RFID READER REVOCATION CHECKING USING LOW POWER ATTACHED DISPLAYS

US 20110057770A1
Filed: 09/07/2010
Published: 03/10/2011
Est. Priority Date: 09/08/2009
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating a certificate of a passive and contactless reader to perform an efficiently and timely revocation and/or expiration status check of the reader certificate, comprising:

machine checking whether the certificate is on a certificate revocation list (CRL) or a similar structure or not by using a processing circuit;

displaying a date to a user; and

contingently permitting information transmission from a tag to the reader by allowing the user of the tag to verify that the certificate expiration is in the future and the certificate revocation status reported to the tag by RFID reader is current.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of authenticating a radio frequency identification (RFID) reader to efficiently and timely check of revocation status of the RFID reader includes the steps of checking whether a given certificate is expired or revoked, and allowing a user of an RFID tag to verify that the credentials and revocation status information reported to the tag by reader is correct and current/valid before permitting information transmission from the RFID tag to the reader. An RFID tag includes a passively powered display and a user activatable control which allows the method to be carried out with the tag. The tag may include encrypted communication ability and automatic certificate revocation list checking. (This method is applicable not just to RFID but to any technology involving purely passive operation, i.e., where the tag obtains power from a reader).

28 Citations

View as Search Results

18 Claims

1. A method of authenticating a certificate of a passive and contactless reader to perform an efficiently and timely revocation and/or expiration status check of the reader certificate, comprising:
- machine checking whether the certificate is on a certificate revocation list (CRL) or a similar structure or not by using a processing circuit;
  
  displaying a date to a user; and
  
  contingently permitting information transmission from a tag to the reader by allowing the user of the tag to verify that the certificate expiration is in the future and the certificate revocation status reported to the tag by RFID reader is current.
- View Dependent Claims (2, 3, 4, 5, 6, 10, 11)
- - 2. The method of claim 1 where machine checking whether a given certificate is on a CRL or not comprises using hash chains and cryptographic signatures.
  - 3. The method of claim 1 where the tag comprises an RFID tag and the reader comprises an RFID reader and where displaying a date to a user comprises providing a low power display for the RFID tag, powered by energy absorbed via an RFID antenna without a need for any secondary power source or change in RFID specifications, and where contingently permitting information transmission from the RFID tag to the RFID reader comprises executing normal operation procedures or initiating an escape action contingent on whether credentials of the reader are still valid (not expired) and the revocation information is current or not, respectively.
  - 4. The method of claim 1 further comprising using a predetermined communication overhead between the tag and the reader.
  - 5. The method of claim 1 where the steps of machine checking and contingently permitting information transmission from the tag to the reader are performed with tags which carry private or valued information.
  - 6. The method of claim 5 where the steps of machine checking and contingently permitting information transmission from the tag to the reader are performed with contactless-equipped documents, badges or payment instruments used:
    - by national or international governmental agencies responsible for border protection or travel document issuance, by banks, by credit card companies or by companies producing equipment for RFID based access control systems.
  - 10. The system of claim 1 where the circuit means for checking and display are usable with tags which carry private or valued information.
  - 11. The system of claim 10 where the circuit means for checking and display are usable with contactless equipped documents, payment instruments or badges used:
    - by national or international governmental agencies responsible for border protection or travel document issuance, by banks, by credit card companies or by companies producing equipment for RFID based access control systems.

7. A system for authenticating a radio frequency identification (RFID) reader to efficiently and timely check of revocation status of the RFID reader comprising:
- circuit means for machine checking whether a given certificate is on a certificate revocation list (CRL) or not; and
  
  a display for allowing a user of an RFID tag to verify that the credentials reported to the tag by the RFID reader is current and not revoked before permitting electronic information transmission from the RFID tag to the RFID reader.
- View Dependent Claims (8, 9)
- - 8. The system of claim 7 where the circuit means for checking whether a given certificate is on a CRL or not comprises a processing circuit using hash chains and cryptographic signatures.
  - 9. The system of claim 7 where the RFID tag has an RFID antenna and where the display for allowing a user of an RFID tag to verify that certification status information reported to the tag by reader is correct comprises a low power display included in the RFID tag to display a date, the RFID tag being powered by energy absorbed via the RFID antenna without a need for any secondary power source or change in RFID specifications, so that normal operation procedures or an escape action is initiated depending on whether the credentials of the reader is current and valid or not, respectively.

12. An RFID tag comprising:
- a passively powered processing circuit for storing and communicating encrypted information;
  
  a portable package including the processing circuit, the package capable of being personally ported by an individual;
  
  a passively powered display included in the package coupled to the processing circuit.
- View Dependent Claims (13, 14, 15, 16)
- - 13. The RFID tag of claim 12 where the display is capable of displaying digits or alphabetical characters.
  - 14. The RFID tag of claim 12 in combination with a reader where the processing circuit receives from the reader a public key certificate (PKC) along with a signed and time-stamped proof of non-revocation and where the processing circuit is operable to verify the respective signatures on the reader'"'"'s PKC and the non-revocation proof, and to provide on the display either the date reported as current by the reader or the lesser of:
    - PKC expiration time and non-revocation proof expiration time.
  - 15. The RFID tag of claim 14 where selective activation of the control by a user causes the processing circuit to initiate an escape action with the reader or to proceed with a normal operation with the reader.
  - 16. The RFID tag of claim 12 in combination with an RFID reader where the processing circuit is arranged and configured to automatically check certificate expiration and/or revocation of the reader.

17. An RFID tag attended by an individual for use in combination with an RFID reader comprising:
- a display capable of showing a date;
  
  a control for making the tag temporarily inaccessible to the reader;
  
  a calculator to calculate an expiration date of revocation status information by knowing its issuance date; and
  
  a count-down timer.
- View Dependent Claims (18)
- - 18. The RFID tag of claim 17 where the display, calculator and count-down timer are passively powered.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Regents of the University of California (University of California)
Original Assignee
Regents of the University of California (University of California)
Inventors
Uzun, Ersin, Tsudik, Gene

Granted Patent

US 8,710,952 B2
Time in Patent Office

Days
Field of Search
US Class Current

340/5.2
CPC Class Codes

G06Q 20/3278   RFID or NFC payments by mea...

G07C 9/20   involving the use of a pass

G07F 7/082   Features insuring the integ...

G07F 7/0893   the card reader reading the...

RFID READER REVOCATION CHECKING USING LOW POWER ATTACHED DISPLAYS

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

RFID READER REVOCATION CHECKING USING LOW POWER ATTACHED DISPLAYS

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links