In secret sharing, the only means of decrypting a code—which, in this scenario, would be an EPC—is by collecting an adequate number of shares of the key needed for decryption. "You take a secret key, and you share the secret key such that if you have less than, say, 10 of the shares, you cannot recover the secret key," Pappu explains. "It is similar to the scenario in which you are trying to launch a missile, but you need five generals out of a total of seven generals to be present before you can launch."
Using the privacy-through-dispersion model, the EPC encoded to Item A's tag—and all of the other razors with which it would have been shipped—would have been encrypted early in the supply chain: after Item A was packed into a case, and before that case left the manufacturer's case-packing facility. "
Encryption, in this system, is a bulk operation," Juels states. "[That is], it is applied to clusters of objects, and not to objects individually." He adds, however, that there is some flexibility to add or remove individual tags from the cluster without disrupting the ability to decrypt individual tags.
|
|
Ari Juels
|
The key needed to decrypt any EPC in a case of tagged items would be split it up among the tags attached to other units packed in the same case. The software required to encrypt and decrypt the EPCs would reside on interrogators used to encrypt and decrypt the tags. To encrypt the tags, the software would use algorithms to create a key and then assign shares of that key to a pre-set number of EPCs in the tag population. To decrypt any of the encrypted tags, the reader would need to either collect or have access to, through a network connection, enough key shares to generate the whole key—again, using algorithms in the software. According to Pappu, upgrading readers with firmware enabling them to encrypt and decrypt the tag is the only change users of EPC technology in the supply chain would require—but each party that ships or receives tagged goods would need the software, and the algorithms it contains, to decrypt the EPCs.
Upon receiving the case containing Item A at its loading dock, the store would read all of the tags within the case and, thereby, capture the required number of shares to decrypt them all, including Item A's tag. The number of shares required to deduce the key and use it to decrypt any tag would be lower than the total number of shares in the case, Ravi says. This way, the failure to read a few of the tags within a case—due to RF interference or some other problem—would not limit the receiver's ability to attain the key.
Once the case is received at a store, any
interrogator connected to the store network would have access to the key needed to decrypt the tag on Item A, or on any other tag shipped in the same case, enabling store employees to perform shelf-level inventory or read the EPC at the point of sale (or on a return).
THE WORLD'S RFID AUTHORITY
PREMIUM = Requires Subscription. Learn More
