WO2020215679A1 - Rfid标签与读写器加密通讯的系统 - Google Patents
Rfid标签与读写器加密通讯的系统 Download PDFInfo
- Publication number
- WO2020215679A1 WO2020215679A1 PCT/CN2019/117547 CN2019117547W WO2020215679A1 WO 2020215679 A1 WO2020215679 A1 WO 2020215679A1 CN 2019117547 W CN2019117547 W CN 2019117547W WO 2020215679 A1 WO2020215679 A1 WO 2020215679A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- encryption
- module
- rfid tag
- data
- reader
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K17/00—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/10—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
- G06K7/10009—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
- G06K7/10257—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for protecting the interrogation against piracy attacks
Definitions
- the invention relates to the field of RFID, in particular to a system for encrypted communication between an RFID tag and a reader.
- RFID radio frequency identification is a non-contact automatic identification technology, which automatically recognizes the target object and obtains related data through radio frequency signals.
- the identification work does not require manual intervention and can work in various harsh environments.
- RFID technology can identify high-speed moving objects and can identify multiple electronic tags at the same time. It is quick and convenient to operate and is frequently used in supermarkets.
- the technical problem to be solved by the present invention is to provide a system for encrypted communication between an RFID tag and a reader.
- encrypted communication can be carried out, and the security is high.
- the present invention provides a system for encrypted communication between an RFID tag and a reader, which includes:
- RFID tags readers containing a first encryption module and a second encryption module, and a decryption module
- the RFID tag has an encryption algorithm unit that can perform two-way identity authentication through the reader and the first encryption module when communicating with the reader, and simultaneously complete the encryption and decryption of the communication data between the RFID tag and the reader ;
- the first encryption module transmits the decrypted RFID tag information read by the reader to the second encryption module, and the second encryption module reprocesses and encrypts the read data and transmits it to the decryption module ,
- the decryption module decrypts the data encrypted by the second encryption module and sends it to the application system for use.
- the second encryption module encrypts the unique identification TID of the RFID tag and transmits it to the decryption module, and the decryption module decrypts the TID and transmits it to the application system.
- the encryption algorithm here can be symmetric encryption or asymmetric encryption.
- the second encryption module performs an operation with a random number before encrypting the TID, so that the encrypted TID generated each time is different, and the decryption module receives the encrypted TID At the same time, the corresponding random number is received, and the decryption module solves the real TID according to these two numbers.
- the random number is the timestamp when the TID is read or a time-related value, and the accuracy of the timestamp can be changed.
- the decryption module and the second encryption module perform mutual authentication. After the authentication is successful, the second encryption module generates a symmetric key or an asymmetric encryption key pair, and publicizes the key or key pair. The key is passed to the decryption module.
- the second encryption module transmits the RFID tag data transmitted from the first encryption module to the second encryption module for symmetric encryption using the generated key or using the key pair
- the decryption module decrypts it to obtain the real label data according to the obtained key or public key.
- the second encryption module generates a random number and performs an operation with the RFID tag data transmitted by the first encryption module before encryption, so that the encrypted RFID tag data generated each time is different;
- the module receives the encrypted RFID tag data and the corresponding random number at the same time, and the decryption module solves the real RFID tag data according to the two data.
- the random number is a timestamp or a time-related value when the TID is read, and the accuracy of the timestamp can be changed.
- the first encryption module and the second encryption module are combined into the same module.
- it further includes an authentication center.
- the authentication center performs mutual authentication with the decryption module, and then performs mutual authentication with the second encryption module through the decryption module. After successful two-way authentication, the key or public key required to decrypt the label data is obtained, and the decryption module obtains the key or public key required to decrypt the label data from the certification center.
- the decryption module is connected to each certification center and performs mutual authentication respectively. After the second encryption module of each system and each system certification center are mutually authenticated, the decryption module obtains The decryption key of each system, write the system ID of the system in the RFID tag. The system ID does not participate in the encryption of the second encryption module and is transmitted to the decryption module together with the encrypted data; when the decryption module receives the second encryption module After the transmitted data, select the corresponding key through the system ID to decrypt the encrypted data and other data processing algorithms that only the corresponding system knows, so as to achieve the purpose of multi-system compatible work.
- Fig. 1 is a schematic structural diagram of a system for encrypted communication between an RFID tag and a reader/writer of the present invention.
- FIG. 2 is a schematic diagram of another structure of the system for encrypted communication between the RFID tag and the reader/writer of the present invention.
- a system for encrypted communication between an RFID tag and a reader includes:
- RFID tags readers containing a first encryption module and a second encryption module, and a decryption module
- the RFID tag has an encryption algorithm unit that can perform two-way identity authentication through the reader and the first encryption module when communicating with the reader, and simultaneously complete the encryption and decryption of the communication data between the RFID tag and the reader ;
- the first encryption module transmits the decrypted RFID tag information read by the reader to the second encryption module, and the second encryption module reprocesses and encrypts the read data and transmits it to the decryption module ,
- the decryption module decrypts the data encrypted by the second encryption module and sends it to the application system for use.
- the second encryption module encrypts the unique identification TID of the RFID tag and transmits it to the decryption module, and the decryption module decrypts the TID and transmits it to the application system.
- the encryption algorithm here can be symmetric encryption or asymmetric encryption.
- the second encryption module performs an operation with a random number before encrypting the TID, so that the encrypted TID generated each time is different, and the decryption module receives the encrypted TID At the same time, the corresponding random number is received, and the decryption module solves the real TID according to these two numbers.
- the random number is the timestamp when the TID is read or a time-related value, and the accuracy of the timestamp can be changed.
- the decryption module and the second encryption module perform mutual authentication. After the authentication is successful, the second encryption module generates a symmetric key or an asymmetric encryption key pair, and publicizes the key or key pair. The key is passed to the decryption module.
- the second encryption module transmits the RFID tag data transmitted from the first encryption module to the second encryption module for symmetric encryption using the generated key or using the key pair
- the decryption module decrypts it to obtain the real label data according to the obtained key or public key.
- the second encryption module generates a random number and performs an operation with the RFID tag data transmitted by the first encryption module before encryption, so that the encrypted RFID tag data generated each time is different;
- the module receives the encrypted RFID tag data and the corresponding random number at the same time, and the decryption module solves the real RFID tag data according to the two data.
- the random number is the timestamp when the TID is read or a time-related value, and the accuracy of the timestamp can be changed.
- the first encryption module and the second encryption module are combined into the same module.
- it further includes an authentication center.
- the authentication center performs mutual authentication with the decryption module, and then performs mutual authentication with the second encryption module through the decryption module. After successful two-way authentication, the key or public key required to decrypt the label data is obtained, and the decryption module obtains the key or public key required to decrypt the label data from the certification center.
- the decryption module is connected to each authentication center and performs mutual authentication respectively.
- the decryption module obtains the decryption key of each system, and writes the system ID of the system in the RFID tag.
- the system ID does not participate in the encryption of the second encryption module and is transmitted to the decryption module together with the encrypted data; when the decryption module receives After the data transmitted by the second encryption module, the system ID selects the corresponding key to decrypt the encrypted data and other data processing algorithms known only by the corresponding system, so as to achieve the purpose of multi-system compatible work.
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Toxicology (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Electromagnetism (AREA)
- General Health & Medical Sciences (AREA)
- Artificial Intelligence (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Storage Device Security (AREA)
- Near-Field Transmission Systems (AREA)
Abstract
Description
Claims (10)
- 一种RFID标签与读写器加密通讯的系统,其特征在于,包括:RFID标签、含有第一加密模块和第二加密模块的读写器和一个解密模块;其中,所述RFID标签内具有一个加密算法单元在与读写器进行通讯时可以通过读写器与第一加密模块进行双向身份认证,同时完成所述RFID标签与读写器通讯数据的加解密;所述第一加密模块将读写器读到的解密后的RFID标签信息传输给所述第二加密模块,所述第二加密模块将读到的数据重新处理并加密后传送给所述解密模块,解密模块将所述第二加密模块加密处理后的数据解密后送往应用系统进行使用。
- 如权利要求1所述的RFID标签与读写器加密通讯的系统,其特征在于,所述第二加密模块将RFID标签的唯一标识TID进行加密后传给所述解密模块,所述解密模块对TID进行解密后传给应用系统。这里加密算法可以是对称加密或非对称加密。
- 如权利要求2所述的RFID标签与读写器加密通讯的系统,其特征在于,所述第二加密模块对TID进行加密前与一随机数进行运算后进行加密,以使每次产生的加密后的TID都不一样,解密模块接收到加密后的TID的同时接收到相应的随机数,解密模块根据这两个数解出真实的TID。
- 如权利要求3所述的RFID标签与读写器加密通讯的系统,其特征在于,所述随机数为读取TID时的时间戳或与时间相关的值,时间戳的精度可以变化。
- 如权利要求1所述的RFID标签与读写器加密通讯的系统,其特征在于,解密模块与第二加密模块进行双向认证,认证成功后,第二加密模块产生一个对称密钥或非对称加密密钥对,并将此密钥或密钥对的公钥传给解密模块,在 读取RFID标签任何一个数据时,第二加密模块将第一加密模块传给第二加密模块的RFID标签数据用所述产生的密钥进行对称加密或用密钥对的私钥对标签数据进行加密后发给解密模块,解密模块根据获得的密钥或公钥解密获得真实标签数据。
- 如权利要求5所述的RFID标签与读写器加密通讯的系统,其特征在于,所述第二加密模块产生一个随机数并与第一加密模块传送的RFID标签数据进行运算后进行加密,以使每次产生的加密后的RFID标签数据均不同;解密模块接到加密后的RFID标签数据同时接收到相应的随机数,解密模块根据这两个数据解出真实的RFID标签数据。
- 如权利要求6所述的RFID标签与读写器加密通讯的系统,其特征在于,所述随机数为读取TID时的时间戳或与时间相关的值,时间戳的精度可以变化。
- 如权利要求1所述的RFID标签与读写器加密通讯的系统,其特征在于,所述第一加密模块和所述第二加密模块组合成同一个模块。
- 如权利要求1所述的RFID标签与读写器加密通讯的系统,其特征在于,还包括一个认证中心,所述认证中心先与解秘模块进行双向认证,然后再通过解密模块与所述第二加密模块进行双向认证,在认证中心与第二加密模块双向认证成功后获得解密标签数据所需要的密钥或公钥,解密模块再从认证中心获得解密标签数据所需要的密钥或公钥。
- 如权利要求1至9所述的RFID标签与读写器加密通讯的系统,其特征在于,多个这样的系统一起工作,解密模块与每个认证中心都连接并分别进行双向认证,通过各系统的第二加密模块与各系统认证中心双向认证后,解密模块获得各个系统的解密密钥,在RFID标签内写入所属系统的系统ID,该系统ID不参与第二加密模块的加密并与加密数据一起传送给解密模块;当解秘模块接收到第二加密模块传输过来的数据后,通过系统ID选择相应的密钥对加密数 据进行解密和其他只有相应系统知道的数据处理算法,从而达到多系统兼容工作的目的。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910339536.9 | 2019-04-25 | ||
CN201910339536.9A CN110232296B (zh) | 2019-04-25 | 2019-04-25 | Rfid标签与读写器加密通讯的系统 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2020215679A1 true WO2020215679A1 (zh) | 2020-10-29 |
Family
ID=67860286
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2019/117547 WO2020215679A1 (zh) | 2019-04-25 | 2019-11-12 | Rfid标签与读写器加密通讯的系统 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN110232296B (zh) |
WO (1) | WO2020215679A1 (zh) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110232296B (zh) * | 2019-04-25 | 2020-06-30 | 苏州车付通信息科技有限公司 | Rfid标签与读写器加密通讯的系统 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2141641A1 (en) * | 2008-06-30 | 2010-01-06 | Sap Ag | Item tracing with supply chain secrecy using RFID tags and an identity-based encryption scheme |
CN106712952A (zh) * | 2015-11-13 | 2017-05-24 | 航天信息股份有限公司 | 一种射频标签安全识别方法和系统 |
CN107231231A (zh) * | 2017-06-16 | 2017-10-03 | 深圳市盛路物联通讯技术有限公司 | 一种终端设备安全接入物联网的方法及系统 |
CN109635610A (zh) * | 2018-12-11 | 2019-04-16 | 北京智芯微电子科技有限公司 | Rfid标签数据的读写系统及方法 |
CN110232296A (zh) * | 2019-04-25 | 2019-09-13 | 苏州车付通信息科技有限公司 | Rfid标签与读写器加密通讯的系统 |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1894145B1 (en) * | 2005-06-07 | 2009-04-01 | Nxp B.V. | Method and device for increased rfid transmission security |
CN100547606C (zh) * | 2007-08-30 | 2009-10-07 | 樊明延 | 增强有源射频识别系统信息安全与兼容性的方法及装置 |
CN102063601B (zh) * | 2009-11-12 | 2015-04-01 | 中兴通讯股份有限公司 | 射频识别系统、阅读器和射频识别方法 |
CN102375960A (zh) * | 2010-08-12 | 2012-03-14 | 中兴通讯股份有限公司 | 一种射频识别标签识别的方法及系统 |
CN102479334A (zh) * | 2010-11-23 | 2012-05-30 | 天津中兴软件有限责任公司 | 一种射频识别标签识别的方法 |
CN102968647A (zh) * | 2011-08-31 | 2013-03-13 | 北京中电华大电子设计有限责任公司 | 一种读写器认证以及标签认证密码分发方法与装置 |
CN102646203B (zh) * | 2012-02-29 | 2014-12-03 | 电子科技大学 | 一种rfid数据传输与认证系统及方法 |
CN104217230B (zh) * | 2014-08-29 | 2017-03-15 | 公安部交通管理科学研究所 | 隐藏超高频电子标签识别号的安全认证方法 |
CN104486758B (zh) * | 2014-12-30 | 2017-12-29 | 浙江工业大学 | 智能医疗系统中无线传感网络的加密方法 |
-
2019
- 2019-04-25 CN CN201910339536.9A patent/CN110232296B/zh active Active
- 2019-11-12 WO PCT/CN2019/117547 patent/WO2020215679A1/zh active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2141641A1 (en) * | 2008-06-30 | 2010-01-06 | Sap Ag | Item tracing with supply chain secrecy using RFID tags and an identity-based encryption scheme |
CN106712952A (zh) * | 2015-11-13 | 2017-05-24 | 航天信息股份有限公司 | 一种射频标签安全识别方法和系统 |
CN107231231A (zh) * | 2017-06-16 | 2017-10-03 | 深圳市盛路物联通讯技术有限公司 | 一种终端设备安全接入物联网的方法及系统 |
CN109635610A (zh) * | 2018-12-11 | 2019-04-16 | 北京智芯微电子科技有限公司 | Rfid标签数据的读写系统及方法 |
CN110232296A (zh) * | 2019-04-25 | 2019-09-13 | 苏州车付通信息科技有限公司 | Rfid标签与读写器加密通讯的系统 |
Also Published As
Publication number | Publication date |
---|---|
CN110232296B (zh) | 2020-06-30 |
CN110232296A (zh) | 2019-09-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2016029721A1 (zh) | 隐藏超高频电子标签识别号的安全认证方法 | |
CN103701610B (zh) | 一种传输密钥tk的采集方法及系统 | |
CN106529969B (zh) | 一种利用nfc查伪溯源的方法及系统 | |
US8296852B2 (en) | Transponder, RFID system, and method for RFID system with key management | |
CN105989386B (zh) | 一种读写无线射频识别卡的方法和装置 | |
US20100155475A1 (en) | Method of authenticating rfid tag for reducing load of server and rfid reader using the same | |
CN103281189A (zh) | 一种射频识别设备的轻量级安全协议认证系统及方法 | |
CN103907308A (zh) | 主机设备、半导体存储器设备以及认证方法 | |
CN102123027A (zh) | 信息安全处理方法和移动终端 | |
KR20180082735A (ko) | 상품에 대한 정품 또는 위조품을 확인하는 정품인증시스템 | |
CN112019561B (zh) | 一种基于区块链技术的数字加密方法及系统 | |
WO2018227685A1 (zh) | 一种终端设备安全接入物联网的方法及系统 | |
CN101599829B (zh) | 认证方法、阅读器和标签 | |
CN106712952B (zh) | 一种射频标签安全识别方法和系统 | |
CN103606223A (zh) | 一种卡片认证方法及装置 | |
US20160358137A1 (en) | Payment system, payment device, transaction terminal, payment management method and program | |
WO2020215679A1 (zh) | Rfid标签与读写器加密通讯的系统 | |
CN104700125A (zh) | 超高频射频识别系统的aes加密和验证 | |
CN103077414A (zh) | 高可信度无源uhf的rfid电子标签读写器及读写控制方法 | |
CN113988103B (zh) | 一种基于多标签的rfid识别方法 | |
CN104881791A (zh) | 基于rfid的具备隐私保护特性的高效追踪溯源方法 | |
CN102611552B (zh) | 有价信息存储媒介的读写终端、系统 | |
CN103324970A (zh) | 一种高效安全的rfid的收发方法及其系统 | |
CN111047331A (zh) | 基于区块链和nfc芯片的商品防伪溯源方法及系统 | |
CN108833090A (zh) | 一种存储设备的加密方法、解密方法及存储设备 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 19925688 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19925688 Country of ref document: EP Kind code of ref document: A1 |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19925688 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205 DATED 10.06.2022) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 19925688 Country of ref document: EP Kind code of ref document: A1 |