By entity is meant any hardware and/or software element, optionally associated with a device, a system or an individual. By way of non-limitative examples, there may be mentioned a wireless identification tag, such as an RFID (Radio Frequency IDentification) label, an access badge, a chip card, a mobile phone, a computer connected to a network, or other.
In order to search for an entity, it is known to use a verifier device. The latter can also take various forms depending on the type of entities for which it is intended to search. It can for example be a wireless identification reader, such as an RFID reader, a sensor, a server, or other.
The verifier device and the entities communicate with each other via at least one communication channel provided for this purpose, which can be wired or wireless as required.
According to a first known method, the search for an entity belonging to a set of entities using a verifier device is carried out by transmitting, from each entity, over the communication channel, a respective identifier, and by analyzing, in the verifier device, the received identifiers, in order to come to a conclusion as to the presence or absence of the entity being searched for.
According to a second known method, the search is carried out by transmitting, from the verifier device, the identifier of the entity being searched for via the communication channel, then, if necessary, by receiving, over the communication channel, a response from the entity that has recognized its identifier in this transmission.
This second method is more economical than the first because it makes it possible to limit the number of messages exchanged over the communication channel and the processing required for the verifier device to find the entity being searched for.
However, this second method is not without problems.
In particular, it does not protect the identity of the entities. This can be particularly problematic when the entities relate to individuals, as respect for the private life of the latter is then not ensured. This is also problematic in the case of entities relating to hardware that has a market and/or financial value, where it is desirable to prevent traceability by third parties.
An attacker listening on the communication channel can intercept the identifier transmitted by the verifier device and discover, by detecting the sent response, to what entity this identifier belongs.