SYSTEM AND METHOD FOR SECURING RFID TAGS

US 20080001752A1
Filed: 06/21/2007
Published: 01/03/2008
Est. Priority Date: 04/21/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method for generating and using a consumable RFID tag in a system including a plurality of RFID tag readers communicatively coupled in a network, wherein the tag includes rewritable tag memory, the method comprising:

digitally signing tag data, including a sequence number, a UID, and an ownership ID, to generate signed content;

storing the signed content in the tag memory; and

each time the tag is read by one of the readers in the network;

validating signature data, including the sequence number, stored in the tag memory, by comparing signed content stored in the tag with signature data stored in said one of the readers;

storing a new sequence number in the tag memory;

signing contents of the tag memory, including the new sequence number and the ownership ID, with a key, to generate new signed content; and

writing the new signed content to the tag memory.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for generating and using a consumable RFID tag in a system including a plurality of RFID tag readers communicatively coupled in a network in which the tag includes rewritable tag memory. Data is stored in the tag memory, including a sequence number, a UID, and an ownership ID. The data is signed with a key to generate signed content. Each time the tag is read by one of the readers in the network, the signature and sequence number in the tag memory are validated by comparing signed content stored in the tag with signature data stored in said one of the readers; a new sequence number is stored in the tag memory; contents of the tag memory, including the new sequence number and the ownership ID, are signed with a key to generate new signed content; and the new signed content is written to the tag memory.

113 Citations

View as Search Results

48 Claims

1. A method for generating and using a consumable RFID tag in a system including a plurality of RFID tag readers communicatively coupled in a network, wherein the tag includes rewritable tag memory, the method comprising:
- digitally signing tag data, including a sequence number, a UID, and an ownership ID, to generate signed content;
  
  storing the signed content in the tag memory; and
  
  each time the tag is read by one of the readers in the network;
  
  validating signature data, including the sequence number, stored in the tag memory, by comparing signed content stored in the tag with signature data stored in said one of the readers;
  
  storing a new sequence number in the tag memory;
  
  signing contents of the tag memory, including the new sequence number and the ownership ID, with a key, to generate new signed content; and
  
  writing the new signed content to the tag memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, wherein the data in tag memory is signed using an asymmetric key.
  - 3. The method of claim 1, wherein the data in tag memory is signed using a symmetric key.
  - 4. The method of claim 1, wherein tag ownership is transferred by:
    - establishing a dialog between an owning reader, having ownership of the tag, and the present reader currently reading the tag;
      
      wherein the owning reader invalidates the previous sequence number in the owning reader'"'"'s memory; and
      
      wherein the present reader generates new signed tag content by digitally signing the tag'"'"'s contents including the ownership ID, a new sequence number, and other data to be stored in the tag memory.
  - 5. The method of claim 4, wherein the new sequence number is generated from a sparse offset list containing indicia comprising offsets plus base numbers, wherein the list enables a full list of valid sequence numbers to be generated therefrom.
  - 6. The method of claim 4, wherein the other data to be stored in the tag memory includes policy criteria which is established at one network hop and then enforced at a different hop.
  - 7. The method of claim 4, wherein the other data to be stored in the tag memory includes policy criteria which is established at one network hop and then modified at a subsequent hop.
  - 8. The method of claim 7, wherein the policy criteria is modified to implement a product recall by setting indicia, stored in the tag memory, to indicate that a number of available tag uses is zero, regardless of a present indication that the number of available tag uses is non-zero.
  - 9. The method of claim 7, wherein the policy criteria is modified to implement a product recall by setting, in tag memory, indicia of product use-by time to indicate that the use-by time has expired.
  - 10. The method of claim 1, wherein the process of transferring tag ownership includes:
    - establishing a dialog between the owning reader and the present reader;
      
      sending the contents of the tag, from the present reader to the owning reader;
      
      validating the tag, wherein the present reader compares the tag'"'"'s present signed content with the information stored in the present reader; and
      
      relinquishing ownership of the tag, wherein the owning reader invalidates the current sequence number;
      
      wherein the present reader;
      
      issues new tag data including a new sequence number;
      
      updates the ownership ID to indicate ownership by the present reader, generates a new digital signature including the new sequence number and the ownership ID, and stores the new tag data and the new digital signature in the tag memory.
  - 11. The method of claim 1, wherein the process of validating the signature data includes using signature information stored in the reader presently reading the tag.
  - 12. The method of claim 1, wherein the contents of tag memory that are signed include updated constraints, the new sequence number, and the UID.
  - 13. The method of claim 1, wherein the sequence number, the UID, and the ownership ID comprise a state indicator which is used to prevent the tag'"'"'s state from being reverted.
  - 14. The method of claim 1, wherein the sequence number, the UID, and the ownership ID comprise a state indicator which is used to prevent the tag from being replayed.
  - 15. The method of claim 14 wherein the state indicator includes tag use constraints.
  - 16. The method of claim 15, wherein the tag use constraints include at least one constraint selected from the list consisting of use counts, alarm values, use-by date, valid use time, and policy criteria.

17. A method for generating and using a consumable RFID tag in a system including a plurality of RFID tag readers communicatively coupled in a network, wherein the tag includes rewritable tag memory, the method comprising:
- digitally signing data, including a sequence number and an ownership ID, which together comprise a state indicator, and a UID, in the tag memory to generate signed content;
  
  storing the signed content in the tag memory;
  
  wherein the steps of signing and storing are performed by a provisioning reader in the network;
  
  transferring tag ownership from the provisioning reader to another reader in the network; and
  
  each time the tag is read by one of the readers in the network;
  
  if the tag is not owned by a present reader currently reading the tag, then transferring tag ownership to the present reader from an owning reader having present ownership of the tag;
  
  validating signature data, including the sequence number stored in the tag memory, by comparing the signed content presently stored in the tag with signature data stored in the present reader;
  
  storing a new sequence number in the tag memory;
  
  signing contents of tag memory, including the new sequence number and the ownership ID, with a key, to generate new signed content; and
  
  writing the new signed content to the tag memory;
  
  wherein the steps of validating, storing the new sequence number, signing the contents, and writing are performed by the present reader.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 18. The method of claim 17, wherein the data in tag memory is signed using an asymmetric key.
  - 19. The method of claim 17, wherein the data in tag memory is signed using a symmetric key.
  - 20. The method of claim 17, wherein tag ownership is transferred by:
    - establishing a dialog between the owning reader and the present reader;
      
      wherein the owning reader invalidates the previous sequence number in the owning reader'"'"'s memory; and
      
      wherein the present reader generates new signed tag content by digitally signing the tag'"'"'s contents including the ownership ID, a new sequence number, and other data including characteristics, policy criteria and constraints.
  - 21. The method of claim 20, wherein the new sequence number is generated from a sparse offset list containing indicia comprising offsets plus base numbers, wherein the list enables a full list of valid sequence numbers to be generated therefrom.
  - 22. The method of claim 20, wherein the other data to be stored in the tag memory includes policy criteria which is established at one network hop and then enforced at a different hop.
  - 23. The method of claim 20, wherein the other data to be stored in the tag memory includes policy criteria which is established at one network hop and then modified at a subsequent hop.
  - 24. The method of claim 23, wherein the policy criteria is modified to implement a product recall by indicating, in the tag memory, that a number of available tag uses is zero.
  - 25. The method of claim 23, wherein the policy criteria is modified to implement a product recall by indicating, in the tag memory, that a product use-by time has expired.
  - 26. The method of claim 17, wherein the process of transferring tag ownership includes:
    - establishing a dialog between the owning reader and the present reader;
      
      sending the contents of the tag, from the present reader to the owning reader;
      
      validating the tag, wherein the present reader compares the tag'"'"'s present signed content with the information stored in the present reader; and
      
      relinquishing ownership of the tag, wherein the owning reader invalidates the current sequence number;
      
      wherein the present reader;
      
      issues new tag data including a new sequence number;
      
      updates the ownership ID to indicate ownership by the present reader, generates a new digital signature including the new sequence number and the ownership ID, and stores the new tag data and the new digital signature in the tag memory.
  - 27. The method of claim 17, wherein the process of validating the signature data includes using signature information stored in the present reader.
  - 28. The method of claim 17, wherein the contents of tag memory that are signed include updated constraints, the new sequence number, and the UID.
  - 29. The method of claim 17, wherein the state indicator is used to prevent the tag'"'"'s state from being reverted.
  - 30. The method of claim 17, wherein the state indicator is used to prevent the tag from being replayed.

31. A method for generating a consumable RFID tag in a system including a plurality of RFID tag readers communicatively coupled in a network, wherein the tag includes rewritable tag memory, the method comprising:
- digitally signing tag data, including a sequence number, a UID, and an ownership ID, to generate signed content; and
  
  storing the signed content in the tag memory;
  
  wherein the steps of storing and signing are performed by one of the readers in the network.
- View Dependent Claims (32, 33, 34, 35)
- - 32. The method of claim 31, wherein the tag is used by performing the steps of:
    - transferring tag ownership from the provisioning reader to another reader in the network;
      
      each time the tag is read by one of the readers in the network;
      
      if the tag is not owned by a present reader currently reading the tag, then transferring tag ownership to the present reader from an owning reader having present ownership of the tag;
      
      validating the signature and sequence number in the tag memory;
      
      storing a new sequence number in the tag memory;
      
      signing contents of tag memory, including updated tag use constraints, the new sequence number and the UID, with a key, to generate new signed content; and
      
      writing the new signed content to the tag memory;
      
      wherein the steps of validating, storing, signing, and writing are performed by the present reader; and
      
      wherein the present reader and the owning reader are included in the network.
  - 33. The method of claim 31, wherein the data includes a UID.
  - 34. The method of claim 31, wherein the tag use constraints include at least one constraint selected from the list consisting of use counts, alarm values, use-by date, valid use time, and policy criteria.
  - 35. The method of claim 34, further including:
    - when the tag is read by a tag reader;
      
      enforcing the constraints stored in the tag memory; and
      
      updating the constraints stored in the tag memory.

36. A data structure for a consumable RFID tag, the data structure comprising:
- a key signature field including a sequence number field and an ownership ID field; and
  
  at least one data field;
  
  wherein;
  
  data stored in the sequence number field and in the ownership ID field are digitally encrypted; and
  
  ownership of the tag is indicated by the ownership ID field, wherein said ownership indicates that one specific tag reader is capable of reading information stored on the tag.
- View Dependent Claims (37, 38, 39, 40)
- - 37. The data structure of claim 36, wherein the key signature field and the data are stored in rewritable memory of an RFID tag.
  - 38. The method of claim 36, wherein the key signature field also includes a UID.
  - 39. The method of claim 36, wherein information stored in the data field is digitally encrypted using a digital key.
  - 40. The method of claim 36, wherein a digital key is used to cryptographically bind the sequence number to the data and to other current state information.

41. A consumable RFID tag including rewritable memory in which is stored information comprising:
- a sequence number field;
  
  an ownership ID field; and
  
  at least one data field;
  
  wherein;
  
  data stored in the sequence number field and in the sequence number field are encrypted using a digital key; and
  
  ownership of the tag is indicated by the ownership ID field, wherein at any given time, said ownership indicates that one specific tag reader is capable of reading information stored on the tag.
- View Dependent Claims (42, 43, 44, 45)
- - 42. The RFID tag of claim 41, wherein the key signature field also includes a UID.
  - 43. The RFID tag of claim 41, wherein the key is a public key.
  - 44. The RFID tag of claim 41, wherein the key is a shared secret key.
  - 45. The RFID tag of claim 41, wherein information stored in the data field is digitally encrypted using the key.

46. A method for generating and using a consumable RFID tag in a system including at least one RFID tag reader, wherein the tag includes rewritable tag memory, the method comprising:
- storing, in the tag memory, indicia of a number of available uses of the tag; and
  
  implementing a product recall by setting the indicia to zero, regardless of a present indication that the number of available uses is non-zero.
- View Dependent Claims (47, 48)
- - 47. The method of claim 46, including storing a product use-by date in the tag memory, wherein the product recall is implemented by setting the product use-by date to indicate that the use-by date has expired.
  - 48. The method of claim 46, wherein a product use-by date is stored in the tag memory in lieu of the indicia of a number of available uses, and wherein the product recall is implemented by setting the product use-by date to indicate that the use-by date has expired.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GSI Group Corporation (Novanta Inc.)
Original Assignee
SkyeTek, Inc. (RFID Holdings, Inc.)
Inventors
Chakraborty, Sayan, Bruns, Logan

Application Number

US11/766,599
Publication Number

US 20080001752A1
Time in Patent Office

Days
Field of Search
US Class Current

340/572.1
CPC Class Codes

G06Q 10/08 Logistics, e.g. warehousing...

SYSTEM AND METHOD FOR SECURING RFID TAGS

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

113 Citations

48 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR SECURING RFID TAGS

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

113 Citations

48 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links