A conventional RFID tag typically comprises an integrated circuit transceiver capable of transmitting a unique serial number or other identifying information to a nearby reader in response to a query from the reader. Many RFID tags are “passive” in that they do not include a battery or other power source, but instead obtain the power necessary to operate from the query signal itself.
Ongoing RFID tag development efforts have led to significant cost and size reductions, which should result in a rapid proliferation of RFID tags into many new areas of use. For example, RFID tags are expected to replace printed barcodes in consumer product applications. The Electronic Product Code (EPC) tag is a form of RFID device that is emerging as a successor to the printed barcode. EPC tags are an evolving standard under development by an organization called EPCglobal, a joint venture between the UCC and EAN, the organizations that oversee barcode standards in the U.S. and Europe, respectively. An EPC is the form of identifier that an individual EPC tag emits as prescribed by the EPCglobal standard. An EPC includes not just the information contained in a conventional printed barcode, namely the manufacturer and type of a particular product, but also a unique serial number. Additional details can be found in the current version of the EPCglobal standard document, “EPC™ Radio-Frequency Identity Protocols Class-1 Generation-2 UHF RFID Protocol for Communications at 860 MHz-960 MHz,” Version 1.0.8, 2005.
The unique serial number of an EPC tag associated with an object can serve as a pointer to a database entry containing a detailed history of the object. Thanks to the features of automated scanning and unique identification, RFID systems promise fine-grained tracking of inventory on an unprecedented scale.
Unfortunately, such capabilities also introduce a strong potential for various forms of privacy infringement, such as invasive physical tracking and inventorying of individuals. Similar threats are posed to the privacy of corporate data.
Conventional approaches, such as the use of “kill” control codes (e.g., identification numbers or PINs) to deactivate tags or the use of Faraday cages to shield tags from readers, fail to protect user privacy in a manner which retains the full benefits of the tags in a variety of environments. Other approaches involve the use of sophisticated cryptographic functionality that is incompatible with the limited computation and memory resources of EPC tags and other simple RFID devices.
Illustrative embodiments of the inventions disclosed in the above-cited U.S. patent application Ser. Nos. 10/782,309, 10/673,540 and 10/915,189 address the above-noted problems of conventional practice through techniques referred to as minimalist cryptography, selective blocking and soft blocking, respectively. Despite the considerable advantages provided by these techniques, a need remains for further improvements in the form of additional techniques capable of preserving user privacy in RFID device applications.