RFID secure authentication

US 9,774,455 B2
Filed: 11/02/2016
Issued: 09/26/2017
Est. Priority Date: 03/14/2013
Status: Active Grant

First Claim

Patent Images

1. A method of authenticating an RFID tag, the method comprising:

encrypting a secret key stored on a first device with a unique identification code stored on an RFID tag to generate an original authentication signature at the first device;

storing the original authentication signature at the RFID tag;

reading the unique identification code from the RFID tag using a second device;

encrypting a copy of the secret key stored on the second device with the unique identification code to generate a second authentication signature at the second device;

comparing the second authentication signature to the original authentication signature; and

determining authenticity of the RFID tag based on the comparison of the second authentication signature and the original authentication signature.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authentication systems and methods for a population of devices each associated with an RFID tag are described. For each device, a secret key is combined cryptographically with a publicly-readable unique identifier (UID) of an RFID tag to obtain a unique authorization signature. The RFID tag is prepared utilizing the unique authorization signature as memory-access and/or tag-operation password(s). The systems and methods may safeguard against attacks whereby compromise of a single tag will not compromise the entire population of devices and may reduce or eliminate the use of inappropriate surgical devices during a surgical procedure.

70 Citations

View as Search Results

20 Claims

1. A method of authenticating an RFID tag, the method comprising:
- encrypting a secret key stored on a first device with a unique identification code stored on an RFID tag to generate an original authentication signature at the first device;
  
  storing the original authentication signature at the RFID tag;
  
  reading the unique identification code from the RFID tag using a second device;
  
  encrypting a copy of the secret key stored on the second device with the unique identification code to generate a second authentication signature at the second device;
  
  comparing the second authentication signature to the original authentication signature; and
  
  determining authenticity of the RFID tag based on the comparison of the second authentication signature and the original authentication signature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method according to claim 1, wherein the original authentication signature and the second authentication signature are generated by performing a hash function on the secret key stored at the first device or the copy of the secret key stored at the second device, respectively, and the unique identification code.
  - 3. The method according to claim 2, wherein the hash function is selected from the group consisting of an SHA-1 function, an SHA-1 HMAC function, an SHA-2 function, and an MD5 function.
  - 4. The method according to claim 1, wherein the original authentication signature and the second authentication signature are generated by:
    - concatenating the unique identification code and the secret key stored at the first device or the copy of the secret key stored at the second device to create a bitstring; and
      
      performing a hash function on the bitstring.
  - 5. The method according to claim 4, wherein the hash function is selected from the group consisting of an SHA-1 function, an SHA-1 HMAC function, an SHA-2 function, and an MD5 function.
  - 6. The method according to claim 1, further comprising:
    - dividing the original authentication signature into a plurality of bitstrings; and
      
      performing an XOR operation on a first bitstring of the plurality of bitstrings and on a second bitstring of the plurality of bitstrings to obtain an intermediate signature.
  - 7. The method according to claim 6, further comprising:
    - performing an XOR operation on the intermediate signature and on a third bitstring of the plurality of bitstrings.
  - 8. The method according to claim 1, wherein determining authenticity of the RFID tag further includes performing at least one of a read function, a write function, or a read-write function on the RFID tag by the second device.

9. A system for authenticating an RFID tag, comprising:
- an RFID tag including;
  
  a unique identifier; and
  
  a password module configured to store a password; and
  
  a preparation unit including;
  
  an RFID communication module configured to communicate with the RFID tag;
  
  a unit memory configured to store a secret key;
  
  a processor coupled to the unit memory and the RFID communication module, the processor configured to;
  
  read the unique identifier from the RFID tag;
  
  encrypt the secret key with the unique identifier of the RFID tag to generate an authentication signature; and
  
  store the authentication signature as the password in the password module.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system according to claim 9, wherein the password module is configured to output a verification status in response to a match between a proffered password and the stored password.
  - 11. The system according to claim 10, wherein the RFID tag further includes a tag memory for storing data.
  - 12. The system according to claim 11, wherein the password module is configured to enable at least one of a read operation or a write operation on the tag memory in response to a match between a proffered password and the stored password.
  - 13. The system according to claim 12, wherein the password module is configured to initialize a data structure in response to a match between a proffered password and the stored password.
  - 14. The system according to claim 13, wherein the data structure is configured to store one or more datum selected from the group consisting of a usage count, a manufacturing date, a manufacturer serial number, an expiration date, calibration data, usage data, certification data, and an operational limit parameter.
  - 15. The system according to claim 9, wherein the processor is further configured to generate the authentication signature based on a cryptographic hash of the secret key and the unique identifier of the RFID tag.
  - 16. The system according to claim 15, wherein the cryptographic hash is selected from the group consisting of an MD5 hash, an SHA-1 hash, an SHA-1 HMAC function, and an SHA-2 hash.

17. A system for authenticating a surgical instrument, the method system comprising:
- a surgical instrument having an RFID tag, wherein the RFID tag includes;
  
  a unique identifier; and
  
  a password module configured to store a password; and
  
  an authentication unit, including;
  
  an RFID communication module configured to communicate with the RFID tag;
  
  a unit memory configured to store a secret key;
  
  a processor coupled to the unit memory and the RFID communication module, the processor configured to;
  
  read the unique identifier from the RFID tag;
  
  encrypt the secret key with the unique identifier of the RFID tag to generate an authentication signature;
  
  transmit the authentication signature to the password module; and
  
  receive a verification status from the password module in response to the authentication signature matching the password.
- View Dependent Claims (18, 19, 20)
- - 18. The system according to claim 17, further comprising an electrosurgical generator operably coupled to the authentication unit.
  - 19. The system according to claim 18, wherein the electrosurgical generator is configured to enable an operational mode in response to the verification status.
  - 20. The system according to claim 19, wherein the RFID tag further includes a tag memory storing data and the authentication unit is configured to modify the data stored in the tag memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Covidien LP (Medtronic Plc)
Original Assignee
Covidien LP (Medtronic Plc)
Inventors
Klammer, Peter F., Paterson, William G.
Primary Examiner(s)
Feild, Joseph
Assistant Examiner(s)
MORTELL, JOHN F

Application Number

US15/341,244
Publication Number

US 20170078102A1
Time in Patent Office

328 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/44   Program or device authentic...

G06F 21/82   Protecting input, output or...

G06K 19/0723   the record carrier comprisi...

G06Q 10/08   Logistics, e.g. warehousing...

G07C 9/28   the pass enabling tracking ...

H04L 2209/80   Wireless network architectu...

H04L 63/06   for supporting key manageme...

H04L 63/083   using passwords cryptograph...

H04L 9/0863   involving passwords or one-...

H04L 9/3247   involving digital signatures

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

Y04S 40/20   Information technology spec...

RFID secure authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

70 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

RFID secure authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

70 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links