CN117528501B

CN117528501B - Anti-cracking RFID tag, initializing method and reading method thereof

Info

Publication number: CN117528501B
Application number: CN202410022222.7A
Authority: CN
Inventors: 颜炳军; 崔涛
Original assignee: SHENZHEN CARDY INTELLIGENT TECHNOLOGY CO LTD
Current assignee: SHENZHEN CARDY INTELLIGENT TECHNOLOGY CO LTD
Priority date: 2024-01-08
Filing date: 2024-01-08
Publication date: 2024-04-05
Anticipated expiration: 2044-01-08
Also published as: CN117528501A

Abstract

The invention discloses an anti-cracking RFID tag, an initialization method and a reading method thereof, and relates to the technical field of electronic tags. The tamper-resistant RFID tag includes: the chip module is arranged on the PCB substrate and at least comprises a first radio frequency chip and a second radio frequency chip, wherein the first radio frequency chip and the second radio frequency chip are provided with unique identifiers, the unique identifiers of the first radio frequency chip are different from those of the second radio frequency chip, and the second radio frequency chip stores encryption target information encrypted based on a preset encryption method; and the antenna module is arranged on the PCB substrate and connected with the chip module, and is used for receiving radio frequency signals and converting the radio frequency signals into energy for the chip module to work. The invention utilizes the double-chip structure and the encryption technology, and has higher security.

Description

Anti-cracking RFID tag, initializing method and reading method thereof

Technical Field

The invention relates to the technical field of electronic tags, in particular to an anti-cracking RFID tag, an initialization method and a reading method thereof.

Background

Radio frequency identification (Radio Frequency Identification, RFID) technology is a wireless communication technology for identifying and tracking objects such as objects, persons or animals. The method is based on radio frequency signals, and achieves the purposes of data transmission and target identification by carrying out wireless communication between the tag and the reader. RFID technology is widely used in many areas including logistics, supply chain management, retail, intelligent transportation, healthcare, agriculture, and the like.

However, one major problem with RFID tags is that their information can be intercepted and copied, which allows an attacker to make duplicate tags identical to legitimate tags, possibly resulting in unauthorized access and fraud. To solve this problem, one solution in the prior art is to use a higher security level chip, such as a CPU card. Such upgrades, while improving security, can also greatly increase the cost of the overall application system.

Disclosure of Invention

The invention provides an anti-cracking RFID tag, an initialization method and a reading method thereof, which are used for solving the technical problem of high cost of an RFID tag anti-data copying method in the prior art.

In a first aspect, the present invention provides a tamper-resistant RFID tag comprising:

The chip module at least comprises a first radio frequency chip and a second radio frequency chip, wherein the first radio frequency chip and the second radio frequency chip are arranged on the PCB substrate and are provided with unique identifiers, the unique identifier of the first radio frequency chip is different from the unique identifier of the second radio frequency chip, and the second radio frequency chip stores encryption target information encrypted based on a preset encryption method;

and the antenna module is connected with the chip module and is used for receiving radio frequency signals and converting the radio frequency signals into energy for the chip module to work.

As an optional embodiment of the present invention, the first RF chip and the second RF chip each include two RF interfaces, the first RF chip and the second RF chip are connected to the PCB substrate through the RF interfaces, and the chip module is packaged based on COB technology.

In a second aspect, an embodiment of the present invention provides a method for initializing an RFID tag, which is used for the tamper-proof RFID tag in the first aspect, where the method includes:

acquiring a unique identifier of the first radio frequency chip according to a preset communication protocol;

Transmitting a dormancy instruction to the first radio frequency chip according to the unique identifier of the first radio frequency chip, so that the first radio frequency chip is dormant;

acquiring a unique identifier of the second radio frequency chip according to the preset communication protocol;

encrypting the target information of the second radio frequency chip according to the preset encryption method and the unique identifier of the second radio frequency chip;

sending a dormancy instruction to the second radio frequency chip to enable the second radio frequency chip to be dormant;

and responding to the dormancy of the second radio frequency chip, and finishing the initialization of the RFID tag.

As an optional embodiment of the present invention, the value of the unique identifier of the first radio frequency chip belongs to a first preset range, the value of the unique identifier of the second radio frequency chip belongs to a second preset range, the first preset range and the second preset range have no intersection, and the step of obtaining the unique identifier of the first radio frequency chip according to a preset communication protocol includes:

acquiring unique identifiers of the first radio frequency chip and the second radio frequency chip according to a preset communication protocol;

acquiring a unique identifier of the first radio frequency chip within the first preset range;

And acquiring the unique identifier of the second radio frequency chip within the second preset range.

As an optional embodiment of the present invention, the step of encrypting the target information of the second radio frequency chip according to the preset encryption method and the unique identifier of the second radio frequency chip includes:

obtaining a symmetric key or an asymmetric key pair according to the preset encryption method, wherein the asymmetric key pair comprises a public key and a private key;

encrypting the target information according to the public key or the symmetric key and the preset encryption method to obtain encrypted target information;

storing the encrypted target information in the second radio frequency chip;

dividing the private key of the symmetric key or the asymmetric key pair according to a preset dividing method to obtain a plurality of key fragments;

and storing all the key fragments in the first radio frequency chip and/or the second radio frequency chip.

As an optional embodiment of the present invention, the step of dividing the private key of the symmetric key or the asymmetric key pair according to a preset dividing method to obtain a plurality of key segments includes:

acquiring a numerical value of a preset position in a unique identifier of the second radio frequency chip;

When the numerical value belongs to a first numerical value range, equally dividing the private key of the symmetric key or the asymmetric key pair into 4 key fragments, and adding sequential bits before the first bit of each key fragment;

when the numerical value belongs to a second numerical value range, equally dividing the private key of the symmetric key or the asymmetric key pair into 2 key fragments, and adding sequential bits before the second bit of each key fragment;

when the value belongs to a third value range, equally dividing the private key of the symmetric key or the asymmetric key pair into 3 key fragments, and adding sequential bits before the third bit of each key fragment;

wherein the order bits are used to identify an order of each of the segmented key fragments, the first range of values, the second range of values, and the third range of values having no intersection therebetween.

In a third aspect, an embodiment of the present invention provides an information reading method of an RFID tag, which is used for the anti-cracking RFID tag in the first aspect, where the method includes:

reading a unique identifier of the first radio frequency chip according to a preset communication protocol;

Reading a unique identifier of the second radio frequency chip according to the preset communication protocol;

and decrypting the encrypted target information of the second radio frequency chip according to the preset encryption method so as to read the target information.

As an optional embodiment of the present invention, after decrypting the encrypted target information of the second radio frequency chip according to the preset encryption method to obtain target information, the method further includes:

detecting whether an illegal card selecting process exists, wherein the illegal card selecting process comprises the following steps: only the unique identifier of the first radio frequency chip is obtained, or only the unique identifier of the second radio frequency chip is obtained, or the unique identifier of the second radio frequency chip is obtained first and then the unique identifier of the first radio frequency chip is obtained;

and when the illegal card selection process exists, terminating the reading operation of the target information, recording the illegal card selection process, and locking the RFID tag.

As an optional embodiment of the present invention, the step of detecting whether an illegal card selecting process exists includes:

acquiring a reading time stamp of a unique identifier of a first radio frequency chip and a unique identifier of a second radio frequency chip after the current communication starts, and marking the reading time stamp as a first time stamp and a second time stamp respectively;

When only the first timestamp exists, only a unique identifier of the first radio frequency chip is obtained, and an illegal card selection flow exists;

when only the second timestamp exists, only the unique identifier of the second radio frequency chip is obtained, and an illegal card selection flow exists;

when the first time stamp and the second time stamp exist at the same time, judging the sizes of the first time stamp and the second time stamp;

when the first time stamp is smaller than the second time stamp, acquiring the unique identifier of the second radio frequency chip and then acquiring the unique identifier of the first radio frequency chip, and an illegal card selection process exists;

when the first time stamp is larger than the second time stamp, obtaining a difference value between the first time stamp and the second time stamp;

when the difference value is larger than a preset time threshold value, judging that an illegal card selecting process exists;

and when the difference value is smaller than or equal to a preset time threshold value, no illegal card selecting process exists.

As an optional embodiment of the present invention, before the step of obtaining the unique identifier of the first radio frequency chip according to a preset communication protocol, the method further includes:

generating a first initial response delay time of the first radio frequency chip according to a first preset random number generation algorithm and a preset response time range, wherein the first preset random number generation algorithm is stored in the first radio frequency chip;

Controlling the first radio frequency chip to send the first initial response delay time to the second radio frequency chip;

generating a second initial response delay time of a second radio frequency chip according to the first initial response delay time and a second preset random number generation algorithm, wherein the second preset random number generation algorithm is stored in the second radio frequency chip, the complexity of the second preset random number generation algorithm is lower than that of the first preset random number generation algorithm, and the first initial response delay time and the second initial response delay time are both in the preset response time range;

setting response time of the first radio frequency chip and the second radio frequency chip according to the first initial response delay time, the second initial response delay time and a preset sequence dependent response rule;

wherein the preset order dependent response rule includes:

if the chip acquisition sequence of the reader is that the first radio frequency chip is read first and then the second radio frequency chip is read, setting the response time of the first radio frequency chip as the first initial response delay time, and setting the response time of the second radio frequency chip as the second initial response delay time;

If the chip acquisition sequence of the reader is that the second radio frequency chip is read first, setting the response time of the second radio frequency chip as target response time, wherein the target response time is the sum of the second initial response delay time and preset illegal delay response time, and the preset illegal delay response time is larger than the preset response time range.

In summary, the beneficial effects of the application are as follows:

by employing a dual chip structure in which the first and second radio frequency chips have different unique identifiers, the complexity and security of the system is increased. It is difficult for an attacker to copy or crack the information in the dual chip through a one-time card selection process because multiple unique identifiers and encrypted information need to be processed. Encrypting the target information: the target information stored by the second radio frequency chip is encrypted, so that unauthorized reading can be prevented. Even if an attacker can acquire the radio frequency signal, it is difficult to decrypt the information therein. The security of the target information is ensured by using a mode based on a preset encryption method. This may prevent an attacker from obtaining sensitive information through known encryption algorithms. By having a unique identifier for each radio frequency chip, the system can identify the different chips, thereby preventing hacking or copy attempts. The antenna module is used for receiving radio frequency signals and providing energy for the chip module. This structure enables the RFID tag to operate in a wireless environment while physically protecting the chip module; the PCB substrate provides a platform for supporting and protecting the chip module, helping to maintain the stability of the overall structure.

The scheme of the invention fully utilizes the double-chip structure and the encryption technology, and provides higher security on the premise of not introducing excessive cost. By the unique identifier and the encryption target information, it is possible to prevent an attacker from easily acquiring and reading the information of the tag. The preset encryption method increases the difficulty of an attacker to try to crack the encrypted information.

Drawings

In order to more clearly illustrate the technical solution of the embodiments of the present invention, the drawings that are needed to be used in the embodiments of the present invention will be briefly described, and other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic diagram of the structure of the tamper-proof RFID tag of the present invention.

FIG. 2 is a flow chart of a method of initializing a tamper-resistant RFID tag of the present invention.

Fig. 3 is a flow chart of a method for reading an RFID tag of the present invention.

Detailed Description

Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail below with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are merely configured to illustrate the invention and are not configured to limit the invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the invention by showing examples of the invention.

It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.

Example 1

The invention provides a tamper-proof RFID tag, comprising:

Specifically, the PCB substrate is a physical base of the RFID tag, on which a chip module and an antenna module are disposed, the chip module is a core part of the RFID tag, and includes at least two radio frequency chips, the first radio frequency chip and the second radio frequency chip each have unique identifiers for distinguishing the two chips, and the second radio frequency chip stores target information encrypted based on a preset encryption method, wherein the preset encryption method may be a symmetric encryption method or an asymmetric encryption method, the symmetric encryption method refers to encrypting and decrypting data using the same key, and in this method, confidentiality of the key is very important; the asymmetric encryption method refers to encrypting and decrypting by using a key pair, wherein the key pair comprises a public key and a private key, the public key is used for encrypting data, and the private key is used for decrypting data; the encryption preset encryption method can also be an encryption method based on a hash function, wherein the hash function converts input data into output with fixed length, and the output is usually a string of hash values. Even if the input data is slightly changed, the hash value is greatly changed. This can be used to verify the integrity of the data, preventing the data from being tampered with. SHA-256 (Secure Hash Algorithm 256-bit) is a commonly used hash function; the unique identifier (UID, unique Identifier) is a string or sequence of numbers used in an electronic device or object to uniquely identify the device or object. Its function is to ensure that each device has a unique identity for distinguishing, managing and identifying in the system. The UID is typically a fixed length code that can be used to distinguish between different devices, both at the physical level and in information management and database systems. In RFID technology, a UID is used to identify the unique identity of each RFID tag. Each RFID tag is assigned a unique UID for identification and tracking when communicating with a reader/writer. This allows each tag to be identified in the system without confusion with other tags;

In a specific embodiment, the preset encryption algorithm includes one of AES algorithm, RSA algorithm, elliptic curve encryption algorithm;

in this embodiment, the working principle of the anti-cracking RFID tag is as follows:

when the reading equipment sends a radio frequency signal to the RFID tag, the antenna module converts the radio frequency signal into energy, the chip module is activated, and two radio frequency chips in the tag respectively respond to the signal; the reading equipment identifies and acquires a unique identifier of the first radio frequency chip, then the reading equipment sends a dormancy instruction according to a preset communication protocol to enable the first radio frequency chip to be dormant, then acquires the unique identifier of the second radio frequency chip, and decrypts the encrypted target information on the second radio frequency chip according to the preset encryption method to acquire original information;

typical data duplication attack methods typically perform only one card selection process, since the above-mentioned chip including two different identifiers and requires two card selections, the attacker must perform two card selections, each time the different identifiers need to be identified and duplicated, this design significantly increases the difficulty of the attacker to successfully duplicate the tag, the attacker will typically seek the simplest way to duplicate the tag, the design of two chips requires the attacker to successfully attack in not just one but two card selection processes, which increases the complexity of the attack, reduces the success rate of the attack, and reduces the implementation cost of this scheme compared to upgrading to higher level chips (such as CPU cards) because it adds additional chips on standard RFID tags instead of more expensive hardware or more complex encryption techniques, and this scheme provides multi-level security by requiring two card selections and using different identifiers. The first time of card selection can be used for identity verification, and the second time of card selection is used for authorization verification, so that the overall security is increased.

Therefore, the RFID tag design scheme is helpful for preventing data copying attacks, increasing the complexity of the attacks, reducing the implementation cost, providing multi-level security, and is a safer and more economical solution under the existing data copying technical environment.

As an optional embodiment of the present application, the first radio frequency chip and the second radio frequency chip each include two RF interfaces, the first radio frequency chip and the second radio frequency chip are connected through the PCB substrate, and the PCB substrate, the chip module and the antenna module are packaged based on COB technology;

specifically, each radio frequency Chip includes two RF interfaces, and such a design allows each Chip to operate independently, providing greater isolation, thereby reducing the likelihood of an attacker accessing and controlling both chips through one interface, and such isolation increases overall security, with Chip-On-Board (COB) technology-based packaging of Chip and antenna modules. COB technology directly connects the wafer to the PCB, provides a more compact packaging mode, reduces the gap between components, and thus improves the anti-interference capability and the overall reliability;

further, after the COB module with two RFID chip die is completed, the production can be continued using the conventional RFID tag production process, which means that the user does not need to make a significant change to the existing RFID card production process, thereby saving the time and cost required for developing the new production process;

Therefore, by introducing two RF interfaces in each radio frequency chip, adopting COB process packaging, and realizing a dual chip design under the traditional RFID card production process, higher security, producibility and cost effectiveness are provided, and the whole RFID system is more powerful and economical.

Example two

On the basis of the anti-cracking RFID tag provided in the first embodiment, the present embodiment further provides an initialization method for an RFID tag, which is used for the RFID tag described in the first embodiment, and the method includes:

s1, acquiring a unique identifier of the first radio frequency chip according to a preset communication protocol;

in this step, the first radio frequency chip is communicated with using a predetermined communication protocol, which may be a standardized protocol, such as ISO 14443A, for communicating with the radio frequency chip, to obtain its unique identifier. By acquiring the unique identifier of the first radio frequency chip, normal communication with the chip is ensured, and a required information basis is provided for subsequent steps.

As an optional embodiment of the present application, the value of the unique identifier of the first radio frequency chip belongs to a first preset range, the value of the unique identifier of the second radio frequency chip belongs to a second preset range, the first preset range and the second preset range have no intersection, and the step of obtaining the unique identifier of the first radio frequency chip according to a preset communication protocol includes:

S11, acquiring unique identifiers of the first radio frequency chip and the second radio frequency chip according to a preset communication protocol;

specifically, in this embodiment, the value of the unique identifier of the first radio frequency chip belongs to a first preset range, the value of the unique identifier of the second radio frequency chip belongs to a second preset range, and the first preset range and the second preset range have no intersection, so that the system security is improved by ensuring that the unique identifier and the unique identifier can be clearly distinguished when different radio frequency chips are identified and classified. Specifically, the following objects can be achieved by letting the unique identifier of the first radio frequency chip belong to a first preset range, the unique identifier of the second radio frequency chip belong to a second preset range, and no intersection exists between the two preset ranges:

preventing confusion: by classifying the unique identifiers of different radio frequency chips into different preset ranges, confusion in processing the identifiers can be avoided, and each chip can be correctly identified and classified.

Uniqueness: because the identifiers of the first radio frequency chip and the second radio frequency chip respectively belong to different preset ranges, the identifier of each chip can be ensured to be unique within the range of the identifier, and no conflict with other chips can occur.

The safety is improved: by explicitly dividing the scope of different chips, finer rights control and security policies can be implemented in the system. For example, the access authority of the chip can be determined according to the preset range to which the chip belongs, so that the security of the smart card is enhanced.

In a word, through respectively distributing unique identifiers of different radio frequency chips to different preset ranges and ensuring that no intersection exists between the ranges, more accurate identification, classification and authority control can be realized in the intelligent card system, so that the overall safety is improved;

in this step, since the first rf chip and the second rf chip are connected in parallel on the PCB substrate, and the communication protocol and the hardware design are already fixed, it may be difficult to ensure that communication is performed with the first rf chip first during communication. Because the order of communication is well established on the protocol and hardware connections, it is not easy to implement by simple control means.

In this case, if it is necessary to ensure that communication is first performed with the first radio frequency chip, it may be necessary to consider adjusting the communication protocol or redesigning the hardware connection. This may involve a large system change, and requires comprehensive consideration of hardware and software adjustments, so in this step, communication is directly performed with the RFID tag according to a preset communication protocol, and unique identifiers of the first radio frequency chip and the second radio frequency chip are obtained at the same time;

S12, acquiring a unique identifier of the first radio frequency chip according to the first preset range.

In this step, the unique identifier of the first radio frequency chip and the unique identifier of the second radio frequency chip acquired before are used and compared with the first preset range, respectively. If the identifier of the first radio frequency chip is within the first preset range, the system confirms that the identifier belongs to the first radio frequency chip, so that only the identifier conforming to the preset range is identified as the first radio frequency chip, and the purposes of identification and classification are achieved.

S2, sending a dormancy instruction to the first radio frequency chip according to the unique identifier of the first radio frequency chip, so that the first radio frequency chip is dormant;

the method comprises the steps that a sleep instruction is sent to a first radio frequency chip to enable the first radio frequency chip to enter a sleep state, so that power consumption can be reduced, only one chip is ensured to be in an active state in the whole process, and the power consumption is reduced and only one chip is ensured to participate in subsequent communication and operation by placing the first radio frequency chip in the sleep state;

s3, acquiring a unique identifier of the second radio frequency chip according to the preset communication protocol;

similar to step S1, the unique identifier of the second radio frequency chip is obtained by communicating the preset communication information with the second radio frequency chip, and in the second preset range, the unique identifier of the second radio frequency chip is obtained, so that the required information is provided for the subsequent encryption processing;

S4, encrypting the target information of the second radio frequency chip according to the preset encryption method and the unique identifier of the second radio frequency chip;

in this step, the target information of the second rf chip is encrypted using a preset encryption method and a unique identifier of the second rf chip. Thus, the target information can be protected from unauthorized access, the confidentiality and the security of the information are improved, and the unauthorized access and the theft are prevented by encrypting the target information of the second radio frequency chip;

as an optional embodiment of the present application, the step of encrypting the target information of the second radio frequency chip according to the preset encryption method and the unique identifier of the second radio frequency chip includes:

s41, acquiring a symmetric key or an asymmetric key pair according to the preset encryption method, wherein the key pair comprises a public key and a private key;

specifically, a key pair for encryption and decryption is acquired according to a preset encryption method. The key pair is generally composed of a public key and a private key, and is used for an asymmetric encryption mode, or a symmetric key which is used for encryption and decryption by the same key and is used for a symmetric encryption mode;

S42, encrypting the target information according to the public key or the symmetric key and the preset encryption method to obtain encrypted target information;

and encrypting the target information according to the obtained public key or symmetric key and a preset encryption method. In symmetric key encryption, the same key is used for encryption and decryption. In the asymmetric key encryption, public key encryption is used, a corresponding private key is needed to be used for decryption, and the target information is encrypted by using the key, so that the security of the information in the transmission and storage processes is protected, and even if an attacker obtains the encrypted information, the information cannot be decrypted easily.

S43, storing the encryption target information in the second radio frequency chip;

the encrypted target information is stored inside the second radio frequency chip so as to be decrypted when needed, and the encrypted target information is stored in the second radio frequency chip, so that even if an attacker acquires the unique identifier of the first radio frequency chip, the encrypted information cannot be directly acquired.

S44, dividing the private key pair of the symmetric key or the asymmetric key according to a preset dividing method to obtain a plurality of key fragments;

In this step, the private key of the symmetric key or the asymmetric key is split into a plurality of key fragments according to a preset splitting method. This can increase the security of the key because even if an attacker gets part of the key fragment, the original key cannot be completely restored;

specifically, the preset dividing method may divide the key into a plurality of segments by a threshold dividing method, and set a threshold. The complete key can only be restored when the threshold number of fragments is reached. For example, the key is divided into 5 segments, the threshold is set to 3, and the key can be restored only when 3 segments are collected;

the preset segmentation method can also segment the key into a plurality of parts through exclusive-or operation, and the parts are combined through exclusive-or operation, so that the complete key can be restored through exclusive-or operation only when all the parts are collected;

further, in an embodiment, the key fragments may also be stored in different places, for example, different chips or storage media, so that an attacker needs to obtain all the parts at the same time to restore the complete key.

As an optional embodiment of the present application, the step of dividing the symmetric key or the asymmetric key pair according to a preset dividing method to obtain a plurality of key segments includes:

s441, obtaining a numerical value of a preset position of a unique identifier of the second radio frequency chip;

in this step, the value of the preset position of the unique identifier is obtained from the second radio frequency chip, and this value will be used to determine the subsequent key splitting mode.

S442, when the numerical value belongs to a first numerical value range, equally dividing the private key of the symmetric key or the asymmetric key pair into 4 key fragments, and adding sequential bits before the first bit of each key fragment;

if the acquired value falls within the first range of values, the key is divided into 4 segments. A sequence bit is added before the first bit of each fragment to identify the sequence of the fragments.

S443, when the numerical value belongs to a second numerical value range, equally dividing the private key of the symmetric key or the asymmetric key pair into 2 key fragments, and adding sequential bits before the second bit of each key fragment;

if the obtained value falls within the second range of values, the key is divided into 2 segments. A sequential bit is added before the second bit of each segment.

S444, when the numerical value belongs to a third numerical value range, equally dividing the private key of the symmetric key or the asymmetric key pair into 3 key fragments, and adding sequential bits before the third bit of each key fragment;

if the obtained value falls within the third value range, the key is divided into 3 segments. Adding a sequential bit before the third bit of each segment;

wherein the order bits are used to identify an order of each of the segmented key fragments, the first range of values, the second range of values, and the third range of values are different.

By dynamically determining the mode of dividing the secret key according to the numerical value of the preset position of the unique identifier of the second radio frequency chip, different dividing strategies can be adopted under different conditions, and the flexibility of division is improved. This helps to enhance the security of the key, as the attacker cannot predict the segmentation strategy. In addition, the sequence bit is introduced to ensure the sequence of each segment, avoid the confusion of segmentation and facilitate the subsequent reduction operation.

In a word, the scheme for dynamically dividing the secret key can select different dividing modes according to different conditions, so that the difficulty of an attacker is increased, the dividing order is maintained in the dividing process, and the security of the secret key is improved.

S45, storing all the key fragments in the first radio frequency chip and/or the second radio frequency chip.

The purpose of this step is to store the segmented key fragments in the first radio frequency chip and/or the second radio frequency chip for access and decryption operations when needed. This decentralized storage increases the security of the key because an attacker needs to acquire and combine all fragments to obtain the complete key.

By way of example, and not limitation, when a symmetric key needs to be split and stored. Dividing the key into three segments according to a preset dividing method: key1, key2, and Key3. Key1 may then be stored in the first radio frequency chip, and Key2 and Key3 may be stored in the second radio frequency chip.

In the actual communication process, when the Key is required to be used for decryption operation, the Key1 is firstly required to be acquired from the first radio frequency chip, then the Key2 and the Key3 are acquired from the second radio frequency chip, and the fragments can be combined to obtain a complete Key for decryption;

if an attacker can only obtain the information of one of the chips, for example, only the content of the first rf chip, the attacker cannot obtain the complete Key because of the lack of Key2 and Key3. By the design, an attacker needs to acquire and combine a plurality of parts, so that the difficulty of the attack is increased, and the safety of the system is improved.

S5, sending a dormancy instruction to the second radio frequency chip to enable the second radio frequency chip to be dormant.

Similarly to step S2, in this step, a sleep command is sent to the second rf chip to put it into a sleep state, so as to reduce power consumption and prevent unauthorized access after the initialization process, and protect the data security of the chip;

s6, responding to dormancy of the second radio frequency chip, and finishing initialization of the RFID tag;

specifically, the sleep of the second radio frequency chip marks the completion of the initialization process, ensures that the RFID tag is safely configured before being put into use, and provides a reliable and safe starting point for normal use.

In summary, through strict communication steps, encryption measures and sleep management of the radio frequency chip, the security and legitimacy of the tag are ensured. In terms of security, information in the radio frequency chip is protected from unauthorized access by means of encryption, dormancy and the like. In the aspect of legality, a legal card selecting process is ensured by following a preset communication protocol and process; the method can ensure the information security in the tag and prevent unauthorized access in the RFID tag initialization stage, thereby improving the security of the whole system.

Example III

On the basis of the RFID tag provided in the first embodiment and the initializing method provided in the second embodiment, the present invention further provides an information reading method of the RFID tag, which is used for the anti-cracking RFID tag in the first aspect, and the method includes:

s01, acquiring a unique identifier of the first radio frequency chip according to a preset communication protocol;

this step obtains the unique identifier of the first radio frequency chip by communicating with the chip and following a preset communication protocol. The unique identifier is typically a unique code that can be used to identify and verify the legitimacy of the RFID tag;

by following a preset communication protocol, a legal communication flow is ensured and unauthorized access is prevented. Meanwhile, acquiring the unique identifier of the first radio frequency chip provides necessary identification information for subsequent operations.

S02, sending a dormancy instruction to the first radio frequency chip according to the unique identifier of the first radio frequency chip so that the first radio frequency chip is dormant;

in this step, the first radio frequency chip is put into a sleep state, thereby reducing its power consumption and ensuring that only the second radio frequency chip is in an active state. This is to avoid interference or collision during information reading.

S03, reading a unique identifier of the second radio frequency chip according to the preset communication protocol;

similar to step S01, this step communicates with the second radio frequency chip by following a preset communication protocol to obtain its unique identifier, which will be used for subsequent operations; by following a preset communication protocol, a legal communication flow is ensured and unauthorized access is prevented. Acquiring the unique identifier of the second radio frequency chip provides the necessary information for subsequent decryption operations.

S04, decrypting the encrypted target information of the second radio frequency chip according to the preset encryption method to obtain target information;

the step uses a preset encryption method and a unique identifier of the second radio frequency chip to decrypt the encrypted target information in the second radio frequency chip. After decryption, the target information is obtained, which can be read and used. By decrypting the target information, the information stored in the RFID tag is successfully read and only the second radio frequency chip with the correct unique identifier can successfully decrypt. This ensures confidentiality and security of information, preventing unauthorized access;

The preset encryption method corresponds to the second embodiment, and is not described herein again;

as an optional embodiment of the present application, the step of decrypting the encrypted target information of the second radio frequency chip according to the preset encryption method to obtain target information includes:

s041, acquiring all key fragments from the first radio frequency chip and/or the second radio frequency chip;

all previously stored key fragments are obtained from the first radio frequency chip and/or the second radio frequency chip. These key fragments will be used for subsequent decryption operations, which ensures the usability of the key, as the key fragments may be stored scattered in different places (e.g. in different chips or storage media). By acquiring all key fragments, the availability of the complete key required for the decryption operation is ensured.

S042, merging all key fragments according to a preset segmentation method to obtain a private key of a symmetric key or an asymmetric key pair;

the previously acquired key fragments are combined according to a preset partitioning method to restore the complete symmetric key or asymmetric key pair, where the partitioning method may involve a threshold partitioning method, an exclusive-or operation, or other methods, and the specific manner depends on the initialization procedure in the second embodiment.

S043, decrypting the encrypted target information of the second radio frequency chip according to the symmetric key or the asymmetric key pair and the preset encryption method so as to read the target information.

And decrypting the encrypted target information in the second radio frequency chip by using the restored symmetric key or asymmetric key pair and a preset encryption method. After decryption, target information is obtained, which can be read and used; the target information in the second radio frequency chip is successfully decrypted by merging the key fragments and using the restored complete key. This ensures confidentiality and security of information, preventing unauthorized access. The decryption operation can be successfully completed only with the correct key, thereby ensuring the security of the information.

In summary, this alternative embodiment provides a more detailed decryption process to ensure successful acquisition of the target information. By merging and restoring the key fragments, the decryption process is performed smoothly while maintaining confidentiality and security of information. The method ensures that only the second radio frequency chip with the correct key can successfully decrypt the information, thereby improving the safety of the information reading process.

As an optional embodiment of the present application, after decrypting the encrypted target information of the second radio frequency chip according to the preset encryption method to obtain target information, the method further includes:

s05, detecting whether an illegal card selecting process exists, wherein the illegal card selecting process comprises the following steps: only the unique identifier of the first radio frequency chip is obtained, or only the unique identifier of the second radio frequency chip is obtained, or the unique identifier of the second radio frequency chip is obtained first and then the unique identifier of the first radio frequency chip is obtained;

in this step, the system checks whether the adopted card selection process accords with the preset legal card selection process. The legal card selecting process should be to obtain the unique identifiers of the first radio frequency chip and the second radio frequency chip according to the specified steps and sequences. If the card selection process does not meet any of these legal conditions, it is regarded as an illegal card selection process.

Specifically, the illegal card selection process includes the following cases:

only the unique identifier of the first radio frequency chip is obtained,

or, only the unique identifier of the second radio frequency chip is acquired,

or firstly acquiring the unique identifier of the second radio frequency chip and then acquiring the unique identifier of the first radio frequency chip; this step helps to prevent malicious attacks or unauthorized read operations. By detecting and identifying the illegal card selecting process, the safety of the system can be improved, and only the legal card selecting process can be ensured to be continued.

As an optional embodiment of the present application, the step of detecting whether an illegal card selecting process exists includes:

s051, acquiring a reading time stamp of a unique identifier of a first radio frequency chip and a unique identifier of a second radio frequency chip after the current communication is started, and marking the reading time stamp as a first time stamp and a second time stamp respectively;

in this step, the system records the time stamps of the unique identifiers of the first and second radio frequency chips obtained after the start of the communication. These time stamps represent the time at which each read the unique identifier.

S052, when only the first timestamp exists, only the unique identifier of the first radio frequency chip is obtained, and an illegal card selection flow exists;

if only the first timestamp is present and no second timestamp is present, this means that only the unique identifier of the first radio frequency chip is obtained. According to a preset communication protocol, the legal card selection process should include acquiring unique identifiers of two radio frequency chips, so that the case of acquiring only one radio frequency chip is regarded as an illegal card selection process.

S053, when only the second timestamp exists, only the unique identifier of the second radio frequency chip is obtained, and an illegal card selection flow exists;

similar to step S052, if there is only the second timestamp and no first timestamp, this indicates that only the unique identifier of the second radio frequency chip is obtained during communication, and the unique identifier of the first radio frequency chip is not obtained, which also conforms to a case of an illegal card selection procedure.

S054, judging the sizes of the first time stamp and the second time stamp when the first time stamp and the second time stamp exist simultaneously;

if both the first and second time stamps are present, the system compares the sizes of the two time stamps to determine whether the unique identifier of the first radio frequency chip was first obtained or whether the unique identifier of the second radio frequency chip was first obtained.

S055, when the first time stamp is smaller than the second time stamp, acquiring the unique identifier of the second radio frequency chip and then acquiring the unique identifier of the first radio frequency chip, wherein an illegal card selection process exists;

if the first time stamp is smaller than the second time stamp, the unique identifier of the second radio frequency chip is acquired in the communication process, and then the unique identifier of the first radio frequency chip is acquired, which accords with a condition of illegal card selection flow;

s56, when the first time stamp is larger than the second time stamp, acquiring a difference value between the first time stamp and the second time stamp;

if the first time stamp is greater than the second time stamp, the system calculates the time difference between them to further determine if the card selection process is legal.

S057, judging that an illegal card selecting process exists when the difference value is larger than a preset time threshold value;

Comparing the calculated time difference with a preset time threshold, and if the time difference is larger than the preset time threshold, considering that an illegal card selecting process exists;

s058, when the difference value is smaller than or equal to a preset time threshold value, an illegal card selecting process does not exist.

If the time difference is smaller than or equal to a preset time threshold, the card selecting process is considered legal;

in a specific embodiment, the preset time threshold is 100ms, and a shorter time threshold can ensure that the time sequence requirement of the system for the legal card selecting process is very strict. The reading of the unique identifier must be completed in a very short time, which can improve the security of the system and reduce the risk of illegal card selection processes.

In another embodiment, the preset time threshold is set to 500 milliseconds, and longer time thresholds may tolerate greater communication delays. This means that even if there is a large delay in the communication, the system can still work normally, and detection of illegal card selection process is not easy to trigger, and a larger time threshold provides a larger time window, allowing the system to work in different communication environments. This may increase the applicability of the system and is not susceptible to interference from communication instability.

The preset time threshold is set to be weighted according to specific application scenes and system requirements. Shorter time thresholds provide greater security and accuracy, suitable for applications requiring tight time control. Longer time thresholds provide greater tolerance and flexibility for applications requiring adaptation to different communication conditions and chronological changes.

Fast response: when the system requires quick response legal card selecting flow, the shorter time

S06, when the illegal card selecting process exists, the reading operation of the target information is terminated, the illegal card selecting process is recorded, and the RFID tag is locked.

If the illegal card selection process is detected, the system immediately stops the operation of reading the target information. Meanwhile, the illegal card selection process can be recorded for subsequent security audit and investigation. In addition, to prevent further illegal operation, the system may lock the RFID tag to prohibit subsequent access attempts. By terminating the illegal card selection process and recording events, the system can take timely measures to protect the security of information and labels. The locking of the RFID tag can effectively prevent further illegal access attempts, and improves the overall security of the system.

In an alternative embodiment of the present invention, before the step of obtaining the unique identifier of the first radio frequency chip according to a preset communication protocol, the method further includes:

s10, generating a first initial response delay time of the first radio frequency chip according to a first preset random number generation algorithm and a preset response time range, wherein the first preset random number generation algorithm is stored in the first radio frequency chip;

specifically, a preset random number generation algorithm in a first radio frequency chip is used for generating a first initial response delay time in a preset response time range, wherein the first preset random number generation algorithm is used for generating random numbers in the preset response time range so as to obtain the first initial response delay time; this step adds a random time factor to the overall communication process such that the response of the system to a read attempt is not fixed, thereby improving security. Randomizing the response time makes it difficult for an attacker to predict the behavior of the chip, increasing the difficulty of illegal access attempts.

S20, controlling the first radio frequency chip to send the first initial response delay time to the second radio frequency chip;

Specifically, the first radio frequency chip sends the calculated delay time information to the second radio frequency chip, which can be completed through an internal data bus or a wireless signal, so that information sharing and coordination among the chips are realized, the second radio frequency chip can adjust its response strategy on the basis of the behavior of the first radio frequency chip, and the complexity and safety of the system are further increased.

S30, generating second initial response delay time of a second radio frequency chip according to the first initial response delay time and a second preset random number generation algorithm, wherein the second preset random number generation algorithm is stored in the second radio frequency chip, the complexity of the second preset random number generation algorithm is lower than that of the first preset random number generation algorithm, and the first initial response delay time and the second initial response delay time are both in the preset response time range; the second radio frequency chip decides its own response time according to the information received from the first radio frequency chip and its own random number generation algorithm. This procedure demonstrates that the generation of response times is not only random, but also depends on the order of interaction between chips;

Specifically, based on the initial response time of the first radio frequency chip and a second preset random number generation algorithm in the second radio frequency chip, the initial response time of the second radio frequency chip is generated, the response of the second radio frequency chip is ensured to be dynamic and random, and the unpredictability and the safety of the system are further improved;

in this embodiment, the complexity of the second preset random number generation algorithm is lower than that of the first preset random number generation algorithm, because the second radio frequency chip needs to store encrypted target information, there is less available storage space to store a complex algorithm or a large amount of random number data, the processing capacity of the second radio frequency chip is limited, the processing load of the second radio frequency chip can be reduced by running the random number generation algorithm with lower complexity, and the processing and storage of the encrypted data are not affected, so that sufficient randomness can be provided to ensure the basic security requirement of the system despite the lower complexity of the random number generation algorithm used by the second radio frequency chip. A hierarchical security design is implemented in the overall RFID system, where the first radio frequency chip may assume more security responsibilities, such as generating more complex random numbers to enhance the security of the overall system.

In an embodiment, the first preset random number generation algorithm includes an encryption secure pseudo-random number generator and a hybrid linear feedback shift register, wherein the encryption secure pseudo-random number generator may generate random numbers under the limitation of an M1 chip using a simplified block-based encryption algorithm, such as a simplified version of AES (advanced encryption standard); the second preset random number generation algorithm comprises a basic linear congruence generator, a hash function and the like;

further, the first initial response delay time and the second initial response delay time are both within the preset response time range, and the initial response delay time of the first and second radio frequency chips is set within the preset response time range, so that the RFID system can still operate efficiently even if security measures are added, due to the consideration of balancing the security and efficiency of the system. The preset response time range can prevent excessive delay, so that influence on user experience and system performance is avoided. By randomizing the response time within a certain range, the protection capability of the system against illegal access is enhanced while avoiding the negative effects that may be caused by excessive delays;

The preset response time range is set according to actual conditions, and can be determined according to application scenes of the RFID system and the user's expectation of response speed. For example, in a retail environment, a faster response time may be required, while in a security-more important scenario, a longer delay may be acceptable.

S40, setting response time of the first radio frequency chip and the second radio frequency chip according to the first initial response delay time, the second initial response delay time and a preset sequence dependent response rule;

specifically, response time of the two radio frequency chips is set according to a preset order dependent response rule, wherein the preset order dependent response rule comprises:

according to the foregoing embodiment, it can be seen that the correct reading sequence of the RFID system should be that the first rf chip is read first, and when the chip reading sequence is correct, the response time of the first rf chip is set to be the first initial response delay time, and the response time of the second rf chip is set to be the second initial response delay time;

Even with the correct reading order, the presence of the delay time makes it difficult for an attacker to crack or predict the behavior of the RFID system through time analysis. This is very effective for preventing advanced attack means such as time analysis; the randomness of the delay time can effectively prevent an attacker from recording and replaying the RFID interaction process. Playback of old communication data will not produce the desired effect because the response time for each interaction is different; automated reading tools and scripts may rely on predicted response times. Random delays can make these tools difficult to work effectively.

Furthermore, in a high-traffic or multi-tag environment, the random delay time can reduce the probability of data packet collision, thereby improving the reliability and the integrity of data transmission.

Specifically, in the case of reading the second rf chip first, that is, when the reading sequence does not conform to the preset standard flow, the system considers that this is an illegal reading attempt or other abnormal behavior, and increasing the response time is a security measure for resisting the potential illegal access attempt, in the replay attack, the attacker may attempt to utilize the legal communication data captured before, reading the chip not in the preset sequence may be an indication of the replay attack, and the longer response time may increase the time and cost for the attacker to attempt to crack the system.

The target response time is set to the sum of the second initial response delay time and the preset illegitimate response time, and the purpose of ensuring that this preset illegitimate response time is larger than the preset response time range is to increase the difficulty of the illegitimate read attempt. When an attacker tries to read the second radio frequency chip, the significant increase of the response time which does not meet the standard operation flow can make it difficult for the attacker to predict the behavior of the system, and since the target response time is obviously prolonged, the effect of the legal communication data captured before replay or the attack strategy using the time sequence information can be greatly reduced, and the abnormally long response time can be used as an effective index for monitoring and recording the abnormal access attempt of the system.

In summary, the present embodiment combines the interactive delay decision and the order dependent response mechanism to enhance the security of the system and resist the capability of illegal reading attempts, and by setting the dynamic response time based on the random number generation algorithm between the two radio frequency chips, the behavior of the system becomes difficult to predict, thereby increasing the difficulty of illegal access attempts, and the initial response time generated by the first radio frequency chip is not only used for the response of itself, but also transmitted to the second radio frequency chip, so that the response strategies of the two chips are mutually dependent, and the security of the whole system is enhanced;

when the read sequence does not meet the predetermined standard flow, the system resists possible illegal access attempts by significantly increasing the response time. When an abnormal reading sequence is detected, the system can dynamically adjust the security policy and increase the target response time, so that potential security threats can be more effectively dealt with.

The anti-cracking RFID tag is very suitable for anti-counterfeiting, anti-theft, tracking and management of valuables and high-end wines due to high safety and reliability. In these applications, the tag adds protection against unauthorized access and tampering, provides a powerful guarantee of product authenticity and brand reputation, e.g., attaching such RFID tags to artwork and antiques, provides additional security for genuine authentication due to the tamper-proof nature of the tag, and expensive jewelry and precious stones often require a high level of security. Such RFID tags can be used to monitor and prevent unauthorized transfer in real time. The high-end wine market is often plagued by counterfeit products. Such RFID tags may be used to verify the authenticity of a product, increasing consumer trust in brands.

It should be understood that the invention is not limited to the particular arrangements and instrumentality described above and shown in the drawings. For the sake of brevity, a detailed description of known methods is omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and shown, and those skilled in the art can make various changes, modifications and additions, or change the order between steps, after appreciating the spirit of the present invention.

The functional blocks shown in the above-described structural block diagrams may be implemented in hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, a plug-in, a function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine readable medium or transmitted over transmission media or communication links by a data signal carried in a carrier wave. A "machine-readable medium" may include any medium that can store or transfer information. Examples of machine-readable media include electronic circuitry, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio Frequency (RF) links, and the like. The code segments may be downloaded via computer networks such as the internet, intranets, etc.

It should also be noted that the exemplary embodiments mentioned in this disclosure describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, or may be performed in a different order from the order in the embodiments, or several steps may be performed simultaneously.

In the foregoing, only the specific embodiments of the present invention are described, and it will be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, which are not repeated herein. It should be understood that the scope of the present invention is not limited thereto, and any equivalent modifications or substitutions can be easily made by those skilled in the art within the technical scope of the present invention, and they should be included in the scope of the present invention.

Claims

1. The information reading method of the RFID tag is characterized in that the RFID tag comprises a chip module, the chip module at least comprises a first radio frequency chip and a second radio frequency chip, the first radio frequency chip and the second radio frequency chip are arranged on a PCB substrate, the first radio frequency chip and the second radio frequency chip are provided with unique identifiers, the unique identifier of the first radio frequency chip is different from the unique identifier of the second radio frequency chip, and the second radio frequency chip stores encryption target information encrypted based on a preset encryption method; the antenna module is connected with the chip module and is used for receiving radio frequency signals and converting the radio frequency signals into energy for the chip module to work; the method comprises the following steps:

decrypting the encrypted target information of the second radio frequency chip according to the preset encryption method so as to read the target information;

when the illegal card selection process exists, the reading operation of the target information is terminated, the illegal card selection process is recorded, and the RFID tag is locked, wherein the step of detecting whether the illegal card selection process exists comprises the following steps:

2. The method for reading information of an RFID tag according to claim 1, wherein before the step of acquiring the unique identifier of the first radio frequency chip according to a preset communication protocol, the method further comprises:

wherein the preset order dependent response rule includes:

3. The method according to claim 1, wherein the first radio frequency chip and the second radio frequency chip each include two RF interfaces, the first radio frequency chip and the second radio frequency chip are connected to a PCB substrate through the RF interfaces, and the chip module is packaged based on COB technology.

4. The method for reading information of an RFID tag according to claim 1, further comprising initializing the RFID tag before reading the information of the RFID tag, the initializing of the RFID tag being achieved by:

5. The method for reading information from an RFID tag according to claim 4, wherein the value of the unique identifier of the first radio frequency chip belongs to a first preset range, the value of the unique identifier of the second radio frequency chip belongs to a second preset range, the first preset range and the second preset range have no intersection, and the step of acquiring the unique identifier of the first radio frequency chip according to a preset communication protocol comprises:

and acquiring the unique identifier of the first radio frequency chip within the first preset range.

6. The method according to claim 4, wherein the step of encrypting the target information of the second radio frequency chip according to the preset encryption method and the unique identifier of the second radio frequency chip comprises:

storing the encrypted target information in the second radio frequency chip;

7. The method for reading information from an RFID tag according to claim 6, wherein the step of dividing the private key of the symmetric key or the asymmetric key pair according to a preset dividing method to obtain a plurality of key fragments comprises: