Regarding the upcoming wave of ultrahigh-frequency (UHF) tags compliant with the future Gen 2 V2 standard with cryptographic features in its protocol, are differential power analysis (DPA) attacks a concern or threat to UHF tags with only two antenna terminals?
To answer your question, I reached out to Chris Diorio, Impinj‘s chief technology officer and co-founder, since he has been intimately involved with the development of the EPC passive UHF air-interface protocol standard. Here is Chris’ answer:
“DPA is a concern to any system with cryptographic functionality. Whether two antenna terminals make a UHF RFID tag less susceptible to DPA is a topic of discussion. What is abundantly clear is that the Gen 2 V2 working group’s security model, in which each tag IC has its own unique secret key, limits the applicability of DPA. If a bad guy is able to use DPA to successfully extract a key from a UHF RFID IC, then all he or she has gained is the key to a tag that is already in his or her possession. The bad guy cannot use this information to significant advantage, because each tag has its own secret key, so knowing the key from one tag doesn’t say anything about the key in another tag.”
—Mark Roberti, Founder and Editor, RFID Journal