Automatic identification (“Auto-ID”) technology is used to help machines identify objects and capture data automatically. One of the earliest Auto-ID technologies was the bar code, which uses an alternating series of thin and wide bands that can be digitally interpreted by an optical scanner. This technology gained widespread adoption and near-universal acceptance with the designation of the universal product code (“UPC”)—a standard governed by an industry-wide consortium called the Uniform Code Council. Formally adopted in 1973, the UPC is one of the most ubiquitous symbols present on virtually all manufactured goods today and has allowed for enormous efficiency in the tracking of goods through the manufacturing, supply, and distribution of various goods.
However, the bar code still requires manual interrogation by a human operator to scan each tagged object individually with a scanner. This is a line-of-sight process that has inherent limitations in speed and reliability. In addition, the UPC bar codes only allow for manufacturer and product type information to be encoded into the barcode, not the unique item's serial number. The bar code on one milk carton is the same as every other, making it impossible to count objects or individually check expiration dates.
Currently cartons are marked with barcode labels. These printed labels have over 40 “standard” layouts, can be mis-printed, smeared, mis-positioned and mis-labeled. In transit, these outer labels are often damaged or lost. Upon receipt, the pallets typically have to be broken-down and each case scanned into an enterprise system. Error rates at each point in the supply chain have been 4-18% thus creating a billion dollar inventory visibility problem. Only with radio frequency identification (“RFID”) does the physical layer of actual goods automatically tie into software applications, to provide accurate tracking.
The emerging RFID technology employs a radio frequency (“RF”) wireless link and ultra-small embedded computer chips, to overcome these barcode limitations. RFID technology allows physical objects to be identified and tracked via these wireless “tags”. It functions like a bar code that communicates to the reader automatically without needing manual line-of-sight scanning or singulation of the objects. RFID promises to radically transform the retail, pharmaceutical, military, and transportation industries.
The advantages of RFIDs over bar code are summarized in Table 1:
TABLE 1BarcodeRFIDNeed line-of-sight to readIdentification without visualcontactRead onlyAble to read/writeOnly a barcode numberAble to store information in tagBarcode number is fixedInformation can be renewedanytimeCategory level tagging only-noUnique item identificationunique item identifierUnable to read if barcode isCan withstand harsh environmentdamagedUse onceReusableLow costHigher costLess FlexibilityHigher Flexibility/Value
As shown in FIG. 1, an RFID system 100 includes a tag 102, a reader 104, and an optional server 106. The tag 102 includes an IC chip and an antenna. The IC chip includes a digital decoder needed to execute the computer commands the tag 102 receives from the tag reader 104. The IC chip also includes a power supply circuit to extract and regulate power from the RF reader; a detector to decode signals from the reader; a transmitter to send data back to the reader; anti-collision protocol circuits; and at least enough EEPROM memory to store its EPC code.
Communication begins with a reader 104 sending out signals to find the tag 102. When the radio wave hits the tag 102 and the tag 102 recognizes the reader's signal, the reader 104 decodes the data programmed into the tag 102. The information is then passed to a server 106 for processing. By tagging a variety of items, information about the nature and location of goods can be known instantly and automatically.
The system uses reflected or “backscattered” radio frequency (RF) waves to transmit information from the tag 102 to the reader 104. Since passive (Class-1 and Class-2) tags get all of their power from the reader signal, the tags are only powered when in the beam of the reader 104.
The Auto ID Center EPC-Compliant tag classes are set forth below:
Class-1                Identity tags (RF user programmable, maximum range 3 in)        Lowest cost (AIDC Targets: 5¢ moving down to 2¢ in trillion-unit/yr volumes)        
Class-2                Memory tags (8 bits to 128 Mbits programmable at maximum 3 in range)        Security & privacy protection        Low cost (AIDC Targets: typically 10¢ at billion-unit volumes)        
Class-3                Battery tags (256 bits to 64 Kb)        Self-Powered Backscatter (internal clock, sensor interface support)        100 meter range        Moderate cost (Targets: $50 currently, $5 in 2 years, 20¢ at billion-unit volumes)        
Class-4                Active tags        Active transmission (permits tag-speaks-first operating modes)        Up to 30,000 meter range        Higher cost (Targets: $10 in 2 years, 30¢ in billion-unit volumes)        
Semi-passive and active tags have a battery to provide power to the chip. This greatly increases read range, and the reliability of tag reads, because the tag doesn't need power from the reader. Class-3 tags only need a 10 mV signal from the reader in comparison to the 500 in V that a Class-1 tag needs to operate. This 2,500:1 reduction in power requirement permits Class-3 tags to operate out to a distance of 100 meters or more compared with a Class-1 range of only about 3 meters.
Use of tags presents certain challenges. One particularly pervasive challenge has been providing data security without requiring complex processing and memory capabilities. For instance, unsecure data exchanged between the tag and reader is exposed to eavesdroppers. Moreover, a rogue reader can not only read the tag, but also extract information therefrom and even change or disable the tag.
Security schemes have become more complex in an attempt to thwart hackers. However, with the increased complexity come other requirements, including increased processing power and the resultant increased power demands. The important factors for any RFID implementation are power, cost and speed. The system can only use functionality up to what each side can handle. So while the reader can handle more complex functions, tag capabilities are limited by power and the need for small, low-cost chips.
Therefore it would be desirable to create an encryption scheme that is simple yet secure and reliable.
It would also be desirable to provide security that does not require a secure environment for the exchange of data.
It would also be desirable to provide security that uses “resources” already residing within the tag/reader.
It would also be desirable to provide security that implements some combination of security and authentication.