RFID mutual authentication verification session
First Claim
Patent Images
1. A protocol for safeguarding the security of radio frequency identification (RFID) communications between an RFID base station reader and an RFID tag to provide protection against an unauthorized communication, the protocol comprising:
- conducting by the tag and the base station reader a first process of mutually authenticating the tag and the base station reader as being authorized to participate in a series of transactions, said process of mutually authenticating operating on a first random number generated by the tag, a second random number generated by the reader and a key stored by the tag and the reader; and
using a second process differing from the first process to separately verify the authenticity of the base station reader before each transaction in the series of transactions wherein the tag determines whether the base station reader is authentic by comparing a base station reader authentication code generated by the base station reader and a tag authentication code generated by the tag, the base station reader authentication code being appended to an unencrypted base station reader message for instructing the tag to perform a tag operationwherein said base station reader authentication code and said tag authentication code are based on said first or second random numbers or said key.
3 Assignments
0 Petitions
Accused Products
Abstract
In a protocol for preserving the privacy of communications between a RFID reader and a RFID tag, two distinct actions are taken. First, the reader and the tag must be mutually authenticated as being authorized participants in the communications. After that process is successfully completed, the authenticity of each authorized participant must be validated prior to each subsequent communication between reader and tag.
-
Citations
28 Claims
-
1. A protocol for safeguarding the security of radio frequency identification (RFID) communications between an RFID base station reader and an RFID tag to provide protection against an unauthorized communication, the protocol comprising:
-
conducting by the tag and the base station reader a first process of mutually authenticating the tag and the base station reader as being authorized to participate in a series of transactions, said process of mutually authenticating operating on a first random number generated by the tag, a second random number generated by the reader and a key stored by the tag and the reader; and using a second process differing from the first process to separately verify the authenticity of the base station reader before each transaction in the series of transactions wherein the tag determines whether the base station reader is authentic by comparing a base station reader authentication code generated by the base station reader and a tag authentication code generated by the tag, the base station reader authentication code being appended to an unencrypted base station reader message for instructing the tag to perform a tag operation wherein said base station reader authentication code and said tag authentication code are based on said first or second random numbers or said key. - View Dependent Claims (2, 3, 4, 26)
-
-
5. A protocol for safeguarding the security of radio frequency identification (RFID) communications between an RFID reader and an RFID tag so as to provide protection against an unauthorized communication, the protocol comprising:
-
conducting by the tag and the reader a process using a unique variable, a random number generated by the tag and a random number generated by the reader for mutually authenticating the tag and the reader as being authorized to participate in a series of transactions with the tag; and separately verifying the authenticity of the reader before each transaction in the series by the tag determining whether the reader is authentic by conducting a process using at least one of said unique variable, said random number generated by the tag or said random number generated by the reader to compare a reader authentication code generated by the reader and a tag authentication code generated by the tag, the reader authentication code being an encrypted CRC cyclic redundancy check (CRC) sent by the reader and appended to an unencrypted reader message for instructing the tag to perform a tag operation, said CRC being formed from said unencrypted reader message. - View Dependent Claims (6, 7, 8)
-
-
9. A protocol for safeguarding the security of radio frequency identification (RFID) communications to an RFID reader from an RFID tag so as to provide protection against an unauthorized communication, the protocol comprising:
-
conducting by the tag and the reader a first process of mutually authenticating the tag and the reader as being authorized to participate in a series of transactions, said process of mutually authenticating operating on a first random number generated by the tag, a second random number generated by the reader and a key stored by the tag and the reader; and using a second process differing from the first process to separately verify the authenticity of the tag before each transaction in the series by the reader determining whether the tag is authentic by comparing a tag authentication code generated by the tag and a reader authentication code generated by the reader, the tag authentication code being encrypted by the tag and appended to an unencrypted tag response to a reader message for instructing the tag to perform a tag operation authentication wherein said base station reader authentication code and said tag authentication code are based on said first or second random numbers or said key. - View Dependent Claims (10, 11, 12)
-
-
13. A protocol for safeguarding the security of radio frequency identification (RFID) communications between an RFID reader and an RFID tag having a memory with a protected portion so as to provide protection for the protected portion against intrusion by an unauthorized reader, the protocol comprising:
-
conducting by the tag and the reader a first authentication process of mutually authenticating the tag and the reader as being authorized to participate in a series of transactions involving an accessing of the protected portion, said process of mutually authenticating operating on a first random number generated by the tag, a second random number generated by the reader and a key stored by the tag and the reader; and using a second authentication process differing from the first authentication process to separately verify the authenticity of the reader as being authorized before each transaction in the series by the tag determining whether the reader is authentic by comparing a reader authentication code generated by the reader and a tag authentication code generated by the tag, the reader authentication code being encrypted by the reader and appended to an unencrypted reader message for instructing the tag to perform a tag operation, wherein the encrypted reader authentication code and the appended unencrypted message are transmitted together to the tag wherein said base station reader authentication code and said tag authentication code are based on said first or second random number or said key. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
27. A protocol for safeguarding the security of radio frequency identification (RFID) communications between an RFID reader and an RFID tag having a memory with a protected portion so as to provide protection for the protected portion against intrusion, the protocol comprising:
-
conducting by the tag and the reader a process of mutually authenticating the tag and the reader as being authorized to participate in a series of transactions involving an access of the data of the protected portion, said mutual authentication using a key known to the tag and the reader, a random number generated by the reader and a random number generated by the tag; and separately verifying the authenticity of the reader before each transaction in the series by the tag determining whether the reader is authentic by comparing a reader error detection function generated by the reader and a tag error detection function generated by the tag, the reader error detection function being encrypted by the reader and appended to an unencrypted reader command for instructing the tag to perform a tag operation, wherein the encrypted reader error detection function and the appended unencrypted reader command are transmitted together to the tag and are based on said key, said random number generated by the reader or said random number generated by the tag in said process of mutual authentication.
-
-
28. A system comprising:
-
an ultra high frequency (UHF) radio frequency identification (RFID) tag comprising a tag memory, said tag memory storing a key; and a tag reader also having memory storing said key, wherein said tag and said reader are configured to conduct a first process of mutually authenticating said tag and said reader as being authorized to participate in a series of transactions, said process of mutually authenticating operating on a first random number generated by the tag, a second random number generated by the reader and said key; said tag and said reader are further configured to conduct using a second process differing from said first process to separately verify the authenticity of said reader before a transaction in said series of transactions wherein said tag determines whether said reader is authentic by comparing a reader authentication code generated by said reader and a tag authentication code generated by said tag, said reader authentication code being appended to an unencrypted reader message for instructing said tag to perform a tag operation, wherein said reader authentication code and said tag authentication code are based on said first or second random numbers or said key.
-
Specification