Without encrypting the EPC encoded to Item A, Shopper A would walk out of the store and (assuming Item A's tag had not been killed at the point of sale) anyone with an EPC Gen 2 reader would be able to read the tag and, by comparing it with a database of EPCs and the product information associated with those EPCs, figure out that Shopper A had purchased the razor. This could easily be accomplished without Shopper A's knowledge, thereby violating that person's assumed privacy. But if the EPC encoded to the tag had been encrypted using the proposed scheme, the snoop wouldn't be able to read the tag without also reading enough tags on the razors shipped along with Item A to complete the key needed to decrypt Item A's EPC. And because most of those other tags would be located in the back of the store, in a secured area, it would be extremely difficult for an unauthorized person to access them.
Most likely, Shopper A wouldn't care whether someone could determine, by reading an unencrypted EPC, that he or she was carrying a new razor blade. But there are other products—such as OxyContin, Viagra or certain other pharmaceutical items—about which a person might feel much more guarded, and prefer to keep private.
Pappu and Juels say they hope to arrange for the first real-world tests of privacy-through-dispersion to be conducted on a pharmaceutical product, in a closed-loop supply chain. The privacy-through-dispersion model is irrelevant for drugs shipped in bulk containers to pharmacies, where they are dispensed in smaller bottles to fill prescriptions. However, it might be useful for tags applied at the item level to medicines shipped through a supply chain, although it's uncertain at this point if such tags would be encoded with any data that could be easily used to identify the drugs.
"[The privacy-through-dispersion approach] can't be adopted overnight, but our vision is to find opportunities to try it out and see the value," Pappu says. Both ThingMagic and RSA have filed patents on privacy-through-dispersion, and Pappu says ThingMagic may eventually commercialize the software enabling the data protection scheme. The paper describing the elemental tenets of privacy-through-dispersion has been published
here, on the Web site of the
International Association for Cryptologic Research, and is currently under peer review.
In addition, Pappu and Juels note that manufacturers could employ privacy-through-dispersion encryption to help authenticate their products as they move through the supply chain, by sharing the secret key among tags applied to the many cases that make up shipments. If, for instance, 10 cases are supposed to be enough to get the key, and a system fails to collect an adequate number of shares after it reads the EPCs from 10 cases, then a company could assume there are some counterfeit tags (and possibly counterfeit products) within those cases, Pappu says.
THE WORLD'S RFID AUTHORITY
PREMIUM = Requires Subscription. Learn More
