1. Technical Field
The present application relates to a method for authenticating an RFID tag by means of an radio-frequency identification (RFID) reader via a radio interface therebetween, wherein a user-specific key is stored in the RFID reader and a tag-specific identifier and a password generated from the identifier and the key in accordance with a known derivative function are stored in the RFID tag.
2. Background Art
RFID tags (radio frequency identification tags or transponders) of this type are not only widespread in merchandise logistics for product marking (see e.g., “Specification for RFID Air Interface EPC™ Radio-Frequency Identity Protocols Class-1 Generation-2 UHF RFID Protocol for Communications at 860 MHz Version 1.2.0 Copyright notice Contents”, 23 Oct. 2008 (2008-10-23), XP055093111), but are also being used increasingly as wirelessly readable vehicle identifiers or wirelessly readable driver IDs in road toll and traffic monitoring systems (electronic toll collection, ETC; automatic vehicle identification, AVI). Here, emphasis is placed on the counterfeit protection of the RFID tag in order to prevent a vehicle registration number or a user identity from being falsified and an individual accumulating costs or charges accrued as a result of third party toll fees or traffic offences.
Simple authentication protocols have already been implemented in the most widespread RFID tag standards, for example in ISO standards 18000-6C and 18000-63. These authentication protocols are based on the use of the aforementioned password (access password), which is composed on the one hand from a secret key known only to the user issuing the RFID tags and an individual tag identifier stored in each tag. Only this password is stored in the respective tag. The key cannot be reconstructed merely with the knowledge of the password, that is to say the derivative function (formation function) for the password is irreversible or cannot be uniquely reversed. If an RFID reader would like to verify the authenticity of an RFID tag, it first reads the tag-specific identifier from the RFID tag and reproduces the password (access password) in the knowledge of the user-specific key and sends this to the RFID tag. The RFID tag checks the received password with the stored password and, in the case of a match, sends a confirmation response back to the RFID reader, which assesses this as proof of the authenticity of the RFID tag, see e.g. US 2010/0289627 A1 or WO 2008/085135 A1.