U.S. patent application number 12/314456 was filed with the patent office on 2009-06-25 for contact-less tag with signature, and applications thereof.
This patent application is currently assigned to BCE INC.. Invention is credited to William G. O'Brien, Tet Hin Yeap.
Application Number | 20090160615 12/314456 |
Document ID | / |
Family ID | 40787423 |
Filed Date | 2009-06-25 |
United States Patent
Application |
20090160615 |
Kind Code |
A1 |
O'Brien; William G. ; et
al. |
June 25, 2009 |
Contact-less tag with signature, and applications thereof
Abstract
A method which comprises generating a first signature by
encoding an identifier with a first additional data set at a first
time instant; responding to a first read request from a tag reader
by releasing the first signature; generating a second signature by
encoding the identifier with a second additional data set at a
second time instant, the second additional data set being different
from the first additional data set; and responding to a second read
request by releasing the second signature. Also, a method which
comprises obtaining a signature from a contactlessly readable tag;
decrypting the signature with a key to obtain a candidate
identifier and a scrambling code associated with the signature; and
validating the candidate identifier based on at least one of the
scrambling code and the signature.
Inventors: |
O'Brien; William G.;
(Nanaimo, CA) ; Yeap; Tet Hin; (Ottawa,
CA) |
Correspondence
Address: |
SMART & BIGGAR
1000 DE LA GAUCHETIERE ST. W., SUITE 3300
MONTREAL
QC
H3B 4W5
CA
|
Assignee: |
BCE INC.
|
Family ID: |
40787423 |
Appl. No.: |
12/314456 |
Filed: |
December 11, 2008 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
PCT/CA2007/002343 |
Dec 20, 2007 |
|
|
|
12314456 |
|
|
|
|
Current U.S.
Class: |
340/10.1 |
Current CPC
Class: |
H04L 63/0823 20130101;
H04W 12/08 20130101; G06Q 20/3829 20130101; G06Q 20/40 20130101;
H04L 9/3247 20130101; H04L 63/0846 20130101; H04W 12/47 20210101;
H04L 2209/84 20130101; G06Q 20/401 20130101; H04L 63/126 20130101;
G06Q 20/425 20130101; G07F 7/1008 20130101; G06F 9/445 20130101;
G06Q 10/087 20130101; G06F 21/79 20130101; G06F 21/43 20130101;
H04W 12/10 20130101; H04L 2209/56 20130101; G06Q 20/341 20130101;
H04L 2209/805 20130101; G06Q 20/3825 20130101; G06Q 20/385
20130101; G06Q 20/02 20130101; G06Q 20/40975 20130101 |
Class at
Publication: |
340/10.1 |
International
Class: |
H04Q 5/22 20060101
H04Q005/22 |
Claims
1. A method, comprising: generating a first signature by encoding
an identifier with a first additional data set at a first time
instant; responding to a first read request from a tag reader by
releasing the first signature; generating a second signature by
encoding the identifier with a second additional data set at a
second time instant, the second additional data set being different
from the first additional data set; and responding to a second read
request by releasing the second signature.
2. The method defined in claim 1, wherein the additional data set
includes a key and a first scrambling code, and wherein encoding
the identifier with the additional data set comprises augmenting
the identifier with the first scrambling code and using the key to
encrypt the result of the augmenting.
3. The method defined in claim 2, further comprising: when
responding to the first or second read request, accompanying the
first or second signature, respectively, with an index associated
with said key.
4. The method defined in claim 2, wherein the first scrambling code
is received from the tag reader.
5. The method defined in claim 2, wherein the second additional
data set includes said key and a second scrambling code, and
wherein encoding the identifier with the second additional data set
comprises augmenting the identifier with the second scrambling code
and using the key to encrypt the result of the second
augmenting.
6. The method defined in claim 5, wherein the second scrambling
code differs from the first scrambling code by a pre-determined
increment.
7. The method defined in claim 5, wherein the first and second
scrambling codes are representative of the first and second time
instants, respectively.
8. The method defined in claim 5, wherein the second scrambling
code differs from the first scrambling code by a number of read
requests to which a response has been issued between the first and
second read requests.
9. The method defined in claim 5, wherein the second scrambling
code differs from the first scrambling code in a first number of
digits, wherein the second signature differs from the first
signature in a second number of digits, the second number of digits
being greater than the first number of digits.
10. The method defined in claim 5, wherein the first and second
scrambling codes are representative of respective geographic
locations.
11. The method defined in claim 5, wherein the first and second
scrambling codes are representative of an output of a pseudo-random
number generator at different chronological positions.
12. The method defined in claim 5, wherein the second scrambling
code is received from the tag reader.
13. The method defined in claim 1, wherein the additional data set
includes a key, and wherein encoding the identifier with the
additional data set comprises using the key to encrypt the
identifier.
14. The method defined in claim 13, the key being a first key,
wherein the second additional data set includes a second key
different from the first key, and wherein encoding the identifier
with the second additional data set comprises using the second key
to encrypt the identifier.
15. The method defined in claim 14, further comprising: when
responding to the first read request, accompanying the first
signature with an index associated with the first key; and when
responding to the second read request, accompanying the second
signature with an index associated with the second key.
16. The method defined in claim 14, wherein the first and second
keys are representative of an output of a pseudo-random number
generator at different chronological positions.
17. The method defined in claim 1, wherein generating the second
signature is triggered by having responded to the first read
request.
18. The method defined in claim 1, wherein generating the second
signature is triggered by receipt of the second read request.
19. The method defined in claim 1, wherein generating the second
signature is triggered by having responded to a pre-determined
number of read requests since the first read request.
20. The method defined in claim 1, wherein generating the second
signature is triggered by a pre-determined amount of time having
elapsed since generating the first signature.
21. The method defined in claim 1, further comprising maintaining a
clock function to keep time, wherein generating the second
signature is triggered by a temporal event detected by the clock
function.
22. The method defined in claim 1, wherein generating the second
signature occurs upon receipt of a trigger from the tag reader.
23. Apparatus, comprising: means for generating a first signature
by encoding an identifier with an additional data set at a first
time instant; means for responding to a first read request from a
tag reader by releasing the first signature; means for generating a
second signature by encoding the identifier with a second
additional data set at a second time instant, the second additional
data set being different from the first additional data set; and
means for responding to a second read request from a tag reader by
releasing the second signature.
24. A computer-readable medium comprising computer-readable program
code which, when interpreted by a computing apparatus, causes the
computing apparatus to execute a method, the computer-readable
program code comprising: first computer-readable program code for
causing the computing apparatus to generate a first signature by
encoding an identifier with an additional data set at a first time
instant; second computer-readable program code for causing the
computing apparatus to respond to a first read request from a tag
reader by releasing the first signature; third computer-readable
program code for causing the computing apparatus to generate a
second signature by encoding the identifier with a second
additional data set at a second time instant, the second additional
data set being different from the first additional data set; and
fourth computer-readable program code for causing the computing
apparatus to respond to a second read request from a tag reader by
releasing the second signature.
25. A device for use in contact-less communication with a reader,
comprising: a memory configured to store a first signature
generated by encoding an identifier with a first additional data
set at a first time instant; and a controller configured to
generate a new signature by encoding the identifier with a second
additional data set at a second time instant, the second additional
data set being different from the first additional data set; the
controller further configured to cause the new signature to be
stored in the memory after the second time instant.
26. The device defined in claim 25, wherein the first additional
data set includes a key and a first scrambling code, and wherein
the second additional data set includes the key and a second
scrambling code.
27. The device defined in claim 26, the controller being aware of
the first and second time instants by implementing a clock
function, wherein the first and second scrambling codes are
representative of the first and second time instants,
respectively.
28. The device defined in claim 26, wherein the controller is
further configured to receive the second scrambling code from the
reader.
29. The device defined in claim 26, wherein the controller is
further configured to receive an index from the reader and to
generate the second scrambling code from the index.
30. The device defined in claim 26, wherein the controller is
further configured to determine the second scrambling code.
31. The device defined in claim 26, wherein the second scrambling
code differs from the first scrambling code by a pre-determined
increment.
32. The device defined in claim 26, wherein the second scrambling
code differs from the first scrambling code in a first number of
digits, wherein the new signature differs from the first signature
in a second number of digits, the second number of digits being
greater than the first number of digits.
33. The device defined in claim 26, wherein the first and second
scrambling codes are representative of respective geographic
locations of the device.
34. The device defined in claim 26, wherein the first and second
scrambling codes are representative of an output of a pseudo-random
number generator at different chronological positions.
35. The device defined in claim 26, wherein encoding the identifier
with the first additional data set comprises augmenting the
identifier with the first scrambling code and using the key to
encrypt the result of the augmenting.
36. The device defined in claim 35, wherein encoding the identifier
with the second additional data set comprises augmenting the
identifier with the second scrambling code and using the key to
encrypt the result of the second augmenting.
37. The device defined in claim 25, wherein the first additional
data set includes a key, and wherein encoding the identifier with
the first additional data set comprises using the key to encrypt
the identifier.
38. The device defined in claim 37, the key being a first key,
wherein the second additional data set includes a second key, and
wherein encoding the identifier with the second additional data set
comprises using the second key to encrypt the identifier.
39. The device defined in claim 38, wherein the first and second
keys are representative of an output of a pseudo-random number
generator at different chronological positions.
40. The device defined in claim 25, wherein the new signature
replaces the first signature when the new signature is stored in
the memory.
41. The device defined in claim 25, the controller being further
configured to release the new signature in response to a read
request received from the reader after the second time instant.
42. The device defined in claim 41, wherein the controller is
further configured to accompany the new signature with an index
associated with the second key.
43. The device defined in claim 41, wherein the controller is
caused to generate the new signature upon receipt of the read
request.
44. The device defined in claim 41, wherein the controller is
caused to generate the new signature when the read request is the
Nth in a series of read requests, where N is an integer.
45. The device defined in claim 41, the controller being further
configured to release the first signature in response to a read
request received from the reader at a time instant between the
first and second time instants.
46. The device defined in claim 41, the memory being further
configured to store an index associated with the key, the
controller being further configured to release the index when
releasing the first signature or the new signature.
47. The device defined in claim 45, the memory being further
configured to store an index associated with the key, the
controller being further configured to release the index when
releasing the first signature or the new signature.
48. The device defined in claim 25, wherein the controller is
caused to generate the new signature by receipt of a trigger from
the reader.
49. The device defined in claim 25, wherein the controller is
caused to generate the new signature when a pre-determined amount
of time has elapsed since generation of the first signature.
50. The device defined in claim 25, further comprising a clock
module, wherein the controller is caused to generate the new
signature upon detection of a temporal event by the clock
module.
51. A device for use in contact-less communication with a reader,
comprising: a memory configured to store a signature that encodes a
pre-determined identifier; a transceiver configured to
contactlessly receive read requests from the reader and to
contactlessly transmit responses thereto; a controller configured
to respond to read requests received via the transceiver by
releasing via the transceiver a current version of the signature
stored in the memory, wherein the version of the signature stored
in the memory varies over at least two time instants while
continuing to encode the pre-determined identifier; and a power
source for powering at least the controller.
52. The device defined in claim 51, wherein the controller
implements a clock function to keep time, wherein variations in the
signature are related to variations in the time kept by the clock
function.
53. The device defined in claim 51, the power source being dormant
until a burst of energy from the reader is detected.
54. The device defined in claim 51, further comprising an
externally controllable switch that can be toggled between a first
state and a second state, in the first state the switch
establishing an electrical connection between the power source and
the controller, in the second state the switch breaking the
electrical connection between the power source and the
controller.
55. The device defined in claim 54, wherein the switch is biased in
the second state and is configured to be placed in the first state
upon activation by a user.
56. The device defined in claim 55, wherein activation by the user
comprises the user applying physical contact to a portion of a
surface of the device.
57. The device defined in claim 55, wherein the controller is
configured to generate a new version of the signature when the
switch is placed in the first state.
58. The device defined in claim 57, wherein the controller is
configured to generate said new version of the signature by
encoding the pre-determined identifier with an output of a
pseudo-random number generator.
59. The device defined in claim 57, wherein the controller is
configured to generate said new version of the signature by
encoding the pre-determined identifier with an output of a clock
function.
60. The device defined in claim 57, wherein the controller is
configured to generate said new version of the signature by
encoding the pre-determined identifier with an output of a
counter.
61. The device defined in claim 57, wherein when the switch is
placed in the second state after having been placed in the first
state, and then is returned to the first state, the controller is
configured to generate a further new version of the signature.
62. The device defined in claim 61, wherein the controller is
configured to generate said further new version of the signature by
encoding the pre-determined identifier with an output by a
pseudo-random number generator.
63. The device defined in claim 61, wherein the controller is
configured to generate said further new version of the signature by
encoding the pre-determined identifier with an output of a clock
function.
64. The device defined in claim 61, wherein the controller is
configured to generate said further new version of the signature by
encoding the pre-determined identifier with an output of a
counter.
65. The device defined in claim 51, affixed to an item, wherein the
pre-determined identifier corresponds to information about the
item.
66. The device defined in claim 51, affixed to an item, wherein the
pre-determined identifier corresponds to information about a user
expected to be associated with the item.
67. The device defined in claim 51, implemented in a mobile
communication device.
Description
CROSS-REFERENCE TO RELATED APPLICATION
[0001] This application is a continuation, and claims the benefit
under 35 USC 120, of International Application No.
PCT/CA2007/002343 filed on Dec. 20, 2007 and hereby incorporated by
reference herein.
FIELD OF THE INVENTION
[0002] The present invention relates generally to contact-less tags
and, more specifically, to a contact-less tag having a signature as
well as to applications using the properties of such a tag.
BACKGROUND
[0003] Contact-less tags, such as radio frequency identification
(RFID) tags, are becoming increasingly commonplace in various
commercial applications, two non-limiting examples of which include
access control and inventory management.
[0004] An RFID tag affixed to an item stores a code (e.g., a bit
pattern) that is output in contact-less fashion to a reader, either
in response to a request from the reader or autonomously by the
tag. The reader captures the bit pattern and then an action may be
taken, depending on the commercial application at hand. For
example, in an access control scenario, the captured bit pattern
may reveal that the person presumed to be carrying the tag (by
virtue of an association with the bit pattern) is--or is
not--authorized to enter a building or operate a vehicle. In an
inventory management scenario, the bit pattern may give an
indication of items contained on a pallet, for example, which may
result in certain decisions being taken regarding shipping or
storage of these items.
[0005] In both cases, the ease with which an RFID tag may be read
by a reader enables rapid processing but also may lead to problems.
In the access control scenario, for example, an RFID tag of an
individual authorized to access certain property may be
interrogated and then the bit pattern cloned for use by an impostor
to gain what is in fact unauthorized access to such property.
Similarly, in the inventory management scenario, an acquired
knowledge of the bit pattern associated with a certain item may
allow a malicious party to gain intelligence about inventory
locations that the item's rightful owner (which may include the
manufacturer all the way down to the retail customer) may wish to
keep secret.
[0006] In both of the above scenarios, it is apparent that what is
relevant to a malicious party is the knowledge that a certain bit
pattern output by a certain RFID tag will either give access to
property or indicate the presence of a specific inventory item.
Whether the bit pattern is itself an encrypted version of some
original data is actually of no relevance to the malicious party.
Thus, schemes based on straightforward encryption of the bit
pattern do not mitigate the problems mentioned above.
[0007] Against this background, there is clearly a need in the
industry for a contact-less tag having improved properties.
SUMMARY OF THE INVENTION
[0008] A first broad aspect of the present invention seeks to
provide a method, which comprises generating a first signature by
encoding an identifier with a first additional data set at a first
time instant; responding to a first read request from a tag reader
by releasing the first signature; generating a second signature by
encoding the identifier with a second additional data set at a
second time instant, the second additional data set being different
from the first additional data set; and responding to a second read
request by releasing the second signature.
[0009] A second broad aspect of the present invention seeks to
provide an apparatus, which comprises means for generating a first
signature by encoding an identifier with an additional data set at
a first time instant; means for responding to a first read request
from a tag reader by releasing the first signature; means for
generating a second signature by encoding the identifier with a
second additional data set at a second time instant, the second
additional data set being different from the first additional data
set; and means for responding to a second read request from a tag
reader by releasing the second signature.
[0010] A third broad aspect of the present invention seeks to
provide a computer-readable medium, which comprises
computer-readable program code which, when interpreted by a
computing apparatus, causes the computing apparatus to execute a
method. The computer-readable program code comprises first
computer-readable program code for causing the computing apparatus
to generate a first signature by encoding an identifier with an
additional data set at a first time instant; second
computer-readable program code for causing the computing apparatus
to respond to a first read request from a tag reader by releasing
the first signature; third computer-readable program code for
causing the computing apparatus to generate a second signature by
encoding the identifier with a second additional data set at a
second time instant, the second additional data set being different
from the first additional data set; and fourth computer-readable
program code for causing the computing apparatus to respond to a
second read request from a tag reader by releasing the second
signature.
[0011] A fourth broad aspect of the present invention seeks to
provide a device for use in contact-less communication with a
reader, which comprises a memory configured to store a first
signature generated by encoding an identifier with a first
additional data set at a first time instant; and a controller
configured to generate a new signature by encoding the identifier
with a second additional data set at a second time instant, the
second additional data set being different from the first
additional data set. The controller is further configured to cause
the new signature to be stored in the memory after the second time
instant.
[0012] A fifth broad aspect of the present invention seeks to
provide a device for use in contact-less communication with a
reader, which comprises a memory configured to store a signature
that encodes a pre-determined identifier; a transceiver configured
to contactlessly receive read requests from the reader and to
contactlessly transmit responses thereto; a controller configured
to respond to read requests received via the transceiver by
releasing via the transceiver a current version of the signature
stored in the memory, wherein the version of the signature stored
in the memory varies over at least two time instants while
continuing to encode the pre-determined identifier; and a power
source for powering at least the controller.
[0013] These and other aspects and features of the present
invention will now become apparent to those of ordinary skill in
the art upon review of the following description of specific
embodiments of the invention in conjunction with the accompanying
drawings.
BRIEF DESCRIPTION OF THE DRAWINGS
[0014] In the accompanying drawings:
[0015] FIG. 1 is a block diagram of a system comprising a reader
and a tag, in accordance with a non-limiting embodiment of the
present invention.
[0016] FIG. 2 is a block diagram showing details of the tag, in
accordance with a non-limiting embodiment of the present
invention.
[0017] FIG. 3 illustrates a decoding function implemented by a
controller in the tag, for generation of a signature at two points
in time.
[0018] FIGS. 4A and 4B depict two possible functional architectures
for generation of a signature.
[0019] FIG. 5 illustrates application of an embodiment of the
present invention in an inventory management context.
[0020] FIG. 6A shows application of a non-limiting embodiment of
the present invention in a validation context.
[0021] FIG. 6B is a block diagram of a multi-reader architecture,
in accordance with a non-limiting embodiment of the present
invention.
[0022] FIG. 7A is a flowchart showing operation of a processing
entity of FIG. 6 when considering tags whose signatures encode a
variable scrambling code and that are encrypted using a common key
that is known to the reader or can be determined from an index
supplied with the signature.
[0023] FIG. 7B is a flowchart similar to that of FIG. 7A, but where
the common key is unknown to the reader.
[0024] FIG. 8 shows application of a non-limiting embodiment of the
present invention in an identification context when considering
tags whose signatures are encrypted using a variable key.
[0025] FIG. 9 is a flowchart showing operation of a processing
entity of FIG. 8 when considering tags whose signatures are
encrypted using a variable key.
[0026] It is to be expressly understood that the description and
drawings are only for the purpose of illustration of certain
embodiments of the invention and are an aid for understanding. They
are not intended to be a definition of the limits of the
invention.
DETAILED DESCRIPTION
[0027] With reference to FIG. 1, there is shown a system comprising
a reader 12 and a tag 14. Communication between the reader 12 and
the tag 14 occurs over a contact-less medium 16. In a specific
non-limiting embodiment, the contact-less medium 16 is a wireless
medium that may include a spectrum of radio frequencies. Depending
on the application at hand, the tag 14 could be affixed to: an item
for sale, goods during transportation, a person's clothing, an
animal, a piece of equipment (including communications equipment
such as wireless communications equipment) and so on. For its part,
the reader 12 can be fixed or mobile. In the fixed scenario, the
reader 12 could be located at any desired position within a
building, vehicle, warehouse, campus, etc. In the mobile scenario,
the reader 12 could be implemented in a handheld or portable unit,
for example.
[0028] FIG. 2 shows details of the tag 14, in accordance with a
specific non-limiting embodiment of the present invention. The tag
14 comprises a memory 202, a transceiver 204 (including an
antenna), a controller 206 and a power source 208.
[0029] The memory 202 stores a current signature 212. In addition,
the memory 202 may store a program for execution by the controller
206, including computer-readable program code for causing the
controller 206 to execute various steps and achieve wide-ranging
functionality. In a non-limiting embodiment, the current signature
212 can take the form of a bit pattern having a certain number of
bits. In accordance with an embodiment of the present invention,
the bit pattern exhibited by the current signature 212 is dynamic,
that is to say the current signature 212 changes over time.
[0030] The controller 206 executes various functions that allow
communication to take place via the transceiver 204 between the tag
14 and an external reader such as the reader 12. In what follows,
communications will hereinafter be referred to as occurring with
the reader 12 although it will be appreciated that the tag 14 may
communicate similarly with other external readers that it
encounters.
[0031] As part of its functionality, the controller 206 is
operative to retrieve the current signature 212 from the memory 202
and to release the current signature 212 via the transceiver 204.
Alternatively, depending on the computational capabilities of the
controller 206, the controller 206 can be operative to compute the
current signature 212 on demand and to release via the transceiver
204 the current signature 212 so computed.
[0032] It is recalled that in this embodiment, the current
signature 212 is dynamic. Accordingly, the controller 206 is
operative to communicate with the memory 202 in order to change the
bit pattern of the current signature 212 stored in the memory 202.
This can be achieved by executing diverse functionality that will
be described in greater detail later on, and which may include
implementing functional elements such as an encryption engine 222,
a counter 230, a pseudo-random number generator 240, a geo-location
module 250 and a clock module 260, among others.
[0033] The configuration of the power source 208 and its
inter-relationship with the controller 206 depend on whether the
tag 14 is categorized as "passive", "active" or somewhere in
between. Specifically, the tag 14 may be designed as "passive",
whereby transmissions of the current signature 212 via the
transceiver 204 are effected in response to detection of a burst of
energy via the transceiver 204, such burst of energy typically
coming from the reader 12 issuing a "read request". In this case,
the controller 206 only needs to be powered during the short time
period following the detection of the burst. In fact, the burst
itself can charge the power source 208 for a brief period, enough
to allow the controller 206 to cause transmission of the current
signature 212 via the transceiver 204 in response to the read
request. The current signature 212 may be extracted from the memory
202 or it may be generated on demand, upon receipt of the read
request.
[0034] Alternatively, in some embodiments of an "active" tag,
transmissions of the current signature 212 via the transceiver 204
are similarly effected in response to detection of a read request
via the transceiver 204. In this case, the availability of the
power source 208 allows the controller 206 to transmit the current
signature 212 at a longer range than for passive devices. Certain
active tags also have the capability to switch into a passive mode
of operation upon depletion of the power source 208. In other
embodiments of an active tag, transmissions of the current
signature 212 are effected via the transceiver 204 at instances or
intervals that are controlled by the controller 206. This can be
referred to as autonomous (or unsolicited) issuance of the current
signature 212. To this end, the controller 206 needs to be
continuously powered from the power source 208.
[0035] Active and passive tags may have other features that will be
known to those of skill in the art.
[0036] In still other cases, the power source 208 (either
continually storing a charge or accumulating a sensed charge) can
be connected to the controller 206 via a switch 210, which is
optional. The switch 210 can be toggled between a first state
during which an electrical connection is established between the
power source 208 and the controller 206, and a second state during
which this electrical connection is broken. The switch 210 is
biased in the second state, and can be placed into the first state.
Toggling into the first state can be achieved by a burst of energy
that is sensed at a sensor (not shown) or by use of an activation
element. In various non-limiting embodiments, the activation
element may be a touch-sensitive pad on a surface of the tag 14, or
a mechanical component (e.g., a button). Placing the switch 210
into the first state may also trigger the controller 260 to change
the current signature 212 in the memory 202.
[0037] With reference now to FIG. 3, there is shown conceptually
how the current signature 212 stored in the memory 202 may change
over time. Specifically, different versions of the current
signature 212 (denoted S.sub.A and S.sub.B) are generated by an
encoding function 302 implemented by the controller 206. For
notational convenience, the current signature 212 is used to denote
which of the two signatures S.sub.A, S.sub.B is currently stored in
the memory 202. The encoding function 302 generates the signatures
S.sub.A and S.sub.B by encoding a common "identifier" (denoted
I.sub.D) with a respective "additional data set" (denoted D.sub.A
and D.sub.B) at respective time instants (denoted T.sub.A and
T.sub.B). Thus, at T.sub.A, the signature S.sub.A is generated by
encoding the identifier I.sub.D with the additional data set
D.sub.A, whereas at T.sub.B, the signature S.sub.B is generated by
encoding the identifier I.sub.D with the additional data set
D.sub.B. While in this example, two time instants are shown and
described, this is solely for simplicity, and it should be
understood that in actuality, the current signature 212 may change
many times.
[0038] The identifier I.sub.D is constant, and in one embodiment
conveys information about the item, animal, vehicle, piece of
equipment, etc., to which the tag 14 is affixed. Examples of such
information include, without limitation: a serial number, a
universal product code (UPC), a vehicle registration number (VIN)
and a customized identifier. In another embodiment, the identifier
I.sub.D conveys information about an expected user of the vehicle,
clothing or mobile communication device, computer, restricted
access area, network, etc., to which the tag 14 is affixed.
Examples of such information include, without limitation: a name,
an ID number, a driver's license number, an account number and
login credentials.
[0039] In accordance with a non-limiting embodiment of the present
invention, the additional data sets D.sub.A and D.sub.B are
different, which makes both signatures S.sub.A, S.sub.B different.
In fact, the two signatures S.sub.A, S.sub.B will appear scrambled
relative to one another due to use of the encryption engine 222
within the encoding function 302. More specifically, the signatures
S.sub.A and S.sub.B can be generated from the additional data sets
D.sub.A and D.sub.B in a variety of ways, two of which will be
described herein below.
[0040] First Approach
[0041] In a first approach, described with reference to FIG. 4A,
the identifier I.sub.D is encrypted by the encryption engine 222
with a dynamic key--represented by the additional data sets
D.sub.A, D.sub.B themselves, resulting in the two signatures
S.sub.A, S.sub.B. The two signatures S.sub.A, S.sub.B will be
different because the additional data sets D.sub.A, D.sub.B are
different. In fact, they will appear scrambled relative to one
another when observed by someone who has not applied a decryption
process using a counterpart to the keys used by the encryption
engine 222.
[0042] It will be noted that in order to make the first approach
practical, the reader 12 needs to have knowledge of which key
(i.e., which of the additional data sets D.sub.A, D.sub.B) was used
for encryption of a received one of the signatures S.sub.A,
S.sub.B, in order to effect proper decryption and recover the
identifier I.sub.D. For this purpose, in order to assist the reader
12 in identifying the correct key to be used for decryption, and
with reference again to FIG. 2, the current signature 212 may be
accompanied by an index 214 also stored in the memory 202. The
index 214 may point the reader 12 to the correct key to be used.
The reader 12 may have access to a key database (not shown) for
this purpose.
[0043] For example, consider the case where the keys (in this case,
the additional data sets D.sub.A, D.sub.B) correspond to outputs of
the pseudo-random number generator 240 having a seed known a priori
to the tag 14 and to the reader 12. Here, at T.sub.A, the index 214
may indicate the sequential position in the output of the
pseudo-random number generator 240 that corresponds to the
additional data set D.sub.A, while at T.sub.B, the index 214 may
indicate the sequential position in the output of the pseudo-random
number generator 240 that corresponds to the additional data set
D.sub.B. The reader 12 can then easily find the value occupying the
correct sequential position in the output of an identical local
pseudo-random number generator and effect successful decryption of
the received signature (S.sub.A or S.sub.B).
[0044] Alternatively, the keys (in this case, the additional data
sets D.sub.A, D.sub.B) are provided by the reader 12. This can be
done where the reader 12 (or an entity associated therewith)
decides that a change in the current signature 212 is required. As
a variant, the reader 12 may issue a trigger which, when received
by the controller 206, causes the controller 206 to effect a change
in the current signature 212. In such cases, changes to the key
(and thus to the current signature 212) are effected by the
controller 206 in response to triggers received from the reader
12.
[0045] Second Approach
[0046] For other applications, the approach of FIG. 4B may be
useful. Here, the identifier I.sub.D is augmented with differing
scrambling codes (denoted C.sub.A and C.sub.B), and then encrypted
by the encryption engine 222 with a common key (denoted K), thus
producing the two signatures S.sub.A, S.sub.B. The "additional data
set" D.sub.A used for encryption at T.sub.A is therefore composed
of the key K and the scrambling code C.sub.A, while the "additional
data set" D.sub.B used for encryption at T.sub.B is composed of the
same key K and the scrambling code C.sub.B. The encryption process
can be designed so that small differences (in terms of the number
of bits where there is a difference) between the scrambling codes
C.sub.A and C.sub.B will cause large differences (in terms of the
number of bits where there is a difference) in the resultant
signatures S.sub.A and S.sub.B. Thus, the scrambling codes C.sub.A,
C.sub.B have the effect of scrambling (i.e., randomizing) the
resultant signatures S.sub.A, S.sub.B.
[0047] The controller 206 is responsible for determining which
scrambling code is to be used to generate a particular signature at
a particular time instant. The current version of the scrambling
code can be stored in the memory 202 and is denoted 220 for
convenience. It will be appreciated based on the above description
that the scrambling code C.sub.A corresponds to the current
scrambling code 220 at T.sub.A and that the scrambling code C.sub.B
corresponds to the current scrambling code 220 at T.sub.B.
[0048] Continuing with the second approach, several classes of
embodiments are contemplated for changing the current scrambling
code 220. In a first class of embodiments relevant to the approach
of FIG. 4B, the current scrambling code 220 is changed in a way
that can be predicted by the reader 12, that is to say, where the
reader 12 (or an entity associated therewith) has knowledge of how
each successive scrambling code is generated.
[0049] For example, the current scrambling code 220 can be changed
each time (or, generally, each N.sup.th time where N.gtoreq.1) that
the controller 206 receives a read request or releases the current
signature 212 in response to a read request. This can ensure that
the current signature 212 is different each N.sup.th time that the
controller 206 receives a read request. Alternatively, the current
scrambling code 220 is changed every the current scrambling code
220 can be changed every set period of time (ex. every N seconds,
minutes, hours, days, etc.). The variations in the current
scrambling code 220 may governed in a variety of ways that are
predictable to the reader 12. For example, the controller 206 may
implement a counter 230, whose output is incremented (by a step
size that can equal unity or can be negative, for example) after
each N.sup.th time that the controller 206 responds to a read
request received from a nearby reader (or each N seconds, etc.). If
the current scrambling code 220 is set to correspond to the current
output of the counter 230, then the scrambling codes C.sub.A,
C.sub.B used to generate the two signatures S.sub.A, S.sub.B will
differ by the step size.
[0050] Alternatively, the controller 206 may implement the
aforesaid pseudo-random number generator 240, which produces an
output that depends on one or more previous values of the output
and on a seed. If the current scrambling code 220 is set to
correspond to the current output of the pseudo-random number
generator 240, then the scrambling codes C.sub.A, C.sub.B used to
generate the two signatures S.sub.A, S.sub.B will differ in
accordance with the characteristics of the pseudo-random number
generator 240.
[0051] Other variants will become apparent to those of skill in the
art without departing from the scope of the present invention.
[0052] In a second class of embodiments relevant to the approach of
FIG. 4B, the additional data sets D.sub.A, D.sub.B are not only
predicted by the reader 12 but are actually controlled by the
reader 12. This can be useful where the reader 12 (or an entity
associated therewith) decides that a change in the current
signature 212 is required. Alternatively, and recognizing that the
key K is common to both of the additional data sets D.sub.A,
D.sub.B, the reader 12 could supply the unique portions of the
additional data sets D.sub.A, D.sub.B, namely the scrambling codes
C.sub.A, C.sub.B.
[0053] As a variant, the reader 12 may simply issue a trigger
which, when received by the controller 206, causes the controller
206 to effect a change in the current signature 212. In such cases,
changes to the current signature 212 are effected by the controller
206 in response to triggers received from the reader 12.
[0054] In a third class of embodiments relevant to the approach of
FIG. 4B, it may be desired to change the signatures S.sub.A,
S.sub.B in a stochastic way, that is to say, without the need to
follow an underlying pattern that could be predicted by the reader
12.
[0055] For example, the controller 206 may implement the
aforementioned geo-location module 250, which is configured to
output a current spatial position of the tag 14 or of an item or
person to which it is affixed. If the current scrambling code 220
is set to correspond to the current output of the geo-location
module 250, then the scrambling codes C.sub.A, C.sub.B used to
generate the two signatures S.sub.A, S.sub.B will differ in a
stochastic fashion.
[0056] Alternatively, the controller 206 may implement a clock
module 260, which is configured to determine a current time. If the
current scrambling code 220 is set to correspond to a value
measured by the clock module 260 (e.g., number of milliseconds
elapsed since midnight of the day before), then the scrambling
codes C.sub.A, C.sub.B used to generate the two signatures S.sub.A,
S.sub.B will differ in a stochastic fashion.
[0057] While the above embodiments have focused on temporal
variations in the current signature 212 stored in the memory 202 of
the tag 14, it is also within the scope of the present invention
for the current signature 212 stored in the memory 202 of two
different tags to be different at a common time instant (e.g., at a
time when the tags are being read in bulk). This can be referred to
as spatial scrambling. More particularly, with reference to FIG. 5,
a plurality of tags 514 are affixed to a number of units 506 of a
particular article. The units 506 may be arranged on a pallet 508,
on a shelf or in a container, for example. To take a simple
non-limiting example, the article in question can be a pair of
denim jeans of a certain brand, size, style and color. Of course,
the article could be any other item of which multiple units are
available, such as a consumer product, food product, vehicle, etc.
Other possibilities that may appear to one of skill in the art are
within the scope of the present invention.
[0058] The tags 514 store respective signatures 510 that are each
derived by encrypting an identifier 550 (common to the tags 514)
and a respective one of a plurality of current scrambling codes 520
(different for the various tags 514) with a common key. The common
identifier 550 can be used to identify the article in question (in
this case, a pair of jeans of a particular brand, size, style,
color, etc.). To ensure that the signatures 510 appear scrambled
while nevertheless encrypting the common identifier 550, approaches
such as the following may be taken.
[0059] In one non-limiting approach, a centralized entity generates
unique current scrambling codes 520 and unique signatures 510 for
each of the tags 514. The tags 514 are pre-loaded with their
respective unique signatures 510 before being affixed to the units
506. In this approach, the unique signatures 510 are fixed, as a
result of which the tags 514 can be greatly simplified since they
do not need to perform any processing functions. Practically
speaking, this allows a distributor to purchase a plurality of tags
514 that have been pre-loaded with unique signatures 510 in order
to securely identify the units 506 of a particular article.
[0060] In another non-limiting approach, the tags 514 may each
operate a respective clock module which, though structurally
identical, may output different results, due to differences in
oscillation characteristics (e.g., the oscillation crystals used,
etc.) This will result in differences between the current
scrambling code produced based on an output of the clock module of
one of the tags 514 and the current scrambling code produced based
on an output of the clock module of another one of the tags 514,
albeit at the same time instant.
[0061] In yet another non-limiting approach, different current
scrambling codes 520 can be produced as a result of the tags 514
each operating a respective pseudo-random number generator using a
different seed, which could be pre-loaded by the above mentioned
centralized entity.
[0062] Still other ways of making the current scrambling codes 520
different among the various tags 514 are within the scope of the
present invention.
[0063] It is noted that the signatures 510 will tend to be widely
varying even if the differences in the current scrambling codes 520
used to generate them are small, this effect being due to
application of an encryption process, even when a common key is
used. In fact, to an observer not equipped with the complementary
key for decryption (which may be the same as the common key in a
symmetric encryption scenario), the signatures 510 corresponding to
the various units 506 on the pallet 508 will appear scrambled. This
provides protection against external observers (e.g., thieves,
corporate intelligence investigators) who may have gathered
knowledge of signatures output by one or more units of the article
in the past (e.g., from a previous purchase--or knowledge of a
previous shipment--of the same brand, size, style and color of
jeans) and are now on the lookout for the presence of units of the
same article on the pallet 508. On the other hand, by using the
appropriate key in order to decrypt any of the signatures 510, then
no matter how diverse one such signature is from another, the
common identifier 550 will be revealed alongside a stochastically
derived scrambling code.
[0064] In order to allow the reader 12 to identify the appropriate
key for decryption, each of the signatures 510 may be accompanied
by the aforesaid index 214 stored in the memory 202. The index 214
may point the reader 12 to the correct key for decryption. For
example, the index 214 could be a piece of public information such
as a manufacturer identification code or a product category, such
information being common to the units 506 but sufficiently generic
to be of little value to an outside observer. This will allow the
reader 12 (or an entity associated therewith) to select the correct
key for decryption by accessing a table of keys (not shown) on the
basis of the index. Such an approach can be useful to accelerate
the decryption process and reduce the incidence of false positives
(successful but inadvertent decryption of the wrong identifier)
when multiple keys are potentially available to the reader 12.
[0065] It should also be appreciated that the signatures 510 on the
various tags 514 can, in addition, be designed to change in a
dynamic fashion (as described earlier), thus providing, in addition
to spatial scrambling of the signatures 510, temporal scrambling of
the signatures 510 that leads to even greater security vis-a-vis
external observation.
[0066] In view of the foregoing, it should thus be appreciated that
a common identifier, which is encoded within a plurality of
signatures that vary over space (for multiple tags) and/or time
(for the same tag), can be extracted by the reader 12 (or an entity
associated therewith) by utilizing the appropriate key for
decryption. This allows the reader 12 (or an entity associated
therewith) to perform [0067] (I) validation of the identifier based
on the signature and/or the scrambling code; and/or [0068] (II) an
action related to identification, based on the identifier.
[0069] Both of these scenarios, which are not mutually exclusive,
are now described in some detail.
[0070] In scenario (I), a dynamic scrambling code is used in the
generation of a signature that continually encodes the same
identifier, and it is of interest to recover the current scrambling
code to detect a potential instance of tag cloning. Accordingly,
with reference to FIG. 6A, there is shown a system that is similar
to the system of FIG. 1. In addition, the system of FIG. 6A
comprises a processing entity 610 that implements a validation
operation, as will be described herein below. In various
embodiments, the processing entity 610 referred to above may be
connected to the reader 12, or it may be a remote entity. Such a
remote entity may be reachable over a network, or it may be
integrated with the reader 12. The system of FIG. 6A also includes
a storage entity, such as a database 602, that is accessible to the
processing entity 610 and stores a plurality of records 604, each
associated with a respective identifier. For the purposes of the
present example, one can consider that each identifier for which
there exists a record in the database 602 is indicative of a
privilege to access certain property or make certain transactions,
although other scenarios are possible without departing from the
scope of the present invention.
[0071] In accordance with one embodiment of the present invention,
each of the records 604 also comprises a field 606 indicative of
zero or more scrambling codes 608 that were encoded in signatures
which were previously received and which encoded the respective
identifier for that record. Thus, receipt of a particular signature
that encodes the identifier in a given one of the records 604 as
well as one of the scrambling code(s) 608 stored in the
corresponding field 606 will indicate that the particular signature
has been previously received and therefore its instant receipt may
be indicative that a cloning attempt has been made.
[0072] More specifically, with reference to the flowchart in FIG.
7A, consider what happens following step 710 when a signature
S.sub.X is received at a particular time instant by the reader 12.
At the time of receipt, whether the signature S.sub.X encodes any
particular identifier or scrambling code is unknown to the reader
12. At step 730, an attempt to decrypt the signature S.sub.X is
made by the processing entity 610 using a decryption key K.sub.X.
The decryption key K.sub.X may be known in advance to the
processing entity 610. Alternatively, as shown in step 720, the
signature S.sub.X may be accompanied by an index that allows the
processing entity 610 to determine the appropriate decryption key
K.sub.X. The result of the decryption attempt at step 730 is a
candidate identifier I.sub.X and a candidate scrambling code,
denoted C.sub.X.
[0073] At step 740, the processing entity 610 consults the database
602 based on the candidate identifier I.sub.X in an attempt to
identify a corresponding record and extract therefrom a list of
scrambling code(s) that have been received in the past in
association with the candidate identifier I.sub.X. For the purposes
of the present example, it is useful to assume that such a record
exists (i.e., the "YES" branch is taken out of step 740), but if
there is no such record, this may indicate that there is a
high-level failure requiring further action. At step 750, the
processing entity 610 compares the candidate scrambling code
C.sub.X to the scrambling code(s) 608 in the field 606 of the
record identified at step 740 and corresponding to identifier
I.sub.X.
[0074] If there is a match, this indicates that the scrambling code
C.sub.X has been used in the past in association with the
identifier I.sub.X. Under certain conditions, this may lead the
processing entity 610 to conclude that the validation operation was
unsuccessful.
[0075] For example, if the signature S.sub.X was expected to change
at least as often as every time that the tag on which it is stored
was read, then the fact that the scrambling code C.sub.X matches
one of the scrambling code(s) 608 stored in the field 606 of the
record corresponding to identifier I.sub.X may lead the processing
entity 610 to conclude that the validation operation was
unsuccessful. Alternatively, if the signature S.sub.X was expected
to change every N.sup.th time that the tag on which it is stored
was read, then the processing entity 610 may look at how many of
the scrambling code(s) 608 stored in the field 606 of the record
corresponding to identifier I.sub.X correspond to the scrambling
code C.sub.X, and if this number is greater than or equal to N,
this may lead the processing entity 610 to conclude that the
validation operation was unsuccessful. Alternatively still, if the
signature S.sub.X was expected to change at least as often as every
N seconds etc., then the processing entity 610 may look at how long
ago it has been since a matching one of the scrambling code(s) 608
was first stored in the field 606 of the record corresponding to
identifier I.sub.X, and if this time interval is greater than or
equal to a pre-determined number of seconds, minutes, hours, days,
etc., this may lead the processing entity 610 to conclude that the
validation operation was unsuccessful. Where a conclusion is
reached that the validation operation was unsuccessful, the
privilege to access the property or make transactions may be
revoked or at least questioned on the basis of suspected tag
cloning.
[0076] On the other hand, if there is no match between the
scrambling code C.sub.X and any of the scrambling code(s) 608
stored in the field 606 of the record corresponding to identifier
I.sub.X, this may lead the processing entity 610 to conclude that
the validation operation was potentially successful. In such a
case, the default privilege to access the property or make
transactions may be granted (or at least not revoked on the basis
of suspected tag cloning).
[0077] In accordance with an alternative embodiment of the present
invention, the field 606 in the record associated with each
particular identifier may be indicative of an "expected" scrambling
code, i.e., the scrambling code that should (under valid
circumstances) be encoded in a signature received from a tag that
encodes the particular identifier. Alternatively, the field 606 in
the record associated with each particular identifier may be
indicative of an "expected" signature, i.e., the signature that
should (under valid circumstances) be received from a tag that
encodes the particular identifier. Thus, upon receipt of the
signature S.sub.X, if it is found to correspond to the expected
signature (or if the scrambling code C.sub.X is found to correspond
to the expected scrambling code), this may lead the processing
entity 610 to conclude that the validation operation was
potentially successful. On the other hand, if there is no match
between the signature S.sub.X and the expected signature stored in
the database 602 (or between the scrambling code C.sub.X and the
expected scrambling code), this may lead the processing entity 610
to conclude that the validation operation was unsuccessful.
[0078] It should be appreciated that in the above alternative
embodiments, the processing entity 610 may obtain knowledge of the
expected scrambling code or the expected signature by implementing
plural pseudo-random number generators for each of the identifiers,
analogous to the pseudo-random number generator 240 implemented by
the controller 206 in a given tag 14, which produces an output that
depends on one or more previous values of the output and on a seed.
Thus, the next output of the pseudo-random number generator
implemented by the processing entity 610 for a given identifier
allows the processing entity 610 to predict the scrambling code (or
the signature) that should be received from a tag legitimately
encoding the given identifier. In another embodiment, the
processing entity 610 may know what is the expected scrambling
code/signature because it has instructed the reader 12 to cause
this expected scrambling code/signature to be stored in the memory
of the tag.
[0079] In accordance with an alternative embodiment of the present
invention, the database 602 simply comprises a running list of all
signatures that have been received in the past. Thus, upon receipt
of the signature S.sub.X, if it is found to correspond to one of
the signatures on the list, this may lead the processing entity 610
to conclude that the validation operation was unsuccessful. On the
other hand, if there is no match between the signature S.sub.X and
any of the signatures stored in the database 602, this may lead the
processing entity 610 to conclude that the validation operation was
potentially successful (or at least not unsuccessful).
[0080] It should also be appreciated that having obtained the
identifier I.sub.X, the processing entity 610 may also perform an
action related to identification of an item associated with the
particular tag that encoded the identifier I.sub.X.
[0081] In a first example of an action related to identification,
the processing entity 610 may simply note the fact that the item
(bearing the identifier I.sub.X) was encountered in a vicinity of
the reader 12. This information may be stored in a database (not
shown) or sent as a message, for example. In an inventory
management scenario, the processing entity 610 may consult an
inventory list and "check off" the item as having been located, or
may signal that the presence of a spurious item (that is not on the
inventory list) has been detected.
[0082] In another example of an action related to identification,
the processing entity 610 may consult another database (not shown)
in order to ascertain whether the identifier is on a list of
identifiers associated with individuals/objects permitted to
access, or prohibited from accessing, certain property. Examples of
property include, without limitation: computing equipment, a
computer network, a building, a portion of a building, an entrance,
an exit and a vehicle.
[0083] In another example of an action related to identification,
the processing entity 610 may consult another database (not shown)
in order to ascertain whether the identifier is on a list of
identifiers associated with individuals permitted to effect, or
prohibited from effecting, a transaction, which could be a
financial transaction or a login to controlled online content, for
example.
[0084] FIG. 7B shows a variant where multiple keys are possible but
no index (or one that does not permit identification of the
appropriate decryption key) is provided along with the signature
S.sub.X. Specifically, taking the "NO" branch after step 750 does
not conclude the validation operation. Rather, the validation
operation goes through step 770 where a next key is selected and
then the validation operation returns to step 730, whereby steps
730 through 770 are re-executed until the earlier occurrence of (i)
taking the "YES" branch at step 750 and (ii) exhaustion of all
keys, which can result in the equivalent of taking the "NO" branch
out of 740 (i.e., this may indicate that there is a high-level
failure requiring further action).
[0085] It should be appreciated that in the above embodiments,
encryption and decryption can be effected using various techniques
known in the art, including encryption using a symmetric key, an
asymmetric key pair, a public/private key pair, etc., as well as in
accordance with a variety of algorithms and protocols For example,
RSA and ECC are suitable examples of asymmetric encryption
algorithms, while AES, DES, and Blowfish are suitable examples of
symmetric algorithms. Still other possibilities exist and are
within the scope of the present invention.
[0086] In the above example with reference to FIGS. 6A, 7A and 7B,
although a single reader was described and illustrated, it should
be appreciated that it is within the scope of the present invention
to provide a multi-reader architecture, as shown in FIG. 6B. A
plurality of readers 1012 are connected to each other and to a
centralized control entity 1010 by a network 1030, which can be a
public packet-switched network, a VLAN, a set of point-to-point
links, etc. In such a case, the centralized control entity 1010
(e.g., a network controller) can implement the functionality of the
processing entities 610, including encryption and validation. To
this end, the centralized control entity 1010 maintains a master
database 1020, which includes the equivalent of a consolidated
version of various instances of the database 602 previously
described as being associated with the reader 12 in the
single-reader scenario.
[0087] Thus, decryption and validation can be performed entirely in
the centralized control entity 1010. Alternatively, certain
functionality (such as decryption) can be performed by the readers
1012 while other functionality (such as validation) can be
performed by the centralized control entity 1010. Still
alternatively, the processing entities 610 can inter-operate
amongst themselves in the absence of the centralized entity 1010,
thereby to implement decryption on a local basis, and the
validation operation in a joint fashion. In such a distributed
scenario, the master database 1020 can still be used, or the
processing entities 610 can communicate with one another to share
information in their respective databases 602.
[0088] In scenario (II), a dynamic key is used in the generation of
a signature that encodes a constant identifier, and it is of
interest to recover the underlying identifier despite the
time-varying key. Accordingly, with reference now to FIG. 8, there
is shown a system that is similar to the system of FIG. 1. In
addition, the system of FIG. 8 comprises a processing entity 810
that implements an identification operation, as will be described
herein below. The processing entity 810 may be connected to the
reader 12, or it may be a remote entity. Such a remote entity may
be reachable over a network, or it may be integrated with the
reader 12. It should be understood that the system in FIG. 8 is
being shown separately from the system in FIG. 6; however, it is
within the scope of the present invention to combine the
functionality of both systems.
[0089] With reference to the flowchart in FIG. 9, consider what
happens following step 910 when a signature S.sub.Y is received
from a particular tag at a particular time instant by the reader
12. The signature S.sub.Y is assumed to have been generated by
encrypting an identifier I.sub.Y using an encryption key that
varies in a dynamic fashion. To this end, the particular tag may
have generated the dynamic encryption key based on, for example:
[0090] the output of the aforementioned clock module 260 (e.g., in
terms of seconds, minutes or hours of elapsed time since an event
known also to the processing entity 810); [0091] the output of the
aforementioned geo-location module 250; [0092] an index; [0093] a
seed for use by a pseudo-random number generator.
[0094] Still other possibilities are within the scope of the
present invention. The decryption key can then be determined based
on the above quantity. For example, the decryption key could be the
above-mentioned output of the clock module or the geo-location
module. Alternatively, the encryption key could be the output of a
table or a pseudo-random number generator (both known to the
processing entity 810) based on the above-mentioned seed, or at a
position that corresponds to the above-mentioned index. In the
latter case, the index or seed can be supplied along with the
signature S.sub.Y.
[0095] In accordance with the present embodiment, once the
signature S.sub.Y is read by the reader 12, the processing entity
810 is expected to determine the appropriate decryption key,
denoted K.sub.Y. Accordingly, at step 930, the processing entity
810 first determines a dynamic parameter that will allow the
decryption key K.sub.Y to be determined. Examples of the dynamic
parameter include: [0096] the output of a clock module (which
attempts to emulate the aforementioned clock module 260) at the
time of receipt of the signature S.sub.Y (e.g., in terms of
seconds, minutes or hours of elapsed time since a known event);
[0097] the output of a geo-location module (which can be similar to
the aforementioned geo-location module 250); [0098] the index or
seed provided along with the signature S.sub.Y.
[0099] Next, at step 940, the processing entity 810 obtains the
decryption key K.sub.Y based on the dynamic parameter determined at
step 930. For example, where the dynamic parameter corresponds to
the output of a clock module or a geo-location module, the
decryption key K.sub.Y could be the dynamic parameter itself.
Alternatively, where the dynamic parameter is an index or a seed,
the decryption key K.sub.Y could be the output of the
aforementioned table or pseudo-random number generator known to the
processing entity 810, at a position that corresponds to the
received index, or using the received seed.
[0100] Once the decryption key has been obtained, the signature
S.sub.Y is decrypted at step 950 using the decryption key. This
leads to extraction of the identifier I.sub.Y. It is noted that a
scrambling code was not required in this embodiment, although its
use is not disallowed. Having obtained the identifier I.sub.Y, the
processing entity 810 proceeds to step 960, where it performs an
action related to identification of an item associated with the
particular tag that encoded the identifier I.sub.Y.
[0101] In a first example of an action related to identification,
the processing entity 810 may simply note the fact that the item
(bearing the identifier I.sub.y) was encountered in a vicinity of
the reader 12. This information may be stored in a database (not
shown) or sent as a message, for example. In an inventory
management scenario, the processing entity 810 may consult an
inventory list and "check off" the item as having been located, or
may signal that the presence of a spurious item (that is not on the
inventory list) has been detected.
[0102] In another example of an action related to identification,
the processing entity 810 may consult another database (not shown)
in order to ascertain whether the identifier is on a list of
identifiers associated with individuals/objects permitted to
access, or prohibited from accessing, certain property. Examples of
property include, without limitation: computing equipment, a
computer network, a building, a building, a portion of a building,
an entrance, an exit and a vehicle.
[0103] In yet another example of an action related to
identification, the processing entity 810 may consult another
database (not shown) in order to ascertain whether the identifier
is on a list of identifiers associated with individuals permitted
to effect, or prohibited from effecting, a transaction, which could
be a financial transaction or a login to controlled online content,
for example.
[0104] It should be appreciated that the processing entity 810 may
also perform an action related to validation of the identifier
I.sub.Y in conjunction with the above action related to
identification. Specifically, in accordance with one embodiment of
the present invention, the processing entity may consult a variant
of the aforementioned database 602, where each of the records 604
now includes a field indicative of zero or more signatures which
were previously received and which encoded the respective
identifier for that record. Thus, receipt of a particular signature
that encodes the identifier in a given one of the records 604 as
well as one of the signature(s) stored in the corresponding field
will indicate that the particular signature has been previously
received and therefore its instant receipt may be indicative that a
cloning attempt has been made.
[0105] In the above example with reference to FIGS. 8 and 9,
although a single reader was described and illustrated, it should
be appreciated that it is within the scope of the present invention
to provide a multi-reader architecture, as in FIG. 6B.
[0106] Also, those skilled in the art will appreciate that in some
embodiments, the functionality of any or all of the processing
entity 610, the processing entity 810, the reader 12 and the
readers 1012 may be implemented using pre-programmed hardware or
firmware elements (e.g., application specific integrated circuits
(ASICs), electrically erasable programmable read-only memories
(EEPROMs), etc.), or other related components. In other
embodiments, the functionality of the entity in question may be
achieved using a computing apparatus that has access to a code
memory (not shown) which stores computer-readable program code for
operation of the computing apparatus, in which case the
computer-readable program code could be stored on a medium which is
fixed, tangible and readable directly by the entity in question
(e.g., removable diskette, CD-ROM, ROM, fixed disk, USB drive), or
the computer-readable program code could be stored remotely but
transmittable to the entity in question via a modem or other
interface device (e.g., a communications adapter) connected to a
network (including, without limitation, the Internet) over a
transmission medium, which may be either a non-wireless medium
(e.g., optical or analog communications lines) or a wireless medium
(e.g., microwave, infrared or other transmission schemes) or a
combination thereof.
[0107] While specific embodiments of the present invention have
been described and illustrated, it will be apparent to those
skilled in the art that numerous modifications and variations can
be made without departing from the scope of the invention as
defined in the appended claims.
* * * * *