Low-complexity cryptographic techniques for use with radio frequency identification devices
First Claim
1. A method for use in an RFID system comprising at least one RFID device and at least one reader which communicates with the RFID device, the method comprising the steps of:
- associating a plurality of pseudonyms with the RFID device; and
transmitting from the RFID device different ones of the pseudonyms in response to different reader queries of the RFID device;
wherein an authorized verifier is able to determine that the different transmitted pseudonyms are associated with the same RFID device;
wherein the verifier authenticates itself to the RFID device by releasing to the RFID device an authentication value β
i unique to a given pseudonym α
i transmitted by the RFID device;
wherein the RFID device authenticates itself to the verifier by releasing to the verifier an authentication value γ
i unique to the given pseudonym α
i transmitted by the RFID device; and
wherein at least one of the values α
i, β
i and γ
i is selected from a corresponding set of such values that is stored in the RFID device and updated using one-time pads transmitted by the verifier to the RFID device over multiple authentication sessions carried out between the verifier and the RFID device.
14 Assignments
0 Petitions
Accused Products
Abstract
Cryptographic techniques are provided having a complexity level which permits their implementation in inexpensive radio frequency identification (RFID) tags or other RFID devices. In an RFID system comprising one or more RFID devices and at least one reader that communicates with the devices, a plurality of pseudonyms is associated with a given one of the RFID devices. The RFID device transmits different ones of the pseudonyms in response to different reader queries, and an authorized verifier is able to determine that the different transmitted pseudonyms are associated with the same RFID device.
248 Citations
31 Claims
-
1. A method for use in an RFID system comprising at least one RFID device and at least one reader which communicates with the RFID device, the method comprising the steps of:
-
associating a plurality of pseudonyms with the RFID device; and transmitting from the RFID device different ones of the pseudonyms in response to different reader queries of the RFID device; wherein an authorized verifier is able to determine that the different transmitted pseudonyms are associated with the same RFID device; wherein the verifier authenticates itself to the RFID device by releasing to the RFID device an authentication value β
i unique to a given pseudonym α
i transmitted by the RFID device;wherein the RFID device authenticates itself to the verifier by releasing to the verifier an authentication value γ
i unique to the given pseudonym α
i transmitted by the RFID device; andwherein at least one of the values α
i, β
i and γ
i is selected from a corresponding set of such values that is stored in the RFID device and updated using one-time pads transmitted by the verifier to the RFID device over multiple authentication sessions carried out between the verifier and the RFID device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 17, 20, 21, 22, 23, 31)
-
-
14. A method for use in an RFID system comprising at least one RFID device and at least one reader which communicates with the RFID device, the method comprising the steps of:
-
associating a plurality of pseudonyms with the RFID device; and transmitting from the RFID device different ones of the pseudonyms in response to different reader queries of the RFID device; wherein an authorized verifier is able to determine that the different transmitted pseudonyms are associated with the same RFID device; and wherein for a given value κ
utilized in the RFID device, a vector Δ
κ
={δ
κ
(1), δ
κ
(2), . . . , δ
κ
(m)} of one-time pads is maintained in the RFID device, wherein the one-time pad δ
κ
(1) is designated as a live pad and is used by the RFID device to update the value κ
, where m denotes a number of authentication sessions over which one-time pads are constructed. - View Dependent Claims (15, 16)
-
-
18. A method for use in an RFID system comprising at least one RFID device and at least one reader which communicates with the RFID device, the method comprising the steps of:
-
associating a plurality of pseudonyms with the RFID device; and transmitting from the RFID device different ones of the pseudonyms in response to different reader queries of the RFID device; wherein an authorized verifier is able to determine that the different transmitted pseudonyms are associated with the same RFID device; wherein the verifier is configured to store for a given RFID device Tx a static identifier idx corresponding to at least one pseudonym of Tx; and wherein the pseudonyms for Tx are obtained by encrypting idx ∥
Zx under a symmetric key Kα
for the verifier, where Zx, comprises a pseudonym counter. - View Dependent Claims (19)
-
-
24. A method for use in an RFID system comprising at least one RFID device and at least one reader which communicates with the RFID device, the method comprising the steps of:
-
associating a plurality of pseudonyms with the RFID device; and transmitting from the RFID device different ones of the pseudonyms in response to different reader queries of the RFID device; wherein an authorized verifier is able to determine that the different transmitted pseudonyms are associated with the same RFID device; wherein the RFID device incorporates a pseudorandom number generator, where ƒ
κx (i) represents an output of the pseudorandom number generator for index i, where κ
x is a seed associated with the RFID device;wherein the RFID device and the verifier attempt to maintain a common counter dx unique to the RFID device, and share the seed Kx; and wherein for a given counter value d, the RFID device computes a given one of the pseudonyms as a function of both a base value b and the given counter value d, and the verifier provides a subseciuent instruction to the RFID device to increment the base value b. - View Dependent Claims (25, 26)
-
-
27. An apparatus for use in an RFID system, the apparatus comprising:
-
an RFID device having a plurality of pseudonyms associated therewith and being operative to communicate with one or more readers of the system; the RFID device being further operative to transmit different ones of the pseudonyms in response to different reader queries of the RFID device; wherein an authorized verifier is able to determine that the different transmitted pseudonyms are associated with the same RFID device; wherein the verifier authenticates itself to the RFID device by releasing to the RFID device an authentication value β
i unique to a given pseudonym α
i transmitted by the RFID device;wherein the RFID device authenticates itself to the verifier by releasing to the verifier an authentication value γ
i unique to the given pseudonym α
i transmitted by the RFID device; andwherein at least one of the values α
i, β
i and γ
i is selected from a corresponding set of such values that is stored in the RFID device and updated using one-time pads transmitted by the verifier to the RFID device over multiple authentication sessions carried out between the verifier and the RFID device.
-
-
28. An RFID system comprising:
-
a plurality of RFID devices; and a plurality of readers which communicate with at least a subset of the RFID devices; wherein a plurality of pseudonyms are associated with a given one of the RFID devices, the given RFID device being configurable to transmit different ones of the pseudonyms in response to different reader queries of the given RFID device; wherein an authorized verifier is able to determine that the different transmitted pseudonyms are associated with the same RFID device; wherein the verifier authenticates itself to the given RFID device by releasing to the given RFID device an authentication value β
i unique to a given pseudonym α
i transmitted by the given RFID device;wherein the given RFID device authenticates itself to the verifier by releasing to the verifier an authentication value γ
i unique to the given pseudonym α
i transmitted by the given RFID device; andwherein at least one of the values α
i, β
i and γ
i is selected from a corresponding set of such values that is stored in the given RFID device and updated using one- time pads transmitted by the verifier to the given RFID device over multiple authentication sessions carried out between the verifier and the given RFID device.
-
-
29. An apparatus for use in an RFID system, the apparatus comprising:
-
a reader which communicates with one or more RFID devices; wherein a plurality of pseudonyms are associated with a given one of the RFID devices, the given RFID device transmitting different ones of the pseudonyms in response to different reader queries of the given RFID device; wherein an authorized verifier is able to determine that the different transmitted pseudonyms are associated with the same RFID device; wherein the verifier authenticates itself to the given RFID device by releasing to the given RFID device an authentication value β
i unique to a given pseudonym α
i transmitted by the given RFID device;wherein the given RFID device authenticates itself to the verifier by releasing to the verifier an authentication value γ
i unique to the given pseudonym α
i transmitted by the given RFID device; andwherein at least one of the values α
i, β
i and γ
i is selected from a corresponding set of such values that is stored in the given RFID device and updated using one-time pads transmitted by the verifier to the given RFID device over multiple authentication sessions carried out between the verifier and the given RFID device.
-
-
30. A method for use in a system comprising at least one device and at least one reader which communicates with the device, the method comprising the steps of:
-
associating a plurality of pseudonyms with the device; and transmitting from the device different ones of the pseudonyms in response to different reader queries of the device; wherein the pseudonyms are determined utilizing an updateable set of one or more one-time pads maintained in the device; wherein the device comprises an RFID device; wherein a verifier authenticates itself to the RFID device by releasing to the RFID device an authentication value β
i unique to a given pseudonym α
i transmitted by the RFID device;wherein the RFID device authenticates itself to the verifier by releasing to the verifier an authentication value γ
i unique to the given pseudonym α
i transmitted by the RFID device; andwherein at least one of the values α
i, β
i and γ
i is selected from a corresponding set of such values that is stored in the RFID device and updated using one-time pads transmitted by the verifier to the RFID device over multiple authentication sessions carried out between the verifier and the RFID device.
-
Specification