WO2011010970A1 - Procédé d'authentification d'une étiquette rfid - Google Patents

Procédé d'authentification d'une étiquette rfid Download PDF

Info

Publication number
WO2011010970A1
WO2011010970A1 PCT/SI2010/000043 SI2010000043W WO2011010970A1 WO 2011010970 A1 WO2011010970 A1 WO 2011010970A1 SI 2010000043 W SI2010000043 W SI 2010000043W WO 2011010970 A1 WO2011010970 A1 WO 2011010970A1
Authority
WO
WIPO (PCT)
Prior art keywords
interrogator
user
rfid tag
recited
professional
Prior art date
Application number
PCT/SI2010/000043
Other languages
English (en)
Inventor
Vinko Kunc
Maksimiljan ŠTIGLIC
Original Assignee
Austriamicrosystems Ag
Ids D.O.O.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Austriamicrosystems Ag, Ids D.O.O. filed Critical Austriamicrosystems Ag
Publication of WO2011010970A1 publication Critical patent/WO2011010970A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2129Authenticate client device independently of the user

Definitions

  • the invention relates to a method for authentication of an RPID tag, which comprises a private key of a product whereon the RFID tag is adhered and which communicates with a user interrogator that enables a potential end user of the tagged product to authenticate it, as well as a professional interrogator that enables a producer of this product to fully control said RFID tag.
  • An RFID tag communicates with a selected RFID protocol in the low-frequency range (125 kHz), in the high-frequency range (13.56 MHz) or in the range of very high frequencies (UHF, about 900 MHz).
  • said tag can also establish contact communication, namely with a standardized serial data communication protocol.
  • a producer offers an end user a possibility to authenticate this product or to check its origin. Counterfeiting of products especially those of famous trade mark or geographical indication is an acute problem.
  • a producer of a tagged product is fully authorized, i.e. has full control of such RFID tag, he can activate or deactivate it, access all data therein, load data therein and set parameters of its operation as well as using a cryptographic algorithm implemented therein.
  • the producer of the tagged product needs a professional interrogator supporting said selected RFID protocol and being provided with a proprietary software.
  • the proprietary software makes it possible to use commands specific for a given RFID tag.
  • the commands may be password protected.
  • a cryptographically protected RFID tag is disclosed in the patent application US 2006/0133606 Al . Yet the genuineness or origin of a product is professionally also checked in a distribution chain of said product, at a wholesaler and an inspection authority, for instance.
  • a drawback of such method is that a potential end user of said product cannot authenticate the product or check its origin because he neither has said professional interrogator nor technical knowledge to operate it.
  • a portable telephone is provided with a proprietary module and a proprietary service in a way that a user can make use of an NFC telephone as an NFC interrogator of the RFID tag.
  • a Near Field Communication Forum has laid down four types of the NFC tags of said kind. It has determined a physical communication level based on some existing RFID protocol. Most commonly it is the protocol ISO 14443A. It has also determined a location of data within said tag, i.e. addresses of locations with data. However, it also determined an application code as an address, where a user will obtain an instruction how to interpret data from said tag.
  • the application for a specified code is already present on a portable telephone; otherwise the user can acquire it by means of a mobile connection or from the Internet.
  • the technical problem to be solved by the present invention is to propose a method for authentication of an RFID tag adhered to a tagged product through communication with said tag, wherein the RFID tag will be organized in a way that a possible end user of said tagged product will have access to RFID tag data by means of a widely available device, said data being important for said authentication. Moreover, whenever communication will be established the RFID tag will identify whether a producer of said tagged product or its end user communicates with it. Said technical problem is solved by the method of the invention for authentication of an RFID tag as characterized by the features of the characterizing portion of the first claim. Dependent claims, however, characterize the variants of its embodiment.
  • the method of the invention enables a potential end user of a product provided with an RFID tag to acquire key data for authentication of said RFID tag and then to authenticate it by means of a widely available user interrogator, e.g. an NFC portable telephone, both without any specific technical knowledge.
  • a widely available user interrogator e.g. an NFC portable telephone
  • a producer of a product whereon an RFID tag is adhered is fully authorized to communicate with said RFID tag according to a method of the invention just as he used to communicate by means of a professional interrogator being preferably an RFID interrogator.
  • the professional interrogator enables the producer of the tagged product to fully control the RFID tag.
  • said producer can thus in a known way access all data contained in said tag, enter data into it and set parameters of its operation as well as using a cryptographic algorithm implemented therein.
  • the producer of the tagged product a professional interrogator to determine such locations within the RFID tag that are accessible by the user interrogator as the location of a URL address of the application providing for the authentication of a digital signature, which has been generated by the cryptographic algorithm implemented in the RFID tag, and as the location of a URL address of the public key, which together with said private key has been generated by the cryptographic algorithm implemented in the RFID tag.
  • the cryptographic algorithm implemented in the RFID tag generates a digital signature in response to a message from the user interrogator of the potential end user of the tagged product.
  • the user interrogator reads the digital signature as well as the public key from the URL address.
  • the potential end user of the tagged product uses the public key by means of his user interrogator in the application, which provides for the authentication of the digital signature, and checks in this way whether said digital signature has been generated with the private key corresponding to the public key.
  • any potential end user of the tagged product having no specific technical knowledge, can access said data in the RFID tag, which are important for carrying out said authentication, by means of his user interrogator, preferably one as possessed by an ordinary user, nowadays e.g. an NFC portable telephone.
  • the potential end user of the tagged product acquires software and the public key for carrying out said authentication from a telephone network administrator or by accessing the Internet.
  • the potential end user of the tagged product uses a user interrogator, which nowadays is a portable telephone provided with an NFC module.
  • the user interrogator may be a personal digital assistant as well.
  • the NFC portable telephone as user interrogator operates at a frequency of 13.56 MHz.
  • the method of the invention may also be carried out by means of a user interrogator operating in the UHF frequency range.
  • the RFID tag is confronted with a coexistence of two ways of communication.
  • a first - professional - way said RFID tag communicates with the professional interrogator of the producer of the tagged product on the one hand and, in a second - user - way, it communicates with the user interrogator of the potential end user of the tagged product on the other hand.
  • the first way of communication is superordinate to the second way of communication and uses all operational capabilities of the applied RFID tag type.
  • the producer of the tagged product determines how the RFID tag will operate in the second way of communication.
  • the RFID tag introduces itself to the NFC portable telephone, being the user interrogator, as an NFC tag and hereafter it behaves in said way.
  • the first way of communication renders a possibility of full control over the RFID tag and full access to all data
  • the second way of communication does not render a possibility of control over said tag and only provides for an access to the URL address of the application providing for the authentication of a digital signature, which has been generated by the RFID tag, and to the URL address of the public key, which together with said private key has been generated by the cryptographic algorithm implemented in the RFID tag.
  • the second way of communication is thus actually aimed at supplying selected and allowed data to a wide group of interested users of the tagged product in order to assist them in deciding about the purchase of this product.
  • the RFID tag must detect the way of communication, into which it entered.
  • communicating the RFID tag recognizes an interrogator as a user interrogator or a professional interrogator of the service provider by an RFID protocol used by said interrogator. This is the case when said protocols are different.
  • the RFID tag recognizes an interrogator that established a contact communication with it as a professional interrogator.
  • the contact connection i.e. a wire connection
  • a former functionality of the RFID communication is now doubled or transferred to either of the previously mentioned contact communication protocols.
  • the RFID tag recognizes an interrogator as a user interrogator or a professional interrogator by a command received from said interrogator after an initial connection has been established. Namely, said tag and interrogator first make use of an anticollision protocol so that the interrogator acquires a unique identification number from the tag. If several tags are present, the interrogator then only communicates with said tag.
  • the RFID tag can also recognize an interrogator as a user interrogator or professional interrogator by a frequency, at which said interrogator signals.

Abstract

Une étiquette RFID comprenant une clé privée d'un produit sur lequel l'étiquette RFID est collée communique avec un dispositif d'interrogation d'utilisateur et un dispositif d'interrogation professionnel. Le dispositif d'interrogation professionnel détermine deux emplacements dans l'étiquette, auxquels le dispositif d'interrogation d'utilisateur peut accéder, en tant qu'emplacement d'une adresse Web d'une application assurant l'authentification d'une signature numérique, qui a été générée par l'algorithme cryptographique mis en oeuvre dans l'étiquette, et en tant qu'emplacement d'une adresse Web de la clé publique, qui a été générée avec ladite clé privée par l'algorithme cryptographique mis en oeuvre dans l'étiquette. Le procédé de l'invention permet à un utilisateur final potentiel dudit produit d'acquérir des données de clé pour l'authentification de ladite étiquette et ensuite de l'authentifier au moyen d'un dispositif d'interrogation d'utilisateur largement disponible, par exemple un téléphone portable NFC, tout cela sans connaissance technique spécifique.
PCT/SI2010/000043 2009-07-20 2010-07-09 Procédé d'authentification d'une étiquette rfid WO2011010970A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SIP-200900204 2009-07-20
SI200900204A SI23114A (sl) 2009-07-20 2009-07-20 Postopek za preverjanje pristnosti RFID nalepke

Publications (1)

Publication Number Publication Date
WO2011010970A1 true WO2011010970A1 (fr) 2011-01-27

Family

ID=42761250

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SI2010/000043 WO2011010970A1 (fr) 2009-07-20 2010-07-09 Procédé d'authentification d'une étiquette rfid

Country Status (2)

Country Link
SI (1) SI23114A (fr)
WO (1) WO2011010970A1 (fr)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012163920A3 (fr) * 2011-05-31 2013-01-24 Copy Stop Systems Aps Système et procédé permettant de vérifier un dispositif de communication
FR2999307A1 (fr) * 2012-12-06 2014-06-13 Archos Procede de distribution d'une application logicielle sur un equipement numerique mettant en œuvre un objet mediateur de distribution, dispositifs mettant en œuvre ce procede
GB2516154A (en) * 2013-05-03 2015-01-14 Now 2 Now Ltd Communication tag, system and method
US9734365B2 (en) 2012-09-10 2017-08-15 Avery Dennison Retail Information Services, Llc Method for preventing unauthorized diversion of NFC tags
US9767329B2 (en) 2012-11-19 2017-09-19 Avery Dennison Retail Information Services, Llc NFC tags with proximity detection
US9858583B2 (en) 2011-09-01 2018-01-02 Avery Dennison Retail Information Services, Llc Apparatus, system and method for tracking consumer product interest using mobile devices
US9892398B2 (en) 2011-11-02 2018-02-13 Avery Dennison Retail Information Services, Llc Distributed point of sale, electronic article surveillance, and product information system, apparatus and method
CN108370501A (zh) * 2015-12-15 2018-08-03 索尼移动通讯有限公司 用于查找rfid标签的方法和装置
US10540527B2 (en) 2012-10-18 2020-01-21 Avery Dennison Retail Information Services Llc Method, system and apparatus for NFC security
US10977969B2 (en) 2010-01-29 2021-04-13 Avery Dennison Retail Information Services, Llc RFID/NFC panel and/or array used in smart signage applications and method of using
US10977965B2 (en) 2010-01-29 2021-04-13 Avery Dennison Retail Information Services, Llc Smart sign box using electronic interactions
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system
US11744962B2 (en) 2018-03-26 2023-09-05 Philip Morris Products S.A. Inhaler with composite porous support element

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0784256A1 (fr) * 1995-12-22 1997-07-16 Intel Corporation Procédé et dispositif cryptographique à clé publique utilisant un dispositif semi-conducteur sécurisé
EP1205405A1 (fr) * 1999-12-28 2002-05-15 Matsushita Electric Industrial Co., Ltd. Support d'enregistrement de donnees, etiquette sans contact a circuit integre, dispositif d'acces, systeme d'acces, systeme de gestion de cycle de vie, procede d'entree/sortie et procede d'acces
US20060133606A1 (en) 2004-12-09 2006-06-22 Jorg Eberwein Crypto-wireless-tag
EP1710764A1 (fr) * 2005-04-07 2006-10-11 Sap Ag Authentification de produits au moyen d'étiquettes d'identification
US20070106897A1 (en) * 2005-11-07 2007-05-10 Michael Kulakowski Secure RFID authentication system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0784256A1 (fr) * 1995-12-22 1997-07-16 Intel Corporation Procédé et dispositif cryptographique à clé publique utilisant un dispositif semi-conducteur sécurisé
EP1205405A1 (fr) * 1999-12-28 2002-05-15 Matsushita Electric Industrial Co., Ltd. Support d'enregistrement de donnees, etiquette sans contact a circuit integre, dispositif d'acces, systeme d'acces, systeme de gestion de cycle de vie, procede d'entree/sortie et procede d'acces
US20060133606A1 (en) 2004-12-09 2006-06-22 Jorg Eberwein Crypto-wireless-tag
EP1710764A1 (fr) * 2005-04-07 2006-10-11 Sap Ag Authentification de produits au moyen d'étiquettes d'identification
US20070106897A1 (en) * 2005-11-07 2007-05-10 Michael Kulakowski Secure RFID authentication system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
BENOIT CALMELS ET AL: "Low-Cost Cryptography for Privacy in RFID Systems", 1 January 2006, SMART CARD RESEARCH AND ADVANCED APPLICATIONS LECTURE NOTES IN COMPUTER SCIENCE;;LNCS, SPRINGER, BERLIN, DE, PAGE(S) 237 - 251, ISBN: 978-3-540-33311-1, XP019029959 *

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10977965B2 (en) 2010-01-29 2021-04-13 Avery Dennison Retail Information Services, Llc Smart sign box using electronic interactions
US10977969B2 (en) 2010-01-29 2021-04-13 Avery Dennison Retail Information Services, Llc RFID/NFC panel and/or array used in smart signage applications and method of using
WO2012163920A3 (fr) * 2011-05-31 2013-01-24 Copy Stop Systems Aps Système et procédé permettant de vérifier un dispositif de communication
US10607238B2 (en) 2011-09-01 2020-03-31 Avery Dennison Corporation Apparatus, system and method for consumer tracking consumer product interest using mobile devices
US9858583B2 (en) 2011-09-01 2018-01-02 Avery Dennison Retail Information Services, Llc Apparatus, system and method for tracking consumer product interest using mobile devices
US9892398B2 (en) 2011-11-02 2018-02-13 Avery Dennison Retail Information Services, Llc Distributed point of sale, electronic article surveillance, and product information system, apparatus and method
US10282572B2 (en) 2012-09-10 2019-05-07 Avery Dennison Retail Information Services, Llc Method for preventing unauthorized diversion of NFC tags
US9734365B2 (en) 2012-09-10 2017-08-15 Avery Dennison Retail Information Services, Llc Method for preventing unauthorized diversion of NFC tags
US10540527B2 (en) 2012-10-18 2020-01-21 Avery Dennison Retail Information Services Llc Method, system and apparatus for NFC security
US11126803B2 (en) 2012-10-18 2021-09-21 Avery Dennison Corporation Method, system and apparatus for NFC security
US10402598B2 (en) 2012-11-19 2019-09-03 Avery Dennison Retail Information Services, Llc NFC tags with proximity detection
US9767329B2 (en) 2012-11-19 2017-09-19 Avery Dennison Retail Information Services, Llc NFC tags with proximity detection
US10970496B2 (en) 2012-11-19 2021-04-06 Avery Dennison Retail Information Services, Llc NFC tags with proximity detection
FR2999307A1 (fr) * 2012-12-06 2014-06-13 Archos Procede de distribution d'une application logicielle sur un equipement numerique mettant en œuvre un objet mediateur de distribution, dispositifs mettant en œuvre ce procede
GB2516154A (en) * 2013-05-03 2015-01-14 Now 2 Now Ltd Communication tag, system and method
GB2516154B (en) * 2013-05-03 2021-05-26 Now 2 Now Ltd Communication tag, system and method
CN108370501A (zh) * 2015-12-15 2018-08-03 索尼移动通讯有限公司 用于查找rfid标签的方法和装置
CN108370501B (zh) * 2015-12-15 2021-06-04 索尼公司 用于查找rfid标签的方法、装置和系统
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system
US11744962B2 (en) 2018-03-26 2023-09-05 Philip Morris Products S.A. Inhaler with composite porous support element

Also Published As

Publication number Publication date
SI23114A (sl) 2011-01-31

Similar Documents

Publication Publication Date Title
WO2011010970A1 (fr) Procédé d'authentification d'une étiquette rfid
US11240222B2 (en) Registry apparatus, agent device, application providing apparatus and corresponding methods
US9860235B2 (en) Method of establishing a trusted identity for an agent device
US20110296169A1 (en) Facilitating secure communication between utility devices
KR102169947B1 (ko) 에이전트 디바이스에 대한 신뢰된 신원을 확립하는 방법
US9940490B1 (en) Enhanced RFID tag authentication
CN105144767A (zh) 用于检查消息的装置和方法以及用户终端
Markantonakis et al. Errata to: Secure smart embedded devices, platforms and applications
CN102687159A (zh) 终端管理系统及终端管理方法
JP2011227843A (ja) 認証システム、認証方法およびプログラム
KR20130082243A (ko) Qr 코드를 이용한 정품인증 방법
CN108282453A (zh) 物联网读取装置、安全存取方法以及控制中心设备
CN1776720A (zh) 利用射频技术实现防伪识别的系统和方法
WO2003032219A1 (fr) Systeme serveur d'authentification de reglement utilisant une authentification par intelligence artificielle (ai)
CN107437997B (zh) 一种射频通信装置及方法
CN106779711A (zh) 基于eID的安全支付方法及装置
US20190349348A1 (en) Registry apparatus, agent device, application providing apparatus and corresponding methods
KR100601854B1 (ko) Rf-id를 이용한 전시물 정보 제공 시스템 및 이를위한 이동 통신 단말
WO2010035137A2 (fr) Collecte et transmission de données sécurisées
JP2015228570A (ja) 認証システム、及び携帯通信端末
CN101365247A (zh) 数字版权文件传送方法、终端、数字版权管理服务器和系统
CN104662940A (zh) 终端在无线网络中的安全部署
JP2008061200A (ja) 携帯通信端末装置の不正使用防止方法及び不正使用防止方式
KR101742105B1 (ko) Qr코드를 통한 전화번호 보안 인증 장치, 시스템 및 방법
CN109863494A (zh) 数据防护系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10747707

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10747707

Country of ref document: EP

Kind code of ref document: A1