In many application scenarios using radio frequency identification (RFID) technology data stored on RFID-transponders (RFID-tags) should be protected against unauthorized access. Entities accessing RFID-tags are commonly known as RFID-readers. An RFID-reader can remotely invoke functionality implemented in an RFID-tag via messages sent over the specific radio channel. As an example, RFID-tags can be used in warehouses as an alarm or an anti-theft device. The RFID-tag can be attached to clothes or the like and, when passing a specific detector, e.g. at an exit of the warehouse, an alarm can be triggered, as long as the tag is in an active state.
Moreover, RFID-tags are used in libraries to organize and identify a large variety of books in an easy and fast way. RFID-tags can also be provided as part of a passport, e.g. for storing biometric data of the owner of the passport. Using an RFID-tag instead of plainly writing the biometric data into the passport provides the advantage, that, when encrypted, the data can only be visible to specific people. Moreover, a large variety of data can be stored on the RFID-tag and can also be amended, in case the data change, e.g. additional data have to be stored.
Furthermore, RFID-tags can be used for automatically tracking and identifying people and/or objects. For example, a person could carry an RFID-tag, having a personal identification number stored thereon. When entering and leaving a working space, an automated machine triggers the RFID-tag, reads the personal identification number and stores a entrance/exit time. Following that, the working hours of the person can be easily registered.
Moreover, RFID-tags are used to overview and/or control supply chains. At different institutions of a supply chain, there are provided RFID-readers. When goods, which are labeled with RFID-tags pass by or come within the reach of the respective RFID-reader, the labeled good can be recognized due to communication between the RFID-tag and the RFID-reader. Surveying the process-way or the delivery of goods labeled with RFID-tags can thus be easily obtained.
Further, disposable identification items, such as entrance tickets can be equipped with RFID-tags. For example, entrance tickets, allowing entrance to a football stadium can be equipped with an RFID-tag, which contains data relating to the person owning the ticket. Thus selling fake tickets or reselling tickets on the black market is difficult.
Conventionally, the RFID-reader can be used to access the RFID-tag. The RFID-reader can transmit message data, which might include key words or software code or programs, in order to e.g. deactivate the RFID-tag. Moreover, the RFID-reader can be used to create, read, modify or delete data stored on the RFID-tag. Following that, avoiding unauthorized access to the RFID-tag is very important.
It is common knowledge, to provide a secure communication between two devices by encrypting e.g. the unique identification number of the RFID-tag, which has to be transferred to the RFID-reader, using e.g. an R.S.A encryption method. However, such an encryption usually is time consuming, needing a certain amount of computational power, which is usually not available at RFID-tags.
Other commonly used techniques in order to securely provide e.g. the unique identification number of the RFID-tag is the hash-lock model. According to the hash-lock model, the RFID-tag sends the RFID-reader a random number and a validation number, wherein the validation number is computed using a hash function with the random number and the unique identification number of the RFID-tag as the arguments or variables of the hash function. Using the random number and the validation number the unique identification number can be inferred by the RFID-reader from a database, on which the unique identification number of the RFID-tag is stored.