RFID tag authentication with public-key cryptography
First Claim
1. A method for a Radio Frequency Identification (RFID) reader to authenticate an RFID tag, the method comprising:
- retrieving a tag public key (TPK), an item identifier (II), and an electronic signature (ES) from the tag, the ES computed over at least the TPK and the II;
retrieving a signing-authority public key (SAPK) associated with the ES from a signing authority;
verifying, using the SAPK and the ES, the TPK and the II;
challenging the tag with a challenge;
receiving a response from the tag; and
authenticating the tag by verifying the response using the TPK.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication method includes RFID readers authenticating RFID tags using public-key cryptography. A tag manufacturer or other legitimate authority produces a tag private-public key pair and stores the tag private key in externally unreadable tag memory and the tag public key in externally readable tag memory. The authority produces a master private-public key pair and distributes the master public key to readers in the field. The authority generates a tag-specific electronic signature based on at least the tag public key and the master private key and stores this signature in externally readable tag memory. A reader authenticates the tag by retrieving the tag public key and electronic signature from the tag, verifying the authenticity of the tag public key using the master public key and the electronic signature, challenging the tag, receiving a response from the tag to the challenge, and verifying the response using the tag public key.
-
Citations
27 Claims
-
1. A method for a Radio Frequency Identification (RFID) reader to authenticate an RFID tag, the method comprising:
-
retrieving a tag public key (TPK), an item identifier (II), and an electronic signature (ES) from the tag, the ES computed over at least the TPK and the II; retrieving a signing-authority public key (SAPK) associated with the ES from a signing authority; verifying, using the SAPK and the ES, the TPK and the II; challenging the tag with a challenge; receiving a response from the tag; and authenticating the tag by verifying the response using the TPK. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A Radio Frequency Identification (RFID) reader system for authenticating an RFID tag, the system comprising:
an RFID reader configured to; retrieve a tag public key (TPK), an item identifier (II), and an electronic signature (ES), the ES computed over at least the TPK and the II, from the tag; retrieve a signing-authority public key (SAPK) associated with the ES from a signing authority; verify, using the SAPK and the ES, the TPK and the II; challenge the tag with a challenge; receive a response from the tag; and authenticate the tag by verifying the response using the TPK. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
22. A method for a Radio Frequency Identification (RFID) reader to authenticate an RFID tag, the method comprising:
-
retrieving a tag public key (TPK) and an item identifier (II) from the tag; retrieving at least one of a first electronic signature (ES1) and a second electronic signature (ES2) from the tag, the ES1 and the ES2 computed over at least the TPK and the II; retrieving at least one of a first signing-authority public key (SAPK1) associated with the ES1 from a first signing authority and a second signing-authority public key (SAPK2) associated with the ES2 from a second signing authority; verifying the TPK and the II using at least one of; the SAPK1 and ES1, and the SAPK2 and ES2; challenging the tag with a challenge; receiving a response from the tag; and authenticating the tag by verifying the response using the TPK. - View Dependent Claims (23, 24, 25, 26, 27)
-
Specification