/2005
Status: Abandoned Application

First Claim

Patent Images

1. A process for handling secret data, the process comprising:

(a) writing a cryptography key in a data storage area in a radio-frequency identification (RFID) tag while said RFID tag is associated with a first holder;

(b) reading said cryptography key from said RFID tag while said RFID tag is associated with a second holder; and

(c) performing at least one of the steps of encrypting, decrypting, signing, signature verifying, and integrity checking the secret data, wherein the steps are performed based on said cryptography key.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A process for handling secret data. In an RFID tag, a cryptography key protecting the secret data is written while with a first holder, a threshold cryptography share is stored, or an arbitrary value is obtained for an identity-based encryption (IBE) algorithm. The cryptography key can then be read and used by a second holder to access the secret data, the threshold cryptography shares can be read and aggregated with other shares to access the secret data, or the arbitrary value can be used as the basis for a public key to protect the secret data and with a corresponding private key to access the secret data.

111 Citations

View as Search Results

25 Claims

1. A process for handling secret data, the process comprising:
- (a) writing a cryptography key in a data storage area in a radio-frequency identification (RFID) tag while said RFID tag is associated with a first holder;
  
  (b) reading said cryptography key from said RFID tag while said RFID tag is associated with a second holder; and
  
  (c) performing at least one of the steps of encrypting, decrypting, signing, signature verifying, and integrity checking the secret data, wherein the steps are performed based on said cryptography key.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The process of claim 1, wherein said first holder and said second holder are different people or locations.
  - 3. The process of claim 1, further comprising:
    - prior to step (a), encrypting said cryptography key; and
      
      prior to step (c), decrypting said cryptography key.
  - 4. The process of claim 1, wherein step (a) includes writing said cryptography key in said data storage area such that said cryptography key is read-only.
  - 5. The process of claim 1, further comprising, after step (b), altering said RFID tag so that said cryptography key cannot be read again.

6. A process for handling secret data, the process comprising:
- (a) creating n shares of the secret data using a threshold cryptography algorithm such that only reconstruction of at least k of said shares reveals the secret data and wherein 1<
  
  k≧
  
  n; and
  
  (b) storing at least one said share in a radio-frequency identification (RFID) tag.
- View Dependent Claims (7, 8, 9, 10, 11, 12)
- - 7. The process of claim 6, further comprising:
    - (c) collecting at least k of said shares, including reading at least one said share from a single said RFID tag; and
      
      (d) combining said at least k of said shares to reveal the secret data.
  - 8. The process of claim 7, wherein step (c) includes requiring that at least m said shares be read from said RFID tags with the same RFID reader, wherein m≦
    - k.
  - 9. The process of claim 7, wherein step (c) includes requiring that at least m said shares be read from said RFID tags in accordance with a time criteria triggered by one said RFID tag, wherein m≦
    - k.
  - 10. The process of claim 7, wherein step (c) includes altering at least one said RFID tag so that one or more shares stored on said at least one said RFID tag cannot be read again.
  - 11. The process of claim 7, further comprising, after step (b), distributing said shares among multiple holders such that step (c) includes retrieving instances of said shares from at least two of said holders, wherein said holders are people or locations.
  - 12. An RFID tag made by the process of claim 6.

13. A process for handling secret data, the process comprising:
- (a) obtaining, in a radio-frequency identification (RFID) tag, an arbitrary value for an identity-based encryption (IBE) algorithm;
  
  (b) reading said arbitrary value from said RFID tag; and
  
  (c) determining a public key based on said arbitrary value, wherein said public key has a corresponding private key.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 14. The process of claim 13, wherein step (a) includes selecting said arbitrary value to be that of a field already stored in said RFID tag.
  - 15. The process of claim 13, wherein step (a) includes storing said arbitrary value in said RFID tag.
  - 16. The process of claim 13, wherein step (a) includes pre-storing, in said RFID tag, an instance of said private key that has been encrypted.
  - 17. The process of claim 16, wherein step (a) includes pre-storing, in said RFID tag, a first security value based on said private key and a hash or a message authentication code algorithm, thereby permitting said first security value to be read later and used to perform an integrity check on a decrypted instance of said private key.
  - 18. The process of claim 13, further comprising storing an encrypted instance of said private key in said RFID tag.
  - 19. The process of claim 18, further comprising storing, in said RFID tag, a first security value based on said private key and a hash or a message authentication code algorithm, thereby permitting said first security value to be read later and used to perform an integrity check on a decrypted instance of said private key.
  - 20. The process of claim 13, further comprising:
    - (d) encrypting the secret data with said public key into encrypted data; and
      
      (e) writing said encrypted data to said RFID tag.
  - 21. The process of claim 20, further comprising:
    - prior to step (d), calculating a second security value based on the secret data using a hash or a message authentication code algorithm; and
      
      wherein step (e) further includes writing said second security value into said RFID tag, thereby permitting said second security value to be read later and used to perform an integrity check on a decrypted instance of the secret data.
  - 22. The process of claim 20, further comprising:
    - (f) reading said encrypted data from said RFID tag;
      
      (g) obtaining an encrypted private key which is an instance of said private key that has been encrypted;
      
      (h) decrypting said encrypted private key into said private key; and
      
      (i) decrypting said encrypted data with said private key into the secret data.
  - 23. The process of claim 22, wherein:
    - said (b) performs said reading of said arbitrary value at a first location; and
      
      said (f) performs said reading of said encrypted data at a second location.
  - 24. The process of claim 22, further comprising, after step (f), altering said RFID tag so that said encrypted data cannot be read again.
  - 25. An RFID tag made by the process of claim 13.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GSI Group Corporation (Novanta Inc.)
Original Assignee
SkyeTek, Inc. (RFID Holdings, Inc.)
Inventors
Chakraborty, Sayan

Application Number

US11/306,980
Publication Number

US 20070206786A1
Time in Patent Office

Days
Field of Search
US Class Current

380/30
CPC Class Codes

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0442   wherein the sending and rec...

H04L 63/0492   by using a location-limited...

H04L 63/061   for key exchange, e.g. in p...

H04L 9/0847   involving identity based en...

RFID SECURITY SYSTEM

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

111 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

RFID SECURITY SYSTEM

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

111 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links