WO2008019246A2 - Method and apparatus for protecting rfid tags from power analysis - Google Patents
Method and apparatus for protecting rfid tags from power analysis Download PDFInfo
- Publication number
- WO2008019246A2 WO2008019246A2 PCT/US2007/074716 US2007074716W WO2008019246A2 WO 2008019246 A2 WO2008019246 A2 WO 2008019246A2 US 2007074716 W US2007074716 W US 2007074716W WO 2008019246 A2 WO2008019246 A2 WO 2008019246A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- power
- capacitor
- capacitors
- tag
- circuit
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/067—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
- G06K19/07—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
- G06K19/073—Special arrangements for circuits, e.g. for protecting identification code in memory
- G06K19/07309—Means for preventing undesired reading or writing from or onto record carriers
- G06K19/07363—Means for preventing undesired reading or writing from or onto record carriers by preventing analysis of the circuit, e.g. dynamic or static power analysis or current analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/003—Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
- H04L2209/805—Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
Definitions
- the present invention relates to novel techniques, methods, and apparatus for protecting RFID tags from power analysis or from cryptanalytic attacks based on power analysis such as SPA or DPA when they are communicating with a tag reader
- a secure tag can enhance the privacy of consumers purchasing RFID-equipped products and the security of retailers using RFID technology, who need to know that tags are not tampered with This is especially the case when discussing RFID-enabled passports, which are currently planned for several countries
- the threat model under which RFiD tags are designed to be secure is based on an adversary who is able to listen to communications between tag and reader but does not have physical access to the tag Security countermeasures such as cover coding and even secret key encryption have been planned and deployed to address this scenario.
- An RFID system consists of a high-powered reader communicating with an inexpensive tag using a wireless medium
- the reader generates a powerful electromagnetic field around itself and the tag responds to this field
- placing a tag inside the reader's fteld also provides it with the power it needs to operate
- An operating UHF reader surrounds itself with a powerful electromagnetic field Placing a tag in the reader's field causes a current to flow through the tag's dipole antenna. Since the dipole now has a variable electrical current flowing through it, it generates a Backscatter from Tag to Reader because the reader-tag channei and its equivalent circuit generate an electromagnetic field of its own The strength of this field is a function of the current flowing through the dipole antenna, which is in turn a function of the power consumption of the tag
- the tag intentionally modulates the backscatter radiation typically by means of a switched impedance connected in parallel to the tag circuit This allows the tag to transmit data back to the reader through a mechanism called backscatter modulation
- the tag also unintentionally modulates the backscatter radiation in a measurable way via its internal computations
- the tag's intentional modulation does not disturb an attacker's measurements of its unintentional modulation because the tag and reader operate in a half-duplex line regime, meaning that the tag does not transmit data while the reader is sending it commands
- Protocols define how tags and readers should communicate and what data a tag should store.
- One such protocol specifies a 96-bit ID to each tag, as well as an 8-bit kill password which can be concealed from unauthorized readers. Sending a tag a kill command with the appropriate kill password disables it permanently.
- this protocol is not without its problems. The protocol made it difficult to program and read a large number of tags simultaneously, and most notably it had a phantom read problem - tags are validated only by a 16-bit CRC value, so with probability 2 "16 a reader receiving random noise will report seeing a tag even if none are present.
- Another protocol has a better-designed air interface, as well as more strictly defining the contents and capabilities of tags. This protocol increases the amount of data which can be stored on the tag from 128 bits to 2048 bits, and replaces the 8-bit kill password with a pair of 32-bit passwords: the kill password and the access password.
- Tags Since the reader has a higher transmit strength than the tag, it makes sense to protect against adversaries who can detect the reader's signal but not the tag's backscatter. Tags use cover coding to add this protection. Under this scheme, the tag sends a pseudorandom sequence to the reader, and the reader XORs the kili password with this sequence. An adversary, who can intercept oniy the reader's powerful signal, and not the tag's weak response, cannot learn the actual data exchanged between the reader and the tag. To meet the tag's limited memory and power constraints, the tag only remembers 16 pseudorandom bits at a time, requiring two rounds to go through the whole 32 bit password. Although the cover coding slightly complicates a power analysis attack, it does not prevent it.
- the present invention presents a cheap and effective solution for protecting RFlDs, which is perhaps the most compatible with current RF front ends found on tags
- a separation is created of the power supply from the power consumption by use of a double-buffering power supply mechanism consisting of a pair of capacitors switched by power transistors At any stage in time, one capacitor is charged by the reader's field while the other is being discharged by the circuit
- the present invention can almost eliminate the power consumption information.
- the present invention concerns a novel apparatus and method employed for protecting an RFID tag from attack
- the method and apparatus of the invention protects RFID tags against simple and differential power attacks
- the invention is particularly useful regarding inventory control systems and secure documents, such as e-passports
- An RFID tag includes a chip that typically contains a power extraction circuit (charge pump) to draw energy from the environment, i e the electromagnetic or magnetic field generated by the tag reader to power the chip, a modulator/demodulator to communicate with the reader by measuring and modifying the field, and the logic and memory part which keeps data and executes instructions, i e the computational element. It is the last-mentioned element that is protected against power analysis by the invention
- An RFID tag as mentioned, includes a connected antenna, and coacts with a remote or separate reader, in a manner that is well known in the art
- the two capacitors noted above, that comprise part of the inventive apparatus, can either reside on the RFID chip itself, or can be attached to or printed on the plastic earner of the tag along with the antenna
- one capacitor is being charged by the power extraction circuit noted above, while the other capacitor is used to power the computational element, i e the logic and memory part, and then their roles are switched
- the switchover can be triggered by time or voltage or the data sent by the reader or any combination thereof and the partially discharged capacitor can be further discharged to a set voltage before it is reconnected to the power extraction circuit in order to guarantee that no information about how much power it supplied to the logic and memory part will be leaked out
- an object of the invention to provide a method of protecting an RFID tag including a power extraction circuit and a computational circuit comprising the steps of extracting power from an electromagnetic or magnetic field generated by a reader in whose proximity the tag is located, double-buffering the extracted power by at least two capacitors so that at any stage in time (except possibly during the changeover periods), at least one capacitor is being charged by the extracted power while at least one other capacitor is being discharged to power the computational circuit of the RFID tag.
- the method can include the step of switching the capacitors The step of switching can be carried out using power transistors Also, the step of switching can be repeatedly carried out, especially in a periodic way, and even, continuously
- Step b) can be triggered by the voltage across some capacitor exceeding or dropping below a certain threshold
- step b) can be triggered by time or by the data sent by the reader, or by any combination thereof
- additional circuitry of the RFID tag can discharge the capacitor to a fixed voltage before reconnecting it to the power extraction circuit for charging in a repeat of step a)
- apparatus comprising a) an RFfD tag including an antenna, a power extraction circuit for generating power from an electromagnetic or magnetic field of a reader with which it is associated, and a computational circuit, b) at least two capacitors, each coupled between the power extraction circuit and the computational circuit,
- the switchover logic can be such that the change of connection is triggered by the voltage across at least one of the capacitors exceeding or dropping below a certain threshold at the beginning of a preselected event
- the switchover logic includes power transistors
- a simple generalization of the present invention is to use three or more capacitors in such a way that at any time at least one of them is charging and at least one of the others is powering the computational element
- an RFID tag 10 which contains a power extraction circuit 2 connected to an antenna 1 that communicates with a tag reader (not shown) which has its own antenna and circuitry as is standard and known in the art.
- the antenna 1 is also coupled to a modulation-demodulation circuit 3 by leads 16 and 17 going through circuit 2
- the circuit 3 is coupled to a logic and memory circuit 4, which is the computational element of tag 10. Data and control signals 5 pass between the circuits 3 and 4 The set-up thus far is standard for an RFID tag.
- the object of the preferred embodiment is to allow circuit 4 to operate continuously without being directly powered by the power extraction circuit 2 during all or part of its computational function.
- two capacitors 6a and 6b are connected to ground on one side and to contacts of switches 7a and 7c, which switches 7a and 7c are connected to power extraction circuit 2 via leads 11 and 13.
- Leads 14 and 15 connect leads 11 and 13 to logic and memory circuit 4. interposed in these leads 14 and 15 are further switches 7c and 7d. All the switches 7a to 7d can be comprised of power transistors suitably controlled by switchover logic, as described hereinafter, and connected either to the extraction circuit 2 or via two diodes 8a and 8b interposed in the leads 14 and 15
- the connections of the two capacitors alternate in a periodic way.
- the first capacitor either 6a or 6b
- the second capacitor either 6a or 6b, respectively
- the preferred sequence of actions of the power transistors 7a to 7d that are controlled by the switchover logic is: (i) the first capacitor is disconnected from circuit 2; (i ⁇ ) the first capacitor is connected to the circuit 4; ( ⁇ i) the second capacitor is disconnected from the circuit 4; and (iv) the second capacitor is connected to the circuit 2.
- the computational element 4 is always powered by at least one capacitor, but the power extraction circuit 2 is never connected directly to circuit 4.
- the capacitors 6a and 6b are connected via diodes 8a and 8b to prevent leakage from the charged capacitor to the discharged capacitor during the brief moments in which they are connected in parallel to the circuit 4.
Abstract
RFID tags were believed to be immune to power analysis since they have no direct connection to an external power supply. However, recent research has shown that they s are vulnerable to such attacks, since it is possible to measure their power consumption remotely via a completely passive attack. The method and apparatus of the invention protects RFID tags against simple and differential power attacks. The invention is particularly useful regarding inventory control systems or secure documents such as epassports. The basic technique is to use two capacitors embedded in the RFID tag in Io such a way that at any given time one of them is storing energy that is being generated by the charge pump of the tag that sucks energy from the electromagnetic or magnetic field of a tag reader, and the other one is discharging and powering the computational element of the tag chip.
Description
METHOD AND APPARATUS FOR PROTECTING RFID TAGS FROM POWER
ANALYSIS
BACKGROUND OF INVENTION
Field of Invention
The present invention relates to novel techniques, methods, and apparatus for protecting RFID tags from power analysis or from cryptanalytic attacks based on power analysis such as SPA or DPA when they are communicating with a tag reader
Prior Art
Once considered merely as an upgrade to the humble optical barcode, passive RFID tags have been recently making gams both in their capabilities and in their planned applications The regulatory bodies behind the tag standards are aware of security and privacy issues and have been urging tag makers to make their tags as secure as possible There are even indications that RFID tags will soon implement full-fledged cryptographic functionality. A secure tag can enhance the privacy of consumers purchasing RFID-equipped products and the security of retailers using RFID technology, who need to know that tags are not tampered with This is especially the case when discussing RFID-enabled passports, which are currently planned for several countries The threat model under which RFiD tags are designed to be secure is based on an adversary who is able to listen to communications between tag and reader but does not have physical access to the tag Security countermeasures such as cover coding and even secret key encryption have been planned and deployed to address this scenario.
An RFID system consists of a high-powered reader communicating with an inexpensive tag using a wireless medium The reader generates a powerful electromagnetic field around itself and the tag responds to this field In passive systems, placing a tag inside the
reader's fteld also provides it with the power it needs to operate
It was recently discovered by Oren and Shamir that it is possible to launch an attack on RFID tags which can be called a parasitic backscatter attack Such an attack is basically a power analysis attack in that it measures the power consumed by a tag, but it is unique in that it does not require either tag or reader to be physically touched by the attacker By making use of the fact that the tag is powered from the air, one is able to measure the tag's power consumption unintrusively and at a distance The power analysis can be carried out even if both the tag and the attacker are passive and transmit no data, making the attack very hard to detect The attack is effective on UHF tags and can also be adapted to HF tags, which typically use magnetic rather than electromagnetic coupling with the reader
An operating UHF reader surrounds itself with a powerful electromagnetic field Placing a tag in the reader's field causes a current to flow through the tag's dipole antenna. Since the dipole now has a variable electrical current flowing through it, it generates a Backscatter from Tag to Reader because the reader-tag channei and its equivalent circuit generate an electromagnetic field of its own The strength of this field is a function of the current flowing through the dipole antenna, which is in turn a function of the power consumption of the tag
It is worth noting that the tag intentionally modulates the backscatter radiation typically by means of a switched impedance connected in parallel to the tag circuit This allows the tag to transmit data back to the reader through a mechanism called backscatter modulation As has been recently determined by Oren and Shamir, the tag also unintentionally modulates the backscatter radiation in a measurable way via its internal computations The tag's intentional modulation does not disturb an attacker's measurements of its unintentional modulation because the tag and reader operate in a half-duplex line regime, meaning that the tag does not transmit data while the reader is sending it commands
Protocols define how tags and readers should communicate and what data a tag should store. One such protocol specifies a 96-bit ID to each tag, as well as an 8-bit kill password which can be concealed from unauthorized readers. Sending a tag a kill command with the appropriate kill password disables it permanently. However, this protocol is not without its problems. The protocol made it difficult to program and read a large number of tags simultaneously, and most notably it had a phantom read problem - tags are validated only by a 16-bit CRC value, so with probability 2"16 a reader receiving random noise will report seeing a tag even if none are present.
Another protocol has a better-designed air interface, as well as more strictly defining the contents and capabilities of tags. This protocol increases the amount of data which can be stored on the tag from 128 bits to 2048 bits, and replaces the 8-bit kill password with a pair of 32-bit passwords: the kill password and the access password.
Since the reader has a higher transmit strength than the tag, it makes sense to protect against adversaries who can detect the reader's signal but not the tag's backscatter. Tags use cover coding to add this protection. Under this scheme, the tag sends a pseudorandom sequence to the reader, and the reader XORs the kili password with this sequence. An adversary, who can intercept oniy the reader's powerful signal, and not the tag's weak response, cannot learn the actual data exchanged between the reader and the tag. To meet the tag's limited memory and power constraints, the tag only remembers 16 pseudorandom bits at a time, requiring two rounds to go through the whole 32 bit password. Although the cover coding slightly complicates a power analysis attack, it does not prevent it.
In US Patent 6,507,913, a method and apparatus to protect smart cards from power analysis is described. Whereas, the attack problem concerning smart cards is similar broadly with protecting RFIDs, the double buffering protection mechanism described there is much more suitable for RFID tags than for smart cards, for reasons which will be explained shortly.
SUMMARY OF THE INVENTION
The present invention presents a cheap and effective solution for protecting RFlDs, which is perhaps the most compatible with current RF front ends found on tags According to the inventive concept, a separation is created of the power supply from the power consumption by use of a double-buffering power supply mechanism consisting of a pair of capacitors switched by power transistors At any stage in time, one capacitor is charged by the reader's field while the other is being discharged by the circuit With appropriate design, the present invention can almost eliminate the power consumption information. Moreover, this design involves changes only to the RF front- end of the tag, making it the quickest to roll out To make this countermeasure more cost effective, large flat capacitors can be attached to the plastic carrier next to the printed antenna Note that unlike the case of smart cards, power analysis of RFID tags is likely to be carried out remotely (e g , without opening in the store the product enclosure in which the RFID tag is placed) and thus, one is less concerned about an attacker cutting off the capacitors to get around the countermeasure Tags using this protective mechanism still have to take care that power consumption does not leak out through the intentional backscatter modulation mechanism, which has to come out of the circuit proper and connect to the antenna
Another major difference is that smart cards do not try to economize their power consumption, and with newer more powerful chips with security coprocessors, the power consumption gets even higher It is thus difficult to run them from the tiny amount of power stored in a small capacitor In contradistinction, RFID's get their power from the electromagnetic field around them, so they use very little power in order to be operable from a reader which is severa! meters away This makes the protection technique more suitable for RFID tags than for smart cards
Accordingly the present invention concerns a novel apparatus and method employed for protecting an RFID tag from attack The method and apparatus of the invention protects RFID tags against simple and differential power attacks The invention is particularly useful regarding inventory control systems and secure documents, such as e-passports
An RFID tag includes a chip that typically contains a power extraction circuit (charge pump) to draw energy from the environment, i e the electromagnetic or magnetic field generated by the tag reader to power the chip, a modulator/demodulator to communicate with the reader by measuring and modifying the field, and the logic and memory part which keeps data and executes instructions, i e the computational element. It is the last-mentioned element that is protected against power analysis by the invention
An RFID tag, as mentioned, includes a connected antenna, and coacts with a remote or separate reader, in a manner that is well known in the art The two capacitors noted above, that comprise part of the inventive apparatus, can either reside on the RFID chip itself, or can be attached to or printed on the plastic earner of the tag along with the antenna
During operation, one capacitor is being charged by the power extraction circuit noted above, while the other capacitor is used to power the computational element, i e the logic and memory part, and then their roles are switched The switchover can be triggered by time or voltage or the data sent by the reader or any combination thereof and the partially discharged capacitor can be further discharged to a set voltage before it is reconnected to the power extraction circuit in order to guarantee that no information about how much power it supplied to the logic and memory part will be leaked out
Since smart cards do not normally use capacitors to power them, the introduction of the double buffering technology for smart cards described in US Patent 6,507,913 required a major and expensive redesign of the circuit On the other hand, RFID's always have at
least one capacitor to power them through the charge pump, and thus it is much easier to adapt them to use the double buffering technology Many RFID's already have multiple capacitors, but they are used to get a higher voltage which is needed to operate the electronic circuitry (e.g , all the capacitors can be charged in parallel to a low voltage, and then reconnected in series to get a higher total voltage) One should be careful not to confuse this application of multiple capacitors with the novel double buffering concept of the present invention
Accordingly, it is an object of the invention to provide a method of protecting an RFID tag including a power extraction circuit and a computational circuit comprising the steps of extracting power from an electromagnetic or magnetic field generated by a reader in whose proximity the tag is located, double-buffering the extracted power by at least two capacitors so that at any stage in time (except possibly during the changeover periods), at least one capacitor is being charged by the extracted power while at least one other capacitor is being discharged to power the computational circuit of the RFID tag. Still further, the method can include the step of switching the capacitors The step of switching can be carried out using power transistors Also, the step of switching can be repeatedly carried out, especially in a periodic way, and even, continuously
It is a still further object of the invention to provide a method comprising the steps of a) powering an RFID tag by a power extraction circuit that charges a capacitor connected in the RFID circuit, b) periodically disconnecting the capacitor from the power extraction circuit, and c) discharging the capacitor while it is disconnected from the power extraction circuit to power a computational element of the RFID tag Step b) can be triggered by the voltage across some capacitor exceeding or dropping below a certain threshold Also, step b) can be triggered by time or by the data sent by the reader, or by any combination thereof Further, additional circuitry of the RFID tag can discharge the capacitor to a fixed voltage before reconnecting it to the power extraction circuit for charging in a repeat of step a)
Yet, it is still a further object of the invention to provide apparatus comprising a) an RFfD tag including an antenna, a power extraction circuit for generating power from an electromagnetic or magnetic field of a reader with which it is associated, and a computational circuit, b) at least two capacitors, each coupled between the power extraction circuit and the computational circuit, and c) switchover logic for alternately connecting the capacitors for at least one to discharge to power the computational circuit while at least one other is being charged by the power extraction circuit The switchover logic can be such that the functions of the at least two capacitors are repeatedly reversed, and the RFID tag operates continuously Also, the switchover logic can be such that the change of connection (switching of the capacitors) is triggered by the voltage across one of the capacitors exceeding or dropping below a certain threshold Still further, the switchover logic can be such that the change of connection is triggered by a preseϊected event. Also, the switchover logic can be such that the change of connection is triggered by the voltage across at least one of the capacitors exceeding or dropping below a certain threshold at the beginning of a preselected event In a preferred form of the invention, the switchover logic includes power transistors A simple generalization of the present invention is to use three or more capacitors in such a way that at any time at least one of them is charging and at least one of the others is powering the computational element
Other objects and advantages of the present invention will become evident from a detailed description of a preferred embodiment of the invention when taken in conjunction with the appended drawing
BRIEF DESCRIPTION OF THE DRAWING
The sole figure of the drawing shows schematically the present invention
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT OF THE INVENTION
Referring now to the drawing, the preferred embodiment will now be described in detail. Shown is an RFID tag 10 which contains a power extraction circuit 2 connected to an antenna 1 that communicates with a tag reader (not shown) which has its own antenna and circuitry as is standard and known in the art. The antenna 1 is also coupled to a modulation-demodulation circuit 3 by leads 16 and 17 going through circuit 2 The circuit 3 is coupled to a logic and memory circuit 4, which is the computational element of tag 10. Data and control signals 5 pass between the circuits 3 and 4 The set-up thus far is standard for an RFID tag.
The object of the preferred embodiment is to allow circuit 4 to operate continuously without being directly powered by the power extraction circuit 2 during all or part of its computational function. To this end, two capacitors 6a and 6b are connected to ground on one side and to contacts of switches 7a and 7c, which switches 7a and 7c are connected to power extraction circuit 2 via leads 11 and 13. Leads 14 and 15 connect leads 11 and 13 to logic and memory circuit 4. interposed in these leads 14 and 15 are further switches 7c and 7d. All the switches 7a to 7d can be comprised of power transistors suitably controlled by switchover logic, as described hereinafter, and connected either to the extraction circuit 2 or via two diodes 8a and 8b interposed in the leads 14 and 15
In the preferred embodiment of the new invention the connections of the two capacitors alternate in a periodic way. During odd periods the first capacitor, either 6a or 6b, is connected to power extraction circuit 2 and the second capacitor, either 6a or 6b, respectively, is connected to the logic and memory circuit 4, and during even periods the connections are reversed. The preferred sequence of actions of the power transistors 7a to 7d that are controlled by the switchover logic is: (i) the first capacitor is disconnected from circuit 2; (iι) the first capacitor is connected to the circuit 4; (ιιi) the second capacitor is disconnected from the circuit 4; and (iv) the second capacitor is
connected to the circuit 2.
With this sequence of actions, the computational element 4 is always powered by at least one capacitor, but the power extraction circuit 2 is never connected directly to circuit 4. The capacitors 6a and 6b are connected via diodes 8a and 8b to prevent leakage from the charged capacitor to the discharged capacitor during the brief moments in which they are connected in parallel to the circuit 4.
To completely eliminate any information about the power consumed by the circuit 4, it is recommended to fully or partially discharge the capacitor that had just been disconnected from it to a fixed voltage before connecting the capacitor to circuit 2.
Although the present invention has been shown and described in terms of preferred embodiments, nevertheless changes and modifications will be evident to those skilled in the art from knowledge of the disclosure and teachings herein. Such changes and modifications which do not depart from the teachings, scope and spirit of the present invention are deemed to fall within the purview of the invention as claimed.
Claims
1. A method of protecting an RFID tag from power analysis or from cryptanalytic attacks based on power analysis, such as SPA and DPA, said RFID tag including a power extraction circuit and a computational circuit, comprising the steps of extracting power from an electromagnetic or magnetic field generated by a reader in whose proximity the tag is located, double-buffering the extracted power by at least two capacitors so that at any stage in time, except possibly during changeover periods, at least one capacitor is being charged by the extracted power while at least one other capacitor is being discharged to power the computational circuit of the RFID tag
2. The method of claim 1 including the step of switching the capacitors
3. The method of claim 2 in which the step of switching is carried out using power transistors
4 The method of claim 2 in which the step of switching is repeatedly carried out
5 The method of ciaim 4 in which the step of switching is repeatedly carried out, in a periodic way
6 The method of claim 5 in which the plurality of capacitors are switched continuously by one of (a) whenever the voltage on one of the capacitors exceeds or goes below a set value, (b) whenever the reader sends some data, (c) based on time and (d) on any combination of (a), (b) and (c)
7. A method comprising the steps of. a) powering an RFID tag by a power extraction circuit that charges a capacitor connected in the RFID circuit, b) periodically disconnecting the capacitor from the circuit, and c) using the capacitor while it is disconnected from the power extraction circuit to power a computational function of the RFID tag
8 The method of claim 7, in which step b) is triggered by the voltage across another capacitor exceeding or dropping below a certain threshold.
9. The method of claim 7, in which step b) is triggered by time.
10. The method of claim 7, in which step b) is triggered by the voltage across another capacitor exceeding or dropping below a certain threshold at the beginning of a preselected time increment.
11 The method of claim I1 wherein additional circuitry of the RFID tag discharges the capacitor to a fixed voltage before reconnecting it to the power extraction circuit for charging in a repeat of step a)
12 Apparatus comprising a) an RFID tag including a power extraction circuit for generating power from an electromagnetic or magnetic field of a reader with which it is associated, and a computational circuit, b) at least two capacitors, each coupled between the power extraction circuit and the computational circuit, and c) switchover logic for alternately connecting at least one capacitor to be charged by the power extraction circuit while at least one other capacitor is being discharge to power the computational circuit
13 Apparatus according to claim 12 wherein the switchover logic is such that the capacitors are repeatedly reversed
14 Apparatus according to claim 12 wherein the switchover logic is such that the capacitors are switched continuously by one of (ι) the voltage on one of the capacitors exceeds or goes below a set value, (iι) whenever the reader sends some data, (ιιi) based on time and on any combination of (i), (ιι) and (ιii)
15 Apparatus according to claim 12 wherein the switchover logic is such that the switching of the capacitors is triggered by a preselected event
16 Apparatus according to claim 12 wherein the switchover logic is such that the switching of the capacitors is triggered by the voltage across at least one capacitor exceeding or dropping below a certain threshold at the beginning of a preselected event
17 Apparatus according to ciaim 12 wherein the switchover logic includes power transistors.
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/374,745 US8365310B2 (en) | 2006-08-04 | 2007-07-30 | Method and apparatus for protecting RFID tags from power analysis |
EP07840582A EP2050000A2 (en) | 2006-08-04 | 2007-07-30 | Method and apparatus for protecting rfid tags from power analysis |
IL196476A IL196476A0 (en) | 2006-08-04 | 2009-01-13 | Method and apparatus for protecting rfid tags from power analysis |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US82151506P | 2006-08-04 | 2006-08-04 | |
US60/821,515 | 2006-08-04 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2008019246A2 true WO2008019246A2 (en) | 2008-02-14 |
WO2008019246A3 WO2008019246A3 (en) | 2008-05-08 |
Family
ID=39033563
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2007/074716 WO2008019246A2 (en) | 2006-08-04 | 2007-07-30 | Method and apparatus for protecting rfid tags from power analysis |
Country Status (4)
Country | Link |
---|---|
US (1) | US8365310B2 (en) |
EP (1) | EP2050000A2 (en) |
IL (1) | IL196476A0 (en) |
WO (1) | WO2008019246A2 (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8525545B1 (en) | 2011-08-26 | 2013-09-03 | Lockheed Martin Corporation | Power isolation during sensitive operations |
US8624624B1 (en) | 2011-08-26 | 2014-01-07 | Lockheed Martin Corporation | Power isolation during sensitive operations |
EP2746985A1 (en) * | 2012-12-21 | 2014-06-25 | Nxp B.V. | Cryptographic circuit protection from differential power analysis |
US8912887B2 (en) | 2008-12-15 | 2014-12-16 | Cardlab Aps | RFID tag |
EP3035230A1 (en) | 2014-12-19 | 2016-06-22 | Cardlab ApS | A method and an assembly for generating a magnetic field |
US10095968B2 (en) | 2014-12-19 | 2018-10-09 | Cardlabs Aps | Method and an assembly for generating a magnetic field and a method of manufacturing an assembly |
US10558901B2 (en) | 2015-04-17 | 2020-02-11 | Cardlab Aps | Device for outputting a magnetic field and a method of outputting a magnetic field |
Families Citing this family (45)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2926382B1 (en) * | 2008-01-11 | 2010-02-26 | Proton World Internat Nv | HIERARCHIZATION OF CRYPTOGRAPHIC KEYS IN AN ELECTRONIC CIRCUIT |
US20110063214A1 (en) * | 2008-09-05 | 2011-03-17 | Knapp David J | Display and optical pointer systems and related methods |
WO2010027459A2 (en) * | 2008-09-05 | 2010-03-11 | Firefly Green Technologies Inc. | Optical communication device, method and system |
US8773336B2 (en) * | 2008-09-05 | 2014-07-08 | Ketra, Inc. | Illumination devices and related systems and methods |
US9509525B2 (en) | 2008-09-05 | 2016-11-29 | Ketra, Inc. | Intelligent illumination device |
US10210750B2 (en) | 2011-09-13 | 2019-02-19 | Lutron Electronics Co., Inc. | System and method of extending the communication range in a visible light communication system |
US8456092B2 (en) * | 2008-09-05 | 2013-06-04 | Ketra, Inc. | Broad spectrum light source calibration systems and related methods |
US8471496B2 (en) * | 2008-09-05 | 2013-06-25 | Ketra, Inc. | LED calibration systems and related methods |
US9276766B2 (en) | 2008-09-05 | 2016-03-01 | Ketra, Inc. | Display calibration systems and related methods |
US8521035B2 (en) | 2008-09-05 | 2013-08-27 | Ketra, Inc. | Systems and methods for visible light communication |
US8674913B2 (en) | 2008-09-05 | 2014-03-18 | Ketra, Inc. | LED transceiver front end circuitry and related methods |
US9386668B2 (en) | 2010-09-30 | 2016-07-05 | Ketra, Inc. | Lighting control system |
USRE49454E1 (en) | 2010-09-30 | 2023-03-07 | Lutron Technology Company Llc | Lighting control system |
JP5776927B2 (en) * | 2011-03-28 | 2015-09-09 | ソニー株式会社 | Information processing apparatus and method, and program |
US8749172B2 (en) | 2011-07-08 | 2014-06-10 | Ketra, Inc. | Luminance control for illumination devices |
US8912814B2 (en) * | 2012-11-12 | 2014-12-16 | Chaologix, Inc. | Clocked charge domain logic |
US9755822B2 (en) | 2013-06-19 | 2017-09-05 | Cryptography Research, Inc. | Countermeasure to power analysis attacks through time-varying impedance of power delivery networks |
US9155155B1 (en) | 2013-08-20 | 2015-10-06 | Ketra, Inc. | Overlapping measurement sequences for interference-resistant compensation in light emitting diode devices |
US9237620B1 (en) | 2013-08-20 | 2016-01-12 | Ketra, Inc. | Illumination device and temperature compensation method |
USRE48956E1 (en) | 2013-08-20 | 2022-03-01 | Lutron Technology Company Llc | Interference-resistant compensation for illumination devices using multiple series of measurement intervals |
US9247605B1 (en) | 2013-08-20 | 2016-01-26 | Ketra, Inc. | Interference-resistant compensation for illumination devices |
US9345097B1 (en) | 2013-08-20 | 2016-05-17 | Ketra, Inc. | Interference-resistant compensation for illumination devices using multiple series of measurement intervals |
US9651632B1 (en) | 2013-08-20 | 2017-05-16 | Ketra, Inc. | Illumination device and temperature calibration method |
USRE48955E1 (en) | 2013-08-20 | 2022-03-01 | Lutron Technology Company Llc | Interference-resistant compensation for illumination devices having multiple emitter modules |
US9332598B1 (en) | 2013-08-20 | 2016-05-03 | Ketra, Inc. | Interference-resistant compensation for illumination devices having multiple emitter modules |
US9769899B2 (en) | 2014-06-25 | 2017-09-19 | Ketra, Inc. | Illumination device and age compensation method |
US9578724B1 (en) | 2013-08-20 | 2017-02-21 | Ketra, Inc. | Illumination device and method for avoiding flicker |
US9360174B2 (en) | 2013-12-05 | 2016-06-07 | Ketra, Inc. | Linear LED illumination device with improved color mixing |
US9736895B1 (en) | 2013-10-03 | 2017-08-15 | Ketra, Inc. | Color mixing optics for LED illumination device |
US9146028B2 (en) | 2013-12-05 | 2015-09-29 | Ketra, Inc. | Linear LED illumination device with improved rotational hinge |
US9736903B2 (en) | 2014-06-25 | 2017-08-15 | Ketra, Inc. | Illumination device and method for calibrating and controlling an illumination device comprising a phosphor converted LED |
US9392663B2 (en) | 2014-06-25 | 2016-07-12 | Ketra, Inc. | Illumination device and method for controlling an illumination device over changes in drive current and temperature |
US9557214B2 (en) | 2014-06-25 | 2017-01-31 | Ketra, Inc. | Illumination device and method for calibrating an illumination device over changes in temperature, drive current, and time |
US10161786B2 (en) | 2014-06-25 | 2018-12-25 | Lutron Ketra, Llc | Emitter module for an LED illumination device |
DE102014009808A1 (en) | 2014-07-03 | 2016-01-07 | Andreas Gornik | Hardware protection measure to mitigate side channel attacks |
US9510416B2 (en) | 2014-08-28 | 2016-11-29 | Ketra, Inc. | LED illumination device and method for accurately controlling the intensity and color point of the illumination device over time |
US9392660B2 (en) | 2014-08-28 | 2016-07-12 | Ketra, Inc. | LED illumination device and calibration method for accurately characterizing the emission LEDs and photodetector(s) included within the LED illumination device |
US9237623B1 (en) | 2015-01-26 | 2016-01-12 | Ketra, Inc. | Illumination device and method for determining a maximum lumens that can be safely produced by the illumination device to achieve a target chromaticity |
US9485813B1 (en) | 2015-01-26 | 2016-11-01 | Ketra, Inc. | Illumination device and method for avoiding an over-power or over-current condition in a power converter |
US9237612B1 (en) | 2015-01-26 | 2016-01-12 | Ketra, Inc. | Illumination device and method for determining a target lumens that can be safely produced by an illumination device at a present temperature |
US11272599B1 (en) | 2018-06-22 | 2022-03-08 | Lutron Technology Company Llc | Calibration procedure for a light-emitting diode light source |
CN109474415B (en) * | 2018-10-19 | 2022-06-21 | 天津大学 | Three-phase single-rail pre-charging logic device |
US11925489B1 (en) | 2020-11-20 | 2024-03-12 | Stryker Corporation | Manifold for filtering medical waste being drawn under vacuum into a medical waste collection system and related methods |
US11545976B1 (en) * | 2021-08-04 | 2023-01-03 | Arm Limited | Integrated circuit power supply |
US11786647B1 (en) | 2022-01-31 | 2023-10-17 | Stryker Corporation | Medical waste collection systems, manifolds, and related methods |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040025032A1 (en) * | 2000-02-18 | 2004-02-05 | Chow Stanley T | Method and system for resistance to statiscal power analysis |
US20040158728A1 (en) * | 2003-02-06 | 2004-08-12 | Seo-Kyu Kim | Smart cards having protection circuits therein that inhibit power analysis attacks and methods of operating same |
US20040222878A1 (en) * | 2003-05-06 | 2004-11-11 | Ari Juels | Low-complexity cryptographic techniques for use with radio frequency identification devices |
US20050271202A1 (en) * | 2004-06-08 | 2005-12-08 | Hrl Laboratories, Llc | Cryptographic architecture with random instruction masking to thwart differential power analysis |
US20060033608A1 (en) * | 2004-07-29 | 2006-02-16 | Ari Juels | Proxy device for enhanced privacy in an RFID system |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6294997B1 (en) * | 1999-10-04 | 2001-09-25 | Intermec Ip Corp. | RFID tag having timing and environment modules |
US6507913B1 (en) * | 1999-12-30 | 2003-01-14 | Yeda Research And Development Co. Ltd. | Protecting smart cards from power analysis with detachable power supplies |
US7039359B2 (en) * | 2000-12-07 | 2006-05-02 | Intermec Ip Corp. | RFID interrogator having customized radio parameters with local memory storage |
US6812841B2 (en) * | 2002-01-23 | 2004-11-02 | Intermec Ip Corp. | Passive RFID tag that retains state after temporary loss of power |
-
2007
- 2007-07-30 US US12/374,745 patent/US8365310B2/en not_active Expired - Fee Related
- 2007-07-30 EP EP07840582A patent/EP2050000A2/en not_active Withdrawn
- 2007-07-30 WO PCT/US2007/074716 patent/WO2008019246A2/en active Application Filing
-
2009
- 2009-01-13 IL IL196476A patent/IL196476A0/en unknown
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040025032A1 (en) * | 2000-02-18 | 2004-02-05 | Chow Stanley T | Method and system for resistance to statiscal power analysis |
US20040158728A1 (en) * | 2003-02-06 | 2004-08-12 | Seo-Kyu Kim | Smart cards having protection circuits therein that inhibit power analysis attacks and methods of operating same |
US20040222878A1 (en) * | 2003-05-06 | 2004-11-11 | Ari Juels | Low-complexity cryptographic techniques for use with radio frequency identification devices |
US20050271202A1 (en) * | 2004-06-08 | 2005-12-08 | Hrl Laboratories, Llc | Cryptographic architecture with random instruction masking to thwart differential power analysis |
US20060033608A1 (en) * | 2004-07-29 | 2006-02-16 | Ari Juels | Proxy device for enhanced privacy in an RFID system |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8912887B2 (en) | 2008-12-15 | 2014-12-16 | Cardlab Aps | RFID tag |
US8525545B1 (en) | 2011-08-26 | 2013-09-03 | Lockheed Martin Corporation | Power isolation during sensitive operations |
US8624624B1 (en) | 2011-08-26 | 2014-01-07 | Lockheed Martin Corporation | Power isolation during sensitive operations |
EP2746985A1 (en) * | 2012-12-21 | 2014-06-25 | Nxp B.V. | Cryptographic circuit protection from differential power analysis |
US9069959B2 (en) | 2012-12-21 | 2015-06-30 | Nxp B.V. | Cryptographic circuit protection from differential power analysis |
EP3035230A1 (en) | 2014-12-19 | 2016-06-22 | Cardlab ApS | A method and an assembly for generating a magnetic field |
US10095968B2 (en) | 2014-12-19 | 2018-10-09 | Cardlabs Aps | Method and an assembly for generating a magnetic field and a method of manufacturing an assembly |
US10614351B2 (en) | 2014-12-19 | 2020-04-07 | Cardlab Aps | Method and an assembly for generating a magnetic field and a method of manufacturing an assembly |
US10558901B2 (en) | 2015-04-17 | 2020-02-11 | Cardlab Aps | Device for outputting a magnetic field and a method of outputting a magnetic field |
Also Published As
Publication number | Publication date |
---|---|
IL196476A0 (en) | 2009-09-22 |
EP2050000A2 (en) | 2009-04-22 |
WO2008019246A3 (en) | 2008-05-08 |
US8365310B2 (en) | 2013-01-29 |
US20100005533A1 (en) | 2010-01-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8365310B2 (en) | Method and apparatus for protecting RFID tags from power analysis | |
Phillips et al. | Security standards for the RFID market | |
US7791453B2 (en) | System and method for varying response amplitude of radio transponders | |
Juels et al. | High-power proxies for enhancing RFID privacy and utility | |
US9799180B1 (en) | Multiplexed tamper detection system | |
EP2250631B1 (en) | Methods and apparatus for preserving privacy in an rfid system | |
Oren et al. | Remote password extraction from RFID tags | |
US9813116B2 (en) | Secure near field communication solutions and circuits | |
US20080230615A1 (en) | Near-field communication card for communication of contact information | |
RU2541846C2 (en) | Rfid tag | |
EP1692639A2 (en) | Jammer for jamming the readout of contactless data carriers | |
JP2008500600A (en) | Wireless IC communication apparatus and response method thereof | |
Damghani et al. | Investigating attacks to improve security and privacy in RFID systems using the security bit method | |
Jechlitschek | A survey paper on Radio Frequency Identification (RFID) trends | |
Xiao et al. | RFID technology, security vulnerabilities, and countermeasures | |
KR20100035378A (en) | Card having a plural rfid chips and recognizing by using a non-contact method | |
CN213027505U (en) | Power supply package | |
CN105872955A (en) | Touch integrated circuit integrating near-field communication and near-field communication method of touch integrated circuit | |
CN101918952B (en) | Electronic system and method of operating an electronic system | |
Guizani | Security applications challenges of RFID technology and possible countermeasures | |
CN101101636A (en) | Electronic tag cipher protection system | |
Maarof et al. | Security analysis of low cost RFID systems | |
CN110288072A (en) | By the way that power source can be activated to realize the NFC anti-counterfeiting chip of anti-tamper detection function | |
WO2014169393A1 (en) | Security switch for an rfid token | |
Grout et al. | RFID enabled sensor system design |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 07840582 Country of ref document: EP Kind code of ref document: A2 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2007840582 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 12374745 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
NENP | Non-entry into the national phase |
Ref country code: RU |