In an effort to help combat product counterfeiting, Atmel Corp. has created the CryptoRF, which is a 13.56 MHz RFID device with a 64-bit embedded cryptographic engine, mutual authentication capability and up to 16 individually configurable zones.
By locking product authenticity in hardware, this new device creates unique "signatures" based on information that is never transmitted or allowed to be accessed in any way. CryptoRF supports a mutual authentication protocol to establish a trusted link between itself and a host reader. The CryptoRF device and the host reader demonstrate knowledge of respective non-readable secrets stored within them without actually transmitting the secrets.
A unique cryptogram is generated for each transaction, so a cryptogram intercepted during a transaction cannot be used to effect a second transaction. The likelihood of a "fake" device creating the appropriate cryptogram is about one in a quintillion, according to the company. Recognizing an industry need for definitions and guidance about RFID-related data security, AIM Global has produced a document to assist system designers as they assess RFID systems and the potential vulnerabilities to the data communications.
The document looks at systemic solutions that prevent unauthorized or inadvertent access to data on an RFID tag and in an RFID system. It is intended to provide guidance to users and systems designers on potential threats to data security and countermeasures available to provide RFID data security.
Each CryptoRF device has its own set of authentication keys therefore every device is unique. Fuse bits are blown to permanently lock the security information within the device.
In 2007 over $600 billion worth of counterfeited products was seized.