Radio frequency identification tag security systems
First Claim
Patent Images
1. A method of operating a radio-frequency identification system, the system including a tag, a reader and a third party authority,wherein the tag has a tag name, the tag name comprising a tag identity and a secret value, wherein the secret value is mapped to the tag identity,the method comprising the steps of:
- (i) the reader interrogating the tag,(ii) the tag sending in response a pseudonym comprising an encryption of the secret value,(iii) the reader sending a request to the third party authority for release of a decryption key, the request including the pseudonym received from the tag,(iv) the third party authority, having determined that the reader is authorized to receive the decryption key, sending to the reader the decryption key, and(v) the reader using the decryption key to obtain the tag identity,wherein the decryption key can be used by the reader to obtain the tag identity a pre-determined plurality of times without further contact between the reader and the third party authority after the request for release of the decryption key.
1 Assignment
0 Petitions
Accused Products
Abstract
Security and privacy of tag information in an RFID-based system can be achieved through the usage of pseudonyms generated based on one-way hash functions. A system based on binary one-way trees allows for the scalable generation and decoding of authentication keys to obtain access to tag identities. The apparatus and methods described can also be adapted to provide limited access for readers to tag information.
30 Citations
9 Claims
-
1. A method of operating a radio-frequency identification system, the system including a tag, a reader and a third party authority,
wherein the tag has a tag name, the tag name comprising a tag identity and a secret value, wherein the secret value is mapped to the tag identity, the method comprising the steps of: -
(i) the reader interrogating the tag, (ii) the tag sending in response a pseudonym comprising an encryption of the secret value, (iii) the reader sending a request to the third party authority for release of a decryption key, the request including the pseudonym received from the tag, (iv) the third party authority, having determined that the reader is authorized to receive the decryption key, sending to the reader the decryption key, and (v) the reader using the decryption key to obtain the tag identity, wherein the decryption key can be used by the reader to obtain the tag identity a pre-determined plurality of times without further contact between the reader and the third party authority after the request for release of the decryption key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of operating a radio-frequency identification system, the system including a tag, a reader and a third party authority, wherein
the tag has a tag name, the tag name comprising a tag identity and a secret value, wherein the secret value is mapped to the tag identity, the method comprising the steps of: -
(i) the reader interrogating the tag, (ii) the tag sending to the reader in response, locational information describing the location of a decryption key within a one-way hash tree, (iii) the reader sending a request to the third party authority for release of a decryption key, the request including the locational information received from the tag, (iv) the third party authority, having determined that the reader is authorized to receive the decryption key, sending to the reader the decryption key, and (v) the reader using the decryption key to obtain the tag identity, wherein the decryption key can be used by the reader to obtain the tag identity a pre-determined plurality of times without further contact between the reader and third party authority after the request for release of the decryption key.
-
-
9. A system to perform a method of operating a radio-frequency identification system, the system comprising
a tag having a tag name, the tag name comprising a tag identity and a secret value, wherein the secret value is mapped to the tag identity, a reader arranged in use for interrogating the tag, and for receiving in response from the tag a pseudonym being an encryption of the secret value, a third party authority arranged in use to receive from the reader a request for release of a decryption key, the request including the pseudonym received from the tag, and sending to the reader the decryption key after determining that the reader is authorized to receive the decryption key, wherein in use the reader can use the decryption key to obtain the tag identity a pre-determined plurality of times without further contact between the reader and the third party authority after the request for release of the decryption key.
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeBritish Telecommunications PLC (BT Group PLC)
-
Original AssigneeBritish Telecommunications PLC (BT Group PLC)
-
InventorsSoperra, Andrea, Burbridge, Trevor
-
Primary Examiner(s)Bugg; George A
-
Assistant Examiner(s)Labbees; Edny
-
Application NumberUS11/794,715Publication NumberTime in Patent Office1,945 DaysField of Search340/10.1, 340/10.4, 340/10.41, 340/10.42, 340/10.5, 340/10.51, 340/10.52, 3405721-5729, 380277-286US Class Current340/572.1CPC Class CodesG06F 21/31 User authenticationG06F 21/445 by mutual authentication, e...G06F 21/6209 to a single file or object,...G06F 21/73 by creating or determining ...G06F 2221/2115 Third partyG06F 2221/2129 Authenticate client device ...G06K 17/0022 arrangements or provisious ...G06K 7/0008 General problems related to...G06K 7/10049 binary treeH04L 2209/30 Compression, e.g. Merkle-Da...H04L 2209/42 Anonymization, e.g. involvi...H04L 2209/805 Lightweight hardware, e.g. ...H04L 9/0836 using tree structure or hie...H04L 9/321 involving a third party or ...H04L 9/3273 for mutual authentication n...
