In context: Radiofrequency identification (RFID) has become ubiquitous in the digital age. It is used in stores to make no-touch purchases with our credit cards or phones. Car rental agencies have started implementing it so customers can return their vehicles by simply parking them and walking away. Casinos even use RFID tags to authenticate their chips to prevent counterfeiting.
In 2020, MIT improved radiofrequency identification technology by designing a cryptographic tag several times smaller and cheaper to make than traditional RFID tags. It improved the security of standard RFID authentication by using terahertz radio waves. However, both forms of RFID are still susceptible to a very low-tech hack – peeling the tag off the genuine article and gluing it to the counterfeit.
Over the weekend, the MIT researchers announced that they had figured out a solution to the problem, and it's almost as simple as the vulnerability itself. Instead of using regular adhesive on the tags, the team mixed microscopic pieces of metal in with the glue. The terahertz waves then detect the pattern created when the tag is affixed, creating something akin to a fingerprint.
The sheer number of particles and their random orientation make it virtually impossible to duplicate the pattern. Furthermore, peeling the tag off will leave behind some of the adhesive, meaning that when it is reapplied, the RFID reader will show it as a fake.
"These metal particles are essentially like mirrors for terahertz waves. If I spread a bunch of mirror pieces onto a surface and then shine light on that, depending on the orientation, size, and location of those mirrors, I would get a different reflected pattern. But if you peel the chip off and reattach it, you destroy that pattern," Associate EECS Professor Ruonan Han told MIT News.
The light-powered antitampering tag measures only 4x4 millimeters – vastly smaller than the most affordable smart labels (25x25mm, about the size of a postage stamp). Because of their minuscule size, the tags are ideal for items too small for standard RFID labels, such as some medical devices. They are also so cheap to manufacture that a large company could affordably deploy them throughout its supply chain.
The researchers designed the tags with tiny slots. When hit with the signal, the 1mm waves "shine" through the slots. The metal particles then create an identifiable backscatter that the detector recognizes as the tag's "fingerprint," aided by machine learning algorithms with better than 99 percent accuracy. However, the system does carry some severe limitations.
One is that terahertz transmissions are subject to significant signal loss and degradation. The sensor must be within 4 centimeters of the tag to read it effectively. This weakness eliminates it from many applications that RFID is suitable for, such as automated warehouse inventory systems. Additionally, the scanner cannot vary more than 10 degrees from perpendicular without suffering too much degradation.
Han said the team plans to continue working on the technology to address these weaknesses in future studies. He hopes their research inspires other groups to explore terahertz RF applications to help overcome the challenges it presents. However, it should work just fine for small-scale counterfeit prevention.
"One thing we really want to show here is that the application of the terahertz spectrum can go well beyond broadband wireless. In this case, you can use terahertz for ID, security, and authentication. There are a lot of possibilities out there," Han said.