RFID mutual authentication verification session

US RE46,447 E1
Filed: 04/03/2014
Issued: 06/20/2017
Est. Priority Date: 04/17/2006
Status: Active Grant

First Claim

Patent Images

1. A protocol for safeguarding the security of radio frequency identification (RFID) communications between an RFID base station reader and an RFID tag to provide protection against an unauthorized communication, the protocol comprising:

conducting by the tag and the base station reader a first process of mutually authenticating the tag and the base station reader as being authorized to participate in a series of transactions, said process of mutually authenticating operating on a first random number generated by the tag, a second random number generated by the reader and a key stored by the tag and the reader; and

using a second process differing from the first process to separately verify the authenticity of the base station reader before each transaction in the series of transactions wherein the tag determines whether the base station reader is authentic by comparing a base station reader authentication code generated by the base station reader and a tag authentication code generated by the tag, the base station reader authentication code being appended to an unencrypted base station reader message for instructing the tag to perform a tag operationwherein said base station reader authentication code and said tag authentication code are based on said first or second random numbers or said key.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In a protocol for preserving the privacy of communications between a RFID reader and a RFID tag, two distinct actions are taken. First, the reader and the tag must be mutually authenticated as being authorized participants in the communications. After that process is successfully completed, the authenticity of each authorized participant must be validated prior to each subsequent communication between reader and tag.

Citations

28 Claims

1. A protocol for safeguarding the security of radio frequency identification (RFID) communications between an RFID base station reader and an RFID tag to provide protection against an unauthorized communication, the protocol comprising:
- conducting by the tag and the base station reader a first process of mutually authenticating the tag and the base station reader as being authorized to participate in a series of transactions, said process of mutually authenticating operating on a first random number generated by the tag, a second random number generated by the reader and a key stored by the tag and the reader; and
  
  using a second process differing from the first process to separately verify the authenticity of the base station reader before each transaction in the series of transactions wherein the tag determines whether the base station reader is authentic by comparing a base station reader authentication code generated by the base station reader and a tag authentication code generated by the tag, the base station reader authentication code being appended to an unencrypted base station reader message for instructing the tag to perform a tag operationwherein said base station reader authentication code and said tag authentication code are based on said first or second random numbers or said key.
- View Dependent Claims (2, 3, 4, 26)
- - 2. The protocol of claim 1, wherein the base station reader authentication code comprises an encrypted CRC cyclic redundancy check (CRC) function.
  - 3. The protocol of claim 1, further comprising aborting the series of transactions upon an inability to verify the authenticity of the base station reader.
  - 4. The protocol of claim 3, further comprising restarting the first process of mutually authenticating the tag and the base station reader seeking to participate in the series of transactions.
  - 26. The protocol of claim 1, further comprising the base station separately verifying the authenticity of the tag each time the tag sends data to the base station after said process of mutually authenticating said separate verification of the authenticity of the tag being performed by the base station determining whether the tag is authentic by comparing the authentication codes.

5. A protocol for safeguarding the security of radio frequency identification (RFID) communications between an RFID reader and an RFID tag so as to provide protection against an unauthorized communication, the protocol comprising:
- conducting by the tag and the reader a process using a unique variable, a random number generated by the tag and a random number generated by the reader for mutually authenticating the tag and the reader as being authorized to participate in a series of transactions with the tag; and
  
  separately verifying the authenticity of the reader before each transaction in the series by the tag determining whether the reader is authentic by conducting a process using at least one of said unique variable, said random number generated by the tag or said random number generated by the reader to compare a reader authentication code generated by the reader and a tag authentication code generated by the tag, the reader authentication code being an encrypted CRC cyclic redundancy check (CRC) sent by the reader and appended to an unencrypted reader message for instructing the tag to perform a tag operation, said CRC being formed from said unencrypted reader message.
- View Dependent Claims (6, 7, 8)
- - 6. The protocol of claim 5, further comprising aborting the series of transactions upon an inability to verify the authenticity of the reader.
  - 7. The protocol of claim 6, further comprising restarting the process for mutually authenticating the tag and the reader seeking to participate in the series of transactions.
  - 8. The protocol of claim 5, wherein a transaction comprises an access of the tag by the reader.

9. A protocol for safeguarding the security of radio frequency identification (RFID) communications to an RFID reader from an RFID tag so as to provide protection against an unauthorized communication, the protocol comprising:
- conducting by the tag and the reader a first process of mutually authenticating the tag and the reader as being authorized to participate in a series of transactions, said process of mutually authenticating operating on a first random number generated by the tag, a second random number generated by the reader and a key stored by the tag and the reader; and
  
  using a second process differing from the first process to separately verify the authenticity of the tag before each transaction in the series by the reader determining whether the tag is authentic by comparing a tag authentication code generated by the tag and a reader authentication code generated by the reader, the tag authentication code being encrypted by the tag and appended to an unencrypted tag response to a reader message for instructing the tag to perform a tag operation authenticationwherein said base station reader authentication code and said tag authentication code are based on said first or second random numbers or said key.
- View Dependent Claims (10, 11, 12)
- - 10. The protocol of claim 9, wherein the tag authentication code consists of an encrypted CRC cyclic redundancy check (CRC) function.
  - 11. The protocol of claim 9, further comprising aborting the series of transactions upon an inability to verify the authenticity of the reader.
  - 12. The protocol of claim 11, further comprising restarting the protocol with the conducting a process of mutually authenticating the tag and the reader seeking to participate in the series of transactions.

13. A protocol for safeguarding the security of radio frequency identification (RFID) communications between an RFID reader and an RFID tag having a memory with a protected portion so as to provide protection for the protected portion against intrusion by an unauthorized reader, the protocol comprising:
- conducting by the tag and the reader a first authentication process of mutually authenticating the tag and the reader as being authorized to participate in a series of transactions involving an accessing of the protected portion, said process of mutually authenticating operating on a first random number generated by the tag, a second random number generated by the reader and a key stored by the tag and the reader; and
  
  using a second authentication process differing from the first authentication process to separately verify the authenticity of the reader as being authorized before each transaction in the series by the tag determining whether the reader is authentic by comparing a reader authentication code generated by the reader and a tag authentication code generated by the tag, the reader authentication code being encrypted by the reader and appended to an unencrypted reader message for instructing the tag to perform a tag operation, wherein the encrypted reader authentication code and the appended unencrypted message are transmitted together to the tagwherein said base station reader authentication code and said tag authentication code are based on said first or second random number or said key.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 14. The protocol of claim 13, wherein the first authentication process comprises a private key process.
  - 15. The protocol of claim 14, further comprising receiving a tag ID from the tag and obtaining the private key by the reader in accordance with the tag ID.
  - 16. The protocol of claim 15, further comprising creating the reader authentication code generated by the reader in accordance with the private key.
  - 17. The protocol of claim 16, further comprising creating the reader authentication code generated by the reader in accordance with a random number received from the tag.
  - 18. The protocol of claim 17, further comprising creating the reader authentication code generated by the tag in accordance with the private key.
  - 19. The protocol of claim 18, further comprising creating the reader authentication code generated by the tag in accordance with a random number received from the reader.
  - 20. The protocol of claim 14, wherein the second authentication process comprises a checksum authentication function.
  - 21. The protocol of claim 20, wherein the checksum authentication process comprises an encrypted checksum function.
  - 22. The protocol of claim 21, wherein the encrypted checksum process consists of an encrypted CRC cyclic redundancy check (CRC) function.
  - 23. The protocol of claim 13, wherein the message comprises a reader message for instructing the tag to perform a tag operation.
  - 24. The protocol of claim 13, further comprising aborting the series of transactions upon an inability to verify the authenticity of the reader.
  - 25. The protocol of claim 24, further comprising restarting the protocol with the conducting a process of mutually authenticating the tag and the reader seeking to participate in the series of transactions.

27. A protocol for safeguarding the security of radio frequency identification (RFID) communications between an RFID reader and an RFID tag having a memory with a protected portion so as to provide protection for the protected portion against intrusion, the protocol comprising:
- conducting by the tag and the reader a process of mutually authenticating the tag and the reader as being authorized to participate in a series of transactions involving an access of the data of the protected portion, said mutual authentication using a key known to the tag and the reader, a random number generated by the reader and a random number generated by the tag; and
  
  separately verifying the authenticity of the reader before each transaction in the series by the tag determining whether the reader is authentic by comparing a reader error detection function generated by the reader and a tag error detection function generated by the tag, the reader error detection function being encrypted by the reader and appended to an unencrypted reader command for instructing the tag to perform a tag operation, wherein the encrypted reader error detection function and the appended unencrypted reader command are transmitted together to the tag and are based on said key, said random number generated by the reader or said random number generated by the tag in said process of mutual authentication.

28. A system comprising:
- an ultra high frequency (UHF) radio frequency identification (RFID) tag comprising a tag memory, said tag memory storing a key; and
  
  a tag reader also having memory storing said key,whereinsaid tag and said reader are configured to conduct a first process of mutually authenticating said tag and said reader as being authorized to participate in a series of transactions, said process of mutually authenticating operating on a first random number generated by the tag, a second random number generated by the reader and said key;
  
  said tag and said reader are further configured to conduct using a second process differing from said first process to separately verify the authenticity of said reader before a transaction in said series of transactions wherein said tag determines whether said reader is authentic by comparing a reader authentication code generated by said reader and a tag authentication code generated by said tag, said reader authentication code being appended to an unencrypted reader message for instructing said tag to perform a tag operation,wherein said reader authentication code and said tag authentication code are based on said first or second random numbers or said key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amtech Systems LLC (Roper Technologies, Inc.)
Original Assignee
Amtech Systems LLC (Roper Technologies, Inc.)
Inventors
Tan, Zhenping, Gravelle, Kelly, Scott, Dale L.
Primary Examiner(s)
Tarae, Michelle

Application Number

US14/244,535
Time in Patent Office

1,174 Days
Field of Search

3405721
US Class Current
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06K 7/0008   General problems related to...

H04L 63/0442   wherein the sending and rec...

H04L 63/0492   by using a location-limited...

H04L 63/0869   for achieving mutual authen...

H04L 9/3271   using challenge-response

H04L 9/3273   for mutual authentication n...

RFID mutual authentication verification session

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

RFID mutual authentication verification session

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links