Methods and apparatus for RFID device authentication

US 7,750,793 B2
Filed: 07/28/2005
Issued: 07/06/2010
Est. Priority Date: 07/29/2004
Status: Active Grant

First Claim

Patent Images

1. A method for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the method comprising the steps of:

receiving an identifier transmitted by a given one of the RFID devices;

determining at least first and second codes, wherein the first code is a valid code for the identifier, and the second code is an invalid code for the identifier;

communicating with the given device to determine if the device is able to confirm that the first code is a valid code and the second code is an invalid code; and

designating the given device as an authenticated device only if the given device is able to confirm that the first code is a valid code and the given device is able to confirm that the second code is an invalid code;

wherein the communicating step further comprises;

sending the first code to the given device and receiving from the given device in response to the first code a corresponding first validity indicator;

sending the second code to the given device and receiving from the given device in response to the second code a corresponding second validity indicator; and

processing the first validity indicator received from the given device to determine if the given device is able to confirm that the first code is a valid code; and

processing the second validity indicator received from the given device to determine if the given device is able to confirm that the second code is an invalid code.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods and apparatus are disclosed for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices. In one aspect of the invention, an identifier transmitted by a given one of the RFID devices is received by a reader or by an associated verifier via the reader. At least first and second codes are determined, by the reader or verifier, with the first code being a valid code for the identifier, and the second code being an invalid code for the identifier. The reader, or verifier via the reader, communicates with the given device to determine if the device is able to confirm that the first code is a valid code and the second code is an invalid code.

41 Citations

View as Search Results

28 Claims

1. A method for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the method comprising the steps of:
- receiving an identifier transmitted by a given one of the RFID devices;
  
  determining at least first and second codes, wherein the first code is a valid code for the identifier, and the second code is an invalid code for the identifier;
  
  communicating with the given device to determine if the device is able to confirm that the first code is a valid code and the second code is an invalid code; and
  
  designating the given device as an authenticated device only if the given device is able to confirm that the first code is a valid code and the given device is able to confirm that the second code is an invalid code;
  
  wherein the communicating step further comprises;
  
  sending the first code to the given device and receiving from the given device in response to the first code a corresponding first validity indicator;
  
  sending the second code to the given device and receiving from the given device in response to the second code a corresponding second validity indicator; and
  
  processing the first validity indicator received from the given device to determine if the given device is able to confirm that the first code is a valid code; and
  
  processing the second validity indicator received from the given device to determine if the given device is able to confirm that the second code is an invalid code.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1 wherein the identifier comprises an electronic product code (EPC).
  - 3. The method of claim 2 wherein the given RFD device comprises an EPC tag.
  - 4. The method of claim 1 wherein the first code comprises a valid kill code of the given RFID device.
  - 5. The method of claim 1 wherein the determining step further comprises generating a set of q codes comprising q−
    - 1 invalid codes and a single valid code with the valid code being inserted in a particular position in the set.
  - 6. The method of claim 5 wherein q=2.
  - 7. The method of claim 5 wherein the communicating step further comprises transmitting a particular one of the codes to the given RFID device, and processing a response to determine whether or not the given RFID device considers the particular code to be valid.
  - 8. The method of claim 7 wherein the transmitting and processing steps are repeated for each of the codes in the set of q codes.
  - 9. The method of claim 5 wherein the set of q codes comprises a set {P_i⁽ⁿ⁾}_n=1^qselected uniformly at random without duplication from {0, 1}^kwith the valid code comprising a code K_iwhich replaces a random element P_i^(j)for jε
    - _U{1, 2, . . . , q}.
  - 10. The method of claim 5 wherein the set of q codes is generated pseudorandomly, utilizing a one-way hash function and a master key.
  - 11. The method of claim 1 wherein the receiving, determining and communicating steps are each implemented at least in part in the reader.
  - 12. The method of claim 1 wherein the receiving, determining and communicating steps are each implemented at least in part in a verifier which is separate from the reader and which communicates with the RFID device via the reader.
  - 13. The method of claim 12 wherein, of the reader and the verifier, only the verifier is aware of which of the codes is the valid code for the identifier.
  - 14. The method of claim 5 wherein the q codes are supplied to the reader by a verifier which is separate from the reader, and the reader is unaware as to which of the q codes is the valid code.
  - 15. The method of claim 1 wherein the codes are supplied to the reader by a verifier only upon fulfillment by the reader of at least one specified condition.
  - 16. The method of claim 15 wherein the codes are supplied by the verifier to the reader only if the reader can demonstrate to the verifier that the reader is in communication with the given RFID device.

17. A method for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the method comprising the steps of:
- receiving an identifier transmitted by a given one of the RFID devices;
  
  determining a code corresponding to the identifier, the code being utilizable to initiate a control function of the given RFID device;
  
  transmitting the code to the given RFID device; and
  
  designating the given RFID device as an authenticated device only if an expected response to transmission of the code is received from the given RFID device;
  
  wherein the code comprises a predetermined control code that directs the given RFID device to enter an inactive mode of operation; and
  
  wherein at least one of the given RFID device and the reader are configured to ensure that the given RFID device fails to enter the inactive mode of operation responsive to receiving the control code; and
  
  wherein the expected response comprises an error code generated by the RFID device to indicate that the given RFID device failed to enter the inactive mode of operation responsive to receiving the control code.
- View Dependent Claims (18)
- - 18. The method of claim 17 wherein the code comprises a valid kill code of the given RFID device, and wherein at least one of the given RFID device and the reader are configured such that the RFID device registers insufficient power for the kill code.

19. A method for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the method comprising the steps of:
- receiving an identifier transmitted by a given one of the RFID devices;
  
  transmitting a first code to the given RFID device;
  
  receiving a second code from the given RFID device responsive to transmission of the first code to the given RFID device; and
  
  determining if the second code is a valid code for the given RFID device;
  
  wherein each of the first and second codes comprises a code which is stored in the given RFID device and utilized to initiate a corresponding control function of the given RFID device by directing the given RFID device to enter a corresponding mode of operation; and
  
  wherein release of the second code by the given RFID device is conditioned upon confirmation of the validity of the first code by the given RFID device.
- View Dependent Claims (20, 21, 22, 23)
- - 20. The method of claim 19 wherein the given RFID device comprises an EPC tag.
  - 21. The method of claim 19 wherein the first code comprises a valid access code of the given RFID device.
  - 22. The method of claim 19 wherein the second code comprises a valid kill code of the given RFID device.
  - 23. The method of claim 20 wherein the second code comprises a particular one of a plurality of portions of a valid kill code of the given RFID device.

24. An apparatus for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the apparatus comprising:
- a processing device comprising a processor coupled to a memory, the processing device being configured to receive an identifier transmitted by a given one of the RFID devices, to determine at least first and second codes, wherein the first code is a valid code for the identifier, and the second code is an invalid code for the identifier, to communicate with the given device to determine if the device is able to confirm that the first code is a valid code and the second code is an invalid code, and to designate the given device as an authenticated device only if the given device is able to confirm that the first code is a valid code and the given device is able to confirm that the second code is an invalid code;
  
  wherein the processing device is further configured to send the first code to the given device and to receive from the given device in response to the first code a corresponding first validity indicator, to send the second code to the given device and to receive from the given device in response to the second code a corresponding second validity indicator, to process the first validity indicator received from the given device to determine if the given device is able to confirm that the first code is a valid code, and to process the second validity indicator received from the given device to determine if the given device is able to confirm that the second code is an invalid code.
- View Dependent Claims (25, 26)
- - 25. The apparatus of claim 24 wherein the processing device is implemented in the reader.
  - 26. The apparatus of claim 24 wherein the processing device is implemented in a verifier which is separate from the reader but which communicates with the RFID devices via the reader.

27. An apparatus for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the apparatus comprising:
- a processing device comprising a processor coupled to a memory, the processing device being configured to receive an identifier transmitted by a given one of the RFID devices, to transmit a first code to the given RFID device, to receive a second code from the given RFID device responsive to transmission of the first code to the given RFID device, and to determine if the second code is a valid code for the given RFID device;
  
  wherein release of the second code by the given RFID device is conditioned upon confirmation of the validity of the first code by the given RFID device; and
  
  wherein each of the first and second codes comprises a code which is stored in the given RFID device and utilized to initiate a corresponding control function of the given RFID device by directing the given RFID device to enter a corresponding mode of operation.

28. An RFID device for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the RFID device being configured to transmit an identifier to the reader, to receive from the reader at least first and second codes, wherein the first code is a valid code for the identifier, and the second code is an invalid code for the identifier, and to transmit information to the reader indicating confirmation that the first code is a valid code and the second code is an invalid code;
- wherein the RFID device receives the first code from the reader and in response to receipt of the first code sends the reader a corresponding first validity indicator; and
  
  wherein the RFID device receives the second code from the reader and in response to receipt of the second code sends the reader a corresponding second validity indicator;
  
  the first and second validity indicators sent from the RFID device to the reader providing sufficient information to permit designation of the RFID device as an authenticated device based on a determination as to whether the RFID device is able to confirm which of the first and second codes is the valid code, said determination comprising a first determination that the first code is a valid code for the identifier and a second determination that the second code is an invalid code for the identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Emc IP Holding Company LLC (Dell Technologies Inc.)
Original Assignee
EMC Corporation (Dell Technologies Inc.)
Inventors
Juels, Ari
Primary Examiner(s)
Holloway, III; Edwin C

Application Number

US11/191,633
Publication Number

US 20060022799A1
Time in Patent Office

1,804 Days
Field of Search

340/10.5, 340/5.61, 340/572.1, 340/572.3, 340/10.1, 340/10.51, 713/168, 235/380
US Class Current

340/10.5
CPC Class Codes

G06K 7/0008 General problems related to...

G06K 7/10019 resolving collision on the ...

Methods and apparatus for RFID device authentication

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

41 Citations

28 Claims

Specification

Use Cases

Quick Links

Others

Methods and apparatus for RFID device authentication

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

41 Citations

28 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others