More RFID Journal Sites: RFID Journal Espanol RFID Journal Brasil RFID Journal Events RFID Journal Awards
Pharmaceutical EXPERT VIEWS
Text size:
T
T
T
An RFID Tag Data Security Infrastructure Approach for Items
Elliptic Curve Cryptography (ECC) RFID Security
A standardized cryptography method is a vital part of the TDSI for both tag-data encryption/decryption and authentication. Meeting these goals is a new public-key cryptography standard: the Institute of Electrical and Electronic Engineers' (IEEE) Standard 1363a Elliptic Curve Cryptographic (ECC) algorithm. The National Security Agency (NSA) has selected ECC as critical technology for protecting mission-critical national security information. For RFID applications, ECC enables very fast signature creation, ensuring no incremental delays in production-line operation. The IEEE Standard 1363a ECC algorithm provides the equivalent level of security as 1,024-bit RSA encryption, but uses 75 percent less tag memory for a digital signature. What's more, ECC's efficiency provides a high level of security to supply chain RFID tags without increasing computing power, complexity or cost.
The Path to a Tag Data Security Infrastructure
The TDSI is designed for flexible and secure item-level tagging deployment throughout the supply chain. For it to become a reality, pharmaceutical manufacturers, distributors and retailers must agree on the rules, specifications and methods of deployment.
From a technical perspective, the working groups in the process of defining the EPC item-tagging specification for high-frequency (HF) and ultrahigh-frequency (UHF) could consider adopting the IEEE Standard 1363a ECC algorithm. To make the hardware infrastructure available to the industry, reader manufacturers and other RFID solution providers would incorporate the IEEE 1363a ECC standard into their devices as part of their product offerings.
In parallel with the introduction of the Gen 2 specification, EPCglobal established a certification procedure to address both compliance and interoperability. The organization's role in establishing an item-level specification could extend to the selection of a certifying authority for the public-key cryptographic infrastructure, whose role it will be to issue certificates to authorized supply chain participants and manage the allocation of private and public keys.
Although outside the scope of the TDSI, additional security measures can be considered in the item-tagging standard, such as a password-protected read-write command and a password-protected kill command that would completely deactivate the tag.
A TDSI can be the security foundation for item-level tagging that provides both on- and off-network capabilities to address the requirements across the pharmaceutical supply chain. It incorporates a sophisticated level of security in the supply chain, while creating a more flexible approach and a range of options for implementation.
This approach to item-level tagging for the pharmaceutical industry in a secure, yet open supply chain is applicable to a range of high-value branded goods from cosmetics and apparel to sports collectables, antiques and art. In all of these applications, consumer protection from a secure RFID system not only comes in the form of product safety, but in raising consumers' confidence that they are getting genuine goods.
Joseph Pearson is the pharmaceutical business development manager at Texas Instruments.
more Pharmaceutical articles
A standardized cryptography method is a vital part of the TDSI for both tag-data encryption/decryption and authentication. Meeting these goals is a new public-key cryptography standard: the Institute of Electrical and Electronic Engineers' (IEEE) Standard 1363a Elliptic Curve Cryptographic (ECC) algorithm. The National Security Agency (NSA) has selected ECC as critical technology for protecting mission-critical national security information. For RFID applications, ECC enables very fast signature creation, ensuring no incremental delays in production-line operation. The IEEE Standard 1363a ECC algorithm provides the equivalent level of security as 1,024-bit RSA encryption, but uses 75 percent less tag memory for a digital signature. What's more, ECC's efficiency provides a high level of security to supply chain RFID tags without increasing computing power, complexity or cost.
The Path to a Tag Data Security Infrastructure
The TDSI is designed for flexible and secure item-level tagging deployment throughout the supply chain. For it to become a reality, pharmaceutical manufacturers, distributors and retailers must agree on the rules, specifications and methods of deployment.
From a technical perspective, the working groups in the process of defining the EPC item-tagging specification for high-frequency (HF) and ultrahigh-frequency (UHF) could consider adopting the IEEE Standard 1363a ECC algorithm. To make the hardware infrastructure available to the industry, reader manufacturers and other RFID solution providers would incorporate the IEEE 1363a ECC standard into their devices as part of their product offerings.
In parallel with the introduction of the Gen 2 specification, EPCglobal established a certification procedure to address both compliance and interoperability. The organization's role in establishing an item-level specification could extend to the selection of a certifying authority for the public-key cryptographic infrastructure, whose role it will be to issue certificates to authorized supply chain participants and manage the allocation of private and public keys.
Although outside the scope of the TDSI, additional security measures can be considered in the item-tagging standard, such as a password-protected read-write command and a password-protected kill command that would completely deactivate the tag.
This approach to item-level tagging for the pharmaceutical industry in a secure, yet open supply chain is applicable to a range of high-value branded goods from cosmetics and apparel to sports collectables, antiques and art. In all of these applications, consumer protection from a secure RFID system not only comes in the form of product safety, but in raising consumers' confidence that they are getting genuine goods.
Joseph Pearson is the pharmaceutical business development manager at Texas Instruments.
