Low Cost RFID Tag Security And Privacy System And Method

US 20080297326A1
Filed: 03/25/2008
Published: 12/04/2008
Est. Priority Date: 03/30/2007
Status: Abandoned Application

First Claim

Patent Images

1. A method for provisioning security for an RFID tag comprising:

generating a random new tag ID;

generating a new master key based on an existing master key; and

generating encrypted user data to be placed on the tag utilizing the new tag ID as an IV and the new master key as input to an encryption algorithm; and

writing the new tag ID and the encrypted user data to the tag.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for provisioning security for an RFID tag. Initially, a random new tag ID is generated, and a new master key is generated based on an existing master key. Encrypted user data to be placed on the tag is generated utilizing the new tag ID as an IV and the new master key as input to an encryption algorithm. The new tag ID and the encrypted user data are then written to the tag.

Citations

14 Claims

1. A method for provisioning security for an RFID tag comprising:
- generating a random new tag ID;
  
  generating a new master key based on an existing master key; and
  
  generating encrypted user data to be placed on the tag utilizing the new tag ID as an IV and the new master key as input to an encryption algorithm; and
  
  writing the new tag ID and the encrypted user data to the tag.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further including:
    - writing a symmetric signature of the encrypted user data to the tag.
  - 3. The method of claim 1, wherein a present tag ID read from a protected RFID tag is correlated with a previous tag ID owned by the same tag, by storing one or more of the previous tag IDs in encrypted form in the tag on each rewrite operation performed on the tag.
  - 4. The method of claim 1, further including:
    - generating a hash code for each instance of the tag ID; and
      
      correlating a present tag ID, read from a protected RFID tag, with a previous tag ID owned by the same tag, by storing one at least one said hash code in encrypted form in memory of the tag on each rewrite operation performed on the tag.

5. A method for provisioning security for an RFID tag comprising:
- generating a random tag ID based on a known fixed-value tag ID;
  
  generating a new master key based on an existing master key;
  
  encrypting user data to be placed on the tag utilizing the tag ID as an IV and the new master key as input to an encryption algorithm;
  
  generating a keyed symmetric signature of the user data utilizing the tag ID as an IV, the new master key, and clear text user data as input to a keyed hashing algorithm;
  
  writing the tag ID, the encrypted user data, and the symmetric signature to appropriate parts of the tag; and
  
  generating one or more passwords based on the tag ID as an IV and the new master key as input to a keyed hashing algorithm; and
  
  locking data fields in the tag using the passwords.
- View Dependent Claims (6, 7)
- - 6. The method of claim 5, wherein a present tag ID read from a protected RFID tag is correlated with a previous tag ID owned by the same tag, by storing one or more of the previous tag IDs in encrypted form in the tag on each rewrite operation performed on the tag.
  - 7. The method of claim 5, further including:
    - generating a hash code for each instance of the tag ID; and
      
      correlating a present tag ID, read from a protected RFID tag, with a previous tag ID owned by the same tag, by storing one at least one said hash code in encrypted form in memory of the tag on each rewrite operation performed on the tag.

8. A method for enforcing security for an RFID tag having a tag ID and an associated master key used for provisioning the tag, the method comprising:
- reading the tag ID from the tag;
  
  generating a keyed symmetric signature of the user data utilizing the tag ID as an IV, the master key, and clear text user data as input to a keyed hashing algorithm;
  
  decrypting the user data read off the tag utilizing the tag ID as an IV and the master key as input to an encryption algorithm;
  
  generating a keyed symmetric signature of the decrypted user data utilizing the tag ID as an IV, the master key, and clear text user data as input to a keyed hashing algorithm;
  
  reading the symmetric signature from the tag; and
  
  comparing the keyed symmetric signature to the symmetric signature read from the tag to determine validity of the tag.
- View Dependent Claims (9, 10, 11)
- - 9. The method of claim 8, further including reading data fields, in the user data, from the tag, including encrypted user data and the symmetric signature.
  - 10. The method of claim 8, further including:
    - generating a password for locking and unlocking access to user data stored on the tag, based on the tag ID as an IV and the master key as input to a keyed hashing algorithm.
  - 11. The method of claim 10, further including:
    - locking and unlocking the data fields of the tag with the generated passwords.

12. A method for preventing tracking an RFID tag including a tag ID and an associated existing master key used for provisioning the tag, the method comprising:
- reading the present tag ID from the tag;
  
  reading data fields, in the user data, from the tag including encrypted user data and an optional symmetric signature;
  
  generating a new tag ID for the tag; and
  
  re-provisioning the tag utilizing the new tag ID by;
  
  generating a new master key based on the existing master key;
  
  encrypting user data to be placed on the tag utilizing the new tag ID as an IV and the new master key as input to an encryption algorithm; and
  
  writing the new tag ID, the encrypted user data, and the optional symmetric signature to the tag.

13. A method for correlating a present tag ID, read from a protected RFID tag, with a previous tag ID owned by the same RFID tag comprising:
- storing one or more of the previous tag IDs in encrypted form in memory of the tag on each rewrite operation performed on the tag.
- View Dependent Claims (14)
- - 14. The method of claim 13, further including:
    - generating a hash code for each instance of the tag ID; and
      
      correlating a present tag ID, read from the protected RFID tag, with the previous tag ID by storing one at least one hash code in encrypted form in memory of the tag on each rewrite operation performed on the tag.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GSI Group Corporation (Novanta Inc.)
Original Assignee
SkyeTek, Inc. (RFID Holdings, Inc.)
Inventors
Chakraborty, Sayan, Bruns, Logan, Shah, Vikram

Application Number

US12/055,265
Publication Number

US 20080297326A1
Time in Patent Office

Days
Field of Search
US Class Current

340/10.52
CPC Class Codes

H04L 63/0428 wherein the data content is...

H04L 63/12 Applying verification of th...

Low Cost RFID Tag Security And Privacy System And Method

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Low Cost RFID Tag Security And Privacy System And Method

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links