Secure data tagging systems

US 7,187,267 B2
Filed: 06/08/2004
Issued: 03/06/2007
Est. Priority Date: 12/11/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A system for secure communication between an interrogator and an RFID tag, said system comprising:

means for singulating said tag in a population of RFID tags;

means for extracting from said tag, identity data adapted to uniquely identify said tag;

means for communicating said identity data to a secure database;

means for providing authentication data by said database;

means for communicating said authenticating data to said interrogator;

means for communicating said authentication data from said interrogator to said tag, and means within said tag for authenticating said interrogator; and

means for providing a further communication between said tag and said interrogator after the tag has authenticated said interrogator, wherein at least one stream of data between said tag and said interrogator includes random data generated via a random physical process.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is disclosed for secure communication between an interrogator and an RFID tag. The system includes means for singulating the tag in a population of RFID tags and means for extracting from the tag, identity data adapted to uniquely identify the tag. The system further includes means for securely communicating the identity data to a secure database, means for providing authentication data by the database and means for securely communicating the authenticating data to the interrogator. The system also includes means for providing a further communication between the tag and the interrogator, and wherein at least one stream of data between the tag and the interrogator includes random data generated via a random physical process. The tag and database may each include means for maintaining a count of secure authentications. The count may be separately maintained by the tag and database and may be incremented following each secure authentication. A method for secure communication between an interrogator and an RFID tag is also disclosed.

60 Citations

View as Search Results

54 Claims

1. A system for secure communication between an interrogator and an RFID tag, said system comprising:
- means for singulating said tag in a population of RFID tags;
  
  means for extracting from said tag, identity data adapted to uniquely identify said tag;
  
  means for communicating said identity data to a secure database;
  
  means for providing authentication data by said database;
  
  means for communicating said authenticating data to said interrogator;
  
  means for communicating said authentication data from said interrogator to said tag, and means within said tag for authenticating said interrogator; and
  
  means for providing a further communication between said tag and said interrogator after the tag has authenticated said interrogator, wherein at least one stream of data between said tag and said interrogator includes random data generated via a random physical process.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. A system according to claim 1 wherein said tag and said database each includes means for maintaining a count of secure authentications.
  - 3. A system according to claim 2 wherein said count is separately maintained by said tag and by said database and is incremented following each secure authentication.
  - 4. A system according to claim 2 wherein said count includes secure authentications of said interrogator.
  - 5. A system according to claim 2 wherein said count includes secure authentications of said tag.
  - 6. A system according to claim 1 including means for comparing said further communication with reference data for determining if said tag is authentic.
  - 7. A system according to claim 6 wherein said interrogator includes said comparing means.
  - 8. A system according to claim 6 wherein said database includes said comparing means.
  - 9. A system according to claim 1 wherein said tag includes authentication test data for authenticating a transmission from said interrogator and authentication test data for authenticating a tag.
  - 10. A system according to claim 9 wherein said tag includes a plurality of said authentication data.
  - 11. A system according to claim 9 wherein said database includes a copy of said authentication data.
  - 12. A system according to claim 9 wherein said authentication data is not reused.
  - 13. A system according to claim 1 wherein said identity data includes a fixed data string.
  - 14. A system according to claim 1 wherein said identity data includes a variable data string.
  - 15. A system according to claim 1 wherein said identity data is encrypted.
  - 16. A system according to claim 1 wherein said identity data includes random numbers.
  - 17. A system according to claim 16 wherein a response of said tag to an authentic interrogator belongs to a finite set known to said database, and wherein a response of said tag to a non-authentic interrogator is similar in form but does not belong to said set.
  - 18. A system according to claim 1 wherein said further communication is from said tag to said interrogator.

19. A method for secure communication between an interrogator and an RFID tag, said method comprising:
- singulating said tag from a population of RFID tags;
  
  extracting from said tag, identity data adapted to uniquely identify said tag;
  
  communicating said identity data to a secure database;
  
  providing authentication data by said database;
  
  communicating said authentication data to said interrogator;
  
  communicating said authentication data from said interrogator to said tag;
  
  authenticating said interrogator with said tag; and
  
  providing a further communication between said tag and said interrogator after the tag has authenticated said interrogator, wherein at least one stream of data between said tag and said interrogator includes random data generated via a random physical process.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 20. A method according to claim 19 wherein said tag and said database each maintain a count of secure authentications.
  - 21. A method according to claim 20 wherein said count is separately maintained by said tag and said database and is incremented following each secure authentication.
  - 22. A method according to claim 21 wherein said tag includes authentication test data for authenticating a transmission from said interrogator and authentication test data for authenticating a tag.
  - 23. A method according to claim 20 wherein said count includes secure authentications of said interrogator.
  - 24. A method according to claim 20 wherein said count includes secure authentications of said tag.
  - 25. A method according to claim 19 wherein said further communication is from said tag to said interrogator.
  - 26. A method according to claim 19 including comparing said further communication with reference data for determining if said tag is authentic.
  - 27. A method according to claim 26 wherein said tag includes a plurality of said authentication data.
  - 28. A method according to claim 26 wherein said database includes a copy of said authentication data.
  - 29. A method according to claim 26 wherein said authentication data is not reused.
  - 30. A method according to claim 26 wherein said interrogator performs said comparing.
  - 31. A method according to claim 26 wherein said database performs said comparing.
  - 32. A method according to claim 19 wherein said identity data includes a fixed data string.
  - 33. A method according to claim 19 wherein said identity data includes a variable data string.
  - 34. A method according to claim 19 wherein said tag identity data is encrypted.
  - 35. A method according to claim 19 wherein said identity data includes random numbers.
  - 36. A system according to claim 19 wherein a response of said tag to an authentic interrogator belongs to a finite set known to said database, and wherein a response of said tag to a non-authentic interrogator is similar in form but does not belong to said set.

37. A system for secure communication between an interrogator and an RFID tag, said system comprising:
- means for extracting from said tag, identity data adapted to uniquely identify said tag;
  
  means for establishing secure communications between said interrogator and a secure database;
  
  means for storing coinciding random authentication codes in the tag and in the database, the authentication codes in the database being linked to the tag identity;
  
  characterized in that said system includes means for selecting on the basis of the number of successful previous authentications corresponding random authentication codes for comparison in both the database and the tag and there is only a single use of each stored code for authenticating said tag.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45)
- - 38. A system according to claim 37 wherein the RFID tag is affixed to an object, whereby the system may be used to authenticate the object.
  - 39. A system according to claim 37 further comprising means for singulating said tag.
  - 40. A system according to claim 37 further comprising means for authenticating the interrogator.
  - 41. A system according to claim 40 wherein said random authentication codes include interrogator authentication data.
  - 42. A system according to claim 41 wherein said tag includes a plurality of said interrogator authentication data.
  - 43. A system according to claim 41 wherein said interrogator authentication data is not reused.
  - 44. A system according to claim 40 wherein a response to an authentication request from an interrogator that has not been correctly authenticated is produced by a random number generator internal to said tag.
  - 45. A system according to claim 37 wherein said tag identity data is encrypted.

46. A method for secure communication between an interrogator and an RFID tag, said method comprising:
- extracting from said tag, identity data adapted to uniquely identify said tag;
  
  establishing secure communications between said interrogator and a secure database;
  
  storing coinciding random authentication codes in the tag and in the database, the authentication codes in the database being linked to the tag identity;
  
  characterized in that said method includes selecting on the basis of the number of successful previous authentications corresponding random authentication codes for comparison in both the database and the tag and there is only a single use of each stored code for authenticating said tag.
- View Dependent Claims (47, 48, 49, 50, 51, 52, 53, 54)
- - 47. A method according to claim 46 when used for authentication of objects bearing said tag.
  - 48. A method according to claim 46 including the step of singulating said tag.
  - 49. A method according to claim 46 including the step of authenticating the interrogator.
  - 50. A method according to claim 49 wherein said random authentication codes include interrogator authentication data.
  - 51. A method according to claim 50 wherein said tag includes a plurality of said interrogator authentication data.
  - 52. A method according to claim 50 wherein said interrogator authentication data is not reused.
  - 53. A method according to claims 49 wherein a response to an authentication request from an interrogator that has not been correctly authenticated is produced by a random number generator internal to said tag.
  - 54. A method according to claim 46 wherein said tag identity data is encrypted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Tagsys SA
Original Assignee
Tagsys Australia Pty Limited
Inventors
Cole, Peter Harold
Primary Examiner(s)
Holloway, III; Edwin C.

Application Number

US10/863,144
Publication Number

US 20050017844A1
Time in Patent Office

1,001 Days
Field of Search

340/10.1, 340/5.61, 340/5.26, 235/382.5, 235/380
US Class Current

340/10.1
CPC Class Codes

G06K 19/0723   the record carrier comprisi...

G06K 19/18   Constructional details

G06K 7/0008   General problems related to...

G06K 7/10049   binary tree

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/32   including means for verifyi...

Secure data tagging systems

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

60 Citations

54 Claims

Specification

Solutions

Use Cases

Quick Links

Secure data tagging systems

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

60 Citations

54 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links