DECOUPLING OF MEASURING THE RESPONSE TIME OF A TRANSPONDER AND ITS AUTHENTICATION

US 20110078549A1
Filed: 11/03/2008
Published: 03/31/2011
Est. Priority Date: 05/26/2008
Status: Active Grant

First Claim

Patent Images

1. A reader for determining the validity of a connection to a transponder, wherein the reader is designed to measure a response time of the a transponder and to authenticate the transponder in two separate steps, wherein at least a part of data used for the authentication is included in communication messages transmitted between the reader and the transponder during the measuring of the response time.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Reader (420) for determining the validity of a connection to a transponder (440), designed to measure a response time of a transponder (440) and to authenticate the transponder (440) in two separate steps. Transponder (440) for determining the validity of a connection to a reader (420), wherein the transponder (440) is designed to provide information for response time measurement to said reader (420) and to provide information for authentication to said reader (420) in two separate steps, wherein at least a part of data used for the authentication is included in a communication message transmitted between the reader (420) and the transponder (440) during the measuring of the response time.

100 Citations

View as Search Results

32 Claims

1. A reader for determining the validity of a connection to a transponder, wherein the reader is designed to measure a response time of the a transponder and to authenticate the transponder in two separate steps, wherein at least a part of data used for the authentication is included in communication messages transmitted between the reader and the transponder during the measuring of the response time.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The reader according to claim 1, wherein the reader is designed to measure the response time based on a time interval between sending a first command to the transponder and receiving a first random number from the transponder in response to the first command.
  - 3. The reader according to claim 2, wherein the reader is designed to authenticate the transponder based on an evaluation whether an encryption of the first random number, received from the transponder after having received the first random number for measuring the response time, coincides with the first random number received for measuring the response time.
  - 4. The reader according to claim 1, wherein the reader is designed to measure the response time based on a time interval between sending a first command together with a second random number to the transponder and receiving a first random number from the transponder in response to the first command.
  - 5. The reader according to claim 4, wherein the reader is designed to authenticate the transponder based on an evaluation whether an encryption of the second random number and an encryption of the first random number, received from the transponder after having received the first random number for measuring the response time, coincides with the first random number received for measuring the response time and with the second random number.
  - 6. The reader according to claim 3, wherein the reader is designed to qualify the connection to the transponder as valid only upon determining that both the time interval is within a predetermined time window and that there is coincidence and that a communication speed at which the transponder operates is the same as what the reader assumes the transponder operates on.
  - 7. The reader according to claim 1, wherein the reader is designed to exchange data for authentication and/or to exchange data for a proximity check with the transponder split into a plurality of communication messages.
  - 8. The reader according to claim 4, wherein the reader is designed to send the first command free from a Cyclic Redundancy Check.
  - 9. The reader according to claim 1, wherein the reader is designed to receive a communication message comprising a Cyclic Redundancy Check from the transponder calculated over the message sent to the transponder and the message received from the transponder and to assume non-validity of exchanged messages with the transponder upon detecting a communication error in the communication message comprising the Cyclic Redundancy Check.
  - 10. The reader according to claim 4, designed to receive a communication message comprising a Cyclic Redundancy Check from the transponder which Cyclic Redundancy Check is generated by the transponder based on a message received from the reader concatenated with the first random number and the second random number.

11. A transponder for determining the validity of a connection to a reader, wherein the transponder is designed to provide information for response time measurement to the reader and to provide information for authentication to the reader in two separate steps, wherein at least a part of data used for the authentication is included in a communication message transmitted between the reader and the transponder during the measuring of the response time.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 12. The transponder according to claim 11, wherein the transponder is designed to send a first random number to the reader for response time measurement in response to a first command received from the transponder.
  - 13. The transponder according to claim 12, wherein the transponder is designed to send the first random number unencrypted to the reader for response time measurement.
  - 14. The transponder according to claim 12, wherein the transponder is designed to send the first random number in response to the first command which includes a second random number.
  - 15. The transponder according to claim 14, wherein the transponder is designed to generate and store a third random number based on the second random number to substitute the first random number for a future session.
  - 16. The transponder according to claim 14, wherein the transponder is designed to send an encryption of the first random number and of the second random number after receipt of a second command from the transponder sent after sending the first command.
  - 17. The transponder according to claim 11, wherein the transponder is designed to analyze communication messages exchanged with the reader to thereby determine whether the transponder is in proximity of the reader and to terminate communication upon determining that the transponder is not in proximity of the reader.
  - 18. The transponder according to claim 11, wherein the transponder is designed to exchange data for authentication and/or to exchange data for a proximity check with the reader split into a plurality of communication messages.
  - 19. The transponder according to claim 12, wherein the transponder is designed to send the first random number to the reader together with a Cyclic Redundancy Check.
  - 20. The transponder according to claim 11, wherein the transponder is designed to send a communication message to the reader together with information indicative of a timing, particularly indicative of a speed, of a communication between the transponder and the reader.
  - 21. The transponder according to claim 11, wherein the transponder is designed to detect and limit a frequency at which in operates to stop communicating with the reader once the frequency is out of bound, for the purpose of limiting a residual relay attack window.
  - 22. The transponder according to claim 14, designed to generate a communication message comprising a Cyclic Redundancy Check which is generated based on a message received from the reader concatenated with the first random number and the second random number.

23. A method for a reader of determining the validity of a connection to a transponder, the method comprising:
- sending a first command together with a second random number to the transponder,receiving a first random number from the said transponder,receiving an encryption of the first random number and of the second random number from the transponder,decrypting the received number with the same key, which was used by the transponder, or encrypting the first random number and the second random number with the key,checking whether the first random number and the second random number received from the transponder and the first random number and the second random number received as an encryption from the transponder coincide, checking whether the first random number was received within a predetermined time window, andqualifying the connection to the transponder as valid if the result of both checks is true.
- View Dependent Claims (24, 28, 29)
- - 24. The method according to claim 23, further comprisingreceiving the first random number from the said transponder in response to the first command,sending a second command to the transponder after sending the first command,receiving the encryption of the first random number from the transponder in response to the second command.
  - 28. A computer-readable medium, in which a computer program is stored, which computer program, when being executed by a processor, is adapted to carry out or control a method according to claim 23.
  - 29. A program element, the program element, when being executed by a processor, is adapted to carry out or control a method according to claim 23.

25. A method for a reader of determining the validity of a connection to a transponder, the method comprising:
- sending a first command together with a second random number to said the transponder,receiving a first random number from the transponder,sending a first Message Authentication Code generated based on the first random number and the second random number to the transponder,receiving a second Message Authentication Code generated based on the first random number and the second random number from the transponder,checking whether the second Message Authentication Code is valid,checking whether the first random number was received within a predetermined time window, andqualifying the connection to the transponder as valid if the result of both checks is true.
- View Dependent Claims (30)
- - 30. A program element, the program element, when being executed by a processor, is adapted to carry out or control a method according to claim 25.

26. A method for a transponder of determining the validity of a connection to a reader, the method comprising:
- receiving a first command together with a second random number from the reader,sending a first random number to the reader,sending an encryption of the first random number and of the second random number to the reader.
- View Dependent Claims (31)
- - 31. A program element, the program element, when being executed by a processor, is adapted to carry out or control a method according to claim 26.

27. A method for a transponder of determining the validity of a connection to a reader, the method comprising:
- receiving a first command together with a second random number from the reader,sending a first random number to the reader,receiving a first Message Authentication Code generated based on the first random number and the second random number from the reader,checking whether the first Message Authentication Code is valid,sending a second Message Authentication Code generated based on the first random number and the second random number to the reader when the first Message Authentication Code is valid.
- View Dependent Claims (32)
- - 32. A program element, the program element, when being executed by a processor, is adapted to carry out or control a method according to claim 27.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NXP B.V. (NXP Semiconductors NV)
Original Assignee
NXP B.V. (NXP Semiconductors NV)
Inventors
Neumann, Heike, De Jong, Hans, Thueringer, Peter, Stern, Susanne, Murray, Bruce, Hubmer, Paul

Granted Patent

US 10,044,512 B2
Time in Patent Office

Days
Field of Search
US Class Current

714/807
CPC Class Codes

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/002   Countermeasures against att...

H04L 9/3242   involving keyed hash functi...

H04L 9/3271   using challenge-response

DECOUPLING OF MEASURING THE RESPONSE TIME OF A TRANSPONDER AND ITS AUTHENTICATION

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

100 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

DECOUPLING OF MEASURING THE RESPONSE TIME OF A TRANSPONDER AND ITS AUTHENTICATION

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

100 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links