Readers or read/write devices and transponder modules for exchanging data via an electromagnetic field are widely used in applications such as access control, stand-alone locks, cashless payment, accounting of printing & copying costs, or campus solutions. Typically, the transponder modules are portable, mobile devices which are implemented as passive contactless data storage devices, such as smart cards or identification tags, or as active communication devices, such as mobile telephones with near field communication (NFC) functions. The readers or read/write devices are configured to read and/or write data to and/or from the transponder module via an electromagnetic field. Particularly, for person or product identification applications, radio frequency identification (RFID) systems are widely used. In RFID systems, contactless communication between the transponder module and the reader or read/write device is based on inductive coupling of an RF field, i.e. an electromagnetic field which is transmitted by an antenna of the reader or read/write device, and an inductive element, typically a coil integrated into the transponder module. Inductive coupling is possible as long as the transponder module is within the communication range of the antenna of the reader or read/write device and inductive coupling occurs as soon as the RF field is activated. The reader and/or read/write device activates the RF field periodically, e.g. every 250 milliseconds. When the electromagnetic field is switched on, a carrier wave is emitted which includes a modulated identification/authentication signal with duration of a few milliseconds. An identification/authentication response signal from the transponder module is evaluated in order to detect, identify, and/or authenticate the transponder module, such that, for example, a room may be accessed, a payment may be performed, printing & copying costs may be assigned to an account, or a book of a library in a campus may be lent out.
As outlined above, the contactless exchange of data between a reader or read/write device and transponder modules is used in various applications where the level of security and confidentiality is critical. Accordingly, it is important that the reader or read/write device and transponder module are configured with cryptographic algorithms for mutual authentication. Nevertheless, while the manufacturers of the readers or read/write devices and transponder modules are continuously improving the reliability and security of these authentication algorithms, there are persistent attempts in breaking fraudulently these algorithms to gain unauthorized access to data, services, or restricted areas, for example. To stay ahead of such fraudulent attacks, some providers introduce new algorithms and change the transponder modules on a periodic basis, regardless of whether or not the security has been breached. In scenarios where millions of transponder modules are involved, this is a very costly and inefficient approach.