KR101470053B1 - Rfid tag and interrogator for supporting normal mode and secure mode and the method thereof - Google Patents

Abstract

There is provided an RFID tag, an interrogator, and an operation method thereof that support a normal mode and a secure mode. The RFID tag can inform the interrogator whether the current operation mode is the normal mode or the security mode, perform different inventory processes according to the current operation mode of the RFID tag, and authenticate the interrogator. At this time, the RFID tag and the interrogator may perform mutual authentication.

Description

TECHNICAL FIELD [0001] The present invention relates to an RFID tag, an interrogator, and an operation method thereof,

The present invention relates to a technology for providing a plurality of operation modes in an RFID tag having an RFID tag function and an interrogator performing communication with the RFID tag.

As RFID (Radio Frequency Identification) technology develops, various technologies are applied to the RFID system. Here, the RFID system may include an RFID tag and an interrogator that performs communication with the RFID tag. For example, the interrogator may include an RFID reader.

In particular, as security awareness becomes more important, there is a need to provide security functions in RFID systems among various technologies.

Accordingly, there is a demand for a technology capable of providing a security function in the communication between the RFID tag and the interrogator according to necessity.

Furthermore, there is a need for techniques that can support both the security functions as well as the functions of existing RFID tags.

The present invention provides a technique for providing a security function in an RFID system composed of an RFID tag and an interrogator.

In addition, the present invention provides a technology that can support both security functions and existing RFID tag functions according to the situation.

A method of operating an RFID tag according to an embodiment of the present invention includes determining whether a current operation mode is a normal mode or a secure mode, and transitioning an operation state based on the current operation mode can do.

The method may further include encrypting the Protocol Control (PC) information, the XPC_W1 parameter, the XPC_W2 parameter, and the tag identification information in response to the determination that the current operation mode is the security mode, and transmitting the encryption key to the interrogator . Here, the tag identification information may include Unique Item Identification (UII) information or Electronic Product Code (EPC) information.

The step of transiting the operation state may further include encrypting the PC (Protocol Control) information, the XPC_W1 parameter, the XPC_W2 parameter, and the tag identification information, and transmitting the enciphered state to the interrogator, Transitioning from an acknowledged state to a secured state, and completing an inventory process upon transition to the secure state.

In addition, the step of determining the current operation mode may include the steps of authenticating the interrogator, and forming a secure channel as the current operation mode is determined to be a secure mode or a normal mode .

In addition, the step of determining the current operation mode may further include determining whether to hold and terminate a secure channel based on whether or not the authentication of the interrogator using the secure channel is successful. have.

In addition, the step of authenticating the interrogator may include generating challenge tag (ChTag) information, encrypting the challenge tag (ChTag) information and transmitting the challenge tag (ChTag) information to the interrogator, (ChTag) information, and authenticating the interrogator by comparing the decrypted challenge tag (ChTag) information with the generated challenge tag (ChTag) information.

An RFID tag according to an embodiment of the present invention includes an operation mode determination unit for determining whether a current operation mode is a normal mode or a secure mode, Section.

In addition, the operation mode determination unit may include a secure channel formation unit that forms a secure channel according to the determination that the current operation mode is a secure mode or a normal mode, and an authentication unit that authenticates the interrogator using the secure channel Section.

Also, the operation state transition unit transitions from the acknowledged state to the open state or the secure state based on whether the master key exists or not, as the current operation mode is determined as the normal mode, inventory process can be completed.

An operation method of an interrogator according to an embodiment of the present invention includes determining whether a current operation mode of a tag is a normal mode or a secure mode, and authenticating a tag based on a current operation mode of the tag .

In addition, the step of authenticating the tag may include using challenge length (ChLen) information, challenge tag (ChTag) information, and challenge index (ChInt) information as the current operation mode of the tag is determined to be the general mode So that the tag can be authenticated. At this time, the step of authenticating the tag may authenticate the tag or mutually authenticate the tag and the interrogator.

In addition, the step of authenticating the tag may further include, in response to the determination that the current operation mode of the tag is the secure mode, using the challenge length (ChLen) information, the challenge index (ChInt) Can be authenticated.

In addition, the step of authenticating the tag may include generating challenge indication (ChInt) information, decrypting the encrypted challenge indication (ChInt) information in the tag, and decrypting the encrypted challenge indication (ChInt) And authenticating the tag by comparing the ChInt information.

The method may further include deleting, changing, or adding the master key of the tag as the tag authentication is successful.

In addition, the method may further include changing the current operation mode of the tag as the tag authentication is successful.

An interrogator according to an embodiment of the present invention includes an operation mode determination unit for determining whether a current operation mode of a tag is a normal mode or a secure mode, and an authentication unit for authenticating a tag based on the current operation mode of the tag .

A method of operating an RFID tag according to an embodiment of the present invention includes the steps of determining whether an RFID tag is a security tag or a general tag based on whether an encryption engine is mounted or not, , The security tag may comprise providing communication with a security inter- rager or a general inter- netter based on a current mode of operation.

The step of determining whether the RFID tag is a security tag or a general tag may include determining whether the RFID tag is a security tag when the encryption engine is installed in the RFID tag, , The RFID tag can be determined as a general tag.

In addition, in the providing of the communication, when the current operation mode is the normal mode, the security tag may provide communication with the general interrogator using the tag identification information. Here, the general interrogator may be an interrogator not equipped with the encryption engine.

In addition, the providing of the communication may be such that, when the current operation mode is the secure mode, the security tag may provide communication with the security interposer using any UII information. Here, the security interrogator may be an interrogator equipped with the encryption engine.

According to the present invention, a security function can be provided in an RFID system composed of an RFID tag and an interrogator.

In addition, according to the present invention, a variety of application services can be provided by supporting both a security function and an RFID tag function.

1 is an overall system diagram of an interrogator and an RFID tag according to an embodiment of the present invention.
2 is a flowchart illustrating an operation for supporting a normal mode and a secure mode in an RFID tag according to an embodiment of the present invention.
FIG. 3 is a flowchart illustrating an operation of accepting a security authentication procedure in place of a connection password command, which is a selection command in an RFID tag according to an embodiment of the present invention.
4 is a flowchart illustrating an operation of accepting both a connection password command and a security authentication procedure in an RFID tag according to an embodiment of the present invention.
5 is a diagram illustrating state transition of an RFID tag according to an embodiment of the present invention.
FIG. 6 is a diagram illustrating an inventory process including mutual authentication between an RFID tag and an interrogator in a secure mode according to an embodiment of the present invention. Referring to FIG.
FIG. 7 is a diagram for explaining a mutual authentication process after an inventory between an RFID tag and an interrogator in a normal mode according to an embodiment of the present invention.
8 is a diagram illustrating state transition of an RFID tag according to an embodiment of the present invention.
9 is a view for explaining a security inventory including mutual authentication between an RFID tag and an interrogator in a security mode according to an embodiment of the present invention.
FIG. 10 is a diagram for explaining a mutual authentication process after an inventory between an RFID tag and an interrogator in a normal mode according to an embodiment of the present invention.
11 is a diagram illustrating a process of authenticating an RFID tag using an authentication server according to an embodiment of the present invention.
12 is a block diagram showing the configuration of an RFID tag according to an embodiment of the present invention.
13 is a flowchart provided to illustrate the operation of the interrogator according to an embodiment of the present invention.
14 is a block diagram showing a configuration of an interrogator according to an embodiment of the present invention.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. Prior to this, terms and words used in the present specification and claims should not be construed as limited to ordinary or dictionary terms, and the inventor should appropriately interpret the concepts of the terms appropriately It should be interpreted in accordance with the meaning and concept consistent with the technical idea of the present invention based on the principle that it can be defined.

Therefore, the embodiments described in this specification and the configurations shown in the drawings are merely the most preferred embodiments of the present invention and do not represent all the technical ideas of the present invention. Therefore, It is to be understood that equivalents and modifications are possible. In addition, the same reference numerals shown in the drawings denote the same members.

1 is an overall system diagram of an interrogator and an RFID tag according to an embodiment of the present invention. In FIG. 1, the interrogator 110 may include an RFID reader.

Referring to FIG. 1, an interrogator 110 may communicate with a plurality of RFID tags 120 to control an RFID tag. Here, the RFID tag can support both the normal mode and the secure mode. The normal mode is a mode that separately supports the RFID tag function of ISO / IEC 18000-6 Type C, tag authentication, interrogator authentication and mutual authentication, and the security mode is a mode in which mutual authentication between the security interrogator and the RFID tag is performed And a security channel is formed to emphasize the security of communication.

For example, if the interrogator 110 selects the RFID tag 1 121 among the RFID tags 120, the RFID tag 1 121 determines the current operation mode of the tag based on the SM-Flag stored in the memory . For example, if SM-Flag is 1, it can be a security mode, and if SM-Flag is 0, it can be a normal mode. Here, the SM-Flag may be already set to "0" or "1" by the authenticated interrogator.

Then, the RFID tag 1 (121) can authenticate the interrogator according to the current operation mode. For example, when the interrogator 110 stores a master key, the interrogator 110 can authenticate the RFID tag 121 (121). In another example, if the interrogator 110 does not store the master key, the interrogator 110 may authenticate the RFID tag 1 121 via the authentication server 130.

At this time, the RFID tag 1 (121) can authenticate the interrogator in different operating states according to the current operation mode. At this time, the interrogator can authenticate the RFID tag 121 (121) as needed.

For example, when the current operation mode is the secure mode, the RFID tag 1 121 can authenticate the interrogator 110 in an acknowledged state. When the authentication is successful, the RFID tag 1 (121) can transition from the acknowledged state to the secured state (Secured State).

As another example, when the current operation mode is the normal mode, the RFID tag 1 121 can authenticate the interrogator 110 in an open state. When the authentication is successful, the RFID tag 1 (121) can transition from the open state to the secure state (Secured State).

2 is a flowchart illustrating an operation for supporting a normal mode and a secure mode in an RFID tag according to an embodiment of the present invention.

First, in step 210, the RFID tag can determine whether the current operation mode is the normal mode or the secure mode.

For example, the RFID tag can determine whether the current operation mode is a normal mode or a secure mode using a SM (Secure Mode) -Flag already established by a previously authenticated interrogator. For example, if the SM-Flag is 1, the RFID tag can determine the current operation mode as the security mode. If the SM-Flag is 0, the RFID tag can determine the current operation mode as the normal mode. Here, the SM-Flag is a bit existing in the memory of the RFID tag.

Then, in step 220, the RFID tag can transition the operation state based on the current operation mode.

For example, when the current operation mode is the normal mode, the RFID tag can transition the operation state to the secure state or the open state based on the existence of the master key. For example, if there is a master key in the acknowledged state, the RFID tag may transition from an acknowledged state to a secured state through an authentication procedure.

At this time, if the master key does not exist, the RFID tag can transition from the acknowledged state to the secured state without performing the authentication procedure. Then, the RFID tag performs the authentication of the interrogator in the open state, and can transition the operation state from the open state to the security state or the adjustment state (Arbitrate State) based on the authentication success or failure. For example, if the authentication is successful, the RFID tag can transition from the open state to the secure state. If the authentication fails, the RFID tag can transition from the open state to the adjustment state.

As another example, when the current operation mode is the secure mode, the RFID tag can transition the operation state to the security state or the adjustment state based on whether or not the authentication of the interrogator is successful. E.g. If the interrogator is successfully authenticated in the acknowledged state, the RFID tag can transition from the acknowledged state to the secured state. At this time, if the authentication fails, the RFID tag can transition from the acknowledged state to the adjusted state.

FIG. 3 is a flowchart illustrating an operation of accepting a security authentication procedure in place of a connection password command, which is a selection command in an RFID tag according to an embodiment of the present invention.

First, when the RFID tag performs an inventory process and receives an ACK (RN 16) from the interrogator in response to the RN 16, the RFID tag can transmit the tag identification information based on the current operation mode. Here, the tag identification information may include Unique Item Identification (UII) information or Electronic Product Code (EPC) information. For example, when an ACK (RN 16) is received from the interrogator in a reply state, the RFID tag can determine the current operation mode based on the SM-Flag.

At this time, if the current operation mode is the security mode in step 301, the RFID tag can generate arbitrary UII information. Here, any UII information may include a randomly generated value. At this time, the RFID tag can transmit the void UII information or the non-tracking UII information to the interrogator instead of the arbitrary UII information. Here, the void UII information is meaningless information, and the non-tracking UII information is information including only partial information of the tag identification information. As described above, when the current operation mode is the security mode, the RFID tag can transmit arbitrary UII information, void UII information, or non-tracking UII information to the interrogator so that the interrogator does not recognize the tag identification information .

Then, the RFID tag can set the U flag based on the generated UII information. For example, the RFID tag can set U flag and S flag based on Table 1 below.

U flag S flag meaning 0 0 General RFID tag One 0 An undefined RFID tag 0 One Security tags and normal UII information One One Security tags and optional UII information

According to Table 1, in the case of generating any UII information, the RFID tag can set the U flag to 1 and the S flag to 1, respectively. And, when the normal UII information is generated, the RFID tag can set the U flag to 0 and the S flag to 1 when it is a security tag. When the current operation mode is a normal tag and normal UII information is generated, the RFID tag can set the S flag to 0 and the U flag to 0.

In the Acknowledged State, the RFID tag can transmit the PC (Protocol Control) information, the U flag, the XPC_W1 parameter, the XPC_W2 parameter, and the UII information into which the S flag is inserted, to the interrogator.

Then, in step 302, the RFID tag may form a secure channel with the interrogator in an acknowledged state.

For example, as the RFID tag receives the Sec_Init message from the interrogator, it can initialize the encryption engine of each RFID tag and interrogator to form a secure channel. At this time, the interrogator may be a security interrogator. Here, the security interrogator is an apparatus that can distinguish a general RFID tag from a secure RFID tag, and can access the secure RFID tag to delete, modify, or change the master key of the secure RFID tag.

In step 303, the RFID tag may encrypt the PC information, the XPC_W1 parameter, the XPC_W2 parameter, and the UII information, and transmit the encryption information to the interrogator through the secure channel. At this time, the RFID tag can transmit the encrypted PC information, the XPC_W1 parameter, the XPC_W2 parameter, and the UII information to the interrogator.

In step 304, the RFID tag can authenticate the interrogator using the secure channel in the acknowledged state. At this time, after performing the authentication, the RFID tag can transition from the acknowledged state to the secure state. As described above, in the security mode, the RFID tag can complete the inventory process as the operation state transitions to the secure state.

In one example, the RFID tag may receive encrypted Challengeint (ChInt) information and encrypted RN 16 parameters from the interrogator over the secure channel. Here, the encrypted challenge information is information generated and encrypted using a random function in the interrogator. The RFID tag can then decrypt the encrypted RN 16 parameter and authenticate the interrogator by comparing the decrypted RN 16 parameter with the already existing RN 16 parameter. At this time, if the decoded RN 16 parameter and the existing RN 16 parameter match, the RFID tag can determine that the interrogator has been successfully authenticated. If the decoded RN 16 parameter does not match the RN 16 parameter already held, the RFID tag can determine that the authentication of the interrogator has failed.

At this time, if the authentication is successful, the RFID tag can decrypt the encrypted challenge information in the interrogator. Then, the RFID tag can re-encrypt the decrypted challenge information. The RFID tag can then encrypt the Handle parameter. Then, the RFID tag can transmit the encrypted challenge indicator information and the encrypted handle parameter to the interrogator through the secure channel. The interrogator can then authenticate the RFID tag using the re-encrypted Challenge-ST information in the RFID tag.

In step 305, the RFID tag can determine whether to terminate the secure channel based on whether the authentication of the interrogator is successful or not.

In step 305, if the interrogator is successfully authenticated, in step 306, the RFID tag may transition from the acknowledged state to the secure state. In this way, when the RFID tag transitions to the secure state, the RFID tag can maintain the secure channel formed with the interrogator. At this time, if the authentication is successful, the interrogator can delete, change or add the master key of the RFID tag or change the current operation mode of the tag.

If the authentication of the interrogator fails in step 305, the RFID tag may terminate the secure channel and terminate the communication with the interrogator.

On the other hand, if the current operation mode is the normal mode in step 308, the RFID tag can transition the operation state based on the presence or absence of the master key in step 309. [ In one example, the RFID tag can transition an operational state to an open state or a secure state based on the presence or absence of a master key.

At this time, if there is a master key in step 309, the RFID tag can transition from the acknowledged state to the open state in step 310. [

For example, if a Master Key (MK) exists after receiving a Request_RN message from an Interrogator, the RFID Tag may transition to an open state. At this time, if the master key does not exist, the RFID tag can transition the operation state to the secure state in step 311. [

At this time, as the operating state transitions to the open state, the inventory process can be completed. That is, when the current operation mode is the security mode, up to the security state is the inventory process, and if the current operation mode is the general mode, the open state or the security state can be the inventory process.

In operation 310, when the RFID tag transitions to the open state, the RFID tag can authenticate the interrogator in the open state. At this time, the interrogator can authenticate the RFID tag as needed.

In one example, the RFID tag and the interrogator can perform mutual authentication using the challenge length information, the challenge tag information, and the challenge indicator information.

At this time, as the RFID tag transitions to the open state, the RFID tag can perform the same function as the open state of ISO / IEC 18000-6 Type C. Further, in the open state, the RFID tag may further perform a security function related command, a security tag initialization related command, a tag authentication command, and an interrogator authentication command.

Then, the RFID tag can transition from the open state to the security state or the adjustment state based on the success or failure of the authentication. At this time, when the authentication fails, the RFID tag can transition from the open state to the adjustment state. When the authentication is successful, the RFID tag can transition from the open state to the secure state. Here, when transitioning to the secure state, the interrogator can add, delete or change the master key stored in the RFID tag. The interrogator may also change the current operating mode of the RFID tag. At this time, the SM-Flag can be reset to 0 or 1 based on the current operation mode changed by the interrogator.

3, when the current operation mode is the normal mode, the secure channel is not formed after the authentication between the RFID tag and the interrogator is successful. However, if the current operation mode is the normal mode, After successful authentication between the routers, the RFID tag may form a secure channel with the interrogator.

Up to now, in FIG. 3, an operation procedure of accepting a security authentication procedure instead of a connection password command and an operation state transition process of an RFID tag have been described in the RFID tag. Hereinafter, the operation state transition process of the RFID tag in the case where the security state in which the connection password command is received in the RFID tag and the authentication state in which the security authentication procedure is received are separately separated will be described below with reference to FIG.

4 is a flowchart illustrating an operation of accepting both a connection password command and a security authentication procedure in an RFID tag according to an embodiment of the present invention. In FIG. 4, the authentication state and the security state of the RFID operation state are separately separated.

First, in step 401, the RFID tag can determine whether the current operation mode is the normal mode or the secure mode based on the SM_Flag. Here, the general mode is a mode for separately supporting RFID tag function, tag authentication, interrogator authentication and mutual authentication in ISO / IEC 18000-6 Type C, and the security mode is a mode for mutual authentication between the security interrogator and the RFID tag And a security channel is formed to emphasize the security of communication. At this time, when the current operation mode is the security mode, the RFID tag can generate tag identification information. If the current operation mode is the normal mode, the tag identification information includes UII information or EPC information. If the current operation mode is the security mode, the tag identification information may include any UII information. For example, an RFID tag can generate arbitrary UII information using a random function.

Then, the RFID tag can transmit any generated UII information, PC (Protocol Control) information, XPC_W1 parameter, and XPC_W2 parameter to the interrogator. Here, the U flag set based on the UII information may be inserted into the XPC_W1 parameter. In this case, in the security mode, the UII information transmitted to the interrogator may be untraced UII information.

Then, in step 402, The RFID tag may form a secure channel to authenticate the interrogator in the acknowledged state. The RFID tag can encrypt the PC (Protocol Control) information, the XPC_W1 parameter, the XPC_W2 parameter, and the tag identification information.

Then, in step 403, the RFID tag can transmit the encrypted PC (Protocol Control) information, the XPC_W1 parameter, the XPC_W2 parameter, and the tag identification information to the interrogator through the secure channel. For example, referring to FIG. 6, the RFID tag includes encrypted PC information, XPC_W1 parameters, and XPC_W2 parameters Enc (PC, XPC_W1 (U: '0', S: '1' , The tag identification information can be transmitted to the interrogator. Here, the XPC_W2 parameter can be used to confirm the encryption function of the RFID tag in place of the Get_Capabilities message. For example, when the XPC_W2 parameter transmitted from the RFID tag is received, the interrogator determines whether the RFID tag has a function of authenticating the RFID tag using the tag authentication, the interrogator authentication, the mutual authentication, or the server In other words, the XPC_W2 parameter or the Get_Capabilities message is used to perform at least one of the following: 1) an encryption engine of the RFID tag, and 2) a tag authentication, an interrogator authentication, and a mutual authentication And can be used to confirm an authentication function indicating whether or not it can be done.

Then, in step 404, the RFID tag may authenticate the interrogator via a secure channel. At this time, the RFID tag can authenticate the interrogator using the challengeint (ChInt) information, the RN16 parameter, the challenge length (ChLen) information, and the Handle parameter.

In one example, the RFID tag may receive Challenge Length information, Challenge Ind Information, and RN 16 parameters embedded in the Sec_ReqRN message from the Interrogator over the secure channel. Here, the challengeint information and the RN 16 parameters may be encrypted in the interrogator, respectively, and inserted into the Sec_ReqRN message. At this time, the challenge information is information generated by using a random function in the interrogator.

In step 405, the RFID tag may transit the operation state to the authentication state or the adjustment state based on the authentication success or failure.

For example, if authentication of the interrogator is successful, in step 406, the RFID tag may transition from the acknowledged state to the authentication state. At this time, if the authentication state is transited, the interrogator can change the current operation mode of the RFID tag. The interrogator may also change, delete, or add the master key stored in the RFID tag.

As another example, if authentication of the interrogator fails, the RFID tag may terminate the secure channel and terminate communication with the interrogator.

On the other hand, if the current operation mode is the normal mode in step 408, the RFID tag can transition the operation state based on an access password (AP) and a master key (MK) in step 409. In other words, when there is no access password, the RFID tag authenticates the interrogator based on the existence of the master key and transits the operation state, and if there is an access password, The gater can be authenticated and the operation state can be transited.

For example, after receiving the Request_RN message from the Interrogator, if the Access Password and the Master Key do not exist (AP = 0, MK = 0), the RFID Tag transitions from the acknowledged state to the Authenticated state .

As another example, if the access password does not exist and only the master key exists (AP = 0, MK > 0) after receiving the request_request message from the interrogator in step 410, , The RFID tag can transition from the acknowledged state to the secure state. When transitioning to the secure state, the RFID tag can authenticate the interrogator. Then, the RFID tag can transition the operation state from the security state to the authentication state or the adjustment state based on the authentication success or failure.

As another example, if the access password exists in step 410, the RFID tag may transition from the acknowledged state to the open state in step 412. [ In this way, when the RFID tag transitions to the open state, the RFID tag can perform the same function as the RFID tag in the open state of ISO / IEC 18000-6 Type C. Further, the RFID tag may perform a security related command, a tag authentication command, an encryption engine initialization command of the security tag, and the like in an open state.

At this time, if the access passwords match in step 413, then in step 414, The RFID tag can transition from an open state to a secure state or an authenticated state based on the presence or absence of a master key.

For example, if a master key is present, the RFID tag may transition from an open state to a secure state. Then, when the RFID tag transits to the security state, the RFID tag performs authentication of the interrogator, and may transition the operation state from the security state to the authentication state or the adjustment state based on the authentication success. As another example, when there is no master key, the RFID tag can transition from the open state to the authentication state.

5 is a state transition diagram of the RFID tag according to the embodiment of the present invention, in which the flowchart of FIG. 3 is shown. In particular, FIG. 5 may be a state transition diagram when the security state and the authentication state are integrated into the security state in the state transition diagram of FIG.

Referring to FIG. 5, the RFID tag receives a query repeat from the interrogator in the arbitration state, and transmits the RN 16 parameter to the interrogator in response to the query repeat in the reply state. Lt; / RTI > When the ACK (RN 16) is received from the interrogator in response to the RN 16 parameter, the RFID tag can transition from the acknowledged state to the acknowledged state.

At this time, the RFID tag can transition from the acknowledged state to the secure state or the open state based on the current operation mode.

For example, if the current operation mode is the secure mode, the RFID tag can transition from the acknowledged state to the secure state or to the steered state based on whether the interrogator has successfully authenticated. At this time, when the authentication is successful, the RFID tag can directly transition from the acknowledged state to the secure state. As described above, in the security mode, the RFID tag transitions the operation state directly to the security state, so that the RFID tag can quickly perform the inventory process. When the authentication fails, the RFID tag can transition from the acknowledged state to the adjusted state.

As another example, when the current operation mode is the normal mode, the RFID tag can transition from the acknowledged state to the open state or the secure state based on the presence or absence of the master key. At this time, if the master key does not exist (MK = 0), the RFID tag can transition from the acknowledged state to the secure state. If there is a master key (MK > 0), the RFID tag can transition from the acknowledged state to the open state. Then, when the RFID tag transitions to the open state, the RFID tag can transition from the open state to the secure state or the adjustment state based on whether or not the authentication with the interrogator is successful.

In other words, when the current operation mode is the normal mode, the inventory process is up to the open state or the secure state, and the current operation mode is the secure mode, the inventory process can be up to the secure state. Accordingly, in the security mode, the RFID tag can quickly perform the inventory process while forming a secure channel.

FIG. 6 is a diagram illustrating a security inventory process between an RFID tag and an interrogator in a secure mode according to an embodiment of the present invention. Referring to FIG. 6 is a view for explaining a security inventory process in an RFID tag operating in a security mode when the security state and the authentication state are integrated into one.

According to FIG. 6, when a secure channel is formed between the RFID tag and the interrogator, the RFID tag can encrypt the PC information, the XPC_W1 parameter, the XPC_W2 parameter, and the UII information, and transmit the PC information, the XPC_W2 parameter, and the UII information to the interrogator through the secure channel.

Then, the interrogator can receive and decrypt the encrypted PC information, the XPC_W1 parameter, the XPC_W2 parameter, and the UII information through the secure channel. Then, the interrogator can generate the challenge index (ChInt) information using the random function. The interrogator can then encrypt the Challenge Steer information and the RN 16 parameter, respectively. The interrogator may then transmit the encrypted challenge stat information, the encrypted RN 16 parameter, and the challenge length information (ChLen) to the Sec_ReqRN message and transmit it to the RFID tag over the secure channel.

The RFID tag can then decode the RN 16 parameters and compare the decoded RN 16 parameters with the already existing RN 16 parameters. At this time, the RFID tag can determine whether to terminate the secure channel with the interrogator based on the comparison result.

In one example, if the decoded RN 16 parameter and the existing RN 16 parameter match, the RFID tag may decide not to terminate the secure channel with the interrogator. In other words, when the secure channel is maintained, the RFID tag can generate a Handle parameter using a random function. Then, the RFID tag can encrypt the handle parameter. At this time, if the decoded RN 16 parameter does not match with the RN 16 parameter already held, the RFID tag decides to terminate the secure channel with the interrogator and can terminate the secure channel.

And, if the secure channel is maintained, the RFID tag can re-encrypt the decrypted Challenge Steer information. The RFID tag may insert the encrypted challenge identifier and the encrypted handle parameter into a reply message and transmit the reply message to the interrogator through the secure channel. Then, the interrogator can decrypt the Challenge Steer information and authenticate the RFID tag based on whether the decrypted Challenge Steer information matches the Challenge Steer information already held. For example, if there is a match, the interrogator determines that the RFID tag authentication is successful, and if not, it can be determined that the RFID tag authentication has failed. At this time, if the RFID tag authentication fails, the interrogator can terminate the secure channel and terminate the communication with the RFID tag.

When the RFID tag authentication is successful, the interrogator and the RFID tag can use the handle parameter during communication through the secure channel. The RFID tag can compare handle parameters that already have handle parameters received from the interrogator. As a result of the comparison, if the decoded handle parameter and the handle parameter already held match, the RFID tag can decide to keep the secure channel. At this time, if the decoded handle parameter does not match the handle parameter already held, the RFID tag can ignore the message corresponding to the handle parameter.

FIG. 7 is a diagram for explaining a mutual authentication process after an inventory between an RFID tag and an interrogator in a normal mode according to an embodiment of the present invention. Particularly, FIG. 7 is a diagram for explaining a process of operating in a normal mode when an authenticated state and a secured state are combined in an operation state of the RFID tag.

Referring to FIG. 7, the RFID tag can transition from the acknowledged state to the open state upon receiving the request_request (Req_RN) message from the interrogator.

The RFID tag may then send a reply message to the interrogator in response to the Request_RN message. At this time, the reply message may include a handle parameter.

At this time, as the operation state of the RFID tag transitions to the open state, the RFID tag can perform the same function as the open state defined in ISO / IEC 18000-6 Type C. The RFID tag may also perform security related commands, an encryption engine initialization command, a tag authentication command, and the like. In other words, RFID tags and interrogators can perform RFID tag authentication, interrogator authentication, and mutual authentication.

In detail, the interrogator can transmit a Security Initial (Sec_Init) message to the RFID tag. Here, the Sec_Init message is a message for initializing the encryption engine of the RFID tag. The RIFD tag may then send a Reply message to the Interrogator in response to the Sec_Init message. Then, the interrogator can generate the challenge index (ChInt) information using the random function. The interrogator can then encrypt the Challenge Steer information. Then, the interrogator inserts the encrypted challenge indication (ChInt) information and the handle parameter into the authentication request message (ReaAuth) and transmits the authentication request message (ReaAuth) to the RFID tag.

Then, the RFID tag can decode the challenge steer information and re-encrypt the decoded challenge steer information. The RFID tag can generate the challenge tag (ChTag) information using the random function, and can encrypt the challenge tag information. Then, the RFID tag inserts the encrypted challenge tag information, the re-encrypted challenge index information, and the handle parameter into a reply message and transmits the reply message to the interrogator.

Then, the interrogator can decode the Challenge Steer information and compare whether the decoded Challenge Steer information and the Challenge Steer information that it already has are identical. At this time, if the comparison result is matched, the interrogator can determine that the RFID tag authentication is successful. If the comparison result does not match, the interrogator can determine that the RFID tag authentication has failed.

The interrogator can then decrypt the challenge tag information and re-encrypt the decrypted challenge tag information. Then, the interrogator inserts the re-encrypted challenge tag information into the authentication request message (ReaAuth) and transmits the re-encrypted challenge tag information to the RFID tag. Then, the RFID tag can decode the challenge tag information. The RFID tag can compare whether or not the decrypted challenge tag information matches the challenge tag information already held. At this time, if the comparison results match, the RFID tag can determine that the interrogator has been successfully authenticated. As the authentication succeeds, the RFID tag inserts the handle parameter into the reply message in response to the authentication request message (ReaAuth), and transmits the response message to the interrogator. On the other hand, if the comparison result does not match, the RFID tag can determine that authentication of the interrogator has failed. In this way, when the authentication fails, the RFID tag may not transmit a reply message to the interrogator in response to the authentication request message (ReaAuth).

FIG. 8 is a diagram illustrating a state transition diagram of an RFID tag according to an exemplary embodiment of the present invention. Referring to FIG. In particular, FIG. 8 is a diagram showing a state transition diagram in which a security state accepting a connection password command and an authentication state accepting a security authentication procedure in FIG. 5 are separated.

Referring to FIG. 8, the RFID tag receives a query repeat from the interrogator in an arbitration state, and transmits an RN 16 parameter to the interrogator in response to a query repeat in a reply state Lt; / RTI > When the ACK (RN 16) is received from the interrogator in response to the RN 16 parameter, the RFID tag can transition from the acknowledged state to the acknowledged state.

At this time, the RFID tag can transition from an acknowledged state to an open state, a secured state, or an authenticated state based on the current operation mode.

For example, if the current operation mode is the secure mode, the RFID tag can transition from the acknowledged state to the authenticated state or the coordinated state based on whether the interrogator has successfully authenticated. At this time, when the authentication is successful, the RFID tag can directly transition from the acknowledged state to the authenticated state. As described above, in the security mode, the RFID tag transitions the operation state directly to the authentication state, so that the RFID tag can quickly perform the inventory process. When the authentication fails, the RFID tag can transition from the acknowledged state to the adjusted state.

As another example, when the current operation mode is the normal mode, the RFID tag transmits the operation state from the acknowledged state to the authentication state, the security state, and the authentication state based on the existence of the master key (MK) and the access password (AP) Or open state.

First, if the master key and the access password do not exist (MK = 0, AP = 0), the RFID tag can transition from the acknowledged state to the authenticated state. When the operation state transits to the authentication state, the RFID tag can execute a command related to the setting of the master key and the mode change. At this time, the interrogator can add, delete or modify the master key stored in the RFID tag, and change the current operation mode of the RFID tag.

On the other hand, if there is a master key but there is no access password (MK > 0, AP = 0), the RFID tag can transition from the acknowledged state to the secure state. Then, the RFID tag performs authentication of the interrogator in the secure state, and can transition the operation state from the security state to the authentication state or the adjustment state based on the authentication success or failure. For example, the RFID tag transits from the operation state to the authentication state as the interrogator is successfully authenticated, and transitions to the operation state as the interrogator fails to authenticate.

On the other hand, if there is an access password (AP > 0), the RFID tag can transition from the acknowledged state to the open state. At this time, the RFID tag transitions to the open state, and if the master key exists, the RFID tag can transition from the open state to the secure state in accordance with the matching of the access password. Then, the RFID tag performs authentication of the interrogator in the secure state, and can transition to the authentication state or the adjustment state based on the authentication success or failure. For example, the RFID tag transits from the operation state to the authentication state as the interrogator is successfully authenticated, and transitions to the operation state as the interrogator fails to authenticate.

9 is a view for explaining a security inventory between an RFID tag and an interrogator in a security mode according to an embodiment of the present invention. 9 is a view for explaining an inventory process in the security mode when the authentication state and the security state of the RFID tag are separated. The RFID tag shown in FIG. 9 is different from the RFID tag shown in FIG. 6 only in the operation state for performing mutual authentication, and the description thereof will be omitted.

According to FIG. 9, when a secure channel is formed between the RFID tag and the interrogator, the RFID tag can encrypt the PC information, the XPC_W1 parameter, the XPC_W2 parameter, and the UII information, and transmit the PC information, the XPC_W2 parameter, and the UII information to the interrogator through the secure channel. Then, the RFID tag can perform mutual authentication with the interrogator by using the challenge ID information, the challenge length information, the handle parameter, and the RN16 parameter. At this time, the RFID tag can perform mutual authentication with the interrogator in the acknowledged state. Here, the operation of performing the mutual authentication between the RFID tag and the interrogator using the challenge information, the challenge length information, the handle parameter, and the RN16 parameter has been described in detail with reference to FIG. 6, and thus a duplicated description will be omitted.

If the authentication is successful, the RFID tag can transition from the acknowledged state to the authenticated state. In other words, when the security state and the authentication state are integrated, the RFID tag transits to the security state (Secured State) as the authentication succeeds, and when the security state and the authentication state are separated, The operation state can be transited directly from the acknowledged state to the authenticated state.

In this case, when the authentication fails, the RFID tag can transition from the acknowledged state to the coordinated state when the security state and the authentication state are integrated, or when the security state and the authentication state are separated.

10 is a diagram for explaining a mutual authentication process after an inventory between an RFID tag and an interrogator in a normal mode according to an embodiment of the present invention. In particular, FIG. 10 is a diagram for explaining an authentication process in the normal mode when the security state and the authentication state are separated. The RFID tag shown in FIG. 10 differs from the RFID tag shown in FIG. 7 only in the operation state in which the access password command is performed, and the description thereof will be omitted.

According to Fig. 10, the RFID tag can transition the operation state to the authentication state, the security state, or the open state based on the existence of the access password and the master key.

At this time, if the transition is made to the authentication state, the interrogator can add, delete or change the master key of the RFID tag. Then, the interrogator may change the current operation mode of the RFID tag. For example, if the current operation mode is the normal mode, it may be changed to the secure mode.

When the RFID tag transitions to the secure state, the RFID tag can perform mutual authentication with the interrogator. At this time, the RFID tag can perform mutual authentication with the interrogator by using the challenge information, the challenge tag information, and the handle parameter. Then, the RFID tag can transition the operation state to the authentication state or the adjustment state based on the authentication success or failure.

In the above description, the encryption engine and the authentication function of the RFID tag are confirmed using the XPC_W2 parameter, but a Get_Capabilities message may be used instead of the XPC_W2 parameter.

11 is a diagram illustrating a process of authenticating an RFID tag using an authentication server according to an embodiment of the present invention.

According to FIG. 11, the encryption module and the master key are stored only in the authentication server and the RFID tag, but may not be stored in the interrogator. Accordingly, the interrogator can authenticate the RFID tag using the authentication server.

In detail, when the operation state of the RFID tag transitions to the open state or the secure state, the interrogator can confirm the encryption function of the RFID tag using the XPC_W2 parameter obtained in the inventory process have.

The interrogator can then send a Proxy_TagAuth message to the RFID tag. Here, the Proxy_TagAuth message may include challenge length information ChLen, challenge int (ChInt) information, and Handle parameters. Then, the RFID tag can receive the proxy_tagAuth message and extract the challenge_tag information. Then, the RFID tag generates the challenge information using the random function, and generates the authentication information (Auth) using the generated challenge tag information and the extracted challenge information. For example, the RFID tag can generate the authentication information by XORing the challenge tag information and the challenge tag information. The RFID tag may encrypt the authentication information and the challenge tag information, insert the response information into a reply message, and transmit it to the interrogator. Accordingly, the reply message may include encrypted challenge tag information, encrypted authentication information, and handle parameters.

The interrogator can then receive the reply message and extract the encrypted challenge information and the encrypted authentication information from the reply message. Then, the interrogator can transmit the encrypted challenge tag information, the encrypted authentication information, the challenge information, the PC information, the XPC_W1 parameter, the XPC_W2 parameter, the tag identification information, and the like to the authentication server. Here, the tag identification information may include UII information and EPC information.

Then, the authentication server can authenticate the RFID tag using the encrypted challenge tag information, the encrypted authentication information, the challenge information, the PC information, the XPC_W1 parameter, the XPC_W2 parameter, and the tag identification information. For example, the authentication server can decrypt the challenge tag information and the authentication information, respectively. Then, the authentication server can perform XOR operation on the challenge indicator information and the decrypted challenge tag information. Then, the authentication server can authenticate the RFID tag by comparing the result of the exclusive OR operation with the decrypted authentication information. For example, when the result of the XOR operation matches the decrypted authentication information, the authentication server determines that the RFID tag is authentic and can notify the interrogator of the authentication success of the RFID tag. If the XOR operation result and the decrypted authentication information do not match, the authentication server determines that the RFID tag is not genuine, and can notify the interrogator of the authentication failure of the RFID tag.

12 is a block diagram showing the configuration of an RFID tag according to an embodiment of the present invention.

Referring to FIG. 12, the RFID tag 1200 may include an operation mode determination unit 1210 and an operation state transition unit 1220. In FIG. 12, when the current operation mode is the secure mode, the operation mode determination unit 1210 may include a secure channel formation unit 1211 and an authentication unit 1212. When the current operation mode is the normal mode, the operation mode determination unit 1210 includes the authentication unit 1212, but may or may not include the secure channel formation unit 1211.

First, the operation mode determination unit 1210 can determine whether the current operation mode of the RFID tag is a normal mode or a secure mode. Here, the operation mode determining unit 1210 may include a secure channel forming unit 1211 and an authentication unit 1212.

At this time, the operation mode determination unit 1210 can determine the current operation mode based on the SM_Flag stored in the memory of the RFID tag. For example, when SM_Flag is 1, the operation mode determination unit 1210 determines the current operation mode as the security mode, and when the SM_Flag is 0, the operation mode determination unit 1210 determines the current operation mode as the normal mode .

Then, the operation state transition unit 1220 can transition the operation state based on the current operation mode and whether the authentication with the interrogator is successful. At this time, when the current operation mode is the security mode, the secure channel forming unit 1211 may form a secure channel with the interrogator. Then, the authentication unit 1212 can authenticate the interrogator. At this time, the interrogator can authenticate the RFID tag as needed.

For example, when the security state and the authentication state are integrated, and the current operation mode is the secure mode, the authentication unit 1212 can authenticate the interrogator in the acknowledged state. Then, the operation state transition unit 1220 can transition the operation state to the security state or the adjustment state based on the authentication success or failure.

More specifically, the authentication unit 1212 can encrypt the PC (Protocol Control) information, the XPC_W1 parameter, the XPC_W2 parameter, and the tag identification information, and transmit the encryption to the interrogator. When the encrypted information is transmitted to the interrogator, the operation state transition unit 1220 transitions the operation state from the acknowledged state to the secure state (Secured State) through authentication and completes the inventory process have. The operation mode determination unit 1210 can determine whether to maintain and terminate the secure channel based on the success or failure of authentication of the interrogator. For example, when the authentication is successful, the operation mode determination unit 1210 can keep the secure channel. Then, the operation state transition unit 1220 can transition the operation state to the secure state (Secured State). Then, the operation mode determination unit 1210 can terminate the secure channel with the interrogator as the authentication fails. Then, the operation state transition unit 1220 can transition the operation state to the arbitrated state.

As another example, when the security state and the authentication state are integrated and the current operation mode is the normal mode, the operation state transition unit 1220 changes the operation state from the open state to the secure state or the adjustment state based on the presence or absence of the master key. can do. At this time, if there is a master key, the operation state transition unit 1220 transitions the operation state to the open state, and if the master key does not exist, it can transition the operation state to the secure state. Then, when transition is made to the open state, the authentication unit 1212 can authenticate the interrogator. Then, the operation state transition unit 1220 can transition the operation state from the open state to the secure state or the adjustment state based on the authentication success or failure. Here, in the normal mode, the secure channel forming unit 1211 may or may not form a secure channel with the interrogator.

As another example, when the security state and the authentication state are separated and the current operation mode is the secure mode, the operation state transition unit 1220 can transition the operation state from the acknowledged state to the authenticated state or the adjusted state.

As another example, when the security state and the authentication state are separated and the current operation mode is the normal mode, the operation state transition unit 1220 changes the operation state from the acknowledged state to the authenticated state based on the master key and the connection password, , A secured state (Secured State), or an open state (Open State).

Meanwhile, when authenticating the interrogator, the authentication unit 1212 can generate the challenge tag (ChTag) information using the random function. Then, the authentication unit 1212 can encrypt the generated challenge tag information and transmit it to the interrogator. Then, the authentication unit 1212 can receive and decrypt the re-encrypted challenge tag information in the interrogator. The authentication unit 1212 can compare whether the decrypted challenge tag information matches the generated challenge tag information. As a result of the comparison, if they match, the authentication unit 1212 determines that authentication of the interrogator is successful, and if not, it can be determined that the authentication of the interrogator has failed.

13 is a flowchart provided to illustrate the operation of the interrogator according to an embodiment of the present invention.

First, in step 1310, the interrogator can determine the current operation mode of the RFID tag. At this time, the interrogator can determine the current operation mode of the RFID tag based on the XPC_W1 parameter received from the RFID tag. Here, the XPC_W1 parameter may include a U flag and an S flag. In one example, the interrogator may determine based on the U flag whether the current operation mode of the RFID tag is a normal mode or a secure mode. For example, if the U flag is 1 in the inventory process, the interrogator recognizes the tag identification information as inactive UII information, determines the current operation mode of the RFID tag as the security mode, and if the U flag is 0, The logger can determine the current operating mode as normal mode.

Next, in step 1320, the interrogator can authenticate the RFID tag based on the current operation mode of the RFID tag.

For example, when the current operation mode is determined to be the normal mode, the interrogator can authenticate the RFID tag using the challenge length (ChLen) information, the challenge tag (ChTag) information, and the challenge index (ChInt) information.

Specifically, the interrogator can generate Challenge Steer information using a random function. Then, the interrogator can encrypt the Challenge Steer information and transmit it to the RFID tag. Then, the RFID tag can decode the challenge steer information and re-encrypt the decoded challenge steer information. The RFID tag can generate the challenge tag information using the random function, and can encrypt the generated challenge tag information.

Then, the RFID tag can insert the encrypted challenge tag information and the re-encrypted challenge information into the reply message and transmit the same to the interrogator. The interrogator may then decrypt the re-encrypted Challenge Steer information and authenticate the RFID tag by comparing the decrypted Challenge Steer information with the Challenge Steer information that it already has. At this time, if there is a match, the interrogator determines that the RFID tag authentication has succeeded, and if not, it can be determined that the RFID tag authentication has failed. The interrogator can then decrypt the challenge tag information, re-encrypt the decrypted challenge tag information, and transmit it to the RFID tag. The RFID tag may then decrypt the re-encrypted challenge tag information and authenticate the interrogator by comparing the decrypted challenge tag information with the challenge tag information that it already has. At this time, if there is a match, the RFID tag determines that the interrogator has been successfully authenticated, and can transmit a reply message to the interrogator. If they do not match, the RFID tag may determine that authentication of the interrogator has failed and may not send a reply message to the interrogator.

As another example, if the current operation mode is determined to be a secure mode, the interrogator can authenticate the RFID tag using the challenge length information ChLen, the challenge challenge (ChInt) information, the RN 16 parameter, and the Handle parameter have. In the secure mode, the interrogator can form a secure channel with the RFID tag.

Specifically, the interrogator can generate Challenge Steer information using a random function. Then, the interrogator can encrypt the Challenge Steer information and the RN 16 parameter and transmit them to the RFID tag. At this time, the interrogator can insert and transmit the encrypted RN 16 parameter, the encrypted challenge ID information, and the challenge length information into the Sec_ReqRN message. The RFID tag can then decode the RN 16 parameters and compare whether the decoded RN 16 parameters and the existing RN 16 parameters match. Then, if the comparison results in agreement, the RFID tag may decide to keep the secure channel, and if not, decide to terminate the secure channel. The RFID tag may then decrypt the challenge-tip information and re-encrypt the decrypted challenge-tip information. At this time, the RFID tag may encrypt the handle parameters and transmit the re-encrypted Challenge Steer information along with the encrypted handle parameters to the interrogator. Then, the interrogator decrypts the re-encrypted Challenge Steer information, and authenticates the RFID tag by comparing the decrypted Challenge Steer information with the Challenge Steer information that has already been received. When the authentication is successful, the interrogator keeps the secure channel, and when the authentication fails, the secure channel can be terminated. At this time, if the secure channel is continuously maintained, each of the interrogator and the RFID tag can confirm the handle parameter and maintain the secure channel, or ignore the message corresponding to the invalid handle parameter.

In Fig. 13, when the mutual authentication between the RFID tag and the interrogator is successful, the interrogator can delete, add or change the master key stored in the RFID tag. Also, upon successful authentication, the interrogator may change the current operating mode of the RFID tag.

14 is a block diagram showing a configuration of an interrogator according to an embodiment of the present invention.

14, the interrogator 1400 includes an operation mode determination unit 1410, an authentication unit 1420, an encryption unit 1425, a decryption unit 1430, a master key control unit 1440, 1450).

First, the operation mode determination unit 1410 can determine whether the current operation mode of the RFID tag is the normal mode or the secure mode. At this time, the operation mode determination unit 1410 can determine the current operation mode of the RFID tag based on the U flag inserted in the XPC_W1 parameter received from the RFID tag in the inventory process.

Then, the authentication unit 1420 can authenticate the RFID tag based on the current operation mode of the RFID tag. Then, the authentication unit 1420 can generate the challenge information using the random function. Then, the encryption unit 1425 encrypts the generated challenge information and transmits the encrypted challenge information to the RFID tag. At this time, the RFID tag can authenticate the interrogator. As such, the RFID tag and the interrogator can perform mutual authentication.

For example, when the current operation mode is the normal mode, the authentication unit 1420 can authenticate the RFID tag using the challenge tag information, the challenge indicator information, and the challenge length information. At this time, the authentication unit 1420 can authenticate the RFID tag using the challenge tag information, the challenge information, and the challenge length information.

As another example, when the current operation mode is the secure mode, the authentication unit 1420 can authenticate the RFID tag using the challenge length information, the challenge indicator information, the RN 16 parameter, and the handle parameter.

Then, the decryption unit 1430 can decrypt the encrypted challenge information in the RFID tag. Then, the authentication unit 1420 can compare the decrypted challenge ID information with the challenge ID information and compare the challenge ID information with the challenge ID information to verify the RFID tag. Here, the already-received challenge information refers to the challenge information generated by the authentication unit 1420 using the random function.

If the RFID tag authentication is successful, the master key controller 1440 may change, add, or delete the master key stored in the RFID tag.

If the RFID tag authentication is successful, the mode changing unit 1450 can change the current operation mode of the RFID tag. For example, when the current operation mode is the normal mode, the interrogator can change the current operation mode of the RFID tag to the security mode and set the SM_flag to 1. When the current operation mode is the security mode, the current operation mode of the RFID tag can be changed to the normal mode, and the SM_flag can be set to zero.

13 and 14, the interrogator directly authenticates the RFID tag. However, if the interrogator does not have the master key, the interrogator may authenticate the RFID tag using the authentication server .

Meanwhile, the operation method of the RFID tag and the RFID tag according to an embodiment of the present invention can determine whether the RFID tag is a security tag or a general tag based on whether or not the encryption engine is mounted. That is, when the encryption engine is mounted on the RFID tag, the RFID tag is a security tag, and if the encryption engine is not mounted on the RFID tag, the RFID tag may be a general tag. Likewise, if the interrogator is equipped with an encryption engine, and the interrogator is a security interrogator, and the encryption engine is not mounted on the interrogator, the interrogator may be a normal interrogator.

At this time. If the RFID tag is a security tag, the security tag may provide communication with both the security interceptor or the general interrogator based on the current mode of operation. In other words, a security tag can provide compatibility with a general interrogator as well as a security interrogator.

For example, if the current operation mode is the normal mode, the security tag may provide communication with the normal interrogator using the tag identification information. As described above, in the normal mode, the tag identification information may include EPC information or UII information.

And, if the current operation mode is the security mode, the security tag can provide communication with the security interposer using any UII information. Here, any UII information may include non-tracking UII information, or void UII information.

While the invention has been shown and described with reference to certain preferred embodiments thereof, it will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. This is possible.

Therefore, the scope of the present invention should not be limited to the described embodiments, but should be determined by the equivalents of the claims, as well as the claims.

Claims (38)

In an authentication method of an interrogator,
The interrogator sending a request to the tag for the challenge tag information;
The tag randomly generating and encrypting the challenge tag information, and transmitting the encrypted challenge tag information to the interrogator;
The interrogator decrypting the encrypted challenge tag information, re-encrypting the decrypted challenge tag information, and transmitting the decrypted challenge tag information to the tag;
Receiving and decoding the re-encrypted challenge tag information from the interrogator;
The tag compares the decrypted challenge tag information with the challenge tag information before encryption and authenticates the interrogator
. The method according to claim 1,
If the interrogator's authentication is successful, the interrogator deletes, changes, or adds the master key of the tag
Further comprising: The method according to claim 1,
If the interrogator is successfully authenticated, the interrogator changes the operation mode of the tag
Further comprising: The method according to claim 1,
Randomly generating random interrogator information RnInt to initialize the encryption engine, and transmitting the random interrogator information to the tag;
The tag randomly generating random tag information RnTag, and initializing a tag encryption engine using random interrogator information and random tag information;
The tag transmitting random tag information to an interrogator; And
The interrogator initializing an encryption engine of an interrogator using random interrogator information and random tag information
Further comprising: The method according to claim 1,
If authentication of the interrogator is successful, a secure channel is formed between the interrogator and the tag
Further comprising: The method according to claim 1,
The tag transmits Protocol Control (PC) information, XPC_W1 parameter, XPC_W2 parameter, and tag identification information to the interrogator
Further comprising:
The XPC_W1 parameter includes tag identification information for distinguishing a general tag from a security tag and an operation mode of the tag,
Wherein the XPC_W2 parameter includes information related to tag authentication, interrogator authentication, mutual authentication, and tag authentication using an authentication server. In an authentication method of a tag,
Randomly generating and encrypting the challenge interrogator information by the interrogator and transmitting the encrypted challenge interrogator information to the tag;
The tag decrypting and re-encrypting the encrypted challenge interrogator information, and transmitting the decrypted challenge interrogator information to the interrogator;
Receiving, by the interrogator, the re-encrypted challenge interrogator information from the tag and decrypting the re-encrypted challenge interrogator information;
The interrogator verifying the tag by comparing the decrypted challenge interrogator information with the challenge interrogator information before encryption,
. 8. The method of claim 7,
Randomly generating random interrogator information RnInt to initialize the encryption engine, and transmitting the random interrogator information to the tag;
The tag randomly generating random tag information RnTag, and initializing a tag encryption engine using random interrogator information and random tag information;
The tag transmitting random tag information to an interrogator; And
The interrogator initializing an encryption engine of an interrogator using random interrogator information and random tag information
Further comprising: 8. The method of claim 7,
The tag transmits Protocol Control (PC) information, XPC_W1 parameter, XPC_W2 parameter, and tag identification information to the interrogator
Further comprising:
The XPC_W1 parameter includes tag identification information for distinguishing a general tag from a security tag and an operation mode of the tag,
Wherein the XPC_W2 parameter includes information related to tag authentication, interrogator authentication, mutual authentication, and tag authentication using an authentication server. In the mutual authentication method,
The interrogator randomly generating and encrypting the challenge interrogator information;
The interrogator sending a request for challenge tag information and encrypted challenge interrogator information to the tag;
The tag decrypting and re-encrypting the encrypted challenge interrogator information;
The tag randomly generating and encrypting the challenge tag information;
Transmitting the re-encrypted challenge interrogator information and the encrypted challenge tag information interrogator to the interrogator;
Receiving, by the interrogator, the re-encrypted challenge interrogator information from the tag and decrypting the re-encrypted challenge interrogator information;
The interrogator authenticating the tag by comparing the decrypted challenge interrogator information with the challenge interrogator information before encryption;
If the authentication of the tag is successful, the interrogator decrypts the encrypted challenge tag information and re-encrypts the decrypted challenge tag information;
The interrogator transmitting the re-encrypted challenge tag information to the tag;
Receiving and decoding the re-encrypted challenge tag information from the interrogator;
The tag compares the decrypted challenge tag information with the challenge tag information before encryption and authenticates the interrogator
. 11. The method of claim 10,
If the interrogator's authentication is successful, the interrogator deletes, changes, or adds the master key of the tag
Further comprising: 11. The method of claim 10,
If the interrogator is successfully authenticated, the interrogator changes the operation mode of the tag
Further comprising: 11. The method of claim 10,
Randomly generating random interrogator information RnInt to initialize the encryption engine, and transmitting the random interrogator information to the tag;
The tag randomly generating random tag information RnTag, and initializing a tag encryption engine using random interrogator information and random tag information;
The tag transmitting random tag information to an interrogator; And
The interrogator initializing an encryption engine of an interrogator using random interrogator information and random tag information
Further comprising: 11. The method of claim 10,
If authentication of the interrogator is successful, a secure channel is formed between the interrogator and the tag
Further comprising: 11. The method of claim 10,
The tag transmits Protocol Control (PC) information, XPC_W1 parameter, XPC_W2 parameter, and tag identification information to the interrogator
Further comprising:
The XPC_W1 parameter includes tag identification information for distinguishing a general tag from a security tag and an operation mode of the tag,
Wherein the XPC_W2 parameter includes information related to tag authentication, interrogator authentication, mutual authentication, and tag authentication using an authentication server. A method of authenticating a tag using an authentication server,
The interrogator randomly generating challenge interrogator information and transmitting it to the tag;
The tag randomly generating challenge tag information;
The tag generating first authentication data using challenge interrogator information and challenge tag information;
Encrypting the challenge tag information and the authentication data and transmitting the encrypted challenge tag information and the authentication data to the interrogator;
The interrogator transmitting challenge interrogator information, encrypted challenge tag information and encrypted first authentication data to an authentication server;
The authentication server decrypting the encrypted challenge tag information and the encrypted first authentication data;
The authentication server generating second authentication data using the decrypted challenge tag information and the challenge interrogator information;
Authenticating the tag by comparing the second authentication data with the decrypted first authentication data; And
The authentication server notifying the interrogator of the authentication result of the tag
. 17. The method of claim 16,
Randomly generating random interrogator information RnInt to initialize the encryption engine, and transmitting the random interrogator information to the tag;
Randomly generating random tag information (RnTag), and initializing an encryption engine of a tag using random interrogator information and random tag information;
The tag transmitting random tag information to an interrogator;
The interrogator transmitting random interrogator information and random tag information to an authentication server; And
The authentication server initializing the encryption engine of the authentication server using the random interrogator information and the random tag information
Further comprising: delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete

Images