RFID tag authentication with public-key cryptography
First Claim
1. A method for authenticating a Radio Frequency Identification (RFID) tag, the method comprising:
- retrieving a tag public key (TPK), an item identifier (II), and an electronic signature (ES) from the tag, the ES computed over at least the TPK and the II;
retrieving a signing-authority public key (SAPK) associated with the ES;
verifying, using the SAPK and the ES, the TPK and the II;
challenging the tag with a challenge;
receiving a response from the tag; and
authenticating the tag by verifying the response using the TPK.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication method includes RFID readers authenticating RFID tags using public-key cryptography. A tag manufacturer or other legitimate authority produces a tag private-public key pair and stores the tag private key in externally unreadable tag memory and the tag public key in externally readable tag memory. The authority produces a master private-public key pair and distributes the master public key to readers in the field. The authority generates a tag-specific electronic signature based on at least the tag public key and the master private key and stores this signature in externally readable tag memory. A reader authenticates the tag by retrieving the tag public key and electronic signature from the tag, verifying the authenticity of the tag public key using the master public key and the electronic signature, challenging the tag, receiving a response from the tag to the challenge, and verifying the response using the tag public key.
32 Citations
20 Claims
-
1. A method for authenticating a Radio Frequency Identification (RFID) tag, the method comprising:
-
retrieving a tag public key (TPK), an item identifier (II), and an electronic signature (ES) from the tag, the ES computed over at least the TPK and the II; retrieving a signing-authority public key (SAPK) associated with the ES; verifying, using the SAPK and the ES, the TPK and the II; challenging the tag with a challenge; receiving a response from the tag; and authenticating the tag by verifying the response using the TPK. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for a Radio Frequency Identification (RFID) tag integrated circuit (IC) to authenticate itself to an RFID reader system, the IC storing a tag public key (TPK) and a tag private key (TPRK) corresponding to the TPK, the method comprising:
-
sending the TPK, an item identifier (II), and an electronic signature (ES) to the reader system, the ES computed over at least the TPK and the II, thereby enabling the reader system to; retrieve a signing-authority public key (SAPK) associated with the ES; and verify the TPK and the II using the SAPK and the ES; receiving a challenge from the reader system; computing a response based on the challenge and the TPRK; and sending the response to the reader system, thereby enabling the reader system to authenticate the IC by verifying the response using the TPK. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method for a Radio Frequency Identification (RFID) reader system to authenticate an RFID tag, the method comprising:
-
retrieving a tag public key (TPK), an item identifier (II), and an electronic signature (ES), the ES computed over at least the TPK and the II, from the tag; retrieving a signing-authority public key (SAPK) associated with the ES; verifying, using the SAPK and the ES, the TPK and the II; challenging the tag with a challenge; receiving a response from the tag; and authenticating the tag by verifying the response using the TPK. - View Dependent Claims (17, 18, 19, 20)
-
Specification