Security provision in standards-compliant RFID systems
First Claim
1. A method for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the method comprising the steps of:
- transmitting a first command from the reader to write a first data unit to a memory of a given one of the RFID devices;
receiving a reply in the reader from the given RFID device indicating that a second data unit determined based on contents of the first data unit is available in the memory to be accessed by the reader; and
transmitting a second command from the reader to the given RFID device to allow the reader to read the memory to thereby obtain the second data unit;
wherein the first and second data units comprise information exchanged as part of a cryptographic protocol carried out between the reader and the given RFID device; and
wherein the second command is transmitted to the given RFID device responsive to receipt of the reply from the given RFID device.
14 Assignments
0 Petitions
Accused Products
Abstract
Enhanced security is provided in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices. In one aspect of the invention, a first command is transmitted from the reader to write a first data unit to a memory of given one of the RFID devices. A reply is received in the reader from the given RFID device indicating that a second data unit determined based on contents of the first data unit is available in the memory to be accessed by the reader. A second command is transmitted from the reader to the given RFID device to allow the reader to read the memory to thereby obtain the second data unit. The first and second data units comprise information exchanged as part of a cryptographic protocol carried out between the reader and the given RFID device. In an illustrative embodiment, the cryptographic protocol may comprise a challenge-response authentication protocol.
-
Citations
31 Claims
-
1. A method for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the method comprising the steps of:
-
transmitting a first command from the reader to write a first data unit to a memory of a given one of the RFID devices; receiving a reply in the reader from the given RFID device indicating that a second data unit determined based on contents of the first data unit is available in the memory to be accessed by the reader; and transmitting a second command from the reader to the given RFID device to allow the reader to read the memory to thereby obtain the second data unit; wherein the first and second data units comprise information exchanged as part of a cryptographic protocol carried out between the reader and the given RFID device; and wherein the second command is transmitted to the given RFID device responsive to receipt of the reply from the given RFID device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 31)
-
-
20. An apparatus for use in an RFID system, the apparatus comprising:
-
a reader configured to communicate with one or more RFID devices of the system, the reader comprising a processor, a memory coupled to the processor, and interface circuitry coupled to the processor; the reader being operative under control of the processor to transmit a first command to write a first data unit to a memory of a given one of the RFID devices, to receive a reply from the given RFID device indicating that a second data unit determined based on contents of the first data unit is available in the memory to be accessed by the reader, and to transmit a second command to the given RFID device to allow the reader to read the memory to thereby obtain the second data unit; wherein the first and second data units comprise information exchanged as part of a cryptographic protocol carried out between the reader and the given RFID device; and wherein the second command is transmitted to the given RFID device responsive to receipt of the reply from the given RFID device.
-
-
21. A method for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the method comprising the steps of:
-
transmitting a first command from the reader to a given one of the RFID devices; receiving a reply in the reader from the given RFID device indicating that a data unit is available in the memory to be accessed by the reader; and transmitting a second command from the reader to the given RFID device to allow the reader to read the memory to thereby obtain the data unit; wherein the data unit comprises a response value of a challenge-response protocol carried out between the reader and the given RFID device; and wherein the second command is transmitted to the given RFID device responsive to receipt of the reply from the given RFID device. - View Dependent Claims (22)
-
-
23. A method for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the method comprising the steps of:
-
receiving a first command from the reader in a given one of the RFID devices, the first command being a command specified by an RFID standard; and prior to execution of the first command, the given RFID device performing responsive to receipt of the first command a non-standard action not specified by the first command or any other command of the RFID standard; wherein the first command comprises a kill command. - View Dependent Claims (24, 25, 26, 27)
-
-
28. A method for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the method comprising the steps of:
-
receiving in a given one of the RFID devices a first command from the reader directing that a first data unit be written to a memory of the given RFID device; transmitting a reply to the reader from the given RFID device indicating that a second data unit determined based on contents of the first data unit is available in the memory to be accessed by the reader; and receiving a second command in the given RFID device from the reader to allow the reader to read the memory to thereby obtain the second data unit; wherein the first and second data units comprise information exchanged as part of a cryptographic protocol carried out between the reader and the given RFID device; wherein the reply is transmitted from the given RFID device responsive to receipt of the first command in the given RFID device. - View Dependent Claims (29)
-
-
30. An apparatus for use in an RFID system comprising a plurality of RFID devices and at least one reader which communicates with one or more of the devices, the apparatus comprising:
-
a given one of the RFID devices, the given RFID device comprising a processor, a memory coupled to the processor, and interface circuitry coupled to the processor; the given RFID device being operative under control of the processor to receive a first command from the reader directing that a first data unit be written to a memory of the given RFID device, to transmit a reply to the reader indicating that a second data unit determined based on contents of the first data unit is available in the memory to be accessed by the reader, and to receive a second command from the reader to allow the reader to read the memory to thereby obtain the second data unit; wherein the first and second data units comprise information exchanged as part of a cryptographic protocol carried out between the reader and the given RFID device; wherein the reply is transmitted from the given RFID device responsive to receipt of the first command in the given RFID device.
-
Specification