HK1123113A - Radio frequency identification system and method - Google Patents
Radio frequency identification system and method Download PDFInfo
- Publication number
- HK1123113A HK1123113A HK09100318.6A HK09100318A HK1123113A HK 1123113 A HK1123113 A HK 1123113A HK 09100318 A HK09100318 A HK 09100318A HK 1123113 A HK1123113 A HK 1123113A
- Authority
- HK
- Hong Kong
- Prior art keywords
- radio frequency
- tag
- frequency identification
- core
- data set
- Prior art date
Links
Description
Technical Field
The present invention relates generally to computer systems, and more particularly to radio frequency identification systems and methods.
Background
Counterfeits are a serious problem for product manufacturers. Counterfeits are currently available in many industries, such as wine, cigarettes, pharmaceuticals, cosmetics, CDs, DVDs, software, sports equipment, children's products, jewelry, and the like. Many industries have struggled with counterfeiters for decades. However, with the continued progress of anti-counterfeiting efforts, counterfeits have become prohibitively prevalent in most countries, both eastern and western.
Counterfeits bring not only a huge loss of profit, but also a disaster in credit to innocent manufacturers. A general consumer who has unfortunately purchased a counterfeit and is not satisfied with the inferior quality of the counterfeit cannot distinguish the counterfeit from the genuine one in many cases, and thus will negatively but erroneously evaluate the product quality of the genuine manufacturer. The net result is that counterfeiters earn money while innocent manufacturers are penalized.
Product manufacturers are constantly striving to obtain product authentication solutions that help consumers distinguish between genuine and counterfeit products. If this solution enables the consumer to conveniently authenticate the product, the counterfeit is easily driven out of the market.
Anti-counterfeiting is the very hot subject of patent applications and many solutions are already seen on the market. Prior to the widespread adoption of computer communication networks, anti-counterfeiting solutions were generally based on physical means, such as special inks, paper, texture, laser labeling. Solution providers claim that this physical means can strongly prevent counterfeiting. However, the history over the past few decades clearly does not match what the provider has declared. A banknote is a good example. The most advanced physical means can always be found in banknotes. However, the counterfeit money never disappears. Obviously, the high cost of applying banknotes cannot be borne by the common product manufacturers. Therefore, the anti-counterfeiting solutions adopted by common product manufacturers are very fragile.
Computer communication networks have successfully been enlisted in the consumer market during the last 20 years. Global internet access costs and fixed/mobile telecommunication costs become so low that most people who live on this planet have the ability to consume them. It is therefore not surprising that more and more anti-counterfeiting solutions are seen to attempt to send product authentication information carried by the product to a back-end server and to determine the authenticity of the product by the server. For example, chinese patent applications 99126659 and 02111542 are within the scope of this technology.
Radio Frequency Identification (RFID) tags are another emerging area of counterfeit resistance. The term RFID covers a family of radio and processor technologies with widely varying amounts of computing power, read range, and cost. Supply chain labels have become well known since the start of large scale attempts by Walmart and the united states department of defense. The industry community EPCglobal (www.epcglobalinc.org) defines class 0 and class 1 RFID tags that have extremely limited computing, storage, and communication capabilities and do not support cryptography and minimal additional features.
For any RFID system, three elements are essential: an RFID tag, an RFID reader and a data processing subsystem. The RFID tag is located on the object to be identified and is the data carrier in the RFID system. The RFID reader is capable of reading data from and/or writing data to the RFID tag. The data processing subsystem utilizes the data obtained by the RFID reader in some useful manner.
A typical RFID tag includes a microchip that stores data and a coupling element, such as a coil antenna, for communicating via radio frequency communication. RFID tags may be active or passive. Active RFID tags have a power source (e.g., a battery) and actively transmit an RF signal for communication, while passive RFID tags derive their full power from the interrogation signal of the RFID reader and either reflect or load modulate the RFID tag's signal for communication. Most RFID tags, whether active or passive, communicate only when interrogated by an RFID reader.
A typical RFID reader includes a radio frequency module, a processor, and a coupling element to interrogate RFID tags via radio frequency communication. In addition, many RFID readers are equipped with an interface that enables them to transfer received data to a data processing subsystem, such as a memory running on a personal computer. The use of radio frequencies to communicate with RFID tags enables RFID readers to read passive RFID tags over short to medium distances and active RFID tags over short to long distances, even when the tags are located in hostile environments and are obscured from view.
Anti-counterfeiting solutions that utilize RFID tags can be simply divided into online and offline. Computer communication networks are also used for online anti-counterfeiting solutions, which may or may not require security devices. For example, chinese patent applications 200410082611.1 and 200410024790.3 fall within the scope of such technology, while the former do not relate to a security device, and the latter require a security device. On the other hand, for an offline solution, no computer communication network is used, i.e. only the RFID tag and reader are used to authenticate the product. In this case, a safety device is necessarily required. For example, chinese patent applications 03111875.5 and 200410078160.4 fall within the scope of such technology. PCT patent application WO 2005/024697 a2 also relates to such techniques.
Existing anti-counterfeiting solutions have problems with cost, efficiency, usability, and security.
First, any anti-counterfeiting solution that requires communication network support to handle the large number of product certifications from consumers can be costly for the backend server. In addition, communication costs may be imposed on the consumer or product manufacturer. If added to the consumer, this solution would be abandoned by most consumers for economic reasons. On the other hand, if added to a product manufacturer, the large number of product authentication queries from the consumer would overwhelm the product manufacturer's profits. This is not all that is required, and in most cases, communication between the consumer and the back-end server for product authentication can take considerable time. Consumers may abandon this solution for time reasons.
The existing off-line label-based anti-counterfeiting solution, namely the solution without the support of a communication network, has the problems of cost and safety. Although safety devices have been included in this solution, most of these safety devices are not functional. This solution generally relies on the following assumptions: the tag contains some secret information and is anti-cloning, i.e. given a genuine tag containing secret information, it is difficult to manufacture another tag containing the same information. These solutions are feasible if this assumption is true, because the security means ensures that the secret information stored in the tag is not counterfeitable, and therefore the security information and the tag are securely bound together. Unfortunately, this assumption is completely wrong for existing solutions. Existing solutions utilize all secret information stored in the tag for product authentication. As we know, for an off-line solution, it is the reader that authenticates the tag and determines the authenticity of the product to which the tag is attached. Since all the secret information stored in the tag is used in authentication, if any one reader is occupied by a counterfeiter, the counterfeiter can know the secret information stored in the reader and copy the secret information completely to the counterfeit tag, thereby destroying the security of the solution. It is possible to manufacture a secure reader that prevents counterfeiters from attacking it. However, such readers are too expensive. Also, it is easy to find that radio frequency communication between the reader and the tag is difficult to protect by security devices. If the radio frequency communication between the reader and the tag is secure, not only an expensive reader but also an expensive tag is required to enable the reader and the tag to authenticate each other. Therefore, the data contained in the tag can be intercepted only by eavesdropping on the open radio communication between the reader and the tag. The conclusion is that RFID tags are easily cloned unless expensive tags are used that can authenticate and be authenticated by the reader and the radio channel between the reader and the tag is encrypted.
Here we emphasize that inexpensive tags have at least the feature of "very power limited passive tags". There are no basic security requirements on the tag such as pseudo-random number generation, hashing, encryption. For such inexpensive tags, data cloning is troublesome for all product certification solutions. Cloned tags are especially fatal to offline solutions. Readers without network support cannot distinguish between genuine and cloned tags, which means that a counterfeit tag can certainly pass product authentication by any genuine reader. Therefore, since a counterfeit to which the cloned tag is attached is authenticated as a genuine product by the reader, mass forgery is inevitable.
Some solutions have been proposed to the data cloning problem of off-line RFID tags. For example, japanese patent laid-open No. 2005-130059 proposes that the difficulty of data cloning is increased to some extent by writing a plurality of encrypted data in the storage area of an IC chip attached to a commodity and reading the encrypted data in the chip a plurality of times when performing product authentication, thereby increasing the difficulty of decrypting the encrypted data. However, data cloning is still not impossible. By reading a genuine chip sufficiently many times, it is possible for a counterfeiter to acquire all the cryptographic data stored in the chip and clone them into the counterfeit chip, so that the counterfeit chip can certainly pass the product authentication by any genuine reader.
Therefore, there is a need for an RFID system for offline product authentication, which can prevent cloning of data stored in an RFID tag and also has advantages of being inexpensive, efficient, and the like.
Disclosure of Invention
In order to solve the above problems, i.e., to prevent cloning of data stored in a radio frequency identification tag using an inexpensive and efficient scheme, a radio frequency identification system, a multi-core tag, and a radio frequency identification method are provided.
According to a first aspect of the present invention, there is provided a radio frequency identification system comprising: a multi-core tag comprising a plurality of radio frequency identification tags, each radio frequency identification tag having stored therein an identification code and at least one verifiable data set; and a radio frequency identification reader which transmits a read request to more than one radio frequency identification tag of the multi-core tags, requests to read a first part of data of one of at least one verifiable data set stored in the radio frequency identification tag, and authenticates the multi-core tags according to the data read from the multi-core tags, wherein each radio frequency identification tag of the multi-core tags further comprises a control device which, when the radio frequency identification tag receives the read request from the radio frequency identification reader, performs a first operation so that at least one data of the requested verifiable data set cannot be read from thereafter, in a case where all data of the requested verifiable data set is readable.
According to a second aspect of the present invention, there is provided a multi-core tag comprising a plurality of radio frequency identification tags each having an identification code and at least one verifiable data set stored therein, wherein each of the radio frequency identification tags in the multi-core tag comprises a control device which, when the radio frequency identification tag receives a read request requesting to read a first part of data of one of the at least one verifiable data set stored in the radio frequency identification tag, performs a first operation to disable at least one data in the requested verifiable data set from thereafter to be read in case all data in the requested verifiable data set is readable.
According to a third aspect of the present invention, there is provided a radio frequency identification method comprising: storing an identification code and at least one verifiable data set in each of a plurality of radio frequency identification tags included in a multi-core tag; and sending a read request from a radio frequency identification reader to more than one of the multi-core tags, requesting to read a first portion of data of one of the at least one verifiable data set stored in the radio frequency identification tag, and authenticating the multi-core tag according to the data read from the multi-core tag, wherein each of the multi-core tags, upon receiving the read request from the radio frequency identification reader, performs a first operation to make at least one data in the requested verifiable data set unreadable from then on, in the event that all data in the requested verifiable data set is readable.
From the above, it can be seen that a "locking" function is introduced into an RFID tag according to embodiments of the present invention. And further, a plurality of RFID tags are aggregated into one multi-core tag. Thus, by storing multiple digital signatures (i.e., verifiable data) in each RFID tag and the "locking" function performed by each RFID tag, and by authenticating all RFID tags in a multi-core tag as a whole, the probability of counterfeit being detected is greatly increased, thereby preventing cloning of data in inexpensive RFID tags and thwarting large-scale counterfeiting.
Further, in each RFID tag, the digital signature is stored in the RFID tag in a plurality of digital signature sets. By dividing the digital signature into a plurality of sets, the genuine product label is kept as a genuine product for a plurality of times.
Drawings
FIG. 1 shows an RFID system 100 according to a first embodiment of the invention, comprising a multi-core tag 101 and an RFID reader 102;
FIG. 2 shows an internal structure of an RFID tag 101-1 in a multi-core tag 101 according to a first embodiment of the present invention;
fig. 3 shows the internal structure of the RFID reader 102 according to the first embodiment of the present invention;
FIG. 4 illustrates an operational flow of an RFID tag 101-1 in the multi-core tag 101 shown in FIG. 1 upon receiving a read request from an RFID reader 102;
fig. 5 shows an operation flow of the RFID reader 102 shown in fig. 1 sending a read request to the multi-core tag 101 and authenticating the authenticity of the multi-core tag 101 according to a read digital signature;
fig. 6 shows the flow of steps 502, 503 in fig. 5 in more detail.
Fig. 7 shows the flow of step 504 in fig. 5 in more detail.
Detailed Description
Specific examples of the present invention will be described below.
Fig. 1 is a simplified block diagram of an RFID system 100 according to a first embodiment of the present invention. RFID system 100 includes a multi-core tag 101 and an RFID reader 102. As shown in FIG. 1, NT RFID tags 101-1, 101-2, 101-N with the same internal structure are included in the multi-core tag. Each RFID tag communicates with RFID reader 102 via radio frequency communication. Each RFID tag is a passive tag that derives all of its energy from the read request signal from RFID reader 102 and replies to RFID reader 102 by reflecting the signal from RFID reader 102 or load modulating the signal from RFID reader 102. Each RFID tag is small in volume, and therefore the multi-core tag 101 formed from them is small in volume and can be attached to any product that requires authentication. The RFID reader 102 may send data, such as a read request, to the multi-core tag 101 and receive reply data from the multi-core tag 101.
The internal structure of the RFID tag included in the multi-core tag 101 is described below with reference to fig. 2 taking the RFID tag 101-1 as an example. The internal structure of the other RFID tags in the multi-core tag 101 is the same as or similar to that of the RFID tag 101-1.
Fig. 2 shows an internal configuration diagram of the RFID tag 101-1 in the multi-core tag 101 shown in fig. 1.
The RFID tag 101-1 includes a microchip 201 and a tag coupling element 202. The microchip 201 includes therein an identification code storage area 203, an auxiliary storage area 204, and a control device 205. An attribute identification code, such as an EPC code (electronic product code), that uniquely identifies the RFID tag 101-1 is stored in the identification code storage area.
The EPC code is defined by EPCglobal. Some of the EPC codes will uniquely identify the manufacturer of the product to which RFID tag 101-1 is attached. The EPC is the only information stored in the radio frequency identification tag and has been supported by the main regulatory body of both the UCC and international EAN international standards. The goal of the EPC is to provide a unique identification of physical world objects. It identifies and accesses individual objects through a computer network, as in the internet using IP addresses to identify, organize, and communicate. The structure of the EPC code is briefly described below. The EPC is a set of numbers consisting of a header and three parts of data. The header indicates the version number of the EPC, taking into account different lengths or different future tag types. The second section, indicating the manager of the EPC, corresponds to the manufacturer of the product. The third section, representing the item category, indicates the exact category of the product. The fourth part is the serial number of the single article. For example, one EPC code 01.115A1D7.28A1E6.421CBA30A, where 01 represents EPC version (8 bits), 115A1D7 represents product manufacturer identification, a total of 28 bits (which may represent greater than 2.68 million product manufacturers), 28A1E6 represents product identification, a total of 24 bits (each product manufacturer may represent greater than 1600 million product categories), and 421CBA30A represents singles serial number, a total of 36 bits (each product category may represent greater than 680 million singles).
In the secondary storage area 204, status information, verifiable data, and other secondary information, such as a manufacturing date, are stored.
The status information includes the total number NT of RFID tags in the multi-core tag 101 and the serial number SN of the RFID tag in the multi-core tag 101. The total number of tags NT and the serial number SN are stored in the secondary memory region 204 when the multi-core tag 101 is manufactured. For a multi-core tag, the total number of tags reflected in the status information of each RFID tag is the same and is equal to the total number of RFID tags in the multi-core tag when manufactured; and ensuring that the SN is unique for each RFID tag in the multi-core tag as a unique identification of the RFID tag in the multi-core tag.
There are a variety of ways of generating the verifiable data in the secondary storage area 204, examples of which are described below.
In a preferred embodiment of the invention, the verifiable data may be a digital signature. As shown in FIG. 2, the secondary storage area 204 of the RFID tag 101-1 stores m sets of digital signatures, each set containing n signatures, forming a digital signature matrix { SIG }i,jI is more than or equal to 1 and less than or equal to m, j is more than or equal to 1 and less than or equal to n, and m and n are positive integers.
Assuming that each product manufacturer has at least one public-key (public-key), the digital signature is a digital signature on the contents of the EPC. These signatures are verified by the manufacturer's public key. For example, assume that n is 2, i.e., each digital signature set contains 2 digital signatures SIG1And SIG2The product manufacturer has two RSA public keys, PK1And PK2Each public key is 1024 bits. SIG1And SIG2May be digital signatures on the EPC and the date of manufacture, which may be respectively signed by a public key PK1And PK2And (7) confirming. Each signature consumes 1024 bits. Preferably, the signature is computed using the ECDSA (ANSI X9.62) family of mechanisms, such that a manufacturer need only compute the signatureOne public key is sufficient. According to this mechanism, each signature has two parts, S and C, each of 160 bits if a 160-bit elliptic curve and SHA-1 are utilized. In other words, one digital signature consumes 320 bits. But its security strength is comparable to that of the 1024-bit RSA digital signature scheme. Various options and considerations regarding digital signature schemes are well known to those skilled in the art.
In addition to the generation of the digital signature, the verifiable data generation method may be, for example, a mac (message Authentication code) method known in the art. For example, given a secure hash function and message M (including EPC code E and possibly additional information), the n verifiable data in each verifiable data set can be calculated as MACiHash (M, key, i), i 1, 2. To MAC1~MACnStored as a verifiable data set in the tag. When the reader reads any one of a set of verifiable data, such as a MACjThe read MAC value can be verified according to the serial number j of the MAC value, the related message M and the key in the memory of the readerjWhether it is equal to hash (M, key, j). If equal, this MAC value is true. Conversely, this MAC value is forged. The MAC may also be generated by other methods, such as HMAC, and various options are available for the secure hash function, as are known to those skilled in the art.
For another example, the verifiable data generation method may be a symmetric encryption method known in the art. In particular, given a symmetric encryption function SEC and a decryption function SDE, a message M (including the EPC code E and possible additional information), n verifiable data of one verifiable data set can be calculated as DiSEC (M, key, i), i 1, 2. Will D1~DnStored as a verifiable data set in the tag. When the reader reads any verifiable data, e.g. DjAccording to the sequence number j of the data, the associated message M, and in the memory of the reader itselfAnd (4) a key for verifying whether the SDE (Dj, key) can decrypt the M and the j. If so, this verifiable data is authentic. Instead, this verifiable data is counterfeit. There are many options for symmetric encryption algorithms, such as 3DES, AES, which are well known to those skilled in the art.
The above scheme for generating verifiable data without digital signatures can be extended to store a plurality of keys in the reader, which belong to different manufacturers, respectively, and the verifiable data stored in the tag claiming to be a manufacturer in the EPC can be verified by the manufacturer's key stored in the reader.
The main problem with the above verifiable data generation scheme that does not use digital signatures is that such a scheme is poorly scalable if each vendor has a different key. Assuming that one reader stores keys of thousands of manufacturers, the reader becomes a great safety hazard. At the same time, it is also difficult to securely add new keys to the reader. On the other hand, if all vendors share the same key, such a scheme is also poorly scalable. This is because in this case this key can only be used by a trusted third party, which makes it difficult for the third party to have to generate verifiable data for all products produced by all manufacturers.
Therefore, the use of digital signatures as verifiable data is a preferred embodiment of the present invention.
The control means 205 is used to perform a locking operation when the RFID tag 101-1 receives a read request from the RFID reader, as the case may be, so that a part of the digital signatures in a certain set of digital signatures stored in the auxiliary storage area 204 of the RFID tag cannot be read later. The operation of the control device 205 will be further explained below in conjunction with fig. 4.
The tag coupling element 202 may be a coil antenna for communicating with the RFID reader 102 via radio frequency communication.
Fig. 3 is a schematic block diagram of the internal structure of RFID reader 102 shown in fig. 1.RFID reader 102 includes a processor 301, a radio frequency module 302, a reader coupling element 303, and a memory 304. The processor 301 is configured to control the RFID reader 102 to send a read request to the multi-core tag 101 through the coupling element 303, and the processor 301 further includes an authentication portion 301-1 configured to analyze the reply data received from the multi-core tag 101 to authenticate the authenticity of the multi-core tag 101, so that the authenticity of the product to which the multi-core tag 101 is attached can be authenticated. The operation of the processor 301 will be further described below in conjunction with FIGS. 5-7. The radio frequency module 302 is used for generating a radio frequency signal under the control of the processor 301. The reader coupling element 303 is used to communicate with the multi-core tag 101 by transmitting/receiving radio frequency signals. The memory 304 is used to store the public key of the product manufacturer. In the case of calculating digital signatures using the RSA algorithm, if m sets of digital signatures, each including n digital signatures, are stored in the auxiliary storage area 204 of each RFID tag in the multi-core tag 101, n public keys { PK ] are stored in the memory 3041,PK2,...,PKn}. However, in the case of calculating the digital signature using the ECDSA algorithm, no matter how many digital signatures are stored in the auxiliary storage area 204, only 1 public key needs to be stored in the memory 304 for one manufacturer to verify the digital signature of the manufacturer.
The operational flow of each RFID tag in a multi-core tag upon receiving a request from an RFID reader is described below with reference to fig. 4.
Fig. 4 illustrates an operation flow of the RFID tag 101-1 in the multi-core tag 101 illustrated in fig. 1 when receiving a read request from the RFID reader 102. The operational flow of other RFID tags in the multi-core tag 101 is similar to that of the RFID tag 101-1. In step 401, RFID tag 101-1 receives a request from RFID reader 102. In step 402, the RFID tag 101-1 determines whether the received request is for status information. If so, in step 403, the RFID tag 101-1 sends status information to the RFID reader 102, including the total number NT of RFID tags in the multi-core tag 101 to which the RFID tag 101-1 belongs and the number of RFID tags in the multi-core tag 101 to which the RFID tag 101-1 belongsNumber SN in multi-core tag 101. If the request received in step 401 is not a request for status information, then in step 404, the RFID tag 101-1 determines if the request is a request for a digital signature. If not, no operation is executed, and the process is finished. If so, then RFID tag 101-1 determines that RFID reader 102 requires reading the digital signature subset { SIG } of the ith digital signature seti,a_1,SIGi,a_2,...,SIGi,a_kWhere 1. ltoreq. i.ltoreq.m, 1. ltoreq. k.ltoreq.n, andnamely, it isThen in step 405, the RFID tag 101-1 first transmits the EPC code stored in the identification code storage area 203 to the RFID reader 102. Next, in step 406, the control device 205 determines the ith digital signature set { SIG }i,1,SIGi,2,...,SIGi,nWhether previously locked to another subset of digital signatures SIG due to the locking operation performedi,b_1,SIGi,b_2,…,SIGi,b_k}. If locked, then in step 407, RFID tag 101-1 sends the subset of digital signatures { SIG } to RFID reader 102i,b_1,SIGi,b_2,…,SIGi,b_k}. The process then ends. If not, then in step 408, the control device 205 performs a lock operation to put the ith digital signature set { SIG } in the RFID tag 101-1i,1,SIGi,2,...,SIGi,nLocking to the digital signature subset SIGi,a_1,SIGi,a_2,...,SIGi,a_k}. Thus, the i-th digital signature set { SIG is received lateri,1,SIGi,2,...,SIGi,nIn a read request, only the subset of digital signatures SIGi,a_1,SIGi,a_2,...,SIGi,a_kCan be read, and the ith set of digital signatures SIGi,1,SIGi,2,...,SIGi,nThe other digital signatures in the } can no longer be read. Next, in step 409, the control device 205 determines whether the ith digital signature set of the RFID tag 101-1 has been locked. If not, no operation is executed and the process is ended. If so, the process proceeds to step 410, where a subset of digital signatures SIG is transmitted to RFID reader 102 in step 410i,a_1,SIGi,a_2,...,SIGi,a_k}. In the present embodiment, the control device 205 implements locking, for example, as follows: sign SIG for each digital signaturei,jSetting a corresponding flag bit Fi,jIts initial value is 0, in the digital signature SIGi,jWhen it is read for the first time, it is marked with bit Fi,jSetting the bit to be 1, and when the number of the digital signatures with the corresponding flag bit being 1 in the ith digital signature set reaches k, the digital signatures with the corresponding flag bit not being 1 in the ith digital signature set cannot be read. A way to make the digital signature unreadable is for example to destroy it, for example to zero. Locking may also be performed in another way, for example, without an explicit flag bit in the tag, but instead directly destroying, e.g., clearing, all digital signature data that cannot be read. A digital signature of all zeros may be judged by the tag as a digital signature that need not be sent to the reader. The reader may determine the digital signature as being prohibited from being read in the case of transmission by the tag, all with the effect of making it unreadable by the reader. Of course, it will be apparent to those skilled in the art that the locking operation may be implemented in software, and hardware or a combination thereof in other ways. The invention is not limited to the particular locking method exemplified here. Those skilled in the art will also appreciate that "locking" as referred to herein is merely an exemplary designation for "operations that do not enable one or more digital signatures to be read" and that the present invention is not limited thereto. Rather, any "disabling one or more digital signatures from being read" operation may be used in the present invention. Note that the RFID tag 101-1 may also receive a request to read other numbers of digital signatures in the ith digital signature set, for example, a request to read k 'digital signatures, but the RFID tag 101-1 only allows at most k digital signatures of the ith digital signature set to be read regardless of whether k' is equal to k. In addition, the RFID tag 101-1 may also encounter a situation where it is requested to read the i > m-th set of digital signatures, in which case the control device 205 of the RFID tag 101-1 would determine the read request as an erroneous read request without any response thereto.
Fig. 5 shows an operation flow of the RFID reader 102 shown in fig. 1 transmitting a read request to the multi-core tag 101 and authenticating the authenticity of the multi-core tag 101 according to a read digital signature. Note that in the following description, "multi-core tag authentication" refers to a process of judging the overall authenticity of a multi-core tag; when the term "authentication" is used alone, the process of determining the authenticity of a certain RFID tag in a multi-core tag may be used according to the context.
In step 501, the RFID reader 102 selects one RFID tag among the multi-core tags 101 and sends a status request to it requesting to read the total number of tags NT and the serial number SN stored in the RFID tag. In step 502, the RFID reader 102 obtains the total number of tags NT and the serial number SN transmitted from the RFID tag. In step 503, the RFID reader 102 determines whether the RFID tag has been read in the multi-core tag authentication process according to the returned status information. If not, in step 504, the RFID reader 102 sends a request for reading the digital signature to the RFID tag, and makes a determination according to the read data, and obtains an authentication result for the RFID tag: counterfeit, genuine, error or has been totally locked. In step 504, the RFID reader 102 will also record the corresponding variable STATUS in the array STATUS of the read STATUS of each RFID tag in the multi-core tag 101 during this multi-core tag authenticationSNIs set to read, indicates that the current RFID tag has been read during this multi-core tag authentication process, and will indicate the variable N of the number of RFID tags in the multi-core tag 101 that have been read during this multi-core tag authentication processreadIs incremented by 1. Then, in step 505, it is determined whether the authentication result for the current RFID tag obtained in step 504 is "error". If so, in step 506, the overall multi-core tag authentication conclusion is "error", and this authentication for the multi-core tag 101 is finished. If not, in step 507, it is determined whether the authentication result for the current RFID tag obtained in step 504 is "counterfeit". If so, in step 508, it is concluded that the overall multi-core tag authentication is "counterfeit", i.e., the multi-core tag 101 is counterfeit and no further reading is necessary, and this authentication for the multi-core tag 101 is completed. If not, in step 509, a determination is madeWhether the authentication result for the current RFID tag obtained in step 504 is "all locked". If so, in step 510, the following overall multi-core tag authentication conclusion is drawn for the multi-core tag 101: if it can be determined that this is the first time the multi-core tag 101 is read, then the multi-core tag 101 is counterfeit and no further reads are necessary, and this time the multi-core tag authentication for the multi-core tag 101 ends. If the determination result in step 509 is negative, in step 511, it is determined whether the authentication result for the current RFID tag obtained in step 504 is "genuine". If so, the "genuine" result is saved and the process returns to step 501 to continue selecting and issuing status requests to another RFID tag in the multi-core tag 101. If the result of the determination in step 511 is no, that is, the authentication result for the current RFID tag is not "genuine", it indicates that an error occurs in the process, and in step 513, it is determined that the overall multi-core tag authentication result for the multi-core tag 101 is "error", and no other reading is necessary, and the authentication for the multi-core tag 101 is completed.
On the other hand, if the determination result in step 503 is "yes", that is, the RFID tag has been read in the multi-core tag authentication at this time, step 514 is performed to determine the number N of read tagsreadIt is determined whether all the RFID tags in the multi-core tag 101 have been read in this multi-core tag authentication. If yes, in step 515, it is determined whether the authentication result of "genuine product" is obtained every time of reading according to the stored "genuine product" result. If not, that is, the authentication conclusion for each RFID tag is not "genuine", then in step 516, it is concluded that the multi-core tag 101 is counterfeit, and no further reading is necessary, and the multi-core tag authentication for the multi-core tag 101 is completed. If the answer in step 515 is yes, that is, the authentication results for all NT RFID tags in the multi-core tag 101 are "genuine", then in step 517, it is concluded that the multi-core tag 101 is genuine, and the multi-core tag authentication is ended.
The flow of steps 502 and 503 in fig. 5, that is, the process of determining, by the RFID reader 102, whether the RFID tag has been read during the current multi-core tag authentication process according to the status information returned by the RFID tag in the multi-core tag 101, will be described in more detail with reference to fig. 6.
As shown in fig. 6, in step 601, the RFID reader 102 obtains status information transmitted from one of the plurality of RFID tags 101, including the total number of tags NT and the serial number SN. In step 602, the RFID reader 102 determines whether the reading is the first reading in the multi-core tag authentication process. If so, in step 603, RFID reader 102 stores the total number of tags NT in its internal memory, e.g., NT may be stored in a variable NT1 stored in the memory. In addition, RFID reader 102 creates an NT meta-state array STATUS1、STATUS2、...、STATUSNTAnd the system is used for respectively storing the reading states of the RFID tags with the corresponding serial numbers in the multi-core tag authentication process. In addition, RFID reader 102 will counter NreadZero clearing, NreadRepresenting the number of the RFID tags which have been read in the multi-core tag authentication process. In step 604, the sub-process shown in FIG. 6 returns N to the process shown in FIG. 5readAnd judging the result: the current RFID tag has not been read during this time with multiple cores.
On the other hand, if it is determined in step 602 that the present reading is not the first reading in the present multi-core tag authentication process, in step 605, it is determined whether the returned NT is equal to the stored NT 1. For genuine multi-core tags, the value NT stored in each RFID tag with respect to the total number of tags should all be the same. Thus, if the result in step 605 is no, indicating that an error occurred during the read, the process proceeds to step 608 to return an error result. On the other hand, if the result of the determination in step 605 is yes, then in step 606, STATUS is determinedSNWhether the stored state in (1) is read, that is, whether the current RFID tag has been read in the multi-core tag authentication process. If so, in step 607, the sub-process shown in FIG. 6 returns the determination result to the process shown in FIG. 5: current RThe FID tag has been read during this multi-core tag authentication.
If the result of the determination in step 606 is negative, then in step 609, the sub-process shown in FIG. 6 returns the sequence number SN and the determination result to the process shown in FIG. 5: the current RFID tag is not read during this multi-core tag authentication.
It should be noted that the process shown in fig. 6 is merely exemplary. Those skilled in the art will appreciate that, in order to determine whether the RFID reader 102 has read a certain RFID tag of the multi-core tags during one multi-core tag authentication, other methods may be used, and the status information returned from the RFID tag may of course contain other information. The present invention is not limited to the specific embodiments presented herein.
The flow of step 504 in fig. 5 is described in more detail below with reference to fig. 7. This flow is illustrated here by way of example for the RFID tag 101-1. The operational flow of other RFID tags in the multi-core tag 101 is similar to the RFID tag 101-1. First, in step 701, the RFID reader 102 receives an identification code, such as an EPC code, transmitted from the RFID tag 101-1, thereby determining a certain attribute that uniquely identifies the RFID tag 101-1, and thus which public key or keys stored in the memory should be used to verify the read digital signature. Then, in step 702, the value i of a counter (not shown) in the processor 301 of the RFID reader 102 is set to 1. Then, in step 703, the processor 301 randomly selects a subset of indices { a _1, a _ 2., a _ k } from the set of indices {1, 2, …, n }. Next, in step 704, processor 301 controls RFID reader 102 to send a read request to RFID tag 101-1 via reader coupling element 303 requesting reading of the digital signature subset { SIG } of the ith digital signature seti,a_1,SIGi,a_2,...,SIGi,a_kAnd begins waiting for reply data from RFID tag 101-1. In step 705, the processor 301 judges whether or not timeout has been performed a plurality of times, and if timeout has been performed a plurality of times, the authentication section 301-1 judges that an error has occurred, i.e., the authentication result is "error" in step 706. Where the presence is judgedThe number of time-outs allowed before the error may be selected as desired. Methods of selection are well known to those skilled in the art. If the digital signature subset SIG transmitted from the RFID tag 101-1 is received before it is determined that the timeout has been performed a plurality of times in step 705i,b_1,SIGi,b_2,...,SIGi,b_kAt step 707, the processor 301 retrieves the public key corresponding to the manufacturer from the memory 304 at step 708. Next, in step 709, the subset of digital signatures SIG is verified using the manufacturer public keyi,b_1,SIGi,b_2,...,SIGi,b_k}. In step 710, the subset of digital signatures { SIG } is determinedi,b_1,SIGi,b_2,...,SIGi,b_kIs valid, and if not valid, the authentication section 301-1 judges the RFID tag 101-1 as a counterfeit tag, thereby judging that the product to which the RFID tag 101-1 is attached is a counterfeit, i.e., the authentication result is "counterfeit" (step 711). If so, then in step 712, it is determined whether the subset of indices { b _1, b _ 2., b _ k } is equal to the randomly selected subset of indices { a _1, a _ 2., a _ k } in step 703. If equal, the authentication section 301-1 judges that the RFID tag 101-1 is a genuine tag, i.e., the authentication result is "genuine" (step 713), and if not, the processor 301 increments the value i of the counter by 1 in step 714 and judges whether the value of i is greater than m in step 715. If i > m, the authentication section 301-1 judges that each set of digital signatures in the RFID tag 101-1 has been read before and locked, i.e., the authentication result is "all locked" (step 716), otherwise returns to step 703 to repeat step 703 and subsequent steps. Through the above-described process, the RFID reader 102 can authenticate the authenticity of the RFID tag 101-1.
As can be seen from the above description, the result of performing a "lock" in the tag is to prevent tag cloning. Here, first, taking m ═ 1, k ═ 1, and NT ═ 1 as an example, the counterfeit detection probability is calculated, that is, only 1 RFID tag is in each multi-core tag, the RFID tag only contains 1 digital signature set, and the RFID reader requests to read one signature in the digital signature set at a time. The counterfeiter can only obtainOne of all n digital signatures stored in the RFID tag in the genuine multi-core tag, the other n-1 will never be read. Thus, a counterfeit label will contain at most only one valid digital signature, and thus no cloned label will reappear. When such a counterfeit tag is authenticated by a genuine reader, i is randomly selected from the index set {1, 2.. n } by the reader, and a request is made to read SIG in the RFID tag included in the multi-core tagiAnd thus the probability that a counterfeit multi-core tag is detected is (n-1)/n. In general, the probability that p counterfeit multi-core tags are detected is 1- (1/n)p. Taking n-2 as an example, the probability of a counterfeit multi-core tag escaping detection is 50%, and the probability of twelve counterfeit multi-core tags escaping detection is lower than 0.025%. Or in other words, the probability that twelve counterfeit multi-core tags are detected is higher than 99.97%. Clearly, the concept of counterfeit multi-core tags being detected will be higher if 1 < k < n 0.5. When k is 0.5 × n, the detection probability is highest. For example, n is 12, that is, one RFID tag included in the multi-core tag stores one set of 12 digital signatures, and if k is 6, 6 digital signatures are randomly selected from the 12 digital signatures for verification. As the maximum of 6 valid digital signatures exist on 1 forged multi-core label, the probability of the forged multi-core label being detected is 1-1/C12 6I.e., 99.89%. At this point, the probability of two counterfeit multi-core tags escaping detection will be below 0.00012%. At present, it can be reasonably concluded that the product authentication by using the RFID system including the multi-core tag composed of the RFID tag with the locking function, which is proposed by the present invention, can effectively hinder large-scale counterfeiting.
Further, in the case of having a plurality of RFID tags in a multi-core tag, the probability of counterfeit multi-core tags being detected is further increased. It is still assumed here that m is 1 and k is 1, but NT is greater than 1. That is, more than one RFID tag is included in the multi-core tag, each RFID tag includes one digital signature set, each digital signature set includes n digital signatures, and each reading requires 1 digital signature of the n digital signatures to be returned. As described above, only when the RFID reader is paired with multiple coresWhen the authentication result of each RFID tag in the tags is genuine, the RFID reader can authenticate the multi-core tag as genuine. As can be easily obtained, the probability that the authentication results of NT RFID tags in the multi-core tag are all genuine is (1/n)NTThus, the probability that a counterfeit multi-core tag is detected is 1- (1/n)NT. Still taking n-2 as an example, if NT-12, i.e. one multi-core tag contains 12 RFID tags, the probability that a counterfeit multi-core tag is detected is 99.97%.
In addition, the advantages of employing multiple sets of digital signatures are apparent. With the m digital signature sets, each real RFID label can be ensured to be authenticated into a real RFID label by the reader for at least m times. Because sometimes a product is purchased as a gift, and may pass several people before it is consumed, it is useful to employ multiple sets of digital signatures. In this case, not only the purchaser and the end consumer, but also the intermediary may wish to authenticate the product. After the m digital signature sets are stored in each RFID tag, the number of times each RFID tag is authenticated as a genuine product is at least m, and accordingly, the number of times that a multi-core tag including the RFID tag can be authenticated as a genuine product is also increased.
Exemplary implementations of the present invention are given above. In other embodiments, other modifications and variations may be made without departing from the scope of the invention. For example, in the above embodiment, there is no particular provision as to which set of digital signatures is read when each RFID tag is read during one multi-core tag authentication process, i.e., each RFID tag is read starting from the first set of digital signatures therein and determining whether the set was previously locked based on whether the index of the read digital signature is the same as the index of the digital signature required to be read. If the set is locked, the next set of digital signatures in the RFID tag is continued. However, the present invention is not limited thereto. In another embodiment, each RFID tag in a multi-core tag may also be set to a variable, such as SunreadA set of digital signatures indicating that it is not currently locked in the RFID tagThe serial number of the digital signature set with the smallest serial number, SunreadThe value of (d) may be sent to the RFID reader before each digital signature read begins, e.g., may be sent to the RFID reader with the EPC code, and incremented accordingly after each read of the RFID tag. In this way, the RFID reader can read directly from the set of digital signatures in reading the RFID tag. For example, if each set of digital signatures in the RFID tag is unlocked, Sunread1, the RFID reader starts reading from the 1 st digital signature set in the RFID tag, and after the 1 st digital signature set is locked and read, SunreadThe increment is 2, so that the next time the RFID reader needs to read the RFID tag, the reading is directly started from the 2 nd digital signature set, and whether the 1 st digital signature set is locked or not is judged according to the reading result of the 1 st digital signature set. When the RFID reader knows SunreadWhen the digital signature is more than m, the digital signature set in the RFID label is locked, and the RFID reader can directly obtain an authentication result of 'all locking'.
As another alternative, each digital signature set in each RFID tag in the multi-core tag may also be set with a flag Locked, and when the digital signature set is first required to be read, the RFID tag performs locking on the digital signature set, and sets the flag Locked to, for example, 1 to indicate that the digital signature set is Locked. In this way, when the RFID reader requests to read the digital signature again next time, the RFID tag can directly return the Locked flag to the RFID reader to indicate that the corresponding digital signature set is Locked, so that the RFID reader does not need to determine whether the digital signature set is Locked according to whether the index of the returned digital signature is the same as the index of the digital signature requested to be read, as in the embodiments shown in fig. 4 and 7.
In the above embodiments, the verifiable data is a digital signature. However, it is obvious to those skilled in the art that, for other forms of verifiable data, the technical effect of both authenticating the genuine label and preventing it from being cloned can be achieved by adopting the "locking" function proposed by the present invention. Those skilled in the art, having the benefit of this disclosure, will be readily able to implement the inventive arrangements using various forms of verifiable data.
From the above description, it can be seen that a "locking" function is introduced into an RFID tag, according to embodiments of the present invention. And further, a plurality of RFID tags are aggregated into one multi-core tag. Thus, by the plurality of digital signatures stored in each RFID tag and the "locking" function performed by each RFID tag, and by the authentication performed on the entirety of all RFID tags in the multi-core tag, the probability that a counterfeit is detected is greatly increased, thereby preventing cloning of data in inexpensive RFID tags and thwarting large-scale counterfeiting.
Further, in each RFID tag, the digital signature is stored in the RFID tag in a plurality of digital signature sets. By having the digital signature divided into sets, it remains that the genuine label can be authenticated as genuine at least m times, where m is the number of sets of digital signatures.
While the present invention has been described with reference to certain preferred embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (33)
1. A radio frequency identification system, comprising:
a multi-core tag comprising a plurality of radio frequency identification tags, each radio frequency identification tag having stored therein an identification code and at least one verifiable data set; and
a radio frequency identification reader which sends a read request to more than one of the multi-core tags, requests to read a first portion of data of one of at least one verifiable data set stored in the radio frequency identification tag, and authenticates the multi-core tag according to the data read from the multi-core tag, wherein
Each radio frequency identification tag in the multi-core tag further comprises control means which, when the radio frequency identification tag receives a read request from the radio frequency identification reader, performs a first operation to render at least one datum in a requested verifiable dataset unreadable from a future time, in the event that all the datum in the requested verifiable dataset is readable.
2. The radio frequency identification system of claim 1, wherein each of the multi-core tags provides information to the radio frequency identification reader regarding the number of radio frequency identification tags in the multi-core tag and a serial number of the radio frequency identification tag in the multi-core tag upon receiving a status request from the radio frequency identification reader.
3. The radio frequency identification system of claim 1, wherein each radio frequency identification tag of the multi-core tag causes a first portion of the requested verifiable data set to be read by the radio frequency identification reader after performing the first operation.
4. The radio frequency identification system of claim 1, wherein each radio frequency identification tag of the multi-core tag provides the portion of the verifiable data set that can still be read to the radio frequency identification reader if the requested verifiable data set has been subjected to a first operation.
5. The radio frequency identification system of claim 1, wherein each of the multi-core tags provides information to the radio frequency identification reader indicating that a portion of the requested verifiable data set cannot be read if the verifiable data set has been subjected to a first operation.
6. The radio frequency identification system of claim 1, wherein the multi-core tag is attached to a product to be authenticated and the identification code comprises an electronic product code.
7. The radio frequency identification system of claim 1, wherein the data in the at least one verifiable data set stored in each of the multiple core tags is obtained by encrypting an identification code stored in the radio frequency identification tag.
8. The radio frequency identification system of claim 1, wherein the data in the at least one verifiable data set stored in each of the multiple core tags is obtained by encrypting an identification code and other information stored in the radio frequency identification tag.
9. The radio frequency identification system of claim 1, wherein the at least one data in the requested verifiable data set does not include data in the first portion of the requested verifiable data set.
10. The radio frequency identification system of claim 1, wherein each of the at least one verifiable data set stored in each of the multi-core tags comprises n digital signatures SIG1,SIG2,....,SIGnAnd the first portion is k of the n digital signatures.
11. The radio frequency identification system of claim 10, wherein if n is an even number, k-n 0.5; if n is an odd number, k-n 0.5+0.5 or k-n 0.5-0.5.
12. A multi-core tag comprising a plurality of radio frequency identification tags, each radio frequency identification tag having stored therein an identification code and at least one verifiable data set, wherein
Each radio frequency identification tag in the multi-core tag comprises a control device which, when the radio frequency identification tag receives a read request requesting to read a first part of data of one of the at least one verifiable data set stored in the radio frequency identification tag, performs a first operation to make at least one data in the requested verifiable data set unreadable from this point forward, in case all data in the requested verifiable data set is readable.
13. The multi-core tag of claim 12, wherein each of the multi-core tags provides information regarding the number of radio frequency identification tags in the multi-core tag and a serial number of the radio frequency identification tag in the multi-core tag upon receiving a status request.
14. The multi-core tag of claim 12, wherein each radio frequency identification tag of the multi-core tag causes a first portion of the requested verifiable data set to be read after performing the first operation.
15. The multi-core tag of claim 12, wherein each radio frequency identification tag of the multi-core tag provides the portion of the verifiable data set that can still be read if the requested verifiable data set has been subjected to a first operation.
16. The multi-core tag of claim 12, wherein each of the multi-core tags provides information indicating that a portion of the requested verifiable data set cannot be read if the verifiable data set has been subjected to a first operation.
17. The multi-core tag of claim 12, wherein the multi-core tag is attached to a product to be authenticated and the identification code comprises an electronic product code.
18. The multi-core tag of claim 12, wherein the data in the at least one verifiable data set stored in each of the multi-core tags is obtained by encrypting an identification code stored in the radio frequency identification tag.
19. The multi-core tag of claim 12, wherein the data in the at least one verifiable data set stored in each of the multi-core tags is obtained by encrypting an identification code and other information stored in the radio frequency identification tag.
20. The multi-core tag of claim 12, wherein the at least one data in the requested verifiable data set does not include data in the first portion of the requested verifiable data set.
21. The multi-core tag of claim 12, wherein each of the at least one verifiable data set stored in each radio frequency identification tag of the multi-core tag comprises n digital signatures SIG1,SIG2,....,SIGnAnd the first portion is k of the n digital signatures.
22. The multi-core tag of claim 21, wherein if n is an even number, k-n 0.5; if n is an odd number, k-n 0.5+0.5 or k-n 0.5-0.5.
23. A radio frequency identification method, comprising:
storing an identification code and at least one verifiable data set in each of a plurality of radio frequency identification tags included in a multi-core tag; and
sending a read request from a radio frequency identification reader to more than one of the multi-core tags requesting to read a first portion of data of one of at least one verifiable data set stored in the radio frequency identification tag, and authenticating the multi-core tag according to the data read from the multi-core tag, wherein
Each radio frequency identification tag in the multi-core tag, upon receiving a read request from the radio frequency identification reader, performs a first operation to render at least one data in a requested verifiable data set unreadable from a future time if all data in the requested verifiable data set is readable.
24. The radio frequency identification method of claim 23, further comprising providing information about the number of radio frequency identification tags in the multi-core tag and the serial number of the radio frequency identification tag in the multi-core tag from each of the radio frequency identification tags to the radio frequency identification reader when the radio frequency identification tag in the multi-core tag receives a status request from the radio frequency identification reader.
25. The radio frequency identification method of claim 23, further comprising causing a first portion of the requested verifiable data set to be read after performing the first operation.
26. The radio frequency identification method of claim 23, further comprising providing the radio frequency identification reader with the portion of the verifiable data set that can still be read if the requested verifiable data set has been subjected to the first operation.
27. The radio frequency identification method of claim 23, further comprising providing the radio frequency identification reader with information indicating that a portion of the requested verifiable data set cannot be read if the first operation has been performed.
28. The radio frequency identification method of claim 23, further comprising attaching the multi-core tag to a product to be authenticated, and wherein the identification code comprises an electronic product code.
29. The radio frequency identification method of claim 23, further comprising obtaining data in the at least one verifiable data set stored in each of the radio frequency identification tags in the multi-core tag by encrypting the identification code stored in the radio frequency identification tag.
30. The radio frequency identification method of claim 23, further comprising obtaining data in at least one verifiable data set stored in each of the radio frequency identification tags in the multi-core tag by encrypting the identification code and other information stored in the radio frequency identification tag.
31. The radio frequency identification method of claim 23, wherein the at least one data in the requested verifiable data set does not include data in the first portion of the requested verifiable data set.
32. The radio frequency identification method of claim 23, wherein each of the at least one verifiable data set stored in each of the multi-core tags comprises n digital signatures SIG1,SIG2,....,SIGnAnd the first portion is k of the n digital signatures.
33. The radio frequency identification method of claim 32, wherein if n is an even number, k-n-0.5; if n is an odd number, k-n 0.5+0.5 or k-n 0.5-0.5.
Publications (1)
| Publication Number | Publication Date |
|---|---|
| HK1123113A true HK1123113A (en) | 2009-06-05 |
Family
ID=
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR100969730B1 (en) | A system and method for radio frequency identification and multicore tags including a plurality of radio frequency identification tags | |
| US8058973B2 (en) | Radio frequency identification system and method | |
| EP3690691B1 (en) | Method for rfid tag authentication | |
| US10523443B1 (en) | Devices, methods, and systems for cryptographic authentication and provenance of physical assets | |
| US8898086B2 (en) | Systems and methods for transmitting financial account information | |
| Lehtonen et al. | From identification to authentication–a review of RFID product authentication techniques | |
| Khalil et al. | A novel RFID-based anti-counterfeiting scheme for retail environments | |
| CN102855577B (en) | Multiple commodity antifake check method based on cloud computing | |
| CN103258169A (en) | Method for protection of chip card from unauthorized use, chip card and chip card terminal | |
| CN1822020B (en) | Method for transmitting data, data providing and receiving device, and communication system | |
| Abyaneh | Security analysis of lightweight schemes for RFID systems | |
| CN105590227A (en) | Dynamic verification method, apparatus, and system of authenticity of commodity | |
| CN118967159A (en) | An anti-counterfeiting traceability system and anti-counterfeiting method based on electronic tags | |
| Mobahat | Authentication and lightweight cryptography in low cost RFID | |
| CN110620764B (en) | Anti-quantum computation RFID authentication method and system based on asymmetric key pool and secondary surplus | |
| CN114565393B (en) | A whole-industry chain product traceability authentication method and system based on blockchain technology | |
| HK1123113A (en) | Radio frequency identification system and method | |
| HK1106313B (en) | Radio frequency identification system and method | |
| Yang et al. | Enhancing privacy and security in RFID-enabled banknotes | |
| Chang et al. | An improved certificate mechanism for transactions using radio frequency identification enabled mobile phone | |
| Wu | RFID System Security | |
| CN1955984B (en) | Radio frequency identification system and method | |
| CN110620659B (en) | Anti-quantum computation RFID authentication method and system based on symmetric key pool and secondary surplus | |
| KR100618316B1 (en) | RFID authentication system and method | |
| Ranasinghe et al. | Addressing insecurities and violations of privacy |