RF-DNA
(with Gerald DeJean)
keywords: RFID, counterfeit deterrents, certificates of authenticity, credit card fraud, medication fraud, physical one-way hash functions, physically unique RFID, physical source of randomness, inverse design over Maxwell equations, electromagnetic fields simulation, patch antenna, ill-defined problems, anti-counterfeiting
contact: darkok@microsoft.com

Approximately 7-8% of the world trade and 10% of the pharmaceuticals market is counterfeited -- clearly a problem of monumental proportions. We partition piracy into two groups:

• piracy -- where the buyer is confident that the purchased object is not genuine due to an uncharacteristically low price -- however, she willingly executes the trade. Such transactions do not gain substantial revenues to the pirate, hence, it is arguable whether losses due to such events could be accounted as lost revenue for the legal copyright owner.
• counterfeits -- where the seller fools the buyer into believing that the merchandise is authentic and collects the full ``legal-market'' price on the product. In this case, the pirate collects substantial revenue with profit margins typically higher than that of the original manufacturer due to lack of development and marketing costs.

To the best of our knowledge there does not exist a study which breaks down piracy estimates into the above categories, however for certain markets such as pharmaceuticals nearly all illegal trade can be claimed to be counterfeited. RF-DNA is a technology that targets the latter problem by making RFIDs (or any other form of data storage) physically unique. The uniqueness is observed in the electromagnetic domain. They are manufactured randomly at a sub-cent cost (in addition to the cost of the data storage) and verified off-line using an inexpensive PKI-equipped device. The resulting tags can be used not only to obtain information about the product, but also to verify its authenticity.

The key to the analysis of RFDNA instances is the extraction of its ``fingerprint,'' i.e., a set of electromagnetic features that reliably and uniquely represents RFDNA's distinct multi-dimensional structure. This imposes that:

• [Claim 1] it should be computationally difficult to construct an object of fixed dimensions with a ``fingerprint'' y such that ||x-y|| < D, where x is a given ``fingerprint'' of an unknown RFDNA instance and D bounds the proximity of x and y with respect to a standardized distance metric ||...||.

To fool the system, the adversary needs to either replicate the 3-D structure of an existing RF-DNA instance, or figure out a way to manufacture RFDNA instances that produce the same fingerprint (not necessarily the same 3-D structure as one of the "authentic" instances), or break the private key of the issuing authority. A credit card with an embedded RFDNA instance would be possible to physically replicate only at great and impractical cost. RFDNAs could be used as tamper-evident seals for pharmaceutical products or strong certificates of authenticity for hard-copy software products.

Learn more about this technology from [1,2,3]. Two patent applications cover important claims (one, two). RFDNA is the first technology in the RF domain that targets counterfeit deterrence and the only technology that supports Claim 1. Physical one-way hash functions technologies have been proposed by Bauder and Simmons from Sandia National Labs [4,5], Pappu in his MIT doctoral thesis [6], and several companies (see list in [1]). See a visual demonstration of the effect of two distinct RFDNA instances (a small part of the fingerprint of the first random object is memorized in the network analyzer and the corresponding small part of the fingerprint of the second RFDNA instance is presented in real-time) in the Picture below.

1. G. DeJean and D. Kirovski. RF-DNA: Radio-Frequency Certificates of Authenticity. Cryptographic Hardware and Embedded Systems, Lecture Notes in Computer Science, Vol.4727, pp.346-363, 2007.
2. G. DeJean and D. Kirovski. Certifying Authenticity using RF Waves. IST Mobile Summit, 2006.
3. G. DeJean and D. Kirovski. Radio Frequency Certificates of Authenticity. IEEE Antenna and Propagation Symposium -- URSI,  2006.
4. D.W. Bauder. Personal Communication.
5. D.W. Bauder. An Anti-Counterfeiting Concept for Currency Systems. Research report PTK-11990. Sandia National Labs. Albuquerque, NM, 1983.
6. R. Pappu, et al. Physical One-Way Functions. Science, Vol.297, no.5589, pp.2026--30, 2002 (link to his thesis).