WO2007036901A1 - Method and device for privacy protection of rfid tags - Google Patents

Method and device for privacy protection of rfid tags Download PDF

Info

Publication number
WO2007036901A1
WO2007036901A1 PCT/IB2006/053541 IB2006053541W WO2007036901A1 WO 2007036901 A1 WO2007036901 A1 WO 2007036901A1 IB 2006053541 W IB2006053541 W IB 2006053541W WO 2007036901 A1 WO2007036901 A1 WO 2007036901A1
Authority
WO
WIPO (PCT)
Prior art keywords
rfid
identifier
rfid tag
reader
sending
Prior art date
Application number
PCT/IB2006/053541
Other languages
French (fr)
Inventor
Krzysztof L. Godzwon
Jerzy Husakowski
Original Assignee
Koninklijke Philips Electronics N.V.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics N.V. filed Critical Koninklijke Philips Electronics N.V.
Publication of WO2007036901A1 publication Critical patent/WO2007036901A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/0008General problems related to the reading of electronic memory record carriers, independent of its reading method, e.g. power transfer
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10009Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
    • G06K7/10019Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves resolving collision on the communication channels between simultaneously or concurrently interrogated record carriers.

Definitions

  • the present invention relates to an apparatus and a method of controlling access to information in a radio frequency identifications (RFID) device and more particularly to techniques for increasing security and privacy related to the device.
  • RFID radio frequency identifications
  • a conventional RFID system typically comprises three main components, which are an RFID tag, or transponder, which is located in connection with the object to be identified and is the data carrier in the RFID system, an RFID reader, or transceiver, which may read data from and/or write data to the RFID tag, and a data processing system which in some way utilize data obtained from the transceiver.
  • the RFID reader In operation the RFID reader usually continuously emits a query signal forming a query zone. When an RFID tag enters the query zone it typically responds by transmitting a unique serial number or some other identifier information to the RFID reader. Data received by the RFID reader is then communicated to a data processing system, e.g., a database running on a personal computer. Many RFID tags are passive meaning they do not have a power source but instead obtain power to operate from the query signal itself.
  • Every RFID tag has a unique identifier associated with it, the identifier is impossible to change or duplicate and the manufacturer guarantees that no duplicates are present.
  • the RFID tag often has a secure data area, which is optionally encrypted and transmitted to the RFID reader only when the RFID tag and the RFID reader have verified authenticity respectively.
  • the unique identifier is always readable by the RFID reader, and in fact, by many other RFID readers not belonging to the RFID system of which the RFID tag is a part.
  • RFID systems are frequently used in various application, such as for identification of products at the point of sale, for verification and control of different personal identification cards, credit cards etc. Another application area is hospitals were patient information including, for example, drug prescriptions, is stored on an RFID tag that is associated with the patient concerned. It has even been proposed to integrate RFID tags into currency.
  • an RFID tag traditionally responds automatically to any RFID reader by indiscriminately transmitting its unique identifier
  • the identifier can be scanned by anyone, anywhere, as long as it is within the query zone of the RFID reader. This makes it possible to track the movements of a specific user carrying the RFID tag and this poses a threat to consumer/user privacy and security.
  • a secure and private RFID system should also, for example, avoid eavesdropping, traffic analysis and spoofing.
  • a common method is to make the RFID tag more complex and to include the use of cryptographic methods such as hash lock scheme, randomized hash lock scheme or the use of a hash chains.
  • cryptographic methods such as hash lock scheme, randomized hash lock scheme or the use of a hash chains.
  • Another method to increase RFID security and privacy involves enclosing the RFID tag in a metal mesh or foil container that is impenetrable by radio frequency signals.
  • RFID tags in such a cage.
  • JP 2004192645 discloses a privacy protection method for an RFID system where the RFID tag upon a query from an RFID reader sends a fake ID number. Different fake ID's are sent every time a query is received.
  • a particular object is to provide an RFID system offering increased privacy that is simple and offers low production and operational costs.
  • Another object of the present invention is to provide an RFID tag and an RFID reader that are simple and offer low production and operational costs, respectively.
  • a method of controlling access to information in an RFID system comprises an RFID reader communicating with a plurality of RFID tags each having a unique identifier in a secure data section of the RFID tag.
  • the method comprises the steps of: sending from the RFID reader to an RFID tag a request for an identifier sending from the RFID tag to the RFID reader an identifier that is common to a plurality of RFID tags in the RFID system verifying if the common identifier equals an identifier value associated with the RFID reader sending, if the common identifier equaled the identifier value associated with the RFID reader, from the RFID reader to the RFID tag, an authentication signal, and finally, verifying, by the RFID tag, if the authentication signal is correct.
  • the last step may optionally be followed by sending, if the authentication signal was correct, from the RFID tag to the RFID reader the unique identifier of the RFID tag.
  • a method of information access for an RFID reader is also provided.
  • RFID reader is a part of an RFID system described above and the method comprises the steps of: identifying an RFID tag within the range of the RFID reader sending a request for the RFID tag's identifier - receiving an identifier that is common to a plurality RFID tags in the RFID system, and finally, sending, if the common identifier equals an identifier value associated with the RFID reader, an authentication signal.
  • This last step may optionally be followed by receiving the RFID tag's unique identifier.
  • a method of information transmittal for an RFID tag is also provided.
  • the RFID tag is a part of the RFID system described above, and the method comprises the steps of: receiving a request for an identifier - sending an identifier that is common to a plurality of RFID tags in the RFID system receiving an authentication signal, and finally, verifying if the authentication signal is correct.
  • This last step may optionally be followed by, if the authentication signal was correct, the RFID tag's unique identifier.
  • a general advantage of the invention is that it offers improved privacy at a very low increase of costs.
  • every user carrying an RFID tags according to the invention is anonymous within the same group of RFID tag users. Tracking a common identifier is pointless since there is no way to tell who the real carrier is.
  • the common identifier would be shared by a group of, for example, 100 or more RFID tags.
  • the common identifier is also associated with the RFID reader and hence the reader recognizes RFID tags being part of the same RFID system, making it possible for the RFID reader to respond accordingly.
  • Another advantage is that the invention can be incorporated with existing RFID systems without interference of any kind.
  • the RFID tag Since the RFID tag responds to an RFID reader query by sending a common identifier, the RFID tag of present invention offers increased privacy at a low cost. Furthermore it is very fast and cost efficient to implement and manufacture an RFID reader belonging to present RFID system and associated with a common and yet very simple identifier. These benefits also apply to the data processing system communicating with the RFID reader.
  • the method of controlling access to information in the RFID system may include representing the common identifier by a plurality of common identifiers each assigned to a group of RFID tags and being unique for the group. In other words that means that there may exist several common identifiers that are different from each other. Each common identifier is however shared by plurality of RFID tags. Accordingly the RFID reader is associated with corresponding plurality of common identifiers. It should be noted that for one RFID system application area it is preferred that only one single group of RFID tags exists, thereby giving all RFID tags in the RFID system the same common identifier.
  • the method of controlling access to information in the RFID system may also include a step of encrypting an RFID tag's unique identifier before it is sent to the RFID reader. It may also include the step of collision detection of RFID tags, after the step of sending the common identifier is performed.
  • Representing the common identifier by a plurality of common identifiers and/or the encryption of an RFID tag's unique identifier may also be included in the method for the RFID reader and/or RFID tag described above.
  • An RFID reader, an RFID tag and an RFID system comprising the reader and tag are also provided according to appended claims. These devices/arrangements are interconnected, have the same advantages as corresponding method described above and may also be arranged with or without means for sending/receiving the unique identifier of a RFID tag.
  • Fig. 1 is a schematic drawing of the RFID system
  • Fig. 2 is a diagram of the method of controlling access to information in the RFID system.
  • Computer program code which implements a method according to the invention, with or without program code of other functions of the RFID system, may reside in fixed or removable memory of the devices according to the invention. Basically any type of conventional memory is possible, such as a diskette, a hard drive, a semi-permanent storage chip such as a flash memory chip etc.
  • the program code of the invention may also be considered as a form of transmitted signal, such as a stream of data communicated via radio frequency transmittal or via any other type of communication network.
  • the system comprises a plurality of RFID tags 101 which communicate via radio frequency 105 with an RFID reader 102.
  • the reader 102 communicates with at least one data processing system 104 via a network 103.
  • At least one RFID tag is located in connection with an object or user to be identified and is a data carrier.
  • the RFID tag can also be referred to as a transponder and consists of a microchip that processes and stores data, and a coupling element, such as a coiled antenna, used to communicate via radio frequency communication.
  • the RFID tags may be either active or passive. Active tags have an integrated power supply and actively send a radio frequency signal for communication while passive tags obtain all their power from the interrogation signal of the RFID reader.
  • the RFID tags preferably communicate only when interrogated by the RFID reader.
  • Stored on the microchip of the RFID tag is a common identifier. In a protected section of the RFID tag a unique identifier is stored together with additional information related to the application area for the RFID system.
  • the same common identifier is stored on a plurality, preferably all, RFID tags that is a part of the RFID system intended for a specific application area.
  • Implemented on the microchip, as known in the art, is of course also program code for proper communication and interaction with the RFID reader.
  • the RFID reader is preferably able to both read from and write data to the RFID tags.
  • the RFID reader can also be referred to as a transceiver and consists of a radio frequency module, a control unit and a coupling element to interrogate the RFID tags via radio frequency communication.
  • the reader is fitted with an interface that enables it to, preferably via a network, communicate its received data to a data processing system such as, for example, a database running on a personal computer.
  • a data processing system such as, for example, a database running on a personal computer.
  • the same common identifier that is stored in the RFID tag is also stored in the data processing system and is associated with a specific RFID reader.
  • the common identifier may also be stored in a memory of the RFID reader.
  • the first step is the RFID reader detecting 201 an RFID tag within its query zone.
  • the next step is sending 202 from the RFID reader to the RFID tag a request for its identifier.
  • the RFID tag responds by sending 203 its common identifier to the RFID reader which in turn sends the common identifier to the data processing system.
  • the data processing system verifies 204 if the common identifier equals an identifier value associated with the RFID reader.
  • the RFID reader may also perform this verification. If the common identifier equaled the identifier value associated with the RFID reader, the RFID reader sends 205 an authentication signal to the RFID tag.
  • the authentication signal may be represented by any known kind of complete execution of an authentication protocol suitable for RFID systems.
  • the RFID tag verifies 206 if the authentication signal is correct and, if it was correct, optionally sends 207 the unique identifier to the RFID reader. If any verification above is not performed, the communication between the RFID tag and RFID reader is broken.
  • the common identifier is a unique number and the RFID tags always send this unique number, when requested by an RFID reader, once it has been assigned to the RFID tags.

Abstract

Technique for increased privacy of an RFID system is provided. The system comprises an RFID reader communicating with a plurality of RFID tags each having a unique identifier in a secure data section of the RFID tag. The system performs the step of sending from the RFID reader to an RFID tag a request for an identifier. After this, the RFID tag sends, to the RFID reader, an identifier that is common to a plurality of the RFID tags in the RFID system. Mutual verifications are performed and if the RFID tag and RFID reader belongs to the same RFID system, the RFID tag sends, to the RFID reader, the unique identifier of the RFID tag.

Description

Method and device for privacy protection of RFID tags
FIELD OF THE INVENTION
The present invention relates to an apparatus and a method of controlling access to information in a radio frequency identifications (RFID) device and more particularly to techniques for increasing security and privacy related to the device.
BACKGROUND OF THE INVENTION
A conventional RFID system typically comprises three main components, which are an RFID tag, or transponder, which is located in connection with the object to be identified and is the data carrier in the RFID system, an RFID reader, or transceiver, which may read data from and/or write data to the RFID tag, and a data processing system which in some way utilize data obtained from the transceiver.
In operation the RFID reader usually continuously emits a query signal forming a query zone. When an RFID tag enters the query zone it typically responds by transmitting a unique serial number or some other identifier information to the RFID reader. Data received by the RFID reader is then communicated to a data processing system, e.g., a database running on a personal computer. Many RFID tags are passive meaning they do not have a power source but instead obtain power to operate from the query signal itself.
Every RFID tag has a unique identifier associated with it, the identifier is impossible to change or duplicate and the manufacturer guarantees that no duplicates are present. The RFID tag often has a secure data area, which is optionally encrypted and transmitted to the RFID reader only when the RFID tag and the RFID reader have verified authenticity respectively. However the unique identifier is always readable by the RFID reader, and in fact, by many other RFID readers not belonging to the RFID system of which the RFID tag is a part. RFID systems are frequently used in various application, such as for identification of products at the point of sale, for verification and control of different personal identification cards, credit cards etc. Another application area is hospitals were patient information including, for example, drug prescriptions, is stored on an RFID tag that is associated with the patient concerned. It has even been proposed to integrate RFID tags into currency.
However, since an RFID tag traditionally responds automatically to any RFID reader by indiscriminately transmitting its unique identifier, the identifier can be scanned by anyone, anywhere, as long as it is within the query zone of the RFID reader. This makes it possible to track the movements of a specific user carrying the RFID tag and this poses a threat to consumer/user privacy and security. A secure and private RFID system should also, for example, avoid eavesdropping, traffic analysis and spoofing.
There have been several approaches to increase RFID security and privacy. A simple method is a so called kill-command permanently erasing the RFID tag data. This procedure should be performed, e.g., by a clerk when a product is purchased just before it is handed over to a customer. This procedure successfully protects privacy but requires a conscious initialization and it is difficult to ensure that it was properly executed. It also diminishes several benefits with RFID tags since the tag is truly dead and can not be reactivated and thereby its further usage within the RFID system is prevented. A similar approach is to make the RFID tag self-destruct when it comes in contact with water, which is a method suitable for RFID tags intended for washable clothes.
A common method is to make the RFID tag more complex and to include the use of cryptographic methods such as hash lock scheme, randomized hash lock scheme or the use of a hash chains. These methods offer increased privacy but have several drawbacks, all of which more or less relate to a requirement for relatively large computational and data storage resources, in the RFID tag or the back end data processing system. This dramatically increases the cost of the RFID system.
Another method to increase RFID security and privacy involves enclosing the RFID tag in a metal mesh or foil container that is impenetrable by radio frequency signals.
However it is not possible to enclose all objects, for example, clothes and shoes marked with
RFID tags, in such a cage.
It is also possible to use a jamming device that actively jams radio frequency signals, either from an RFID tag transmitting information to an RFID reader or from an RFID reader that queries an RFID tag. This method is in practice not feasible since it requires a consumer to carry a jamming device which may case unwanted disturbance for other systems and may as well conflict with laws and regulations for radio frequency broadcast power levels. JP 2004192645 discloses a privacy protection method for an RFID system where the RFID tag upon a query from an RFID reader sends a fake ID number. Different fake ID's are sent every time a query is received.
One problem with the method above is that the different fake ID's must be sorted and handled in order to properly identify what the ID tag's true ID number really is. This is associated with increased demand for computational efforts by the RFID system, which in turn inevitably leads to increased costs for the system.
In summary, the prior art has the problem of either high cost, insufficient privacy and/or is in practice unfeasible. It is therefore apparent that there is a need for improved techniques for providing increased privacy for consumers carrying RFID tags being a part of an RFID system. Computational efforts by be RFID tag, RFID reader and the back end database should be minimized in order to decrease overall costs.
SUMMARY OF THE INVENTION It is an object of the present invention to provide an improvement of the above techniques and prior art.
A particular object is to provide an RFID system offering increased privacy that is simple and offers low production and operational costs.
Another object of the present invention is to provide an RFID tag and an RFID reader that are simple and offer low production and operational costs, respectively.
These and other objects and advantages that will be apparent from the following description of the present invention are achieved by way of methods and devices according to the appended claims.
A method of controlling access to information in an RFID system is provided. The system comprises an RFID reader communicating with a plurality of RFID tags each having a unique identifier in a secure data section of the RFID tag. The method comprises the steps of: sending from the RFID reader to an RFID tag a request for an identifier sending from the RFID tag to the RFID reader an identifier that is common to a plurality of RFID tags in the RFID system verifying if the common identifier equals an identifier value associated with the RFID reader sending, if the common identifier equaled the identifier value associated with the RFID reader, from the RFID reader to the RFID tag, an authentication signal, and finally, verifying, by the RFID tag, if the authentication signal is correct.
The last step may optionally be followed by sending, if the authentication signal was correct, from the RFID tag to the RFID reader the unique identifier of the RFID tag. A method of information access for an RFID reader is also provided. The
RFID reader is a part of an RFID system described above and the method comprises the steps of: identifying an RFID tag within the range of the RFID reader sending a request for the RFID tag's identifier - receiving an identifier that is common to a plurality RFID tags in the RFID system, and finally, sending, if the common identifier equals an identifier value associated with the RFID reader, an authentication signal.
This last step may optionally be followed by receiving the RFID tag's unique identifier.
A method of information transmittal for an RFID tag is also provided. The RFID tag is a part of the RFID system described above, and the method comprises the steps of: receiving a request for an identifier - sending an identifier that is common to a plurality of RFID tags in the RFID system receiving an authentication signal, and finally, verifying if the authentication signal is correct.
This last step may optionally be followed by, if the authentication signal was correct, the RFID tag's unique identifier.
The methods described above are interconnected and all relate to the present invention. A general advantage of the invention is that it offers improved privacy at a very low increase of costs. By several RFID tags sharing and upon request sending the same (common) identifier, every user carrying an RFID tags according to the invention is anonymous within the same group of RFID tag users. Tracking a common identifier is pointless since there is no way to tell who the real carrier is. Typically the common identifier would be shared by a group of, for example, 100 or more RFID tags. The common identifier is also associated with the RFID reader and hence the reader recognizes RFID tags being part of the same RFID system, making it possible for the RFID reader to respond accordingly. Another advantage is that the invention can be incorporated with existing RFID systems without interference of any kind.
Since the RFID tag responds to an RFID reader query by sending a common identifier, the RFID tag of present invention offers increased privacy at a low cost. Furthermore it is very fast and cost efficient to implement and manufacture an RFID reader belonging to present RFID system and associated with a common and yet very simple identifier. These benefits also apply to the data processing system communicating with the RFID reader.
The method of controlling access to information in the RFID system may include representing the common identifier by a plurality of common identifiers each assigned to a group of RFID tags and being unique for the group. In other words that means that there may exist several common identifiers that are different from each other. Each common identifier is however shared by plurality of RFID tags. Accordingly the RFID reader is associated with corresponding plurality of common identifiers. It should be noted that for one RFID system application area it is preferred that only one single group of RFID tags exists, thereby giving all RFID tags in the RFID system the same common identifier.
The method of controlling access to information in the RFID system may also include a step of encrypting an RFID tag's unique identifier before it is sent to the RFID reader. It may also include the step of collision detection of RFID tags, after the step of sending the common identifier is performed.
Representing the common identifier by a plurality of common identifiers and/or the encryption of an RFID tag's unique identifier may also be included in the method for the RFID reader and/or RFID tag described above. An RFID reader, an RFID tag and an RFID system comprising the reader and tag are also provided according to appended claims. These devices/arrangements are interconnected, have the same advantages as corresponding method described above and may also be arranged with or without means for sending/receiving the unique identifier of a RFID tag.
BRIEF DESCRIPTION OF THE DRAWINGS
Embodiments of the present invention will now be described, by way of example, with reference to the accompanying schematic drawings, in which:
Fig. 1 is a schematic drawing of the RFID system, and Fig. 2 is a diagram of the method of controlling access to information in the RFID system.
DESCRIPTION OF PREFERRED EMBODIMENTS An RFID system providing increased privacy will now be described with reference to the appended drawing. It should be noted, however, that no detailed description will be made of the RFID system as such. It is also to be noted that no detailed description will be made of any specific user communication interface, as it would depend on the specific type of RFID system for which the invention is implemented, as the skilled person will understand.
Computer program code, which implements a method according to the invention, with or without program code of other functions of the RFID system, may reside in fixed or removable memory of the devices according to the invention. Basically any type of conventional memory is possible, such as a diskette, a hard drive, a semi-permanent storage chip such as a flash memory chip etc. The program code of the invention may also be considered as a form of transmitted signal, such as a stream of data communicated via radio frequency transmittal or via any other type of communication network.
Turning now to Fig. 1 illustrating the RFID system, the system comprises a plurality of RFID tags 101 which communicate via radio frequency 105 with an RFID reader 102. The reader 102 communicates with at least one data processing system 104 via a network 103.
At least one RFID tag is located in connection with an object or user to be identified and is a data carrier. The RFID tag can also be referred to as a transponder and consists of a microchip that processes and stores data, and a coupling element, such as a coiled antenna, used to communicate via radio frequency communication. The RFID tags may be either active or passive. Active tags have an integrated power supply and actively send a radio frequency signal for communication while passive tags obtain all their power from the interrogation signal of the RFID reader. The RFID tags preferably communicate only when interrogated by the RFID reader. Stored on the microchip of the RFID tag is a common identifier. In a protected section of the RFID tag a unique identifier is stored together with additional information related to the application area for the RFID system. The same common identifier is stored on a plurality, preferably all, RFID tags that is a part of the RFID system intended for a specific application area. Implemented on the microchip, as known in the art, is of course also program code for proper communication and interaction with the RFID reader.
The RFID reader is preferably able to both read from and write data to the RFID tags. The RFID reader can also be referred to as a transceiver and consists of a radio frequency module, a control unit and a coupling element to interrogate the RFID tags via radio frequency communication. The reader is fitted with an interface that enables it to, preferably via a network, communicate its received data to a data processing system such as, for example, a database running on a personal computer. The same common identifier that is stored in the RFID tag is also stored in the data processing system and is associated with a specific RFID reader. The common identifier may also be stored in a memory of the RFID reader.
It should be noted that all hardware components constituting the RFID system are familiar for the skilled person and will hence not be further described.
Turning now to Fig 2, during normal and complete operation for controlling access to information in the RFID system, the first step is the RFID reader detecting 201 an RFID tag within its query zone. The next step is sending 202 from the RFID reader to the RFID tag a request for its identifier. The RFID tag responds by sending 203 its common identifier to the RFID reader which in turn sends the common identifier to the data processing system. The data processing system verifies 204 if the common identifier equals an identifier value associated with the RFID reader. The RFID reader may also perform this verification. If the common identifier equaled the identifier value associated with the RFID reader, the RFID reader sends 205 an authentication signal to the RFID tag. The authentication signal may be represented by any known kind of complete execution of an authentication protocol suitable for RFID systems. After this step, the RFID tag verifies 206 if the authentication signal is correct and, if it was correct, optionally sends 207 the unique identifier to the RFID reader. If any verification above is not performed, the communication between the RFID tag and RFID reader is broken.
Preferably the common identifier is a unique number and the RFID tags always send this unique number, when requested by an RFID reader, once it has been assigned to the RFID tags.
It is also possible to include encryption, by the RFID tag, of the RFID tag's unique identifier before it is sent to the RFID reader. In this case decryption in a later step is performed by the data processing system or optionally by the RFID reader. It is further preferred to implement detection collision for RFID tags simultaneously communicating with the RFID reader. Both encryption and collision detection per se are done according to known prior art.

Claims

CLAIMS:
1. A method of information access for an RFID reader being a part of an RFID system, in which system the RFID reader communicates with a plurality of RFID tags each having a unique identifier in a secure data section of the RFID tag, said method comprising the steps of: - identifying an RFID tag within the range of the RFID reader,
- sending a request for the RFID tag's identifier,
- receiving an identifier that is common to a plurality RFID tags in the RFID system, and
- sending, if the common identifier equals an identifier value associated with the RFID reader, an authentication signal.
2. The method of claim 1, further followed by the step of receiving the RFID tag's unique identifier.
3. The method of claim 1 or 2, wherein the common identifier is assigned to a group of RFID tags and being unique for the group.
4. The method of any one of claims 1-3, wherein said step of receiving the unique identifier involves receiving the unique identifier in an encrypted form.
5. An RFID reader for information access being a part of an RFID system, in which system the RFID reader is arranged to communicate with a plurality of RFID tags each having a unique identifier in a secure data section of the RFID tag, said RFID reader comprising: - means for identifying an RFID tag within the range of the RFID reader,
- means for sending a request for the RFID tag's identifier,
- means for receiving an identifier that is common to a plurality of RFID tags in the RFID system,
- means for sending, if the common identifier equals an identifier value associated with the RFID reader, an authentication signal, and
- means for receiving the RFID tag's unique identifier.
6. A method of information transmittal for an RFID tag being a part of an RFID system, in which system an RFID reader communicates with a plurality of RFID tags each having a unique identifier in a secure data section of the RFID tag, said method comprising the steps of:
- receiving a request for an identifier,
- sending an identifier that is common to a plurality of RFID tags in the RFID system,
- receiving an authentication signal, and
- verifying if the authentication signal is correct.
7. The method of claim 6, further followed by the step of sending, if the authentication signal was correct, the RFID tag's unique identifier.
8. The method of claim 6 or 7, wherein the common identifier is assigned to a group of RFID tags and being unique for the group.
9. The method of any one of claims 6-8, wherein said step of sending the unique identifier involves encrypting the unique identifier.
10. An RFID tag for information transmittal being a part of an RFID system, in which system an RFID reader communicates with a plurality of RFID tags each having a unique identifier in a secure data section of the RFID tag, said RFID tag comprising:
- means for receiving a request for an identifier,
- means for sending an identifier that is common to a plurality of RFID tags in the RFID system,
- means for receiving an authentication signal, - means for verifying if the authentication signal is correct, and
- means for sending, if the authentication signal was correct, the RFID tag's unique identifier.
11. A method of controlling access to information in an RFID system, which system comprises an RFID reader communicating with a plurality of RFID tags each having a unique identifier in a secure data section of the RFID tag, said method comprising the steps of: - sending from the RFID reader to an RFID tag a request for an identifier,
- sending from the RFID tag to the RFID reader an identifier that is common to a plurality of RFID tags in the RFID system,
- verifying if the common identifier equals an identifier value associated with the RFID reader, - sending, if the common identifier equaled the identifier value associated with the RFID reader, from the RFID reader to the RFID tag, an authentication signal, and
- verifying, by the RFID tag, if the authentication signal is correct.
12. The method of claim 11, further followed by the step of sending, if the authentication signal was correct, from the RFID tag to the RFID reader, the unique identifier of the RFID tag.
13. The method of claim 11 or 12, wherein the common identifier is represented by a plurality of common identifiers each assigned to a group of RFID tags and being unique for the group.
14. The method of any one of claims 11-13, wherein said step of sending the unique identifier involves encrypting the unique identifier.
15. The method of any one of claims 11-14, wherein said step of sending the common identifier is followed by collision detection of RFID tags.
16. An RFID system comprising an RFID reader according to claim 5 and a plurality of RFID tags according to claim 10, wherein the RFID system has means for verifying if the RFID tag's common identifier equals an identifier value associated with the RFID reader.
17. An RFID system according to claim 16, wherein the RFID reader is connected to data processing system, said data processing system comprising a network or a server or data processing device or a combination thereof.
PCT/IB2006/053541 2005-09-30 2006-09-28 Method and device for privacy protection of rfid tags WO2007036901A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP05109116.3 2005-09-30
EP05109116 2005-09-30

Publications (1)

Publication Number Publication Date
WO2007036901A1 true WO2007036901A1 (en) 2007-04-05

Family

ID=37741177

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2006/053541 WO2007036901A1 (en) 2005-09-30 2006-09-28 Method and device for privacy protection of rfid tags

Country Status (1)

Country Link
WO (1) WO2007036901A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2446012A (en) * 2007-01-25 2008-07-30 Core Control Internat Ltd Active radio frequency identification of a plurality of tag transponders
WO2014158596A1 (en) * 2013-03-14 2014-10-02 Covidien Lp Rfid secure authentication
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040066278A1 (en) * 2002-10-04 2004-04-08 Hughes Michael A. Challenged-based tag authentication medel
US20040075562A1 (en) * 2002-10-11 2004-04-22 Thomas Land Zone detection locator
US20040118930A1 (en) * 2001-07-10 2004-06-24 American Express Travel Related Services Company, Inc. Transparent transaction card
US20050035860A1 (en) * 2003-08-11 2005-02-17 Accenture Global Services Gmbh. Manufactured article recovery system

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040118930A1 (en) * 2001-07-10 2004-06-24 American Express Travel Related Services Company, Inc. Transparent transaction card
US20040066278A1 (en) * 2002-10-04 2004-04-08 Hughes Michael A. Challenged-based tag authentication medel
US20040075562A1 (en) * 2002-10-11 2004-04-22 Thomas Land Zone detection locator
US20050035860A1 (en) * 2003-08-11 2005-02-17 Accenture Global Services Gmbh. Manufactured article recovery system

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2446012A (en) * 2007-01-25 2008-07-30 Core Control Internat Ltd Active radio frequency identification of a plurality of tag transponders
GB2446012B (en) * 2007-01-25 2009-04-22 Core Control Internat Ltd Apparatus for active radio frequency identification of a plurality of tag transponders
WO2014158596A1 (en) * 2013-03-14 2014-10-02 Covidien Lp Rfid secure authentication
US9489785B2 (en) 2013-03-14 2016-11-08 Covidien Lp RFID secure authentication
US9774455B2 (en) 2013-03-14 2017-09-26 Covidien Lp RFID secure authentication
US10298403B2 (en) 2013-03-14 2019-05-21 Covidien Lp RFID secure authentication
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system

Similar Documents

Publication Publication Date Title
US10916114B1 (en) Exit-code-based RFID loss-prevention system
US20090033464A1 (en) Transponder with access protection and method for access to the transponder
EP1755061B1 (en) Protection of non-promiscuous data in an RFID transponder
US8296852B2 (en) Transponder, RFID system, and method for RFID system with key management
US8368516B2 (en) Secure data exchange with a transponder
US7786866B2 (en) Radio frequency identification (RFID) system that meets data protection requirements through owner-controlled RFID tag functionality
KR101813658B1 (en) RFID based genuine product certification service system and method using cipher update algorithm for forgery prevention
CN101346728B (en) Collaborating RFID devices
US20110068894A1 (en) Method for authenticating an rfid tag
EP1547008A1 (en) A challenge-response-based tag and reader authentication system and method
US9607286B1 (en) RFID tags with brand protection and loss prevention
CN103281189A (en) Light weight class safe protocol certification system and method for radio frequency identification equipment
KR102293888B1 (en) RFID based genuine product certification service system using cipher update algorithm of certification key for forgery prevention to use distributed ledger stored in RFID key storage
US20050134436A1 (en) Multiple RFID anti-collision interrogation method
WO2006030344A1 (en) Rf transponder for off-line authentication of a source of a product carrying the transponder
CN103516517A (en) Production method, RFID transponder, authentication method, and reader device
WO2007036901A1 (en) Method and device for privacy protection of rfid tags
CN110546639A (en) certified product authentication service system and method based on wireless radio frequency identification of password updating algorithm for anti-counterfeiting
EP2286373B1 (en) Reader and transponder for obscuring the applications supported by a reader and/or a transponder and method thereof
KR101053636B1 (en) Encryption/decryption method and system for rfid tag and reader using multi algorithm
Sabzevar Security in RFID Systems
CN113988103B (en) RFID identification method based on multiple tags
US11398898B2 (en) Secure RFID communication method
Dimitriou RFID security and privacy
المهدي عبدالسلام عجال et al. Networked Radio Frequency identification Systems Security and Privacy Issues

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06821162

Country of ref document: EP

Kind code of ref document: A1