METHODS, SYSTEMS, AND COMPUTER PROGRAM PRODUCTS FOR PROVIDING MUTUAL AUTHENTICATION FOR RADIO FREQUENCY IDENTIFICATION (RFID) SECURITY

US 20080106386A1
Filed: 10/17/2006
Published: 05/08/2008
Est. Priority Date: 10/17/2006
Status: Active Grant

First Claim

Patent Images

1. A method for providing mutual authentication for radio frequency identification (RFID) security, the method comprising:

receiving an authentication request at a RFID tag from a requestor, the request including an encrypted access role;

transmitting an encrypted secret message to the requestor in response to receiving the authentication request, the encrypted secret message responsive to the encrypted access role;

receiving an access request at the RFID tag from the requestor, the access request generated by the requestor in response to the RFID tag being successfully authenticated by the requestor using the encrypted secret message, and the access request specifying a work area and including a random number that is encrypted;

authenticating the requester at the RFID tag including determining the value of the random number sent by the requestor and verifying that the work area is valid for the encrypted access role; and

responding to the access request using the value of the random number as an encryption key in response to the requestor being successfully authenticated at the RFID.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems and computer program products for providing mutual authentication for radio frequency identification (RFID) security. Methods include receiving an authentication request at a RFID tag from a requester, where the request includes an encrypted access role. An encrypted secret message is transmitted to the requestor in response to receiving the authentication request. The encrypted secret message is based on the encrypted access role received from the requester. An access request specifying a work area and including a random number that is encrypted is received from the requester at the RFID tag. The access request was generated by the requester in response to the RFID tag being successfully authenticated by the requestor using the encrypted secret message. The requester is authenticated at the RFID tag. The authenticating includes determining the value of the random number sent by the requester and verifying that the work area is valid for the encrypted access role. If the authenticating is successful, the RFID tag responds to the access request using the value of the random number as an encryption key.

39 Citations

View as Search Results

20 Claims

1. A method for providing mutual authentication for radio frequency identification (RFID) security, the method comprising:
- receiving an authentication request at a RFID tag from a requestor, the request including an encrypted access role;
  
  transmitting an encrypted secret message to the requestor in response to receiving the authentication request, the encrypted secret message responsive to the encrypted access role;
  
  receiving an access request at the RFID tag from the requestor, the access request generated by the requestor in response to the RFID tag being successfully authenticated by the requestor using the encrypted secret message, and the access request specifying a work area and including a random number that is encrypted;
  
  authenticating the requester at the RFID tag including determining the value of the random number sent by the requestor and verifying that the work area is valid for the encrypted access role; and
  
  responding to the access request using the value of the random number as an encryption key in response to the requestor being successfully authenticated at the RFID.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein the access request is a read query.
  - 3. The method of claim 1 wherein the access request is a write query.
  - 4. The method of claim 1 wherein the access request is a reset query.
  - 5. The method of claim 1 wherein the requester is a backend system.
  - 6. The method of claim 1 wherein the RFID tag supports simultaneous accesses by the requester and one or more other requesters.
  - 7. The method of claim 1 further comprises authenticating the RFID tag at the requester, the authenticating including verifying that the encrypted secret message contains an expected value.
  - 8. The method of claim 1 wherein one or more of the authentication request and the access request are encrypted.
  - 9. The method of claim 1 wherein the encrypted secret message is created by applying a hash function to a secret message associated with the RFID tag and the encrypted access role.

10. A system for providing a mutual authentication protocol for RFID networks, the system comprising an RFID tag including:
- one or more secret messages;
  
  one or more work areas;
  
  one or more hash functions for encrypting data; and
  
  instructions to facilitate;
  
  receiving an authentication request at the RFID tag from a requester, the request including an encrypted access role;
  
  transmitting an encrypted secret message to the requester in response to receiving the authentication request, the encrypted secret message created by encrypting one of the secret messages corresponding to the encrypted access role;
  
  receiving an access request at the RFID tag from the requester, the access request generated by the requester in response to the RFID tag being successfully authenticated by the requestor using the encrypted secret message, and the access request specifying a work area and including a random number that is encrypted;
  
  authenticating the requestor at the RFID tag including determining the value of the random number sent by the requester and verifying that the work area is valid for the encrypted access role; and
  
  responding to the access request using the value of the random number as an encryption key in response to the requester being successfully authenticated at the RFID tag.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The system of claim 10 wherein the RFID tag is a passive RFID tag.
  - 12. The system of claim 10 wherein the requester is a backend system.
  - 13. The system of claim 10 further comprising a backend system for authenticating the RFID tag and for generating and transmitting the authentication and access requests.
  - 14. The system of claim 10 further comprising a RFID reader for transmitting data between the requestor and the RFID tag.
  - 15. The system of claim 10 wherein the RFID tag supports simultaneous accesses by the requester and one or more other requesters.

16. A computer program product for providing mutual authentication for RFID security, the computer program product comprising:
- a storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for facilitating;
  
  receiving an authentication request at a RFID tag from a requester, the request including an encrypted access role;
  
  transmitting an encrypted secret message to the requestor in response to receiving the authentication request, the encrypted secret message responsive to the encrypted access role;
  
  receiving an access request at the RFID tag from the requester, the access request generated by the requester in response to the RFID tag being successfully authenticated by the requester using the encrypted secret message, and the access request specifying a work area and including a random number that is encrypted;
  
  authenticating the requester at the RFID tag including determining the value of the random number sent by the requester and verifying that the work area is valid for the encrypted access role; and
  
  responding to the access request using the value of the random number as an encryption key in response to the requestor being successfully authenticated at the RFID tag.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The storage medium of claim 16 wherein the access request is one or more of a read query, a write query, and a reset query.
  - 18. The storage medium of claim 16 wherein the requester is a backend system.
  - 19. The storage medium of claim 16 wherein the RFID tag supports simultaneous accesses by the requester and one or more other requestors.
  - 20. The storage medium of claim 16 wherein the instructions further facilitate authenticating the RFID tag at the requester, the authenticating including verifying that the encrypted secret message contains an expected value.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Lei, Hui, Li, Jenny S.

Granted Patent

US 7,791,451 B2
Time in Patent Office

Days
Field of Search
US Class Current

340/10.5
CPC Class Codes

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0492   by using a location-limited...

H04L 63/0869   for achieving mutual authen...

H04L 9/3273   for mutual authentication n...

METHODS, SYSTEMS, AND COMPUTER PROGRAM PRODUCTS FOR PROVIDING MUTUAL AUTHENTICATION FOR RADIO FREQUENCY IDENTIFICATION (RFID) SECURITY

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

39 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

METHODS, SYSTEMS, AND COMPUTER PROGRAM PRODUCTS FOR PROVIDING MUTUAL AUTHENTICATION FOR RADIO FREQUENCY IDENTIFICATION (RFID) SECURITY

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links