End-to-End Encrypted RFID Communication

Standard Data Carriers Offer no Security Against Manipulation

With conventional RFID tags there is usually no data security of the data stored on the tag. Unauthorized individuals can intercept the data – the EPC, for example – during a reading process and then copy or manipulate it in its entirety. The result: genuine products can be exchanged for counterfeit ones. The detection of a 100 percent cloned tag would nevertheless pass on the supposedly correct information to supervisory systems with potentially severe consequences.

If, for example, the tag of a tool is copied and transferred to a counterfeit tool, a reader without a corresponding integrated safety solution in a machine will recognize the tool as original and the production process will be initiated. In the worst case scenario, the machine and the part to be manufactured will be damaged.

Secure Element and OPC UA Increase the Security Level

To circumvent this problem, Balluff uses an OPC UA-enabled UHF RFID reader with a secure element integrated on the board. The BIS U-6127 UHF Long Range RFID Reader from Balluff features the Secure Element CmASIC. The Secure Element is a hardware component and thus already offers a high level of physical protection against manipulation compared to security solutions based purely on software.

Data on the RFID tag is digitally signed and optionally encrypted. The digital signature is compared with the key that is securely stored in the Secure Element. The authenticity of the data on the RFID tag is checked. The integrated OPC UA technology ensures secure end-to-end communication between tag and reader.

High-Performance Encryption Despite Limited Storage Capacity

The data on the tag is encrypted with an Elliptic Curve Digital Signature Algorithm (ECDSA). This method is suitable for storing data on low-cost RFID tags with small data storage capacities of 64 bytes with a high security level.