WO2007107417A1 - Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique - Google Patents

Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique Download PDF

Info

Publication number
WO2007107417A1
WO2007107417A1 PCT/EP2007/051457 EP2007051457W WO2007107417A1 WO 2007107417 A1 WO2007107417 A1 WO 2007107417A1 EP 2007051457 W EP2007051457 W EP 2007051457W WO 2007107417 A1 WO2007107417 A1 WO 2007107417A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic device
counter
delay
value
rfid
Prior art date
Application number
PCT/EP2007/051457
Other languages
English (en)
Inventor
Frederic Bauchot
Pierre Secondo
Jean-Yves Clement
Gerard Marmigere
Original Assignee
International Business Machines Corporation
Compagnie Ibm France
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corporation, Compagnie Ibm France filed Critical International Business Machines Corporation
Priority to EP07712221A priority Critical patent/EP1997058A1/fr
Priority to JP2009500797A priority patent/JP2009530727A/ja
Publication of WO2007107417A1 publication Critical patent/WO2007107417A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2135Metering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data

Definitions

  • the present invention relates generally to the methods and systems for controlling the access to data stored within electronic devices and more specifically to a method and systems for limiting repeated attempts to access electronic devices .
  • the system comprises a first device for receiving from a payor a request to create a check having a radio frequency identifier (RFID) tag associated therewith.
  • RFID Radio Frequency Identifier
  • a second device is provided for receiving from a payee a request to validate a check having an RFID tag associated therewith.
  • the system further comprises an RFID repository.
  • a processor for (i) receiving check information from the payor, (ii) updating the RFID repository with check information received from the payor, (iii) receiving scanned check information from the payee, (iv) comparing the scanned check information received from the payee with certain information retrieved from the RFID repository, and (v) determining if the check is valid based upon the comparison of the scanned check information received from the payee with the certain information retrieved from the RFID repository.
  • the RFID repository comprises a central RFID repository.
  • U.S. Patent 6,226,619 discloses a method and system for preventing counterfeiting of an item, including an answering tag attached to the item. The item includes visible indicia for comparison with secret, non-duplicable information stored in the tag designating authenticity.
  • these methods and systems it is possible to ensure that a given document has been issued by the relevant person, or that an item has been manufactured by the relevant manufacturer, or that a given official document has been issued by the relevant administration.
  • these methods and systems are based upon identifiers encoded within the RFIDs however, such identifiers can be duplicated on other RFIDs using a RFID scanner and writer.
  • Electronic tags such as passive RFID are typical examples of electronic devices which are not equipped with a permanent power source. As mentioned above, such devices may play an important role in many fields, such as security enforcement. Indeed they can record secret information that a hacker may try to crack.
  • One of the easiest and most common strategies followed by hackers is to trigger the RFID tag logic by a sequence of different inputs X 1 , to collect the sequence of returned information F(X 1 ), hopping that the set of samples (X 1 , F(X 1 )) allows to partially or completely "reverse engineer" the function F that hides the secret information . Therefore, there is a need for a method and systems for limiting the risk of reverse engineering the logic imbedded within the chip of an electronic tag such as an RFID.
  • - counter resetting means adapted to maintain the value of said counting means for a predetermined delay after the power off of said system; and, - logic access means adapted to increase the value of said counting means each time an access is done to said electronic device and to idle said electronic device for a delay depending upon the value of said counting means;
  • Figure 1 depicts an example of the architecture of a passive RFID tag.
  • Figure 2 comprises figures 2a and 2b.
  • Figure 2a shows an RFID system with a reader having an antenna and an RFID tag having a dipole antenna.
  • Figure 2b illustrates the signal emitted by the antenna of the reader and the modulated signal reflected by the RFID tag.
  • Figure 3 illustrates an example of a passive RFID according to the invention for limiting the repeated accesses to the data of the tag.
  • Figure 4 shows an example of the logic associated to the access circuit of the RFID depicted on figure 3.
  • the time needed to collect a given number of samples (X 1 , F(X 1 )) upon which hackers rely to crack a secret information hidden in the function F is extended.
  • the core of any RFID system is the 'Tag' or 'Transponder', which can be attached to or embedded within objects, wherein data can be stored.
  • An RFID reader generi- cally referred to as reader in the following description, sends out a radio frequency signal to the RFID tag that broadcasts back its stored data to the reader.
  • the system works basically as two separate antennas, one on the RFID tag and the other on the reader.
  • the read data can either be transmitted directly to another system like a host computer through standard interfaces, or it can be stored in a portable reader and later uploaded to the computer for data processing.
  • An RFID tag system works effectively in environments with excessive dirt, dust, moisture, and/or poor visibility. It generally overcomes the limitations of other automatic identification approaches.
  • RFID tags do not require battery for transmission since generally, they are powered by the reader using an induction mechanism (an electromagnetic field is emitted by the reader antenna and received by an antenna localized on the RFID tag) . This power is used by the RFID tag to transmit a signal back to the reader, carrying the data stored in the RFID tag.
  • Active RFID tags comprise a battery to transmit a signal to a reader. A signal is emitted at a predefined interval or transmit only when addressed by a reader.
  • a passive High Frequency (HF) RFID tag When a passive High Frequency (HF) RFID tag is to be read, the reader sends out a power pulse e.g., a 134.2KHz power pulse, to the RFID antenna.
  • the magnetic field generated is 'collected' by the antenna in the RFID tag that is tuned to the same frequency. This received energy is rectified and stored on a small capacitor within the RFID tag.
  • the RFID tag When the power pulse has finished, the RFID tag immedi- ately transmits back its data, using the energy stored within its capacitor as its power source.
  • 128 bits, including error detection information are transmitted over a period of 20ms. This data is picked up by the receiving antenna and decoded by the reader.
  • the storage capacitor is discharged, resetting the RFID tag to make it ready for the next read cycle.
  • the period between transmission pulses is known as the 'sync time' and lasts between 20ms and 50ms depending on the system setup.
  • the transmission technique used between the RFID tag and the reader is Frequency Shift Keying (FSK) with transmissions generally comprised between 124.2kHz and 134.2kHz. This approach has comparatively good resistance to noise while also being very cost effective to implement. Many applications require that RFID tag attached to objects be read while traveling at specific speeds by a readout antenna .
  • FSK Frequency Shift Keying
  • RFID tags can be read-only, write-once, or read-write.
  • a read-only RFID tag comprises a read-only memory that is loaded during manufacturing process. Its content can not be modified.
  • the write-once RFID tags differ from the readonly RFID tags in that they can be programmed by the end-user, with the required data e.g., part number or serial number.
  • the read-write RFID tags allow for full read-write capability, allowing a user to update information stored in a tag as often as possible in the limit of the memory technology. Generally, the number of write cycles is limited to about 500,000 while the number of read cycles is not limited.
  • a detailed technical analysis of RFID tag is disclosed e.g., in RFID (McGraw-Hill Networking Professional) by Steven Shepard, edition Hardcover.
  • Figure 1 depicts an example of the architecture of a passive HF or Ultra High Frequency (UHF) RFID tag 100.
  • the dipole antenna comprising two parts 105-1 and 105-2 is connected to a power generating circuit 110 that provides current from received signal to the logic and memory circuit 115, to the demodulator 120, and to the modulator 125.
  • the input of demodulator 120 is connected to the antenna (105-1 and 105-2) for receiving the signal and for transmitting the received signal to the logic and memory circuit 115, after having demodulated the received signal.
  • the input of modulator 125 is connected to the logic and memory circuit 115 for receiving the signal to be transmitted.
  • the output of modulator 125 is connected to the antenna (105-1 and 105-2) for transmitting the signal after it has been modulated in modulator 125.
  • the architecture of a semi-passive RFID tag is similar to the one represented on figure 1, the main difference being the presence of a power supply that allows it to function with much lower signal power levels, resulting in greater reading distances.
  • Semi-passive tags do not have an integrated transmitter contrarily to active tags that comprise a battery and an active transmitter allowing them to generate high frequency energy and to apply it to the antenna .
  • FIG 2 shows an RFID system 200.
  • RFID system 200 comprises a reader 205 having an antenna 210.
  • the antenna 210 emits a signal 215 that is received by an RFID tag 220.
  • Signal 215 is reflected in RFID tag 220 and re-emitted as illustrated with dotted lines referred to as 225.
  • Figure 2b illustrates the signal 215 emitted by the antenna 210 of the reader 205 and the signal 225 reflected by the RFID tag 220.
  • the reflected signal 225 is modulated.
  • FIG. 3 illustrates an example of a passive RFID 300 according to the invention for limiting the repeated accesses to the data of the tag.
  • RFID 300 comprises a logic circuit 305, an access circuit 310, and an antenna 315.
  • the logic circuit 300 includes the conventional logic 320 and the new access logic 325.
  • the access circuit 310 includes a diode 330 to enforce capacitor 335 discharge direction, and a leaking resistor 340 with high resistivity. Typically the time T needed to discharge the capacitor would be of several orders of magnitude above the time duration for running the conventional logic.
  • the access circuit 310 further includes a reset counter circuit 345, the role of which is to reset (fill with zeros) the counter 350 when powered off, after the capacitor 335 is discharged.
  • the size of the counter 350 depends upon the implementation. This counter can count within a range from zero to C max . Within this range are defined a set of thresholds C 1 . For each threshold C 1 is associated a delay T 1 .
  • the definition of the set of parameters C 1 and T 1 depends upon the implementation, for keeping the required flexibility to use the invention in different fields, under different implementation constraints. Typically, the values T 1 will grow with index i, preferably following an exponential law.
  • the access circuit is directly powered from the same source as the IC executing the conventional logic, typically constituted by the RFID antenna where is received the energy radiated by electromagnetic waves.
  • the access logic is implemented as the first logic triggered once the IC circuit is waken-up. This constitutes the "boot strap" of conventional chips. It follows the logic described on figure 4.
  • the value C of the counter 350 is incremented by one and it is read (step 400) .
  • the value C of the counter 350 is then compared with the thresholds stored within the RFID 300 to determine the threshold C 1 such that C 1 ⁇ C ⁇ C 1+i (step 405) .
  • threshold C 1 has been determined, the RFID 300 is set in an idle state during delay T 1 associated to C 1 (step 410) and the control is given to the conventional logic (step 420) .
  • the conventional logic is typically used to access data stored within the electronic device however, it can also be used to control functions like updating operational parameters, or launching measurement operations, or triggering any embarked process.
  • the RFID has not been accessed since a time greater than T. Accordingly the capacitor is discharged, so that the counter is no longer powered and holds a zero value thanks to the counter reset component.
  • the RFID is powered and thus,
  • the RFID has been recently accessed i.e., the delay between the last access and the current one is less than T. Accordingly the capacitor is still charged, so that the counter holds its last value 1.
  • the RFID has been recently accessed i.e., the delay between the last access and the current one is less than T. Accordingly the capacitor is still charged, so that the counter holds its last value (n-1) .
  • the RFID is powered and thus, - the access logic starts, increments the value of counter C which takes the value n;
  • the induced delay may reach very high values that may even prevent the use of the conventional logic.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Near-Field Transmission Systems (AREA)
  • Burglar Alarm Systems (AREA)

Abstract

L'invention concerne un système permettant de limiter les accès répétés à un dispositif électronique, en particulier à un dispositif électronique alimenté par une source externe. Selon ce système, chaque accès consécutif effectué sur ce dispositif électronique dans un période plus courte qu'une période prédéterminée augmente la valeur d'un compteur, la valeur de ce compteur indiquant une autre période durant laquelle le dispositif électronique est au repos. De préférence, la période de repos du dispositif électronique correspond à une fonction exponentielle de la valeur du compteur. Grâce à cette valeur, on ne peut pas déterminer raisonnablement la fonction du dispositif électronique en testant un grand nombre de valeurs d'entrée, ce qui permet d'éviter la copie de ce dispositif. Selon l'invention, le système comprend: un compteur; un mécanisme de mise à zéro du compteur, permettant de maintenir la valeur du compteur pendant une période prédéterminée après que le système a été éteint; et un circuit d'accès logique conçu pour augmenter la valeur du compteur à chaque fois qu'un accès est effectué sur le dispositif électronique et pour mettre le dispositif électronique au repos pendant une période déterminée en fonction de la valeur du compteur.
PCT/EP2007/051457 2006-03-23 2007-02-14 Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique WO2007107417A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP07712221A EP1997058A1 (fr) 2006-03-23 2007-02-14 Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique
JP2009500797A JP2009530727A (ja) 2006-03-23 2007-02-14 電子デバイスへ繰り返しアクセスを制限するための方法およびシステム

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP06300278.6 2006-03-23
EP06300278 2006-03-23

Publications (1)

Publication Number Publication Date
WO2007107417A1 true WO2007107417A1 (fr) 2007-09-27

Family

ID=38198559

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2007/051457 WO2007107417A1 (fr) 2006-03-23 2007-02-14 Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique

Country Status (4)

Country Link
EP (1) EP1997058A1 (fr)
JP (1) JP2009530727A (fr)
CN (1) CN101405745A (fr)
WO (1) WO2007107417A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101989860B1 (ko) * 2012-12-21 2019-06-17 에스케이하이닉스 주식회사 메모리 컨트롤러 및 이를 포함하는 메모리 시스템

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4449040A (en) * 1980-12-06 1984-05-15 Omron Tateisi Electronics Co. Identification code determining apparatus for use in transaction processing apparatus
US5559505A (en) * 1992-05-20 1996-09-24 Lucent Technologies Inc. Security system providing lockout for invalid access attempts
US5594227A (en) * 1995-03-28 1997-01-14 Microsoft Corporation System and method for protecting unauthorized access to data contents
EP0809217A2 (fr) * 1996-05-22 1997-11-26 Nec Corporation Système pour l'identification de données secrètes
US20030229597A1 (en) * 2002-06-05 2003-12-11 Sun Microsystems, Inc., A Delaware Corporation Apparatus for private personal identification number management

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3041109A1 (de) * 1980-10-31 1982-06-09 GAO Gesellschaft für Automation und Organisation mbH, 8000 München Identifikationselement
JP2002222402A (ja) * 2001-01-24 2002-08-09 Dainippon Printing Co Ltd Icカード
JP3929887B2 (ja) * 2002-12-25 2007-06-13 株式会社東芝 半導体集積回路、半導体集積回路モジュール、および、情報機器
JP3929888B2 (ja) * 2002-12-25 2007-06-13 株式会社東芝 Icカード

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4449040A (en) * 1980-12-06 1984-05-15 Omron Tateisi Electronics Co. Identification code determining apparatus for use in transaction processing apparatus
US5559505A (en) * 1992-05-20 1996-09-24 Lucent Technologies Inc. Security system providing lockout for invalid access attempts
US5594227A (en) * 1995-03-28 1997-01-14 Microsoft Corporation System and method for protecting unauthorized access to data contents
EP0809217A2 (fr) * 1996-05-22 1997-11-26 Nec Corporation Système pour l'identification de données secrètes
US20030229597A1 (en) * 2002-06-05 2003-12-11 Sun Microsystems, Inc., A Delaware Corporation Apparatus for private personal identification number management

Also Published As

Publication number Publication date
JP2009530727A (ja) 2009-08-27
CN101405745A (zh) 2009-04-08
EP1997058A1 (fr) 2008-12-03

Similar Documents

Publication Publication Date Title
EP1960945B1 (fr) Méthode et systèmes mettant en oeuvre des étiquettes à identificateur par radio fréquence afin de comparer et d'authentifier des objets
US7518514B2 (en) Adaptive rule based electronic reminder for personal objects
US7872582B1 (en) RFID tag chips and tags with alternative memory lock bits and methods
US6331145B1 (en) Electronic dice
CN100399350C (zh) Rfid标签装置、标签识别装置和无线电通信系统
CN101416201B (zh) 使用无源rfid标签定位对象的方法和系统
US20070034686A1 (en) Protection of non-promiscuous data in an rfid transponder
US20080230615A1 (en) Near-field communication card for communication of contact information
US11481592B1 (en) RFID tags with public and private inventory states
US20090201135A1 (en) Wireless ic communication device and response method for the same
US10049317B1 (en) RFID tags with public and private inventory states
US20050134436A1 (en) Multiple RFID anti-collision interrogation method
US20060273883A1 (en) System and method of reading from and/or writing to an RF transponder
US8441342B2 (en) Pseudo-random authentification code altering scheme for a transponder and a base station
Xiao et al. RFID technology, security vulnerabilities, and countermeasures
WO2007107417A1 (fr) Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique
RU182178U1 (ru) Криптографическая метка
KR101112535B1 (ko) 태그 내 플래그를 이용한 단말기 인증 방법
US11594115B2 (en) Methods and apparatuses for determining a position of a security tag
US20090134977A1 (en) Method and apparatus for RFID device coexistance
Peng et al. A multi-tag emulator for the UHF RFID system
Vasilenko PROSPECTS OF THE ACCESS CONTROL SYSTEMS CARDS
JPH05225405A (ja) 非接触データ記憶システム
Meints D3. 7 A Structured Collection on Information and
KR20050029642A (ko) 알에프아이디 검출 차단 장치와 검출 차단 방법 및 기록매체

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07712221

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2007712221

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2009500797

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 200780010047.4

Country of ref document: CN

NENP Non-entry into the national phase

Ref country code: DE