Developing supply chain confidence with digital signatures in NFC and RFID tags

Covershot: 'TruST25 Digital Signature: Authenticity with ST25 NFC/RFID tags'This seven-page white paper explains how NFC tags with an embedded digital signature can provide protection against counterfeiting and grey market goods right through the supply chain — from the factory, through the distribution chain to the retailer and the consumer.

A companion 18-page technical article that explains in detail the usage and application of digital signatures in NFC and RFID tags, as well as the underlying cryptographic principles, is also available to download.

Before you can be sure of the provenance of the product, you must be sure you can trust the tag attached to it, ST explains in the white paper.

All tags carry a unique identifier (UID), which includes a number assigned to the silicon manufacturer by an ISO/IEC committee. In theory this proves where the tag came from but if a silicon foundry makes tags using UIDs assigned to another manufacturer, the door is opened to counterfeiters. Reading the UID is not enough to know for sure who manufactured the tag.

TruST25 Digital Signature: Authenticity with ST25 NFC/RFID tags is an easy-to-read white paper that shows at a high level how digital signatures are the solution to this problem.

You’ll learn about the four ways in which an RFID or NFC tag can be counterfeit, and how using a digital signature can detect them. You’ll also learn about the members of the ST25 family of tag chips that feature ST’s TruST25 Digital Signature cryptographic solution, and how because RFID/NFC tags can be read using smartphones equipped with NFC readers, retailers and brands can also use them to improve customer engagement and increase revenue.

For those that wish to understand the problem and the solution on a deeper level, Developing supply chain confidence with TruST25 Digital Signature in RFID/NFC tags is an 18-page technical article that includes the following sections:

  • Applications of digital signature in RFID/NFC tags
    • Check silicon origin using UID digital signature
      • Create a cascade of trust using signature in user area
      • Create a cascade of trust using UID digital signature
  • Understanding the digital signature
    • What is a digital signature? How is it verified?
    • What is a certificate?
    • What is a keychain/keystore?
    • Why is the key “public” or “private”?
    • Is it possible to keep the private key secret?
    • How does it work?
    • The hash/message digest
    • The digital signature algorithm
      • Strength of an algorithm
      • Elliptic curve digital signature algorithm (ECDSA)
  • TruST25 digital signature
  • References
  • List of figures
    • Fig 1. Detection of counterfeiting
    • Fig 2. Use of digital signature to create a cascade of trust
    • Fig 3. Digital signature verification procedure
    • Fig 4. Chain of trusted certificates
    • Fig 5. Elliptic curves for different values of a and b parameters
    • Fig 6. Solutions of y²=x³+x+2 over different finite fields
    • Fig 7. Cascade of trust based on TruST25

These two documents have been produced and sponsored by STMicroelectronics and have been approved by the NFC World editorial team.

How to access these documents

White paper

This premium information is available free of charge to NFCW Knowledge Centre members. Log in or join for free to get immediate access.

Technical article

This premium information is available free of charge to NFCW Knowledge Centre members. Log in or join for free to get immediate access.

Rate this resource

 

Explore more...

This item is part of the NFC World Knowledge Centre.