Search Images Maps Play YouTube News Gmail Drive More »
Advanced Patent Search | Web History | Sign in

Patents

This invention relates to security protocols for RFID systems. Systems and methods are presented to protect the system from hackers attempting to compromise the RFID system. Also, methods and systems for improving RFID security are disclosed. The systems utilize mechanisms to determine the authenticity of the RFID tags used in such systems. The systems and methods also reduce unauthorized access to the RFID system. A system and method to make tags more difficult to compromise or counterfeit is also described.

InventorsJoseph T. Foley, Sanjay Sarma, Stephen A. Weis
Current U.S. Classification340/572.4

View patent at USPTO
Search USPTO Assignment Database

Claims

1. A method of providing security in an RFID system comprising the following steps:

a. transmitting a challenge to an RFID tag;

b. generating a first response at the RFID tag by performing at least one mathematical function using the challenge and a secret;

c. transmitting data to a verification device;

d. using a secret stored in the verification device and the transmitted data to generate a second response at the verification device;
e. comparing the first response to the second response; and then
f. determining the authenticity of the RFID tag based on said comparing step.

2. A method as set forth in claim 1 further comprising the step of transmitting said challenge to the verification device.

3. A method as set forth in claim 2 wherein the step of using a secret further comprises the step of performing a mathematical function using the secret and the challenge to generate said second response.

4. A method as set forth in claim 1 further comprising the step of transmitting said first response to the verification device.

5. A method as set forth in claim 4 further comprising the step of performing calculations at the verification device which determine the challenge based on the response and the secret.

6. A method as set forth in claim 1 wherein the verification device performs the step of comparing.

7. A method as set forth in claim 1 wherein a RFID reader performs the step of comparing.

8. A method as set forth in claim 1 wherein the mathematical function is at least one hash function and the secret is a component of the hash function.

9. A method as set forth in claim 1 wherein the step of generating the first response comprises the steps of:

a. generating a random number in the RFID tag; and

b. storing the random number as the secret of the tag.

10. A method as set forth in claim 2 wherein the step of generating the random number comprises the steps of:

a. providing the RFID tag with an integrated circuit which comprises a plurality of conductive traces;

b. providing a set of instructions incorporated into a memory of the integrated circuit installed on the RFID tag, said set of instructions including instructions to send an electric signal across each of a pair of said conductive traces;

c. measuring the amount of time for electricity to flow across the first conductive trace;

d. measuring the amount of time for electricity to flow across the second conductive trace;
e. comparing the times measured in steps c. and d.; and then
f. generating a digit of the secret based on said time comparison step.

11. The method set forth in claim 10 comprising the step of repeating steps c., d., e., and f. a preselected number of times.

12. The method set forth in claim 10 wherein after the step of generating a digit, performing the following further the steps:

a. measuring the amount of time for electricity to flow across a third conductive trace;

b. measuring the amount of time for electricity to flow across a fourth conductive trace;

c. comparing the times measured for electricity to flow across the third and fourth conductive traces; and then

d. generating a second digit of the secret based on said time comparison step.

13. A method as set forth in claim 1 further comprising the following steps:

a. performing a set of hash functions on said challenge by incorporating said secret into said hash tables

b. applying a result modification function that modifies the result generated in step a, by changing a first class of characters into a second class of characters.

c. transmitting the challenge to the second RF device;

d. performing a second set of hash functions on the challenge;
e. comparing the result generated by the first RF device and the result generated by the second RF device; and
f. determining the authenticity of the first RF device based on said comparing step.

14. A method as set forth in claim 1 further comprising the following steps:

a. performing a set of hash functions on said challenge by incorporating said secret into said hash tables;

b. applying a result modification function that modifies the result generated in step a, by changing a first class of characters into a second class of characters;

c. transmitting the result of step b to a second RF device;

d. performing a second set of hash function on the challenge to determine the initial challenge;
e. comparing the challenge sent to the first RF device and the challenge generated by the second RF device; and
f. determining the authenticity of the first RF device based on said comparing step.

15. A method as set forth in claim 13 or 14 further comprising the steps of:

a. providing the first RF device tag with an integrated circuit which comprises a plurality of conductive traces;

b. providing a set of instructions incorporated into a memory of the integrated circuit installed on the first RF device, said set of instructions including instructions to send an electric signal across each of a pair of said conductive traces;

c. measuring the amount of time for electricity to flow across the first conductive trace;

d. measuring the amount of time for electricity to flow across the second conductive trace;
e. comparing the times measured in steps c. and d.; and then
f. generating a digit of the secret based on said time comparison step.

16. The method set forth in claim 16 comprising the step of repeating steps c., d.,

e., and f. a preselected number of times.

17. An RFID system comprising:

a. A first RF device which is capable of receiving a challenge from a RF transceiver, said device comprising a mathematical function and secret in memory, a processor which is designed to incorporate said secret in said function and calculate a first response based on the function, secret and challenge;

b. A second RF device which is capable of receiving data from said transceiver, said second RF device comprising a mathematical function and secret in memory, a processor which is designed to incorporate said secret in said function and calculate a second response; and

c. A comparing system which determines the similarity of the first and second response.

18. An RFID system as set forth in claim 17 wherein the first device generates the secret by comparing the amount of the time required for the device to run electricity through at least one set of traces on the device.

19. An RFID system as set forth in claim 18 wherein the first device comprises hardware that performs at least on hash function on the challenge to create a response.

20. An RFID system as set forth in claim 19 wherein the first device comprises hardware that can convert a preselected number of a first class of characters into a preselected set of second characters.

21. A method of providing security in an RFID system comprising the following steps:

a. generating a first response at the RFID tag by performing at least one mathematical function using a received challenge;

b. transmitting data to a verification device;

c. using the at least one mathematical function stored in the verification device and the transmitted data to generate a second response at the verification device;

d. comparing the first response to the second response; and then
e. determining the authenticity of the RFID tag based on said comparing step.

Drawings