Tag-handle-based authentication of RFID readers
First Claim
Patent Images
1. A method for a Radio Frequency Identification (RFID) integrated circuit (IC) to execute an instruction, the method comprising:
- generating first and second random numbers;
sending an identifier, wherein the identifier is stored in a memory of the IC, is different from the first and second random numbers, and is used to determine a key via a table lookup or as input to an algorithmic key generator;
sending the first random number;
receiving a challenge;
retrieving the key from the memory;
determining a response to the challenge based on a cryptographic algorithm, the key, the challenge, and at least the second random number;
sending the response;
receiving a derived parameter and an instruction; and
executing the instruction upon verifying that the derived parameter derives from at least the first and second random numbers.
1 Assignment
0 Petitions
Accused Products
Abstract
An RFID tag may execute instructions from an authenticated RFID reader. A tag determines a handle and a first parameter, both of which may be random numbers, and sends the handle to a reader. Upon receiving a challenge from the reader, the tag determines and sends a cryptographic response to the challenge based on an algorithm, a tag key, the first parameter, and the challenge. Upon receiving a message with a second parameter and a tag instruction, the tag executes the tag instruction upon verifying that the second parameter derives from the first parameter and the tag handle.
24 Citations
20 Claims
-
1. A method for a Radio Frequency Identification (RFID) integrated circuit (IC) to execute an instruction, the method comprising:
-
generating first and second random numbers; sending an identifier, wherein the identifier is stored in a memory of the IC, is different from the first and second random numbers, and is used to determine a key via a table lookup or as input to an algorithmic key generator; sending the first random number; receiving a challenge; retrieving the key from the memory; determining a response to the challenge based on a cryptographic algorithm, the key, the challenge, and at least the second random number; sending the response; receiving a derived parameter and an instruction; and executing the instruction upon verifying that the derived parameter derives from at least the first and second random numbers. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A Radio Frequency Identification (RFID) integrated circuit (IC) configured to execute an instruction, the IC comprising:
-
a memory configured to store an identifier and a key; and a processor block configured to; generate first and second random numbers; store the first and second random numbers in the memory; send the identifier, wherein the identifier is different from the first and second random numbers and is used to determine the key via a table lookup or as input to an algorithmic key generator; send the first random number; receive a challenge; determine a response to the challenge based on a cryptographic algorithm, the key, the challenge, and at least the second random number; send the response; receive a derived parameter and an instruction; and execute the instruction upon verifying that the derived parameter derives from at least the first and second random numbers. - View Dependent Claims (9, 10, 11, 12, 13)
-
-
14. A Radio Frequency Identification (RFID) reader comprising:
-
a transceiver module configured to transmit and receive RF signals; and a processor block configured to; receive an identifier from an RFID tag; retrieve a first random number from a memory of the tag, wherein the first random number is generated by the tag and different from the identifier; send a challenge to the tag; receive a response to the challenge from the tag, the response based on a cryptographic algorithm, a key, the challenge, and a second random number generated by the tag and different from the first random number; authenticate the response using the key, the key determined by using the identifier in a table lookup or as input into an algorithmic key generator; and upon authenticating the response, send a derived parameter and an instruction to the tag, wherein the derived parameter authorizes the execution of the instruction and is based on at least the first and second random numbers. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification