1 / 7

Using ISO 15693 tags for Authentication

Using ISO 15693 tags for Authentication. Eddie LaCost Embedded RF. Authenticated RFID Model. Signature is generated using hash of tag UID and private key. This signature is programmed and locked to the tag during manufacturing. Reader must also know private key.

dolf
Download Presentation

Using ISO 15693 tags for Authentication

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Using ISO 15693 tags for Authentication Eddie LaCost Embedded RF

  2. Authenticated RFID Model • Signature is generated using hash of tag UID and private key. • This signature is programmed and locked to the tag during manufacturing. • Reader must also know private key. • To authenticate tag, reader will first read the UID and all memory blocks of the tag. • Reader will hash the UID with the secret key to generate the signature and compare to the signature of the tag. • HASH Suggestion: SHA1 (160bit) • Time for Authentication (28.8 ms) MSP430 UID HASH TAG Secret Key Signature Reader UID HASH Tag Signature Secret Key Signature If equal Authenticate

  3. Authentication Time UID Inventory = 6mS, Read Single Block x5=22.8mS.  Total time of 28.8mS Perform SHA1 Hash in Reader as soon as UID from Tag is read. It would run in parallel to reading out Hash from Tag. Estimated time for HASH operation in reader @ 1ms

  4. Advantages • Security: proposed scheme offers a certain level of security using Private Key Authentication compared to simple UID verification • Memory Saving: With Hash function technique, the Reader needs to know the Private Key only and there is no need to store UID of every Tag in the reader • Authentication time in ms – very fast and suitable for application • Small form factor of tags may make counterfeit tags difficult • Extra “road block to counterfeiting” available using custom commands (next slide)

  5. “Road blocks to Counterfeiting” • Tag-it HF-I Pro offers “write block with password” command. Password is 32 bits long. • Tag must be programmed & locked with password and Reader must also know password • Using “Inventory with AFI”. If correct AFI(application family identifier) is not written to the tag, it will not respond to the readers “inventory” command. This is an 8 bit block. Can be locked. • Using DSFID(data storage field ID) block. DSFID is not a part of the main user memory blocks. Using this memory to write some extra data could deter cloning as this field may not always be checked. This is an 8 bit block.

  6. Vulnerabilities • Data is not encrypted over the air - deemed low risk of exposure. • Unless used UID are checked against a database for duplicates & follow up revocation, counterfeited tags could still be validated. • Public key would not provide higher level of security for anti-counterfeiting. Vulnerabilities for exposure of information on the Tag and scheme to access a database for comparison and revocation remain weak points in both public and private key.

  7. TI IC & Software Offerings In addition to Tag, Reader and MSP430 solutions, TI can provide optimized SHA1 code

More Related