RFID Security
PI's invention of a secure RFID authentication and encryption method enables real-time, session-based secure communication between RFID tags, readers, and backend authentication services without requiring a separate key exchange protocol.
Traditional protocols use exponentials that consume significant compute and power and hence are not suitable for RFIDs.
Our secure RFID tag generates a unique, session-specific random number, using an on-chip lightweight random number generator, to generate authentication credentials and an encryption key for data transmission.
The reader collects this encrypted authentication package and forwards it to an authentication service which performs cryptographic verification using pre-stored secrets and identity fragments.
We use a two-layer onion encryption circuit invention that ensures only legitimate entities can decrypt the RFID data. Decryption keys are derived dynamically within a session, and authentication of all devices—including tag, reader, and authentication service, can occur in parallel at the RFID reader.
This invention
- eliminates traditional multi-phase handshakes (i.e., the authentication and encryption are done using a single circuit in one go.).
- protects against cloning, replay, and eavesdropping attacks on RFID devices.
- enables lightweight, secure communication suited for ultra-low power RFID computing hardware
