EP1997058A1 - Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique - Google Patents

Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique

Info

Publication number
EP1997058A1
EP1997058A1 EP07712221A EP07712221A EP1997058A1 EP 1997058 A1 EP1997058 A1 EP 1997058A1 EP 07712221 A EP07712221 A EP 07712221A EP 07712221 A EP07712221 A EP 07712221A EP 1997058 A1 EP1997058 A1 EP 1997058A1
Authority
EP
European Patent Office
Prior art keywords
electronic device
counter
delay
value
rfid
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP07712221A
Other languages
German (de)
English (en)
Inventor
Frederic Bauchot
Pierre Secondo
Jean-Yves Clement
Gerard Marmigere
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Priority to EP07712221A priority Critical patent/EP1997058A1/fr
Publication of EP1997058A1 publication Critical patent/EP1997058A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2135Metering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data

Definitions

  • the present invention relates generally to the methods and systems for controlling the access to data stored within electronic devices and more specifically to a method and systems for limiting repeated attempts to access electronic devices .
  • the system comprises a first device for receiving from a payor a request to create a check having a radio frequency identifier (RFID) tag associated therewith.
  • RFID Radio Frequency Identifier
  • a second device is provided for receiving from a payee a request to validate a check having an RFID tag associated therewith.
  • the system further comprises an RFID repository.
  • a processor for (i) receiving check information from the payor, (ii) updating the RFID repository with check information received from the payor, (iii) receiving scanned check information from the payee, (iv) comparing the scanned check information received from the payee with certain information retrieved from the RFID repository, and (v) determining if the check is valid based upon the comparison of the scanned check information received from the payee with the certain information retrieved from the RFID repository.
  • the RFID repository comprises a central RFID repository.
  • U.S. Patent 6,226,619 discloses a method and system for preventing counterfeiting of an item, including an answering tag attached to the item. The item includes visible indicia for comparison with secret, non-duplicable information stored in the tag designating authenticity.
  • these methods and systems it is possible to ensure that a given document has been issued by the relevant person, or that an item has been manufactured by the relevant manufacturer, or that a given official document has been issued by the relevant administration.
  • these methods and systems are based upon identifiers encoded within the RFIDs however, such identifiers can be duplicated on other RFIDs using a RFID scanner and writer.
  • Electronic tags such as passive RFID are typical examples of electronic devices which are not equipped with a permanent power source. As mentioned above, such devices may play an important role in many fields, such as security enforcement. Indeed they can record secret information that a hacker may try to crack.
  • One of the easiest and most common strategies followed by hackers is to trigger the RFID tag logic by a sequence of different inputs X 1 , to collect the sequence of returned information F(X 1 ), hopping that the set of samples (X 1 , F(X 1 )) allows to partially or completely "reverse engineer" the function F that hides the secret information . Therefore, there is a need for a method and systems for limiting the risk of reverse engineering the logic imbedded within the chip of an electronic tag such as an RFID.
  • - counter resetting means adapted to maintain the value of said counting means for a predetermined delay after the power off of said system; and, - logic access means adapted to increase the value of said counting means each time an access is done to said electronic device and to idle said electronic device for a delay depending upon the value of said counting means;
  • Figure 1 depicts an example of the architecture of a passive RFID tag.
  • Figure 2 comprises figures 2a and 2b.
  • Figure 2a shows an RFID system with a reader having an antenna and an RFID tag having a dipole antenna.
  • Figure 2b illustrates the signal emitted by the antenna of the reader and the modulated signal reflected by the RFID tag.
  • Figure 3 illustrates an example of a passive RFID according to the invention for limiting the repeated accesses to the data of the tag.
  • Figure 4 shows an example of the logic associated to the access circuit of the RFID depicted on figure 3.
  • the time needed to collect a given number of samples (X 1 , F(X 1 )) upon which hackers rely to crack a secret information hidden in the function F is extended.
  • the core of any RFID system is the 'Tag' or 'Transponder', which can be attached to or embedded within objects, wherein data can be stored.
  • An RFID reader generi- cally referred to as reader in the following description, sends out a radio frequency signal to the RFID tag that broadcasts back its stored data to the reader.
  • the system works basically as two separate antennas, one on the RFID tag and the other on the reader.
  • the read data can either be transmitted directly to another system like a host computer through standard interfaces, or it can be stored in a portable reader and later uploaded to the computer for data processing.
  • An RFID tag system works effectively in environments with excessive dirt, dust, moisture, and/or poor visibility. It generally overcomes the limitations of other automatic identification approaches.
  • RFID tags do not require battery for transmission since generally, they are powered by the reader using an induction mechanism (an electromagnetic field is emitted by the reader antenna and received by an antenna localized on the RFID tag) . This power is used by the RFID tag to transmit a signal back to the reader, carrying the data stored in the RFID tag.
  • Active RFID tags comprise a battery to transmit a signal to a reader. A signal is emitted at a predefined interval or transmit only when addressed by a reader.
  • a passive High Frequency (HF) RFID tag When a passive High Frequency (HF) RFID tag is to be read, the reader sends out a power pulse e.g., a 134.2KHz power pulse, to the RFID antenna.
  • the magnetic field generated is 'collected' by the antenna in the RFID tag that is tuned to the same frequency. This received energy is rectified and stored on a small capacitor within the RFID tag.
  • the RFID tag When the power pulse has finished, the RFID tag immedi- ately transmits back its data, using the energy stored within its capacitor as its power source.
  • 128 bits, including error detection information are transmitted over a period of 20ms. This data is picked up by the receiving antenna and decoded by the reader.
  • the storage capacitor is discharged, resetting the RFID tag to make it ready for the next read cycle.
  • the period between transmission pulses is known as the 'sync time' and lasts between 20ms and 50ms depending on the system setup.
  • the transmission technique used between the RFID tag and the reader is Frequency Shift Keying (FSK) with transmissions generally comprised between 124.2kHz and 134.2kHz. This approach has comparatively good resistance to noise while also being very cost effective to implement. Many applications require that RFID tag attached to objects be read while traveling at specific speeds by a readout antenna .
  • FSK Frequency Shift Keying
  • RFID tags can be read-only, write-once, or read-write.
  • a read-only RFID tag comprises a read-only memory that is loaded during manufacturing process. Its content can not be modified.
  • the write-once RFID tags differ from the readonly RFID tags in that they can be programmed by the end-user, with the required data e.g., part number or serial number.
  • the read-write RFID tags allow for full read-write capability, allowing a user to update information stored in a tag as often as possible in the limit of the memory technology. Generally, the number of write cycles is limited to about 500,000 while the number of read cycles is not limited.
  • a detailed technical analysis of RFID tag is disclosed e.g., in RFID (McGraw-Hill Networking Professional) by Steven Shepard, edition Hardcover.
  • Figure 1 depicts an example of the architecture of a passive HF or Ultra High Frequency (UHF) RFID tag 100.
  • the dipole antenna comprising two parts 105-1 and 105-2 is connected to a power generating circuit 110 that provides current from received signal to the logic and memory circuit 115, to the demodulator 120, and to the modulator 125.
  • the input of demodulator 120 is connected to the antenna (105-1 and 105-2) for receiving the signal and for transmitting the received signal to the logic and memory circuit 115, after having demodulated the received signal.
  • the input of modulator 125 is connected to the logic and memory circuit 115 for receiving the signal to be transmitted.
  • the output of modulator 125 is connected to the antenna (105-1 and 105-2) for transmitting the signal after it has been modulated in modulator 125.
  • the architecture of a semi-passive RFID tag is similar to the one represented on figure 1, the main difference being the presence of a power supply that allows it to function with much lower signal power levels, resulting in greater reading distances.
  • Semi-passive tags do not have an integrated transmitter contrarily to active tags that comprise a battery and an active transmitter allowing them to generate high frequency energy and to apply it to the antenna .
  • FIG 2 shows an RFID system 200.
  • RFID system 200 comprises a reader 205 having an antenna 210.
  • the antenna 210 emits a signal 215 that is received by an RFID tag 220.
  • Signal 215 is reflected in RFID tag 220 and re-emitted as illustrated with dotted lines referred to as 225.
  • Figure 2b illustrates the signal 215 emitted by the antenna 210 of the reader 205 and the signal 225 reflected by the RFID tag 220.
  • the reflected signal 225 is modulated.
  • FIG. 3 illustrates an example of a passive RFID 300 according to the invention for limiting the repeated accesses to the data of the tag.
  • RFID 300 comprises a logic circuit 305, an access circuit 310, and an antenna 315.
  • the logic circuit 300 includes the conventional logic 320 and the new access logic 325.
  • the access circuit 310 includes a diode 330 to enforce capacitor 335 discharge direction, and a leaking resistor 340 with high resistivity. Typically the time T needed to discharge the capacitor would be of several orders of magnitude above the time duration for running the conventional logic.
  • the access circuit 310 further includes a reset counter circuit 345, the role of which is to reset (fill with zeros) the counter 350 when powered off, after the capacitor 335 is discharged.
  • the size of the counter 350 depends upon the implementation. This counter can count within a range from zero to C max . Within this range are defined a set of thresholds C 1 . For each threshold C 1 is associated a delay T 1 .
  • the definition of the set of parameters C 1 and T 1 depends upon the implementation, for keeping the required flexibility to use the invention in different fields, under different implementation constraints. Typically, the values T 1 will grow with index i, preferably following an exponential law.
  • the access circuit is directly powered from the same source as the IC executing the conventional logic, typically constituted by the RFID antenna where is received the energy radiated by electromagnetic waves.
  • the access logic is implemented as the first logic triggered once the IC circuit is waken-up. This constitutes the "boot strap" of conventional chips. It follows the logic described on figure 4.
  • the value C of the counter 350 is incremented by one and it is read (step 400) .
  • the value C of the counter 350 is then compared with the thresholds stored within the RFID 300 to determine the threshold C 1 such that C 1 ⁇ C ⁇ C 1+i (step 405) .
  • threshold C 1 has been determined, the RFID 300 is set in an idle state during delay T 1 associated to C 1 (step 410) and the control is given to the conventional logic (step 420) .
  • the conventional logic is typically used to access data stored within the electronic device however, it can also be used to control functions like updating operational parameters, or launching measurement operations, or triggering any embarked process.
  • the RFID has not been accessed since a time greater than T. Accordingly the capacitor is discharged, so that the counter is no longer powered and holds a zero value thanks to the counter reset component.
  • the RFID is powered and thus,
  • the RFID has been recently accessed i.e., the delay between the last access and the current one is less than T. Accordingly the capacitor is still charged, so that the counter holds its last value 1.
  • the RFID has been recently accessed i.e., the delay between the last access and the current one is less than T. Accordingly the capacitor is still charged, so that the counter holds its last value (n-1) .
  • the RFID is powered and thus, - the access logic starts, increments the value of counter C which takes the value n;
  • the induced delay may reach very high values that may even prevent the use of the conventional logic.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Near-Field Transmission Systems (AREA)
  • Burglar Alarm Systems (AREA)

Abstract

L'invention concerne un système permettant de limiter les accès répétés à un dispositif électronique, en particulier à un dispositif électronique alimenté par une source externe. Selon ce système, chaque accès consécutif effectué sur ce dispositif électronique dans un période plus courte qu'une période prédéterminée augmente la valeur d'un compteur, la valeur de ce compteur indiquant une autre période durant laquelle le dispositif électronique est au repos. De préférence, la période de repos du dispositif électronique correspond à une fonction exponentielle de la valeur du compteur. Grâce à cette valeur, on ne peut pas déterminer raisonnablement la fonction du dispositif électronique en testant un grand nombre de valeurs d'entrée, ce qui permet d'éviter la copie de ce dispositif. Selon l'invention, le système comprend: un compteur; un mécanisme de mise à zéro du compteur, permettant de maintenir la valeur du compteur pendant une période prédéterminée après que le système a été éteint; et un circuit d'accès logique conçu pour augmenter la valeur du compteur à chaque fois qu'un accès est effectué sur le dispositif électronique et pour mettre le dispositif électronique au repos pendant une période déterminée en fonction de la valeur du compteur.
EP07712221A 2006-03-23 2007-02-14 Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique Withdrawn EP1997058A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP07712221A EP1997058A1 (fr) 2006-03-23 2007-02-14 Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP06300278 2006-03-23
PCT/EP2007/051457 WO2007107417A1 (fr) 2006-03-23 2007-02-14 Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique
EP07712221A EP1997058A1 (fr) 2006-03-23 2007-02-14 Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique

Publications (1)

Publication Number Publication Date
EP1997058A1 true EP1997058A1 (fr) 2008-12-03

Family

ID=38198559

Family Applications (1)

Application Number Title Priority Date Filing Date
EP07712221A Withdrawn EP1997058A1 (fr) 2006-03-23 2007-02-14 Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique

Country Status (4)

Country Link
EP (1) EP1997058A1 (fr)
JP (1) JP2009530727A (fr)
CN (1) CN101405745A (fr)
WO (1) WO2007107417A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101989860B1 (ko) * 2012-12-21 2019-06-17 에스케이하이닉스 주식회사 메모리 컨트롤러 및 이를 포함하는 메모리 시스템

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3041109A1 (de) * 1980-10-31 1982-06-09 GAO Gesellschaft für Automation und Organisation mbH, 8000 München Identifikationselement
JPS592062B2 (ja) * 1980-12-06 1984-01-17 オムロン株式会社 取引処理装置における暗証コ−ド判別装置
US5559505A (en) * 1992-05-20 1996-09-24 Lucent Technologies Inc. Security system providing lockout for invalid access attempts
US5594227A (en) * 1995-03-28 1997-01-14 Microsoft Corporation System and method for protecting unauthorized access to data contents
JP2842377B2 (ja) * 1996-05-22 1999-01-06 日本電気株式会社 暗証情報照合システム
JP2002222402A (ja) * 2001-01-24 2002-08-09 Dainippon Printing Co Ltd Icカード
US7167843B2 (en) * 2002-06-05 2007-01-23 Sun Microsystems, Inc. Apparatus for private personal identification number management
JP3929887B2 (ja) * 2002-12-25 2007-06-13 株式会社東芝 半導体集積回路、半導体集積回路モジュール、および、情報機器
JP3929888B2 (ja) * 2002-12-25 2007-06-13 株式会社東芝 Icカード

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2007107417A1 *

Also Published As

Publication number Publication date
JP2009530727A (ja) 2009-08-27
WO2007107417A1 (fr) 2007-09-27
CN101405745A (zh) 2009-04-08

Similar Documents

Publication Publication Date Title
EP1960945B1 (fr) Méthode et systèmes mettant en oeuvre des étiquettes à identificateur par radio fréquence afin de comparer et d'authentifier des objets
US7518514B2 (en) Adaptive rule based electronic reminder for personal objects
US7872582B1 (en) RFID tag chips and tags with alternative memory lock bits and methods
US6331145B1 (en) Electronic dice
CN100399350C (zh) Rfid标签装置、标签识别装置和无线电通信系统
US11481592B1 (en) RFID tags with public and private inventory states
US10650201B1 (en) RFID tags with port-dependent functionality
US20080230615A1 (en) Near-field communication card for communication of contact information
US20090201135A1 (en) Wireless ic communication device and response method for the same
CN101416201A (zh) 使用无源rfid标签定位对象的方法和系统
US8115590B1 (en) RFID readers limiting theft of confidential information
WO2006083468A2 (fr) Dactyloscopie par radiofrequence destinee a detecter des etiquettes d'identification radiofrequence frauduleuses
US10049317B1 (en) RFID tags with public and private inventory states
US20050134436A1 (en) Multiple RFID anti-collision interrogation method
US8441342B2 (en) Pseudo-random authentification code altering scheme for a transponder and a base station
WO2006132732A2 (fr) Systeme et procede pour lire depuis un transpondeur rf et/ou ecrire vers celui-ci
Xiao et al. RFID technology, security vulnerabilities, and countermeasures
WO2007107417A1 (fr) Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique
US20090160610A1 (en) Pseudorandom number generator
RU182178U1 (ru) Криптографическая метка
KR101112535B1 (ko) 태그 내 플래그를 이용한 단말기 인증 방법
JP2011060136A (ja) 携帯可能電子装置、および、携帯可能電子装置におけるデータ管理方法
US11594115B2 (en) Methods and apparatuses for determining a position of a security tag
US20090134977A1 (en) Method and apparatus for RFID device coexistance
Peng et al. A multi-tag emulator for the UHF RFID system

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20080904

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20090901