MIT Researchers Build Tiny Tamper-Proof ID Tag Utilizing Terahertz Waves (mit.edu) 42
A few years ago, MIT researchers invented a cryptographic ID tag — but like traditional RFID tags, "a counterfeiter could peel the tag off a genuine item and reattach it to a fake," writes MIT News.
"The researchers have now surmounted this security vulnerability by leveraging terahertz waves to develop an antitampering ID tag that still offers the benefits of being tiny, cheap, and secure." They mix microscopic metal particles into the glue that sticks the tag to an object, and then use terahertz waves to detect the unique pattern those particles form on the item's surface. Akin to a fingerprint, this random glue pattern is used to authenticate the item, explains Eunseok Lee, an electrical engineering and computer science (EECS) graduate student and lead author of a paper on the antitampering tag. "These metal particles are essentially like mirrors for terahertz waves. If I spread a bunch of mirror pieces onto a surface and then shine light on that, depending on the orientation, size, and location of those mirrors, I would get a different reflected pattern. But if you peel the chip off and reattach it, you destroy that pattern," adds Ruonan Han, an associate professor in EECS, who leads the Terahertz Integrated Electronics Group in the Research Laboratory of Electronics.
The researchers produced a light-powered antitampering tag that is about 4 square millimeters in size. They also demonstrated a machine-learning model that helps detect tampering by identifying similar glue pattern fingerprints with more than 99 percent accuracy. Because the terahertz tag is so cheap to produce, it could be implemented throughout a massive supply chain. And its tiny size enables the tag to attach to items too small for traditional RFIDs, such as certain medical devices...
"These responses are impossible to duplicate, as long as the glue interface is destroyed by a counterfeiter," Han says. A vendor would take an initial reading of the antitampering tag once it was stuck onto an item, and then store those data in the cloud, using them later for verification."
Seems like the only way to thwart that would be carving out the part of the surface where the tag was affixed — and then pasting the tag, glue, and what it adheres to all together onto some other surface. But more importantly, Han says they'd wanted to demonstrate "that the application of the terahertz spectrum can go well beyond broadband wireless."
In this case, you can use terahertz for ID, security, and authentication. There are a lot of possibilities out there."
"The researchers have now surmounted this security vulnerability by leveraging terahertz waves to develop an antitampering ID tag that still offers the benefits of being tiny, cheap, and secure." They mix microscopic metal particles into the glue that sticks the tag to an object, and then use terahertz waves to detect the unique pattern those particles form on the item's surface. Akin to a fingerprint, this random glue pattern is used to authenticate the item, explains Eunseok Lee, an electrical engineering and computer science (EECS) graduate student and lead author of a paper on the antitampering tag. "These metal particles are essentially like mirrors for terahertz waves. If I spread a bunch of mirror pieces onto a surface and then shine light on that, depending on the orientation, size, and location of those mirrors, I would get a different reflected pattern. But if you peel the chip off and reattach it, you destroy that pattern," adds Ruonan Han, an associate professor in EECS, who leads the Terahertz Integrated Electronics Group in the Research Laboratory of Electronics.
The researchers produced a light-powered antitampering tag that is about 4 square millimeters in size. They also demonstrated a machine-learning model that helps detect tampering by identifying similar glue pattern fingerprints with more than 99 percent accuracy. Because the terahertz tag is so cheap to produce, it could be implemented throughout a massive supply chain. And its tiny size enables the tag to attach to items too small for traditional RFIDs, such as certain medical devices...
"These responses are impossible to duplicate, as long as the glue interface is destroyed by a counterfeiter," Han says. A vendor would take an initial reading of the antitampering tag once it was stuck onto an item, and then store those data in the cloud, using them later for verification."
Seems like the only way to thwart that would be carving out the part of the surface where the tag was affixed — and then pasting the tag, glue, and what it adheres to all together onto some other surface. But more importantly, Han says they'd wanted to demonstrate "that the application of the terahertz spectrum can go well beyond broadband wireless."
In this case, you can use terahertz for ID, security, and authentication. There are a lot of possibilities out there."
So... (Score:1)
Re: (Score:2)
Re: (Score:2)
With remaining eye?
Re: (Score:2)
Let's assume it can. But why would you do that? If you stole the item or want to cause mischief you can just peel off the tag.
Re: (Score:3)
Re: (Score:2)
I think the point was that you could stick the tag to a more expensive item and then take that, with the checkout thinking it was the cheaper item.
Re: (Score:2)
Of course the real question is does sitting in the hot sun or a hot warehouse (Amazon taking over the world!) cause these tags to fail? If so, then it's us
Re: (Score:2)
Of course the real question is does sitting in the hot sun or a hot warehouse (Amazon taking over the world!) cause these tags to fail? If so, then it's useless. As no store is going to want to loose sales just because an item got hot waiting for someone to buy it.
As long as that isn't something that occurs frequently it's OK .. the store can just retag the items. Of course if that is something that happens weekly it would get annoying fast.
Re: (Score:2)
Of course the real question is does sitting in the hot sun or a hot warehouse (Amazon taking over the world!) cause these tags to fail? If so, then it's useless. As no store is going to want to loose sales just because an item got hot waiting for someone to buy it.
Both the linked articles talk about the scope for this being supply-chain bulk shipping, where it behaves like a royal seal to verify that the parts shipped from the factory in Malaysia are the same parts that arrived in Guatemala for assembly before distribution to retail. Or that the container holding thousands of official Nike shoes that came from the sweatshop in Guatemala is the same unopened container of official Nike shoes that arrived at the dock in Houston.
There's no current intent to use this idea
Re: (Score:2)
s/sales/pallets/g
s/an item/products/g
99% too low for retail (Score:3)
If 1 in 100 items sold at every store every day triggered an alert then retail stores would be triggering false alerts so often this wouldn't be worth it.
How many tags are taken off one item and moved to another in the real world? Is there really a plague of tag moving going on I haven't heard about?
It seems like people are more likely to just mob a store and strip the shelves than futz with a single tag.
Re: (Score:2)
Overhead.
Use yours. The amount of money saved by this at the typical restore store will be lower than the cost to implement and execute.
Re: (Score:2)
This. Every sensor tag system I've ever worked with had such a high false positive rate that it was unusable. The cost of interrupting the cash register line (and pissing off the customers waiting) to go inspect the customer's stuff at the door is far more than the cost of shrink, provided the store offers decent customer service to begin with (which is, by far, the most effective deterrent against shoplifting).
Re: (Score:3)
> How many tags are taken off one item and moved to another in the real world?
What are you talking about? You put a tamper proof sticker across the latch of a shipping container or truck door to confirm it hasn't been opened or tampered with.
Containers/trucks contain hundreds of thousands to millions of dollars of electronics or food that you don't want compromised.
Re: (Score:3)
Great. How often are truck and shipping container tags changed?
Re: 99% too low for retail (Score:2)
Everytime they are inspected.
Re: (Score:2)
> Great. How often are truck and shipping container tags changed?
Same as your mom. Every time a new load is received.
Re: (Score:2)
A question I am very curious about here is whether the tag is resistant to changes from long exposure to sunlight, rain, etc. or if it just works in a sterile controlled lab environment.
Fools (Score:2)
The thing preventing RFID tags from being used is the cost. And nothing else. Invent an RFID tag that costs nearly the same as a mass produced sticker and has the feature of being 100% readable when the item is in a shopping cart then you'll have something.
Re: (Score:2)
The thing preventing RFID tags from being used is the cost. And nothing else.
Not really. It's one reason. The other is that it's a solution looking for a problem. At the warehouse level at, say, Walmart, where employees are overworked, under paid, and treated like shit, yeah, there's a certain utility, I suppose, if it's implemented correctly. But when your employees are overworked, under paid, and treated like shit, the odds of it being implemented correctly are about as likely as the odds of your employees not trying to steal you blind in the first place.
Re: Fools (Score:2)
So, fancy glitter. (Score:3)
For years, we security engineers have been mixing glitter into clear epoxy to seal and ID things. It's pretty easy to use a webcam to take a short video of the glitter and match it to a previous video. And prohibitively difficult to duplicate.
No fancy terahertz scanner needed.
We were usually making a glitter blob about 1cm in size, but with finer glitter a 4mm blob should work fine.
Re: (Score:2)
But if you lift that whole epoxy blob off the original box and glue it onto a different box, the glitter pattern will not change. Which is supposedly the exact problem this new technique addresses.
Re: (Score:2)
But if you lift that whole epoxy blob off the original box and glue it onto a different box, the glitter pattern will not change. Which is supposedly the exact problem this new technique addresses.
Have you ever tried removing epoxy? You have to chip it off, and it comes off in pieces. Or you have to cut out the surface it's attached to. Which according to TFA is the exact same way to defeat this new fancy glitter.
Re: So, fancy glitter. (Score:3)
Dry ice. The bonding is probably H-bonding and weakens when cold. Liquid nitrogen almost certainly but that's less portable.
Temperature sensitive? (Score:2)
It sounds like this type of tag would be good to embed within the product itself, like within the plastic.
Dye pack clip (Score:2)
Or use a die pack clip with a regular RFID attached. The only place I've heard of were tag switching was an issue was thrift stores. And they don't have the profit margins to justify this. Walmart just uses the manufacturers bar code built into the packaging and I assume if they put another on top you'd feel it.
Re:Dye pack clip (Score:5, Informative)
This really isn't intended for retail operations. It's intended for wholesalers, who get sold fake goods without realizing it (or pretending they don't, at any rate). These tags would identify goods coming into the warehouse as authentic, possibly by the case or even pallet or container, depending on volume. And for that, a few cents at a time is a trivial cost, especially compared to the legal liability of reselling counterfeit goods with no realistic way of recovering what you paid for it to an exporter in China.
I'm sure someone will try to sell it as a retail security tag, but it won't go any further than any other attempt to do so. A few cents per item is too expensive for a lot of consumer goods, but mainly, the false positives cause too much disruption to the cash register operations (and annoy other customers who are waiting), and there will be a lot of false positives (like every other retail security tag scheme). At the very least, the people this would be allegedly targeted at - professional gangs of thieves - would simply deface a tag on a cheap item, buy it, and make a scene with the cashier checking it out as a distraction while their accomplice walks out with the stolen goods. It won't even be a new tactic for them.
Re: (Score:2)
Re: (Score:2)
The fingerprint is described as cryptographically signed, which is, one presumes, far more difficult to fake.
You turn that fingerprint into a number (or even just an image), you sign it with the manufacturer's private key, and the scanner at the warehouse confirms it with their public key.
No idea how well it will work, or how well it will be implemented, but the concept is sound enough.
Sounds unprofessional (Score:2)
Nothing is "tamper proof". Anybody competent calls it "tamper resistant". The usual advice is to stay far away from anything claiming to be actually tamper proof.
Not tamper proof (Score:5, Insightful)
Re: (Score:2)
I wil guess that the surface must be rigid (Score:3)
99% (Score:2)
Coffee shops near me are checking even $5 bills with the counterfeit test pen. 99% for high volume items is going to be a LOT of false positives.
And watch me bypass it with a razor blade (Score:2)