Radio Frequency Identification Tag Security Systems
First Claim
1. A method of operating a radio-frequency identification system, the system including a tag, a reader and a third party authority, wherein the tag has a tag name, the tag name comprising a tag identity and a secret value, wherein the secret value is mapped to the tag identity, the method comprising the steps of:
- (i) the reader interrogating the tag,(ii) the tag sending in response a pseudonym, the pseudonym comprising the tag identity and an encryption of the secret value,(iii) the reader sending a request to the third party authority for release of a decryption key, the request including the pseudonym received from the tag,(iv) the third party authority, having determined that the reader is authorised to receive the decryption key, sending to the reader the decryption key, and(v) the reader using the decryption key to obtain the tag identity, wherein the decryption key can be used by the reader to obtain the tag identity a predetermined plurality of times without further contact between the reader and the third party authority.
1 Assignment
0 Petitions
Accused Products
Abstract
Security and privacy of tag information in an RFID-based system can be achieved through the usage of pseudonyms generated based on one-way hash functions. A system based on binary one-way trees allows for the scalable generation and decoding of authentication keys to obtain access to tag identities. The apparatus and methods described can also be adapted to provide limited access for readers to tag information.
-
Citations
11 Claims
-
1. A method of operating a radio-frequency identification system, the system including a tag, a reader and a third party authority, wherein the tag has a tag name, the tag name comprising a tag identity and a secret value, wherein the secret value is mapped to the tag identity, the method comprising the steps of:
-
(i) the reader interrogating the tag, (ii) the tag sending in response a pseudonym, the pseudonym comprising the tag identity and an encryption of the secret value, (iii) the reader sending a request to the third party authority for release of a decryption key, the request including the pseudonym received from the tag, (iv) the third party authority, having determined that the reader is authorised to receive the decryption key, sending to the reader the decryption key, and (v) the reader using the decryption key to obtain the tag identity, wherein the decryption key can be used by the reader to obtain the tag identity a predetermined plurality of times without further contact between the reader and the third party authority. - View Dependent Claims (2, 3, 4, 5, 6, 7, 9, 10, 11)
-
-
8. A method of operating a radio-frequency identification system, the system including a tag, a reader and a third party authority, wherein the tag has a tag name, the tag name comprising a tag identity and a secret value, wherein the secret value is mapped to the tag identity, the method comprising the steps of:
-
(i) the reader interrogating the tag, (ii) the tag sending to the reader in response, locational information describing the location of a decryption key within a one-way hash tree, 0 (iii) the reader sending a request to the third party authority for release of a decryption key, the request including the locational information received from the tag, (iv) the third party authority, having determined that the reader is authorised to receive the decryption key, sending to the reader the decryption key, and (v) the reader using the decryption key to obtain the tag identity, 5 wherein the decryption key can be used by the reader to obtain the tag identity a predetermined plurality of times without further contact between the reader and third party authority.
-
Specification