WO2008019246A2 - Method and apparatus for protecting rfid tags from power analysis - Google Patents

Method and apparatus for protecting rfid tags from power analysis Download PDF

Info

Publication number
WO2008019246A2
WO2008019246A2 PCT/US2007/074716 US2007074716W WO2008019246A2 WO 2008019246 A2 WO2008019246 A2 WO 2008019246A2 US 2007074716 W US2007074716 W US 2007074716W WO 2008019246 A2 WO2008019246 A2 WO 2008019246A2
Authority
WO
WIPO (PCT)
Prior art keywords
power
capacitor
capacitors
tag
circuit
Prior art date
Application number
PCT/US2007/074716
Other languages
French (fr)
Other versions
WO2008019246A3 (en
Inventor
Adi Shamir
Original Assignee
Yeda Research & Development Co. Ltd.
Fleit, Lois
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yeda Research & Development Co. Ltd., Fleit, Lois filed Critical Yeda Research & Development Co. Ltd.
Priority to US12/374,745 priority Critical patent/US8365310B2/en
Priority to EP07840582A priority patent/EP2050000A2/en
Publication of WO2008019246A2 publication Critical patent/WO2008019246A2/en
Publication of WO2008019246A3 publication Critical patent/WO2008019246A3/en
Priority to IL196476A priority patent/IL196476A0/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/073Special arrangements for circuits, e.g. for protecting identification code in memory
    • G06K19/07309Means for preventing undesired reading or writing from or onto record carriers
    • G06K19/07363Means for preventing undesired reading or writing from or onto record carriers by preventing analysis of the circuit, e.g. dynamic or static power analysis or current analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • H04L9/003Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Definitions

  • the present invention relates to novel techniques, methods, and apparatus for protecting RFID tags from power analysis or from cryptanalytic attacks based on power analysis such as SPA or DPA when they are communicating with a tag reader
  • a secure tag can enhance the privacy of consumers purchasing RFID-equipped products and the security of retailers using RFID technology, who need to know that tags are not tampered with This is especially the case when discussing RFID-enabled passports, which are currently planned for several countries
  • the threat model under which RFiD tags are designed to be secure is based on an adversary who is able to listen to communications between tag and reader but does not have physical access to the tag Security countermeasures such as cover coding and even secret key encryption have been planned and deployed to address this scenario.
  • An RFID system consists of a high-powered reader communicating with an inexpensive tag using a wireless medium
  • the reader generates a powerful electromagnetic field around itself and the tag responds to this field
  • placing a tag inside the reader's fteld also provides it with the power it needs to operate
  • An operating UHF reader surrounds itself with a powerful electromagnetic field Placing a tag in the reader's field causes a current to flow through the tag's dipole antenna. Since the dipole now has a variable electrical current flowing through it, it generates a Backscatter from Tag to Reader because the reader-tag channei and its equivalent circuit generate an electromagnetic field of its own The strength of this field is a function of the current flowing through the dipole antenna, which is in turn a function of the power consumption of the tag
  • the tag intentionally modulates the backscatter radiation typically by means of a switched impedance connected in parallel to the tag circuit This allows the tag to transmit data back to the reader through a mechanism called backscatter modulation
  • the tag also unintentionally modulates the backscatter radiation in a measurable way via its internal computations
  • the tag's intentional modulation does not disturb an attacker's measurements of its unintentional modulation because the tag and reader operate in a half-duplex line regime, meaning that the tag does not transmit data while the reader is sending it commands
  • Protocols define how tags and readers should communicate and what data a tag should store.
  • One such protocol specifies a 96-bit ID to each tag, as well as an 8-bit kill password which can be concealed from unauthorized readers. Sending a tag a kill command with the appropriate kill password disables it permanently.
  • this protocol is not without its problems. The protocol made it difficult to program and read a large number of tags simultaneously, and most notably it had a phantom read problem - tags are validated only by a 16-bit CRC value, so with probability 2 "16 a reader receiving random noise will report seeing a tag even if none are present.
  • Another protocol has a better-designed air interface, as well as more strictly defining the contents and capabilities of tags. This protocol increases the amount of data which can be stored on the tag from 128 bits to 2048 bits, and replaces the 8-bit kill password with a pair of 32-bit passwords: the kill password and the access password.
  • Tags Since the reader has a higher transmit strength than the tag, it makes sense to protect against adversaries who can detect the reader's signal but not the tag's backscatter. Tags use cover coding to add this protection. Under this scheme, the tag sends a pseudorandom sequence to the reader, and the reader XORs the kili password with this sequence. An adversary, who can intercept oniy the reader's powerful signal, and not the tag's weak response, cannot learn the actual data exchanged between the reader and the tag. To meet the tag's limited memory and power constraints, the tag only remembers 16 pseudorandom bits at a time, requiring two rounds to go through the whole 32 bit password. Although the cover coding slightly complicates a power analysis attack, it does not prevent it.
  • the present invention presents a cheap and effective solution for protecting RFlDs, which is perhaps the most compatible with current RF front ends found on tags
  • a separation is created of the power supply from the power consumption by use of a double-buffering power supply mechanism consisting of a pair of capacitors switched by power transistors At any stage in time, one capacitor is charged by the reader's field while the other is being discharged by the circuit
  • the present invention can almost eliminate the power consumption information.
  • the present invention concerns a novel apparatus and method employed for protecting an RFID tag from attack
  • the method and apparatus of the invention protects RFID tags against simple and differential power attacks
  • the invention is particularly useful regarding inventory control systems and secure documents, such as e-passports
  • An RFID tag includes a chip that typically contains a power extraction circuit (charge pump) to draw energy from the environment, i e the electromagnetic or magnetic field generated by the tag reader to power the chip, a modulator/demodulator to communicate with the reader by measuring and modifying the field, and the logic and memory part which keeps data and executes instructions, i e the computational element. It is the last-mentioned element that is protected against power analysis by the invention
  • An RFID tag as mentioned, includes a connected antenna, and coacts with a remote or separate reader, in a manner that is well known in the art
  • the two capacitors noted above, that comprise part of the inventive apparatus, can either reside on the RFID chip itself, or can be attached to or printed on the plastic earner of the tag along with the antenna
  • one capacitor is being charged by the power extraction circuit noted above, while the other capacitor is used to power the computational element, i e the logic and memory part, and then their roles are switched
  • the switchover can be triggered by time or voltage or the data sent by the reader or any combination thereof and the partially discharged capacitor can be further discharged to a set voltage before it is reconnected to the power extraction circuit in order to guarantee that no information about how much power it supplied to the logic and memory part will be leaked out
  • an object of the invention to provide a method of protecting an RFID tag including a power extraction circuit and a computational circuit comprising the steps of extracting power from an electromagnetic or magnetic field generated by a reader in whose proximity the tag is located, double-buffering the extracted power by at least two capacitors so that at any stage in time (except possibly during the changeover periods), at least one capacitor is being charged by the extracted power while at least one other capacitor is being discharged to power the computational circuit of the RFID tag.
  • the method can include the step of switching the capacitors The step of switching can be carried out using power transistors Also, the step of switching can be repeatedly carried out, especially in a periodic way, and even, continuously
  • Step b) can be triggered by the voltage across some capacitor exceeding or dropping below a certain threshold
  • step b) can be triggered by time or by the data sent by the reader, or by any combination thereof
  • additional circuitry of the RFID tag can discharge the capacitor to a fixed voltage before reconnecting it to the power extraction circuit for charging in a repeat of step a)
  • apparatus comprising a) an RFfD tag including an antenna, a power extraction circuit for generating power from an electromagnetic or magnetic field of a reader with which it is associated, and a computational circuit, b) at least two capacitors, each coupled between the power extraction circuit and the computational circuit,
  • the switchover logic can be such that the change of connection is triggered by the voltage across at least one of the capacitors exceeding or dropping below a certain threshold at the beginning of a preselected event
  • the switchover logic includes power transistors
  • a simple generalization of the present invention is to use three or more capacitors in such a way that at any time at least one of them is charging and at least one of the others is powering the computational element
  • an RFID tag 10 which contains a power extraction circuit 2 connected to an antenna 1 that communicates with a tag reader (not shown) which has its own antenna and circuitry as is standard and known in the art.
  • the antenna 1 is also coupled to a modulation-demodulation circuit 3 by leads 16 and 17 going through circuit 2
  • the circuit 3 is coupled to a logic and memory circuit 4, which is the computational element of tag 10. Data and control signals 5 pass between the circuits 3 and 4 The set-up thus far is standard for an RFID tag.
  • the object of the preferred embodiment is to allow circuit 4 to operate continuously without being directly powered by the power extraction circuit 2 during all or part of its computational function.
  • two capacitors 6a and 6b are connected to ground on one side and to contacts of switches 7a and 7c, which switches 7a and 7c are connected to power extraction circuit 2 via leads 11 and 13.
  • Leads 14 and 15 connect leads 11 and 13 to logic and memory circuit 4. interposed in these leads 14 and 15 are further switches 7c and 7d. All the switches 7a to 7d can be comprised of power transistors suitably controlled by switchover logic, as described hereinafter, and connected either to the extraction circuit 2 or via two diodes 8a and 8b interposed in the leads 14 and 15
  • the connections of the two capacitors alternate in a periodic way.
  • the first capacitor either 6a or 6b
  • the second capacitor either 6a or 6b, respectively
  • the preferred sequence of actions of the power transistors 7a to 7d that are controlled by the switchover logic is: (i) the first capacitor is disconnected from circuit 2; (i ⁇ ) the first capacitor is connected to the circuit 4; ( ⁇ i) the second capacitor is disconnected from the circuit 4; and (iv) the second capacitor is connected to the circuit 2.
  • the computational element 4 is always powered by at least one capacitor, but the power extraction circuit 2 is never connected directly to circuit 4.
  • the capacitors 6a and 6b are connected via diodes 8a and 8b to prevent leakage from the charged capacitor to the discharged capacitor during the brief moments in which they are connected in parallel to the circuit 4.

Abstract

RFID tags were believed to be immune to power analysis since they have no direct connection to an external power supply. However, recent research has shown that they s are vulnerable to such attacks, since it is possible to measure their power consumption remotely via a completely passive attack. The method and apparatus of the invention protects RFID tags against simple and differential power attacks. The invention is particularly useful regarding inventory control systems or secure documents such as epassports. The basic technique is to use two capacitors embedded in the RFID tag in Io such a way that at any given time one of them is storing energy that is being generated by the charge pump of the tag that sucks energy from the electromagnetic or magnetic field of a tag reader, and the other one is discharging and powering the computational element of the tag chip.

Description

METHOD AND APPARATUS FOR PROTECTING RFID TAGS FROM POWER
ANALYSIS
BACKGROUND OF INVENTION
Field of Invention
The present invention relates to novel techniques, methods, and apparatus for protecting RFID tags from power analysis or from cryptanalytic attacks based on power analysis such as SPA or DPA when they are communicating with a tag reader
Prior Art
Once considered merely as an upgrade to the humble optical barcode, passive RFID tags have been recently making gams both in their capabilities and in their planned applications The regulatory bodies behind the tag standards are aware of security and privacy issues and have been urging tag makers to make their tags as secure as possible There are even indications that RFID tags will soon implement full-fledged cryptographic functionality. A secure tag can enhance the privacy of consumers purchasing RFID-equipped products and the security of retailers using RFID technology, who need to know that tags are not tampered with This is especially the case when discussing RFID-enabled passports, which are currently planned for several countries The threat model under which RFiD tags are designed to be secure is based on an adversary who is able to listen to communications between tag and reader but does not have physical access to the tag Security countermeasures such as cover coding and even secret key encryption have been planned and deployed to address this scenario.
An RFID system consists of a high-powered reader communicating with an inexpensive tag using a wireless medium The reader generates a powerful electromagnetic field around itself and the tag responds to this field In passive systems, placing a tag inside the reader's fteld also provides it with the power it needs to operate
It was recently discovered by Oren and Shamir that it is possible to launch an attack on RFID tags which can be called a parasitic backscatter attack Such an attack is basically a power analysis attack in that it measures the power consumed by a tag, but it is unique in that it does not require either tag or reader to be physically touched by the attacker By making use of the fact that the tag is powered from the air, one is able to measure the tag's power consumption unintrusively and at a distance The power analysis can be carried out even if both the tag and the attacker are passive and transmit no data, making the attack very hard to detect The attack is effective on UHF tags and can also be adapted to HF tags, which typically use magnetic rather than electromagnetic coupling with the reader
An operating UHF reader surrounds itself with a powerful electromagnetic field Placing a tag in the reader's field causes a current to flow through the tag's dipole antenna. Since the dipole now has a variable electrical current flowing through it, it generates a Backscatter from Tag to Reader because the reader-tag channei and its equivalent circuit generate an electromagnetic field of its own The strength of this field is a function of the current flowing through the dipole antenna, which is in turn a function of the power consumption of the tag
It is worth noting that the tag intentionally modulates the backscatter radiation typically by means of a switched impedance connected in parallel to the tag circuit This allows the tag to transmit data back to the reader through a mechanism called backscatter modulation As has been recently determined by Oren and Shamir, the tag also unintentionally modulates the backscatter radiation in a measurable way via its internal computations The tag's intentional modulation does not disturb an attacker's measurements of its unintentional modulation because the tag and reader operate in a half-duplex line regime, meaning that the tag does not transmit data while the reader is sending it commands Protocols define how tags and readers should communicate and what data a tag should store. One such protocol specifies a 96-bit ID to each tag, as well as an 8-bit kill password which can be concealed from unauthorized readers. Sending a tag a kill command with the appropriate kill password disables it permanently. However, this protocol is not without its problems. The protocol made it difficult to program and read a large number of tags simultaneously, and most notably it had a phantom read problem - tags are validated only by a 16-bit CRC value, so with probability 2"16 a reader receiving random noise will report seeing a tag even if none are present.
Another protocol has a better-designed air interface, as well as more strictly defining the contents and capabilities of tags. This protocol increases the amount of data which can be stored on the tag from 128 bits to 2048 bits, and replaces the 8-bit kill password with a pair of 32-bit passwords: the kill password and the access password.
Since the reader has a higher transmit strength than the tag, it makes sense to protect against adversaries who can detect the reader's signal but not the tag's backscatter. Tags use cover coding to add this protection. Under this scheme, the tag sends a pseudorandom sequence to the reader, and the reader XORs the kili password with this sequence. An adversary, who can intercept oniy the reader's powerful signal, and not the tag's weak response, cannot learn the actual data exchanged between the reader and the tag. To meet the tag's limited memory and power constraints, the tag only remembers 16 pseudorandom bits at a time, requiring two rounds to go through the whole 32 bit password. Although the cover coding slightly complicates a power analysis attack, it does not prevent it.
In US Patent 6,507,913, a method and apparatus to protect smart cards from power analysis is described. Whereas, the attack problem concerning smart cards is similar broadly with protecting RFIDs, the double buffering protection mechanism described there is much more suitable for RFID tags than for smart cards, for reasons which will be explained shortly. SUMMARY OF THE INVENTION
The present invention presents a cheap and effective solution for protecting RFlDs, which is perhaps the most compatible with current RF front ends found on tags According to the inventive concept, a separation is created of the power supply from the power consumption by use of a double-buffering power supply mechanism consisting of a pair of capacitors switched by power transistors At any stage in time, one capacitor is charged by the reader's field while the other is being discharged by the circuit With appropriate design, the present invention can almost eliminate the power consumption information. Moreover, this design involves changes only to the RF front- end of the tag, making it the quickest to roll out To make this countermeasure more cost effective, large flat capacitors can be attached to the plastic carrier next to the printed antenna Note that unlike the case of smart cards, power analysis of RFID tags is likely to be carried out remotely (e g , without opening in the store the product enclosure in which the RFID tag is placed) and thus, one is less concerned about an attacker cutting off the capacitors to get around the countermeasure Tags using this protective mechanism still have to take care that power consumption does not leak out through the intentional backscatter modulation mechanism, which has to come out of the circuit proper and connect to the antenna
Another major difference is that smart cards do not try to economize their power consumption, and with newer more powerful chips with security coprocessors, the power consumption gets even higher It is thus difficult to run them from the tiny amount of power stored in a small capacitor In contradistinction, RFID's get their power from the electromagnetic field around them, so they use very little power in order to be operable from a reader which is severa! meters away This makes the protection technique more suitable for RFID tags than for smart cards Accordingly the present invention concerns a novel apparatus and method employed for protecting an RFID tag from attack The method and apparatus of the invention protects RFID tags against simple and differential power attacks The invention is particularly useful regarding inventory control systems and secure documents, such as e-passports
An RFID tag includes a chip that typically contains a power extraction circuit (charge pump) to draw energy from the environment, i e the electromagnetic or magnetic field generated by the tag reader to power the chip, a modulator/demodulator to communicate with the reader by measuring and modifying the field, and the logic and memory part which keeps data and executes instructions, i e the computational element. It is the last-mentioned element that is protected against power analysis by the invention
An RFID tag, as mentioned, includes a connected antenna, and coacts with a remote or separate reader, in a manner that is well known in the art The two capacitors noted above, that comprise part of the inventive apparatus, can either reside on the RFID chip itself, or can be attached to or printed on the plastic earner of the tag along with the antenna
During operation, one capacitor is being charged by the power extraction circuit noted above, while the other capacitor is used to power the computational element, i e the logic and memory part, and then their roles are switched The switchover can be triggered by time or voltage or the data sent by the reader or any combination thereof and the partially discharged capacitor can be further discharged to a set voltage before it is reconnected to the power extraction circuit in order to guarantee that no information about how much power it supplied to the logic and memory part will be leaked out
Since smart cards do not normally use capacitors to power them, the introduction of the double buffering technology for smart cards described in US Patent 6,507,913 required a major and expensive redesign of the circuit On the other hand, RFID's always have at least one capacitor to power them through the charge pump, and thus it is much easier to adapt them to use the double buffering technology Many RFID's already have multiple capacitors, but they are used to get a higher voltage which is needed to operate the electronic circuitry (e.g , all the capacitors can be charged in parallel to a low voltage, and then reconnected in series to get a higher total voltage) One should be careful not to confuse this application of multiple capacitors with the novel double buffering concept of the present invention
Accordingly, it is an object of the invention to provide a method of protecting an RFID tag including a power extraction circuit and a computational circuit comprising the steps of extracting power from an electromagnetic or magnetic field generated by a reader in whose proximity the tag is located, double-buffering the extracted power by at least two capacitors so that at any stage in time (except possibly during the changeover periods), at least one capacitor is being charged by the extracted power while at least one other capacitor is being discharged to power the computational circuit of the RFID tag. Still further, the method can include the step of switching the capacitors The step of switching can be carried out using power transistors Also, the step of switching can be repeatedly carried out, especially in a periodic way, and even, continuously
It is a still further object of the invention to provide a method comprising the steps of a) powering an RFID tag by a power extraction circuit that charges a capacitor connected in the RFID circuit, b) periodically disconnecting the capacitor from the power extraction circuit, and c) discharging the capacitor while it is disconnected from the power extraction circuit to power a computational element of the RFID tag Step b) can be triggered by the voltage across some capacitor exceeding or dropping below a certain threshold Also, step b) can be triggered by time or by the data sent by the reader, or by any combination thereof Further, additional circuitry of the RFID tag can discharge the capacitor to a fixed voltage before reconnecting it to the power extraction circuit for charging in a repeat of step a) Yet, it is still a further object of the invention to provide apparatus comprising a) an RFfD tag including an antenna, a power extraction circuit for generating power from an electromagnetic or magnetic field of a reader with which it is associated, and a computational circuit, b) at least two capacitors, each coupled between the power extraction circuit and the computational circuit, and c) switchover logic for alternately connecting the capacitors for at least one to discharge to power the computational circuit while at least one other is being charged by the power extraction circuit The switchover logic can be such that the functions of the at least two capacitors are repeatedly reversed, and the RFID tag operates continuously Also, the switchover logic can be such that the change of connection (switching of the capacitors) is triggered by the voltage across one of the capacitors exceeding or dropping below a certain threshold Still further, the switchover logic can be such that the change of connection is triggered by a preseϊected event. Also, the switchover logic can be such that the change of connection is triggered by the voltage across at least one of the capacitors exceeding or dropping below a certain threshold at the beginning of a preselected event In a preferred form of the invention, the switchover logic includes power transistors A simple generalization of the present invention is to use three or more capacitors in such a way that at any time at least one of them is charging and at least one of the others is powering the computational element
Other objects and advantages of the present invention will become evident from a detailed description of a preferred embodiment of the invention when taken in conjunction with the appended drawing
BRIEF DESCRIPTION OF THE DRAWING
The sole figure of the drawing shows schematically the present invention DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT OF THE INVENTION
Referring now to the drawing, the preferred embodiment will now be described in detail. Shown is an RFID tag 10 which contains a power extraction circuit 2 connected to an antenna 1 that communicates with a tag reader (not shown) which has its own antenna and circuitry as is standard and known in the art. The antenna 1 is also coupled to a modulation-demodulation circuit 3 by leads 16 and 17 going through circuit 2 The circuit 3 is coupled to a logic and memory circuit 4, which is the computational element of tag 10. Data and control signals 5 pass between the circuits 3 and 4 The set-up thus far is standard for an RFID tag.
The object of the preferred embodiment is to allow circuit 4 to operate continuously without being directly powered by the power extraction circuit 2 during all or part of its computational function. To this end, two capacitors 6a and 6b are connected to ground on one side and to contacts of switches 7a and 7c, which switches 7a and 7c are connected to power extraction circuit 2 via leads 11 and 13. Leads 14 and 15 connect leads 11 and 13 to logic and memory circuit 4. interposed in these leads 14 and 15 are further switches 7c and 7d. All the switches 7a to 7d can be comprised of power transistors suitably controlled by switchover logic, as described hereinafter, and connected either to the extraction circuit 2 or via two diodes 8a and 8b interposed in the leads 14 and 15
In the preferred embodiment of the new invention the connections of the two capacitors alternate in a periodic way. During odd periods the first capacitor, either 6a or 6b, is connected to power extraction circuit 2 and the second capacitor, either 6a or 6b, respectively, is connected to the logic and memory circuit 4, and during even periods the connections are reversed. The preferred sequence of actions of the power transistors 7a to 7d that are controlled by the switchover logic is: (i) the first capacitor is disconnected from circuit 2; (iι) the first capacitor is connected to the circuit 4; (ιιi) the second capacitor is disconnected from the circuit 4; and (iv) the second capacitor is connected to the circuit 2.
With this sequence of actions, the computational element 4 is always powered by at least one capacitor, but the power extraction circuit 2 is never connected directly to circuit 4. The capacitors 6a and 6b are connected via diodes 8a and 8b to prevent leakage from the charged capacitor to the discharged capacitor during the brief moments in which they are connected in parallel to the circuit 4.
To completely eliminate any information about the power consumed by the circuit 4, it is recommended to fully or partially discharge the capacitor that had just been disconnected from it to a fixed voltage before connecting the capacitor to circuit 2.
Although the present invention has been shown and described in terms of preferred embodiments, nevertheless changes and modifications will be evident to those skilled in the art from knowledge of the disclosure and teachings herein. Such changes and modifications which do not depart from the teachings, scope and spirit of the present invention are deemed to fall within the purview of the invention as claimed.

Claims

WHAT IS CLAIMED IS:
1. A method of protecting an RFID tag from power analysis or from cryptanalytic attacks based on power analysis, such as SPA and DPA, said RFID tag including a power extraction circuit and a computational circuit, comprising the steps of extracting power from an electromagnetic or magnetic field generated by a reader in whose proximity the tag is located, double-buffering the extracted power by at least two capacitors so that at any stage in time, except possibly during changeover periods, at least one capacitor is being charged by the extracted power while at least one other capacitor is being discharged to power the computational circuit of the RFID tag
2. The method of claim 1 including the step of switching the capacitors
3. The method of claim 2 in which the step of switching is carried out using power transistors
4 The method of claim 2 in which the step of switching is repeatedly carried out
5 The method of ciaim 4 in which the step of switching is repeatedly carried out, in a periodic way
6 The method of claim 5 in which the plurality of capacitors are switched continuously by one of (a) whenever the voltage on one of the capacitors exceeds or goes below a set value, (b) whenever the reader sends some data, (c) based on time and (d) on any combination of (a), (b) and (c)
7. A method comprising the steps of. a) powering an RFID tag by a power extraction circuit that charges a capacitor connected in the RFID circuit, b) periodically disconnecting the capacitor from the circuit, and c) using the capacitor while it is disconnected from the power extraction circuit to power a computational function of the RFID tag
8 The method of claim 7, in which step b) is triggered by the voltage across another capacitor exceeding or dropping below a certain threshold.
9. The method of claim 7, in which step b) is triggered by time.
10. The method of claim 7, in which step b) is triggered by the voltage across another capacitor exceeding or dropping below a certain threshold at the beginning of a preselected time increment.
11 The method of claim I1 wherein additional circuitry of the RFID tag discharges the capacitor to a fixed voltage before reconnecting it to the power extraction circuit for charging in a repeat of step a)
12 Apparatus comprising a) an RFID tag including a power extraction circuit for generating power from an electromagnetic or magnetic field of a reader with which it is associated, and a computational circuit, b) at least two capacitors, each coupled between the power extraction circuit and the computational circuit, and c) switchover logic for alternately connecting at least one capacitor to be charged by the power extraction circuit while at least one other capacitor is being discharge to power the computational circuit
13 Apparatus according to claim 12 wherein the switchover logic is such that the capacitors are repeatedly reversed
14 Apparatus according to claim 12 wherein the switchover logic is such that the capacitors are switched continuously by one of (ι) the voltage on one of the capacitors exceeds or goes below a set value, (iι) whenever the reader sends some data, (ιιi) based on time and on any combination of (i), (ιι) and (ιii)
15 Apparatus according to claim 12 wherein the switchover logic is such that the switching of the capacitors is triggered by a preselected event
16 Apparatus according to claim 12 wherein the switchover logic is such that the switching of the capacitors is triggered by the voltage across at least one capacitor exceeding or dropping below a certain threshold at the beginning of a preselected event
17 Apparatus according to ciaim 12 wherein the switchover logic includes power transistors.
PCT/US2007/074716 2006-08-04 2007-07-30 Method and apparatus for protecting rfid tags from power analysis WO2008019246A2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
US12/374,745 US8365310B2 (en) 2006-08-04 2007-07-30 Method and apparatus for protecting RFID tags from power analysis
EP07840582A EP2050000A2 (en) 2006-08-04 2007-07-30 Method and apparatus for protecting rfid tags from power analysis
IL196476A IL196476A0 (en) 2006-08-04 2009-01-13 Method and apparatus for protecting rfid tags from power analysis

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US82151506P 2006-08-04 2006-08-04
US60/821,515 2006-08-04

Publications (2)

Publication Number Publication Date
WO2008019246A2 true WO2008019246A2 (en) 2008-02-14
WO2008019246A3 WO2008019246A3 (en) 2008-05-08

Family

ID=39033563

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/074716 WO2008019246A2 (en) 2006-08-04 2007-07-30 Method and apparatus for protecting rfid tags from power analysis

Country Status (4)

Country Link
US (1) US8365310B2 (en)
EP (1) EP2050000A2 (en)
IL (1) IL196476A0 (en)
WO (1) WO2008019246A2 (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8525545B1 (en) 2011-08-26 2013-09-03 Lockheed Martin Corporation Power isolation during sensitive operations
US8624624B1 (en) 2011-08-26 2014-01-07 Lockheed Martin Corporation Power isolation during sensitive operations
EP2746985A1 (en) * 2012-12-21 2014-06-25 Nxp B.V. Cryptographic circuit protection from differential power analysis
US8912887B2 (en) 2008-12-15 2014-12-16 Cardlab Aps RFID tag
EP3035230A1 (en) 2014-12-19 2016-06-22 Cardlab ApS A method and an assembly for generating a magnetic field
US10095968B2 (en) 2014-12-19 2018-10-09 Cardlabs Aps Method and an assembly for generating a magnetic field and a method of manufacturing an assembly
US10558901B2 (en) 2015-04-17 2020-02-11 Cardlab Aps Device for outputting a magnetic field and a method of outputting a magnetic field

Families Citing this family (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2926382B1 (en) * 2008-01-11 2010-02-26 Proton World Internat Nv HIERARCHIZATION OF CRYPTOGRAPHIC KEYS IN AN ELECTRONIC CIRCUIT
US20110063214A1 (en) * 2008-09-05 2011-03-17 Knapp David J Display and optical pointer systems and related methods
WO2010027459A2 (en) * 2008-09-05 2010-03-11 Firefly Green Technologies Inc. Optical communication device, method and system
US8773336B2 (en) * 2008-09-05 2014-07-08 Ketra, Inc. Illumination devices and related systems and methods
US9509525B2 (en) 2008-09-05 2016-11-29 Ketra, Inc. Intelligent illumination device
US10210750B2 (en) 2011-09-13 2019-02-19 Lutron Electronics Co., Inc. System and method of extending the communication range in a visible light communication system
US8456092B2 (en) * 2008-09-05 2013-06-04 Ketra, Inc. Broad spectrum light source calibration systems and related methods
US8471496B2 (en) * 2008-09-05 2013-06-25 Ketra, Inc. LED calibration systems and related methods
US9276766B2 (en) 2008-09-05 2016-03-01 Ketra, Inc. Display calibration systems and related methods
US8521035B2 (en) 2008-09-05 2013-08-27 Ketra, Inc. Systems and methods for visible light communication
US8674913B2 (en) 2008-09-05 2014-03-18 Ketra, Inc. LED transceiver front end circuitry and related methods
US9386668B2 (en) 2010-09-30 2016-07-05 Ketra, Inc. Lighting control system
USRE49454E1 (en) 2010-09-30 2023-03-07 Lutron Technology Company Llc Lighting control system
JP5776927B2 (en) * 2011-03-28 2015-09-09 ソニー株式会社 Information processing apparatus and method, and program
US8749172B2 (en) 2011-07-08 2014-06-10 Ketra, Inc. Luminance control for illumination devices
US8912814B2 (en) * 2012-11-12 2014-12-16 Chaologix, Inc. Clocked charge domain logic
US9755822B2 (en) 2013-06-19 2017-09-05 Cryptography Research, Inc. Countermeasure to power analysis attacks through time-varying impedance of power delivery networks
US9155155B1 (en) 2013-08-20 2015-10-06 Ketra, Inc. Overlapping measurement sequences for interference-resistant compensation in light emitting diode devices
US9237620B1 (en) 2013-08-20 2016-01-12 Ketra, Inc. Illumination device and temperature compensation method
USRE48956E1 (en) 2013-08-20 2022-03-01 Lutron Technology Company Llc Interference-resistant compensation for illumination devices using multiple series of measurement intervals
US9247605B1 (en) 2013-08-20 2016-01-26 Ketra, Inc. Interference-resistant compensation for illumination devices
US9345097B1 (en) 2013-08-20 2016-05-17 Ketra, Inc. Interference-resistant compensation for illumination devices using multiple series of measurement intervals
US9651632B1 (en) 2013-08-20 2017-05-16 Ketra, Inc. Illumination device and temperature calibration method
USRE48955E1 (en) 2013-08-20 2022-03-01 Lutron Technology Company Llc Interference-resistant compensation for illumination devices having multiple emitter modules
US9332598B1 (en) 2013-08-20 2016-05-03 Ketra, Inc. Interference-resistant compensation for illumination devices having multiple emitter modules
US9769899B2 (en) 2014-06-25 2017-09-19 Ketra, Inc. Illumination device and age compensation method
US9578724B1 (en) 2013-08-20 2017-02-21 Ketra, Inc. Illumination device and method for avoiding flicker
US9360174B2 (en) 2013-12-05 2016-06-07 Ketra, Inc. Linear LED illumination device with improved color mixing
US9736895B1 (en) 2013-10-03 2017-08-15 Ketra, Inc. Color mixing optics for LED illumination device
US9146028B2 (en) 2013-12-05 2015-09-29 Ketra, Inc. Linear LED illumination device with improved rotational hinge
US9736903B2 (en) 2014-06-25 2017-08-15 Ketra, Inc. Illumination device and method for calibrating and controlling an illumination device comprising a phosphor converted LED
US9392663B2 (en) 2014-06-25 2016-07-12 Ketra, Inc. Illumination device and method for controlling an illumination device over changes in drive current and temperature
US9557214B2 (en) 2014-06-25 2017-01-31 Ketra, Inc. Illumination device and method for calibrating an illumination device over changes in temperature, drive current, and time
US10161786B2 (en) 2014-06-25 2018-12-25 Lutron Ketra, Llc Emitter module for an LED illumination device
DE102014009808A1 (en) 2014-07-03 2016-01-07 Andreas Gornik Hardware protection measure to mitigate side channel attacks
US9510416B2 (en) 2014-08-28 2016-11-29 Ketra, Inc. LED illumination device and method for accurately controlling the intensity and color point of the illumination device over time
US9392660B2 (en) 2014-08-28 2016-07-12 Ketra, Inc. LED illumination device and calibration method for accurately characterizing the emission LEDs and photodetector(s) included within the LED illumination device
US9237623B1 (en) 2015-01-26 2016-01-12 Ketra, Inc. Illumination device and method for determining a maximum lumens that can be safely produced by the illumination device to achieve a target chromaticity
US9485813B1 (en) 2015-01-26 2016-11-01 Ketra, Inc. Illumination device and method for avoiding an over-power or over-current condition in a power converter
US9237612B1 (en) 2015-01-26 2016-01-12 Ketra, Inc. Illumination device and method for determining a target lumens that can be safely produced by an illumination device at a present temperature
US11272599B1 (en) 2018-06-22 2022-03-08 Lutron Technology Company Llc Calibration procedure for a light-emitting diode light source
CN109474415B (en) * 2018-10-19 2022-06-21 天津大学 Three-phase single-rail pre-charging logic device
US11925489B1 (en) 2020-11-20 2024-03-12 Stryker Corporation Manifold for filtering medical waste being drawn under vacuum into a medical waste collection system and related methods
US11545976B1 (en) * 2021-08-04 2023-01-03 Arm Limited Integrated circuit power supply
US11786647B1 (en) 2022-01-31 2023-10-17 Stryker Corporation Medical waste collection systems, manifolds, and related methods

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040025032A1 (en) * 2000-02-18 2004-02-05 Chow Stanley T Method and system for resistance to statiscal power analysis
US20040158728A1 (en) * 2003-02-06 2004-08-12 Seo-Kyu Kim Smart cards having protection circuits therein that inhibit power analysis attacks and methods of operating same
US20040222878A1 (en) * 2003-05-06 2004-11-11 Ari Juels Low-complexity cryptographic techniques for use with radio frequency identification devices
US20050271202A1 (en) * 2004-06-08 2005-12-08 Hrl Laboratories, Llc Cryptographic architecture with random instruction masking to thwart differential power analysis
US20060033608A1 (en) * 2004-07-29 2006-02-16 Ari Juels Proxy device for enhanced privacy in an RFID system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6294997B1 (en) * 1999-10-04 2001-09-25 Intermec Ip Corp. RFID tag having timing and environment modules
US6507913B1 (en) * 1999-12-30 2003-01-14 Yeda Research And Development Co. Ltd. Protecting smart cards from power analysis with detachable power supplies
US7039359B2 (en) * 2000-12-07 2006-05-02 Intermec Ip Corp. RFID interrogator having customized radio parameters with local memory storage
US6812841B2 (en) * 2002-01-23 2004-11-02 Intermec Ip Corp. Passive RFID tag that retains state after temporary loss of power

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040025032A1 (en) * 2000-02-18 2004-02-05 Chow Stanley T Method and system for resistance to statiscal power analysis
US20040158728A1 (en) * 2003-02-06 2004-08-12 Seo-Kyu Kim Smart cards having protection circuits therein that inhibit power analysis attacks and methods of operating same
US20040222878A1 (en) * 2003-05-06 2004-11-11 Ari Juels Low-complexity cryptographic techniques for use with radio frequency identification devices
US20050271202A1 (en) * 2004-06-08 2005-12-08 Hrl Laboratories, Llc Cryptographic architecture with random instruction masking to thwart differential power analysis
US20060033608A1 (en) * 2004-07-29 2006-02-16 Ari Juels Proxy device for enhanced privacy in an RFID system

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8912887B2 (en) 2008-12-15 2014-12-16 Cardlab Aps RFID tag
US8525545B1 (en) 2011-08-26 2013-09-03 Lockheed Martin Corporation Power isolation during sensitive operations
US8624624B1 (en) 2011-08-26 2014-01-07 Lockheed Martin Corporation Power isolation during sensitive operations
EP2746985A1 (en) * 2012-12-21 2014-06-25 Nxp B.V. Cryptographic circuit protection from differential power analysis
US9069959B2 (en) 2012-12-21 2015-06-30 Nxp B.V. Cryptographic circuit protection from differential power analysis
EP3035230A1 (en) 2014-12-19 2016-06-22 Cardlab ApS A method and an assembly for generating a magnetic field
US10095968B2 (en) 2014-12-19 2018-10-09 Cardlabs Aps Method and an assembly for generating a magnetic field and a method of manufacturing an assembly
US10614351B2 (en) 2014-12-19 2020-04-07 Cardlab Aps Method and an assembly for generating a magnetic field and a method of manufacturing an assembly
US10558901B2 (en) 2015-04-17 2020-02-11 Cardlab Aps Device for outputting a magnetic field and a method of outputting a magnetic field

Also Published As

Publication number Publication date
IL196476A0 (en) 2009-09-22
EP2050000A2 (en) 2009-04-22
WO2008019246A3 (en) 2008-05-08
US8365310B2 (en) 2013-01-29
US20100005533A1 (en) 2010-01-07

Similar Documents

Publication Publication Date Title
US8365310B2 (en) Method and apparatus for protecting RFID tags from power analysis
Phillips et al. Security standards for the RFID market
US7791453B2 (en) System and method for varying response amplitude of radio transponders
Juels et al. High-power proxies for enhancing RFID privacy and utility
US9799180B1 (en) Multiplexed tamper detection system
EP2250631B1 (en) Methods and apparatus for preserving privacy in an rfid system
Oren et al. Remote password extraction from RFID tags
US9813116B2 (en) Secure near field communication solutions and circuits
US20080230615A1 (en) Near-field communication card for communication of contact information
RU2541846C2 (en) Rfid tag
EP1692639A2 (en) Jammer for jamming the readout of contactless data carriers
JP2008500600A (en) Wireless IC communication apparatus and response method thereof
Damghani et al. Investigating attacks to improve security and privacy in RFID systems using the security bit method
Jechlitschek A survey paper on Radio Frequency Identification (RFID) trends
Xiao et al. RFID technology, security vulnerabilities, and countermeasures
KR20100035378A (en) Card having a plural rfid chips and recognizing by using a non-contact method
CN213027505U (en) Power supply package
CN105872955A (en) Touch integrated circuit integrating near-field communication and near-field communication method of touch integrated circuit
CN101918952B (en) Electronic system and method of operating an electronic system
Guizani Security applications challenges of RFID technology and possible countermeasures
CN101101636A (en) Electronic tag cipher protection system
Maarof et al. Security analysis of low cost RFID systems
CN110288072A (en) By the way that power source can be activated to realize the NFC anti-counterfeiting chip of anti-tamper detection function
WO2014169393A1 (en) Security switch for an rfid token
Grout et al. RFID enabled sensor system design

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07840582

Country of ref document: EP

Kind code of ref document: A2

WWE Wipo information: entry into national phase

Ref document number: 2007840582

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 12374745

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

NENP Non-entry into the national phase

Ref country code: RU