The invention relates to a method of cryptological authentication in a scanning identification system.
In the last few years, a system for the identification of persons, animals and objects that has proven effective involves the supply of a transponder, which is connected to the object to be identified, with energy by a (stationary or portable) reading device, also referred to as a reader or base station, via an alternating field, whereupon the transponder responds by emitting the data it stores. Because of the frequency range used, the system is referred to as a radio-frequency identification system, or RFID for short.
An RFID transponder generally comprises an antenna coil and an integrated circuit containing all of the necessary electronic circuit blocks, such as those needed for voltage supply, timing generation, timing control and storing the data required for the identification. The capacity switched in parallel to the antenna coil is likewise often a component of the integrated circuit. It can, however, also be formed by a discrete component.
The RFID reader comprises a resonating circuit having a transmitting coil and a capacity that is actuated by a driver stage with a signal generally having a fixed frequency (e.g. 125 kHz). The reader further includes electronic circuit blocks for recognizing data emitted by the transponder through absorption modulation, and for transmitting data and commands, e.g. through field modulation, to the transponder.
During the data or energy transfer, the reader and the transponder form a loosely-coupled transformer. The energy transfer is therefore relatively low.
The attainable range for the contactless transfer of energy and data is influenced by the following marginal conditions:
the transmitting energy (limited by legal specifications);
the coil dimensions;
the disturbance level of the environment;
matching resonance frequencies;
the modulation amplitude;
the voltage loss via the rectifier; and
the transfer methods used.
For example, in the use of an anti-theft mechanism, extremely-unfavorable transfer conditions arise because of the small transmitting coil arranged around the ignition/steering-column lock. Hence, it is advisable to optimize the system for minimal losses. Decisive factors for this are:
an identical resonance frequency of the base station and the transponder;
transfer protocols that are optimized with respect to time;
minimal losses during the energy transfer;
maximal modulation amplitude during the transfer of data to the base station (read); and
optimized data transfer to the transponder (send).
EP 0 683 293 A1 discloses an authentification method in a scanning identification system, in which a challenge-and-response protocol is used for cryptologicial authentification.
When a motor vehicle is started, the driver notices a time delay of more than 150 ms from the turning of the ignition key until the engine starts. consequently, the entire transfer protocol must have run during this very short time period. Several points must be kept in mind here. On the one hand, a one-time data transfer should produce the correct result; on the other hand, additional functions such as authentification by means of an algorithm should be performed in the shortest-possible time.
It is the object of the invention to provide a method of cryptological authentification in a scanning identification system that runs in the shortest-possible time.
This object is accomplished by a method of cryptological authentification in a scanning identification system having the features of claims 1 and 4. The advantageous embodiment of the invention ensues from the features listed in the dependent claims.
The method of cryptological authentification in a scanning identification system comprising a base station, which supplies energy via the alternating field to a transponder connected to the object to be identified, includes the following method steps.
For essentially the entire communication between the base station and the transponder, the base station generates an inquiry signal. Upon receiving the inquiry signal transmitted by the base station, the transponder responds with an identification number stored in its memory. The base station then encodes a first bit sequence it has generated by using a key bit sequence that is allocated to the identification number of the transponder, and transmits the second bit sequence obtained in this manner to the transponder.
When the second bit sequence is received, the transponder generates a checking bit sequence from the second bit sequence, and, following the complete reception of the second bit sequence, transmits this checking bit sequence to the base station. The checking bit sequence serves to verify the correct reception of the second bit sequence. For cryptographic authentification, the transponder encodes the first bit sequence reconstructed from the second bit sequence using the key bit sequence allocated to the transponder, and transmits the third bit sequence obtained in this manner to the base station.
While the transponder is still encoding the second bit sequence to form the third bit sequence, the base station uses the checking bit sequence to verify whether an error has occurred in the transmission of the second bit sequence, and may abort the ongoing encoding in the transponder. This can abort the ongoing authentification, because a valid result cannot be anticipated. Thus, time is gained at the start of a new running of the authentification method.
In the other case, the base station verifies the validity of the received third bit sequence.
The authentification time is further reduced in that the transponder halves the length of the third bit sequence prior to transmitting it to the base station.
In one embodiment of the method, at the beginning of the method, the base station uses a key bit sequence associated with itself and the transponder to immediately encode a first bit sequence that it has generated, and immediately transmits the second bit sequence obtained in this manner to the transponder instead of awaiting the reception of the transponder identification number. This further reduces the authentification time.