1. Field of the Invention
The invention relates to the field of passive radio frequency identification (RFID) (or any other purely passive technology) tags wherein certificate revocation status and expiration checking needs to be performed.
2. Description of the Prior Art
Radio Frequency Identification (RFID) is a wireless technology mainly used for identification of various types of objects, e.g, merchandise. A passive RFID tag has no power source of its own. Information stored on an RFID tag can be read by special devices called RFID readers 12, from some distance away and without requiring line-of-sight alignment.
The cost and capabilities of an RFID tag vary widely depending on the target application. At the high end of the spectrum, the tags used in e-Passports, electronic ID (e-ID) Cards, e-Licenses, and contactless payment instruments, tags may be powerful enough to perform public key cryptographic operations.
With the introduction of RFID tags that are capable of computing public key based cryptographic functions, the security in these systems rely on public key certificates issued by certification authorities (CAs). One of the main challenges in public key infrastructure based RFID systems is revocation checking. Contrary to the assumptions of well0known traditional methods such as certificate revocation lists (CRL) or online protocols, RFID tags have very limited storage, are incapable of maintaining an internal clock and may not have access to an online communication channel to an authority. Practical deployments of public key cryptography usually involve public key infrastructures (PKIs). In a typically PKI, a certificate revocation list (CRL) is a list of certificates (or more specifically, a list of serial numbers for certificates) that have been revoked or are no longer valid, and therefore should not be trusted.
The main challenge in solving the revoked or expired reader certificate problem in RFID systems is due to the fact that RFID tags are passive devices without any self-sustaining power source. In other words, RFID tags are only alive when they are being read and they solely depend on the readers for their view of world (e.g., current time and date). However, this makes the revocation of readers challenging as the RFID tag relies on the reader itself to supply the ostensibly current date/time and be sure that, during reading, the presented reader certificate is not expired and it is not listed in the up-to-date revocation list. This opens the door for revoked reader attacks, since an expired certificate and/or an old certificate revocation list (CRL) would not be noticed by a tag, as long as the reader reports a time in history where both the certificate and the CRL was valid as the current time to the tag.
The prior art attempted to solve this problem in the context of e-passport specifications documents. See Bundesamt fur Sicherheit in der Informationstechnik: Advanced Security Mechanisms for Machine Readable Travel Documents Version 2.0. (2008) and International Civil Aviation Organization: Machine Readable Travel Documents: Specifications for Electronically Enabled Passports with Biometric Identification Capability. (2006). However, as discussed below, the merit of the methods introduced in those documents is limited to shrinking the window of vulnerability without actually solving the problem. Although many previous publications have acknowledged the problem, there has been no solution offered.