Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Wireless Networking

MIT Researchers Build Tiny Tamper-Proof ID Tag Utilizing Terahertz Waves (mit.edu) 42

A few years ago, MIT researchers invented a cryptographic ID tag — but like traditional RFID tags, "a counterfeiter could peel the tag off a genuine item and reattach it to a fake," writes MIT News.

"The researchers have now surmounted this security vulnerability by leveraging terahertz waves to develop an antitampering ID tag that still offers the benefits of being tiny, cheap, and secure." They mix microscopic metal particles into the glue that sticks the tag to an object, and then use terahertz waves to detect the unique pattern those particles form on the item's surface. Akin to a fingerprint, this random glue pattern is used to authenticate the item, explains Eunseok Lee, an electrical engineering and computer science (EECS) graduate student and lead author of a paper on the antitampering tag. "These metal particles are essentially like mirrors for terahertz waves. If I spread a bunch of mirror pieces onto a surface and then shine light on that, depending on the orientation, size, and location of those mirrors, I would get a different reflected pattern. But if you peel the chip off and reattach it, you destroy that pattern," adds Ruonan Han, an associate professor in EECS, who leads the Terahertz Integrated Electronics Group in the Research Laboratory of Electronics.

The researchers produced a light-powered antitampering tag that is about 4 square millimeters in size. They also demonstrated a machine-learning model that helps detect tampering by identifying similar glue pattern fingerprints with more than 99 percent accuracy. Because the terahertz tag is so cheap to produce, it could be implemented throughout a massive supply chain. And its tiny size enables the tag to attach to items too small for traditional RFIDs, such as certain medical devices...

"These responses are impossible to duplicate, as long as the glue interface is destroyed by a counterfeiter," Han says. A vendor would take an initial reading of the antitampering tag once it was stuck onto an item, and then store those data in the cloud, using them later for verification."

Seems like the only way to thwart that would be carving out the part of the surface where the tag was affixed — and then pasting the tag, glue, and what it adheres to all together onto some other surface. But more importantly, Han says they'd wanted to demonstrate "that the application of the terahertz spectrum can go well beyond broadband wireless."

In this case, you can use terahertz for ID, security, and authentication. There are a lot of possibilities out there."
This discussion has been archived. No new comments can be posted.

MIT Researchers Build Tiny Tamper-Proof ID Tag Utilizing Terahertz Waves

Comments Filter:
  • by Anonymous Coward
    If I take a hot clothes iron to a terahertz tag do I change its pattern because I displaced the particles in its glue?
    • do not the terahertz tag
    • Let's assume it can. But why would you do that? If you stole the item or want to cause mischief you can just peel off the tag.

      • it would be a "DOS attack". If you can defeat the proof-of-authenicity-token with ease e.g. by warming it up, rubbing it, or dabbing with acetone enough to displace some of the glitter glue, then it becomes worthless and won't be deployed on a wide scale
      • I think the point was that you could stick the tag to a more expensive item and then take that, with the checkout thinking it was the cheaper item.

        • Nope. The heat wouldn't displace the tag's particulates in a controlled way. I.e. They would move about (semi) randomly until the glue cooled off and re-hardened. The chances of the resulting pattern matching anything in the store's inventory database would be near zero. At best, you'd just invalidate the tag and the store would refuse to sell the item.

          Of course the real question is does sitting in the hot sun or a hot warehouse (Amazon taking over the world!) cause these tags to fail? If so, then it's us
          • Of course the real question is does sitting in the hot sun or a hot warehouse (Amazon taking over the world!) cause these tags to fail? If so, then it's useless. As no store is going to want to loose sales just because an item got hot waiting for someone to buy it.

            As long as that isn't something that occurs frequently it's OK .. the store can just retag the items. Of course if that is something that happens weekly it would get annoying fast.

          • Of course the real question is does sitting in the hot sun or a hot warehouse (Amazon taking over the world!) cause these tags to fail? If so, then it's useless. As no store is going to want to loose sales just because an item got hot waiting for someone to buy it.

            Both the linked articles talk about the scope for this being supply-chain bulk shipping, where it behaves like a royal seal to verify that the parts shipped from the factory in Malaysia are the same parts that arrived in Guatemala for assembly before distribution to retail. Or that the container holding thousands of official Nike shoes that came from the sweatshop in Guatemala is the same unopened container of official Nike shoes that arrived at the dock in Houston.

            There's no current intent to use this idea

  • by iAmWaySmarterThanYou ( 10095012 ) on Sunday February 18, 2024 @10:11PM (#64250296)

    If 1 in 100 items sold at every store every day triggered an alert then retail stores would be triggering false alerts so often this wouldn't be worth it.

    How many tags are taken off one item and moved to another in the real world? Is there really a plague of tag moving going on I haven't heard about?

    It seems like people are more likely to just mob a store and strip the shelves than futz with a single tag.

    • by NFN_NLN ( 633283 )

      > How many tags are taken off one item and moved to another in the real world?

      What are you talking about? You put a tamper proof sticker across the latch of a shipping container or truck door to confirm it hasn't been opened or tampered with.
      Containers/trucks contain hundreds of thousands to millions of dollars of electronics or food that you don't want compromised.

  • The thing preventing RFID tags from being used is the cost. And nothing else. Invent an RFID tag that costs nearly the same as a mass produced sticker and has the feature of being 100% readable when the item is in a shopping cart then you'll have something.

    • by taustin ( 171655 )

      The thing preventing RFID tags from being used is the cost. And nothing else.

      Not really. It's one reason. The other is that it's a solution looking for a problem. At the warehouse level at, say, Walmart, where employees are overworked, under paid, and treated like shit, yeah, there's a certain utility, I suppose, if it's implemented correctly. But when your employees are overworked, under paid, and treated like shit, the odds of it being implemented correctly are about as likely as the odds of your employees not trying to steal you blind in the first place.

    • But that's exactly what in our country a sportgoods store has, every single item has a rfid tag somewhere in/on the item/clothes.
  • by SubmergedInTech ( 7710960 ) on Sunday February 18, 2024 @10:39PM (#64250358)

    For years, we security engineers have been mixing glitter into clear epoxy to seal and ID things. It's pretty easy to use a webcam to take a short video of the glitter and match it to a previous video. And prohibitively difficult to duplicate.

    No fancy terahertz scanner needed.

    We were usually making a glitter blob about 1cm in size, but with finer glitter a 4mm blob should work fine.

    • But if you lift that whole epoxy blob off the original box and glue it onto a different box, the glitter pattern will not change. Which is supposedly the exact problem this new technique addresses.

      • But if you lift that whole epoxy blob off the original box and glue it onto a different box, the glitter pattern will not change. Which is supposedly the exact problem this new technique addresses.

        Have you ever tried removing epoxy? You have to chip it off, and it comes off in pieces. Or you have to cut out the surface it's attached to. Which according to TFA is the exact same way to defeat this new fancy glitter.

  • It sounds like this type of tag would be good to embed within the product itself, like within the plastic.

  • Or use a die pack clip with a regular RFID attached. The only place I've heard of were tag switching was an issue was thrift stores. And they don't have the profit margins to justify this. Walmart just uses the manufacturers bar code built into the packaging and I assume if they put another on top you'd feel it.

    • Re:Dye pack clip (Score:5, Informative)

      by taustin ( 171655 ) on Monday February 19, 2024 @12:45AM (#64250510) Homepage Journal

      This really isn't intended for retail operations. It's intended for wholesalers, who get sold fake goods without realizing it (or pretending they don't, at any rate). These tags would identify goods coming into the warehouse as authentic, possibly by the case or even pallet or container, depending on volume. And for that, a few cents at a time is a trivial cost, especially compared to the legal liability of reselling counterfeit goods with no realistic way of recovering what you paid for it to an exporter in China.

      I'm sure someone will try to sell it as a retail security tag, but it won't go any further than any other attempt to do so. A few cents per item is too expensive for a lot of consumer goods, but mainly, the false positives cause too much disruption to the cash register operations (and annoy other customers who are waiting), and there will be a lot of false positives (like every other retail security tag scheme). At the very least, the people this would be allegedly targeted at - professional gangs of thieves - would simply deface a tag on a cheap item, buy it, and make a scene with the cashier checking it out as a distraction while their accomplice walks out with the stolen goods. It won't even be a new tactic for them.

      • I can't see how that really helps. An RFID tag can be faked. Ok, these have the extra feature of fingerprinting their glue - but so what? I can create a fake tag that also fingerprints its glue. You're just adding an extra step for the counterfeiters, but at scale, that's a trivial cost.
        • by taustin ( 171655 )

          The fingerprint is described as cryptographically signed, which is, one presumes, far more difficult to fake.

          You turn that fingerprint into a number (or even just an image), you sign it with the manufacturer's private key, and the scanner at the warehouse confirms it with their public key.

          No idea how well it will work, or how well it will be implemented, but the concept is sound enough.

  • Nothing is "tamper proof". Anybody competent calls it "tamper resistant". The usual advice is to stay far away from anything claiming to be actually tamper proof.

  • Not tamper proof (Score:5, Insightful)

    by q_e_t ( 5104099 ) on Monday February 19, 2024 @02:40AM (#64250624)
    It's tamper EVIDENT.
  • by chas.williams ( 6256556 ) on Monday February 19, 2024 @07:15AM (#64250924)
    Any flexible surface will distort the reflection. That seems somewhat limiting for applications.
  • by Asgard ( 60200 )

    Coffee shops near me are checking even $5 bills with the counterfeit test pen. 99% for high volume items is going to be a LOT of false positives.

  • Just cut right behind the layer of the packaging card and trim it down. Oops. I drove around your high security fence.

Never tell people how to do things. Tell them WHAT to do and they will surprise you with their ingenuity. -- Gen. George S. Patton, Jr.

Working...