Crypto-Enabled RFID Tags Guide

Crypto-Enabled RFID Tags

Standard EPC Gen 2 tags store an identifier and respond to any reader that asks — they have no concept of trust. Crypto-enabled tags add a cryptographic engine to the RFID tag integrated circuit." data-category="General">tag IC, enabling mutual authentication, rolling codes, and protected memory. They are the foundation of anti-counterfeiting programmes and high-value asset tracking.

Why Standard Tags Are Not Enough

A basic tag IC contains EPC memory (128–512 bits), TID memory (factory-locked), optional user memory, and a kill password. None of these mechanisms prevent a motivated attacker from reading the EPC and programming it onto a blank tag. The IC does not verify the reader's identity, and the reader cannot verify the tag's authenticity.

Crypto suite extensions — defined in the EPC Tag Data Standard and implemented by chip vendors — add:

• AES-128 symmetric authentication
• Rolling cryptograms (response changes each challenge)
• Tag authentication (reader verifies tag)
• Mutual authentication (tag also verifies reader)
• Untraceable mode (tag hides EPC until authenticated)
• Protected mode (operations gated behind authentication)

NXP UCODE DNA

UCODE DNA is NXP's flagship crypto tag platform, available in HF (coupling RFID standard." data-category="Standards & Protocols">ISO 15693) and UHF (EPC Gen 2 / EPC Gen2 UHF standard." data-category="Standards & Protocols">ISO 18000-63) variants. Key features:

The rolling-code mechanism generates a new cryptogram for every authentication cycle. Even if an attacker captures the response to challenge N, they cannot predict the response to challenge N+1.

Impinj M800 / M830

Impinj's Monza M800 and M830 chips implement the EPC Gen 2v2 crypto suite with:

• AES-128 authentication conformant to ISO/IEC 29167-10
• Protected mode — locks all read/write operations behind authentication
• Untraceable — tag responds with a short, randomised handle instead of its full EPC until a valid reader proves its identity
• Up to 512 bits of user memory for serialisation payloads

The M830 adds a 32-bit monotonic counter suitable for tracking how many times a package has been opened.

Brand Protection Deployment Pattern

Luxury goods, pharmaceuticals, and high-value electronics use crypto tags in a serialisation-plus-authentication model:

1. Commissioning — Tag is programmed with a unique SGTIN and the authentication key is written (then locked) by the brand owner's key management system.
2. Distribution — Downstream parties read the EPC and query a cloud authentication service. The service issues a challenge; the tag responds with a cryptogram; the service validates it against the stored key.
3. Consumer verification — A smartphone app or retail reader can perform the same challenge-response without exposing the secret key (the key lives only in the cloud HSM).
4. Retirement — At end-of-life, the kill command permanently disables the tag.

Choosing a Crypto Tag

Use the RFID Tag Selector with the "crypto authentication" filter. Key selection criteria:

• Symmetric vs asymmetric — AES-128 symmetric is the current standard; elliptic-curve asymmetric (ECC) is emerging for IoT but adds cost.
• Key management complexity — Each tag needs a unique key loaded in a secure environment. Assess your key management infrastructure before committing.
• Reader compatibility — Crypto operations require reader firmware that supports extended commands. Verify your reader supports ISO 29167-10 or the vendor's proprietary auth API.
• Form factor — Crypto tag dies are slightly larger; check inlay dimensions against your label format.

See also: RFID Security Threats and Countermeasures, RFID Privacy Guide, Memory Banks Explained.