Radio Frequency Identification (RFID) systems are widely used for identifying and tracking items, inventory control, supply chain management, anti-theft of merchandise in stores, and other applications. A typical RFID system consists of a plurality of transponders (hereinafter referred to as “RFID tags” or simply as “tags”) and one or more transceivers (hereinafter referred to as “RFID readers” or simply as “readers”). A reader interrogates one or more of the tags over a wireless forward link. The tags respond to the reader's interrogations by transmitting tag information back to the reader over a wireless return link.
A tag is usually embodied as a semiconductor microchip having a small amount of memory for storing the tag's ID number and, in some applications, information concerning the item to which the tag is associated. Further, tags are either “passive” or “active”, depending on how they are powered. An active tag contains its own on-board power source, i.e. a battery, which the tag uses to process received signals and to transmit tag information back to a reader. A passive tag does not have its own on-board power source. Rather, it derives the power it needs by extracting energy from the RF carrier signals broadcast by the reader. The passive tag transmits information to the reader using a process known as load modulation for inductive systems or backscattering for wave propagation systems. A battery assisted tag contains its own on-board power source, i.e. a battery like an active tag, which the tag uses to process received signals and to power the digital circuit and the memory, whereby it transmits information back to the reader using the same principles as passive tags. Passive tags have, in many applications, become more popular than active tags, since they are less expensive to manufacture, to maintain, and to operate.
Because passive tags do not have their own power sources, and rely on backscattering, they cannot be read from great distances, although the distances greatly vary with the frequency band within which they are operated. For instance, when the passive tags are operated within the UHF frequency band, the reading distances may reach a few hundred meters. More specifically, passive tags at UHF frequencies reach 6-10 m, battery assisted tags up to 300 m.
On the other hand, RFID readers radiate signals with a tremendously higher transmitting power than the RFID tags. The difference in transmitting power between the reader and the tag is for instance about 100 dB. Hence, information emitted by RFID readers being operated in the UHF frequency range can be intercepted at a distance of more than 100 km.
It will be appreciated that such RFID systems are subject to a number of privacy and security risks. These security risks can arise during polling, singulation, and following singulation when a reader is communicating one-on-one with a particular tag. Without adequate access control, unauthorized (i.e. “rogue”) readers may be able to interrogate tags or intercept information, which would otherwise remain secret.
In addition to the security concerns described, RFID systems without proper security and privacy measures in place undesirably allow unauthorized “location tracking”. Unauthorized location tracking allows one or more readers to track RFID-labeled items (e.g. clothing worn by an individual or items an individual may be carrying such as tagged smart cards, credit cards, banknotes, etc.). Consequently, without proper access control or prevention measures in place, the privacy normally taken for granted concerning an individual's movement, social interactions and financial dealings can be compromised by RFID systems.
Various proposals for addressing the security and privacy risks associated with RFID systems have been proposed. One technique that has been proposed to avoid unauthorized access to readers and tags of an RFID system is “symmetric encryption”. According to this technique, special encryption and decryption hardware is built into both the readers and the tags of the RFID system. A drawback of the symmetric encryption approach, however, is that a large number of logic gates is required to implement the encryption and decryption hardware. This increases the size and complexity of the microchip embodying the tag. Consequently, symmetric encryption is not a technique that allows the manufacture of small and inexpensive tags. For at least this reason, therefore, symmetric encryption is not a favorable solution to RFID risks.
Another technique that has been applied to avoid the security and privacy concerns described above is a technique known as “public-key” encryption. Use of public-key encryption permits a tag to transmit encrypted information, together with a public key known by both the reader and the tag, to the reader. The reader, having a private key known only to it, is then able to decrypt the information communicated by the tag. Unfortunately, similar to the symmetric encryption approach, public-key encryption requires a large number of logic gates to implement the encryption hardware. Accordingly, for reasons similar to that associated with the use of symmetric encryption, public-key encryption is not a simple and cost-effective approach to address RFID risks.
In order to overcome the above mentioned security drawbacks of RFID systems, US 2005/0058292 A1 discloses a method and an apparatus for providing secure two-way (reader-to-tag and tag-to reader) RFID communications. According to one aspect, a tag receives a noise-encrypted RF carrier signal from a reader and backscatter-modulates it with tag information. Eavesdroppers cannot extract the tag information from the backscattered signal because it is masked by the noise encryption. According to another aspect of this proposal, establishing a secure two-way RFID communication link includes a reader modulating a carrier signal with a noise encryption signal and broadcasting the noise-encrypted carrier to a singulated tag. The tag backscatter-modulates the noise-encrypted carrier with a first portion of a key and/or a one-time pad pseudo-random number. If a key is used, upon receiving the backscattered signal the reader verifies whether the tag is authentic, and, if verified as authentic, a second portion of the key is transmitted to the tag, the portion possibly encrypted by a function depending on the one-time pad pseudo-random number.
The known method and device, however, have shown the disadvantage that it has not yet been proved that noise-encryption of RF carrier signals suffices to guarantee that the information contained in the backscattered signal is fully masked by the noise encryption so that it cannot be extracted by an eavesdropper. Hence, there is still a necessity to improve the security of transmitting sensitive data in RFID systems, matched with the need for providing cost-effective RFID components.