Title: (S3) SCENARIO 3: AN IDENTITY MANAGER FOR RFID TAGS

(S3) Scenario 3: An Identity Manager for RFID Tags

Article in a mobile computing journal, section “new developments”:  

Singsang Inc. announces new CKP-509 phone with RFID tag management functions 

The Singsang Inc. is going to launch the new exclusive CKP-509 mobile phone onto the market end of February 2011. This phone integrates advanced management functions for RFID tags according to the EPC global 4.0 standard. […] 

The phone has an integrated RFID reader and writer and is able to detect RFID tags in reading rage. In addition it is able to take over access control by changing the cryptographic key from the vendor’s default key to a managed one. It also is able to communicate with V4.0 compliant RFID readers. This enables the transfer of the access key in an encrypted way to the reader so that the tag can be accessed by the reader. Transfer of keys to readers can be done (semi-)automatically based on policies, so that in defined cases no user interaction is necessary. At the same time the phone logs any access to the tag. A sophisticated log file analyser called “data track” allows log file analysis and informs the user, who accessed the tag and for what purpose.  

According to the EPC 4.0 standard all communication between management device, reader and tag is encrypted (AES, 256 bit key). Key exchange is done using asymmetric cryptography. Reader and phone bear a certificate for identification; certificates can be verified against the existing public key infrastructure (PKI), operated by EZ-Trust.