WO2007107417A1 - Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique - Google Patents
Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique Download PDFInfo
- Publication number
- WO2007107417A1 WO2007107417A1 PCT/EP2007/051457 EP2007051457W WO2007107417A1 WO 2007107417 A1 WO2007107417 A1 WO 2007107417A1 EP 2007051457 W EP2007051457 W EP 2007051457W WO 2007107417 A1 WO2007107417 A1 WO 2007107417A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- electronic device
- counter
- delay
- value
- rfid
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2135—Metering
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2137—Time limited access, e.g. to a computer or data
Definitions
- the present invention relates generally to the methods and systems for controlling the access to data stored within electronic devices and more specifically to a method and systems for limiting repeated attempts to access electronic devices .
- the system comprises a first device for receiving from a payor a request to create a check having a radio frequency identifier (RFID) tag associated therewith.
- RFID Radio Frequency Identifier
- a second device is provided for receiving from a payee a request to validate a check having an RFID tag associated therewith.
- the system further comprises an RFID repository.
- a processor for (i) receiving check information from the payor, (ii) updating the RFID repository with check information received from the payor, (iii) receiving scanned check information from the payee, (iv) comparing the scanned check information received from the payee with certain information retrieved from the RFID repository, and (v) determining if the check is valid based upon the comparison of the scanned check information received from the payee with the certain information retrieved from the RFID repository.
- the RFID repository comprises a central RFID repository.
- U.S. Patent 6,226,619 discloses a method and system for preventing counterfeiting of an item, including an answering tag attached to the item. The item includes visible indicia for comparison with secret, non-duplicable information stored in the tag designating authenticity.
- these methods and systems it is possible to ensure that a given document has been issued by the relevant person, or that an item has been manufactured by the relevant manufacturer, or that a given official document has been issued by the relevant administration.
- these methods and systems are based upon identifiers encoded within the RFIDs however, such identifiers can be duplicated on other RFIDs using a RFID scanner and writer.
- Electronic tags such as passive RFID are typical examples of electronic devices which are not equipped with a permanent power source. As mentioned above, such devices may play an important role in many fields, such as security enforcement. Indeed they can record secret information that a hacker may try to crack.
- One of the easiest and most common strategies followed by hackers is to trigger the RFID tag logic by a sequence of different inputs X 1 , to collect the sequence of returned information F(X 1 ), hopping that the set of samples (X 1 , F(X 1 )) allows to partially or completely "reverse engineer" the function F that hides the secret information . Therefore, there is a need for a method and systems for limiting the risk of reverse engineering the logic imbedded within the chip of an electronic tag such as an RFID.
- - counter resetting means adapted to maintain the value of said counting means for a predetermined delay after the power off of said system; and, - logic access means adapted to increase the value of said counting means each time an access is done to said electronic device and to idle said electronic device for a delay depending upon the value of said counting means;
- Figure 1 depicts an example of the architecture of a passive RFID tag.
- Figure 2 comprises figures 2a and 2b.
- Figure 2a shows an RFID system with a reader having an antenna and an RFID tag having a dipole antenna.
- Figure 2b illustrates the signal emitted by the antenna of the reader and the modulated signal reflected by the RFID tag.
- Figure 3 illustrates an example of a passive RFID according to the invention for limiting the repeated accesses to the data of the tag.
- Figure 4 shows an example of the logic associated to the access circuit of the RFID depicted on figure 3.
- the time needed to collect a given number of samples (X 1 , F(X 1 )) upon which hackers rely to crack a secret information hidden in the function F is extended.
- the core of any RFID system is the 'Tag' or 'Transponder', which can be attached to or embedded within objects, wherein data can be stored.
- An RFID reader generi- cally referred to as reader in the following description, sends out a radio frequency signal to the RFID tag that broadcasts back its stored data to the reader.
- the system works basically as two separate antennas, one on the RFID tag and the other on the reader.
- the read data can either be transmitted directly to another system like a host computer through standard interfaces, or it can be stored in a portable reader and later uploaded to the computer for data processing.
- An RFID tag system works effectively in environments with excessive dirt, dust, moisture, and/or poor visibility. It generally overcomes the limitations of other automatic identification approaches.
- RFID tags do not require battery for transmission since generally, they are powered by the reader using an induction mechanism (an electromagnetic field is emitted by the reader antenna and received by an antenna localized on the RFID tag) . This power is used by the RFID tag to transmit a signal back to the reader, carrying the data stored in the RFID tag.
- Active RFID tags comprise a battery to transmit a signal to a reader. A signal is emitted at a predefined interval or transmit only when addressed by a reader.
- a passive High Frequency (HF) RFID tag When a passive High Frequency (HF) RFID tag is to be read, the reader sends out a power pulse e.g., a 134.2KHz power pulse, to the RFID antenna.
- the magnetic field generated is 'collected' by the antenna in the RFID tag that is tuned to the same frequency. This received energy is rectified and stored on a small capacitor within the RFID tag.
- the RFID tag When the power pulse has finished, the RFID tag immedi- ately transmits back its data, using the energy stored within its capacitor as its power source.
- 128 bits, including error detection information are transmitted over a period of 20ms. This data is picked up by the receiving antenna and decoded by the reader.
- the storage capacitor is discharged, resetting the RFID tag to make it ready for the next read cycle.
- the period between transmission pulses is known as the 'sync time' and lasts between 20ms and 50ms depending on the system setup.
- the transmission technique used between the RFID tag and the reader is Frequency Shift Keying (FSK) with transmissions generally comprised between 124.2kHz and 134.2kHz. This approach has comparatively good resistance to noise while also being very cost effective to implement. Many applications require that RFID tag attached to objects be read while traveling at specific speeds by a readout antenna .
- FSK Frequency Shift Keying
- RFID tags can be read-only, write-once, or read-write.
- a read-only RFID tag comprises a read-only memory that is loaded during manufacturing process. Its content can not be modified.
- the write-once RFID tags differ from the readonly RFID tags in that they can be programmed by the end-user, with the required data e.g., part number or serial number.
- the read-write RFID tags allow for full read-write capability, allowing a user to update information stored in a tag as often as possible in the limit of the memory technology. Generally, the number of write cycles is limited to about 500,000 while the number of read cycles is not limited.
- a detailed technical analysis of RFID tag is disclosed e.g., in RFID (McGraw-Hill Networking Professional) by Steven Shepard, edition Hardcover.
- Figure 1 depicts an example of the architecture of a passive HF or Ultra High Frequency (UHF) RFID tag 100.
- the dipole antenna comprising two parts 105-1 and 105-2 is connected to a power generating circuit 110 that provides current from received signal to the logic and memory circuit 115, to the demodulator 120, and to the modulator 125.
- the input of demodulator 120 is connected to the antenna (105-1 and 105-2) for receiving the signal and for transmitting the received signal to the logic and memory circuit 115, after having demodulated the received signal.
- the input of modulator 125 is connected to the logic and memory circuit 115 for receiving the signal to be transmitted.
- the output of modulator 125 is connected to the antenna (105-1 and 105-2) for transmitting the signal after it has been modulated in modulator 125.
- the architecture of a semi-passive RFID tag is similar to the one represented on figure 1, the main difference being the presence of a power supply that allows it to function with much lower signal power levels, resulting in greater reading distances.
- Semi-passive tags do not have an integrated transmitter contrarily to active tags that comprise a battery and an active transmitter allowing them to generate high frequency energy and to apply it to the antenna .
- FIG 2 shows an RFID system 200.
- RFID system 200 comprises a reader 205 having an antenna 210.
- the antenna 210 emits a signal 215 that is received by an RFID tag 220.
- Signal 215 is reflected in RFID tag 220 and re-emitted as illustrated with dotted lines referred to as 225.
- Figure 2b illustrates the signal 215 emitted by the antenna 210 of the reader 205 and the signal 225 reflected by the RFID tag 220.
- the reflected signal 225 is modulated.
- FIG. 3 illustrates an example of a passive RFID 300 according to the invention for limiting the repeated accesses to the data of the tag.
- RFID 300 comprises a logic circuit 305, an access circuit 310, and an antenna 315.
- the logic circuit 300 includes the conventional logic 320 and the new access logic 325.
- the access circuit 310 includes a diode 330 to enforce capacitor 335 discharge direction, and a leaking resistor 340 with high resistivity. Typically the time T needed to discharge the capacitor would be of several orders of magnitude above the time duration for running the conventional logic.
- the access circuit 310 further includes a reset counter circuit 345, the role of which is to reset (fill with zeros) the counter 350 when powered off, after the capacitor 335 is discharged.
- the size of the counter 350 depends upon the implementation. This counter can count within a range from zero to C max . Within this range are defined a set of thresholds C 1 . For each threshold C 1 is associated a delay T 1 .
- the definition of the set of parameters C 1 and T 1 depends upon the implementation, for keeping the required flexibility to use the invention in different fields, under different implementation constraints. Typically, the values T 1 will grow with index i, preferably following an exponential law.
- the access circuit is directly powered from the same source as the IC executing the conventional logic, typically constituted by the RFID antenna where is received the energy radiated by electromagnetic waves.
- the access logic is implemented as the first logic triggered once the IC circuit is waken-up. This constitutes the "boot strap" of conventional chips. It follows the logic described on figure 4.
- the value C of the counter 350 is incremented by one and it is read (step 400) .
- the value C of the counter 350 is then compared with the thresholds stored within the RFID 300 to determine the threshold C 1 such that C 1 ⁇ C ⁇ C 1+i (step 405) .
- threshold C 1 has been determined, the RFID 300 is set in an idle state during delay T 1 associated to C 1 (step 410) and the control is given to the conventional logic (step 420) .
- the conventional logic is typically used to access data stored within the electronic device however, it can also be used to control functions like updating operational parameters, or launching measurement operations, or triggering any embarked process.
- the RFID has not been accessed since a time greater than T. Accordingly the capacitor is discharged, so that the counter is no longer powered and holds a zero value thanks to the counter reset component.
- the RFID is powered and thus,
- the RFID has been recently accessed i.e., the delay between the last access and the current one is less than T. Accordingly the capacitor is still charged, so that the counter holds its last value 1.
- the RFID has been recently accessed i.e., the delay between the last access and the current one is less than T. Accordingly the capacitor is still charged, so that the counter holds its last value (n-1) .
- the RFID is powered and thus, - the access logic starts, increments the value of counter C which takes the value n;
- the induced delay may reach very high values that may even prevent the use of the conventional logic.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Near-Field Transmission Systems (AREA)
- Burglar Alarm Systems (AREA)
Abstract
L'invention concerne un système permettant de limiter les accès répétés à un dispositif électronique, en particulier à un dispositif électronique alimenté par une source externe. Selon ce système, chaque accès consécutif effectué sur ce dispositif électronique dans un période plus courte qu'une période prédéterminée augmente la valeur d'un compteur, la valeur de ce compteur indiquant une autre période durant laquelle le dispositif électronique est au repos. De préférence, la période de repos du dispositif électronique correspond à une fonction exponentielle de la valeur du compteur. Grâce à cette valeur, on ne peut pas déterminer raisonnablement la fonction du dispositif électronique en testant un grand nombre de valeurs d'entrée, ce qui permet d'éviter la copie de ce dispositif. Selon l'invention, le système comprend: un compteur; un mécanisme de mise à zéro du compteur, permettant de maintenir la valeur du compteur pendant une période prédéterminée après que le système a été éteint; et un circuit d'accès logique conçu pour augmenter la valeur du compteur à chaque fois qu'un accès est effectué sur le dispositif électronique et pour mettre le dispositif électronique au repos pendant une période déterminée en fonction de la valeur du compteur.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP07712221A EP1997058A1 (fr) | 2006-03-23 | 2007-02-14 | Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique |
JP2009500797A JP2009530727A (ja) | 2006-03-23 | 2007-02-14 | 電子デバイスへ繰り返しアクセスを制限するための方法およびシステム |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP06300278.6 | 2006-03-23 | ||
EP06300278 | 2006-03-23 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2007107417A1 true WO2007107417A1 (fr) | 2007-09-27 |
Family
ID=38198559
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2007/051457 WO2007107417A1 (fr) | 2006-03-23 | 2007-02-14 | Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP1997058A1 (fr) |
JP (1) | JP2009530727A (fr) |
CN (1) | CN101405745A (fr) |
WO (1) | WO2007107417A1 (fr) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101989860B1 (ko) * | 2012-12-21 | 2019-06-17 | 에스케이하이닉스 주식회사 | 메모리 컨트롤러 및 이를 포함하는 메모리 시스템 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4449040A (en) * | 1980-12-06 | 1984-05-15 | Omron Tateisi Electronics Co. | Identification code determining apparatus for use in transaction processing apparatus |
US5559505A (en) * | 1992-05-20 | 1996-09-24 | Lucent Technologies Inc. | Security system providing lockout for invalid access attempts |
US5594227A (en) * | 1995-03-28 | 1997-01-14 | Microsoft Corporation | System and method for protecting unauthorized access to data contents |
EP0809217A2 (fr) * | 1996-05-22 | 1997-11-26 | Nec Corporation | Système pour l'identification de données secrètes |
US20030229597A1 (en) * | 2002-06-05 | 2003-12-11 | Sun Microsystems, Inc., A Delaware Corporation | Apparatus for private personal identification number management |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE3041109A1 (de) * | 1980-10-31 | 1982-06-09 | GAO Gesellschaft für Automation und Organisation mbH, 8000 München | Identifikationselement |
JP2002222402A (ja) * | 2001-01-24 | 2002-08-09 | Dainippon Printing Co Ltd | Icカード |
JP3929888B2 (ja) * | 2002-12-25 | 2007-06-13 | 株式会社東芝 | Icカード |
JP3929887B2 (ja) * | 2002-12-25 | 2007-06-13 | 株式会社東芝 | 半導体集積回路、半導体集積回路モジュール、および、情報機器 |
-
2007
- 2007-02-14 JP JP2009500797A patent/JP2009530727A/ja active Pending
- 2007-02-14 EP EP07712221A patent/EP1997058A1/fr not_active Withdrawn
- 2007-02-14 CN CN 200780010047 patent/CN101405745A/zh active Pending
- 2007-02-14 WO PCT/EP2007/051457 patent/WO2007107417A1/fr active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4449040A (en) * | 1980-12-06 | 1984-05-15 | Omron Tateisi Electronics Co. | Identification code determining apparatus for use in transaction processing apparatus |
US5559505A (en) * | 1992-05-20 | 1996-09-24 | Lucent Technologies Inc. | Security system providing lockout for invalid access attempts |
US5594227A (en) * | 1995-03-28 | 1997-01-14 | Microsoft Corporation | System and method for protecting unauthorized access to data contents |
EP0809217A2 (fr) * | 1996-05-22 | 1997-11-26 | Nec Corporation | Système pour l'identification de données secrètes |
US20030229597A1 (en) * | 2002-06-05 | 2003-12-11 | Sun Microsystems, Inc., A Delaware Corporation | Apparatus for private personal identification number management |
Also Published As
Publication number | Publication date |
---|---|
EP1997058A1 (fr) | 2008-12-03 |
CN101405745A (zh) | 2009-04-08 |
JP2009530727A (ja) | 2009-08-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1960945B1 (fr) | Méthode et systèmes mettant en oeuvre des étiquettes à identificateur par radio fréquence afin de comparer et d'authentifier des objets | |
US7518514B2 (en) | Adaptive rule based electronic reminder for personal objects | |
US7872582B1 (en) | RFID tag chips and tags with alternative memory lock bits and methods | |
US6331145B1 (en) | Electronic dice | |
CN100399350C (zh) | Rfid标签装置、标签识别装置和无线电通信系统 | |
CN101416201B (zh) | 使用无源rfid标签定位对象的方法和系统 | |
US11481592B1 (en) | RFID tags with public and private inventory states | |
US20070034686A1 (en) | Protection of non-promiscuous data in an rfid transponder | |
US10650201B1 (en) | RFID tags with port-dependent functionality | |
US20080230615A1 (en) | Near-field communication card for communication of contact information | |
US20090201135A1 (en) | Wireless ic communication device and response method for the same | |
US10049317B1 (en) | RFID tags with public and private inventory states | |
US20050134436A1 (en) | Multiple RFID anti-collision interrogation method | |
WO2006132732A2 (fr) | Systeme et procede pour lire depuis un transpondeur rf et/ou ecrire vers celui-ci | |
US20090179743A1 (en) | Pseudo-random authentification code altering scheme for a transponder and a base station | |
Xiao et al. | RFID technology, security vulnerabilities, and countermeasures | |
WO2007107417A1 (fr) | Procédé et systèmes permettant de limiter les accès répétés à un dispositif électronique | |
US20090160610A1 (en) | Pseudorandom number generator | |
KR101112535B1 (ko) | 태그 내 플래그를 이용한 단말기 인증 방법 | |
JP2011060136A (ja) | 携帯可能電子装置、および、携帯可能電子装置におけるデータ管理方法 | |
US11594115B2 (en) | Methods and apparatuses for determining a position of a security tag | |
US20090134977A1 (en) | Method and apparatus for RFID device coexistance | |
Peng et al. | A multi-tag emulator for the UHF RFID system | |
Vasilenko | PROSPECTS OF THE ACCESS CONTROL SYSTEMS CARDS | |
JPH05225405A (ja) | 非接触データ記憶システム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07712221 Country of ref document: EP Kind code of ref document: A1 |
|
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2007712221 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2009500797 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 200780010047.4 Country of ref document: CN |
|
NENP | Non-entry into the national phase |
Ref country code: DE |