This tiny, tamper-proof ID tag can authenticate almost anything
After pass­ing through the tag and strik­ing the objec­t’s sur­face, ter­a­hertz waves are reflect­ed, or backscat­tered, to a receiv­er for authen­ti­ca­tion. Cred­it: Ruo­nan Han, Eun­seok Lee, et al

A few years ago, MIT researchers invent­ed a cryp­to­graph­ic ID tag that is sev­er­al times small­er and sig­nif­i­cant­ly cheap­er than the tra­di­tion­al radio fre­quen­cy tags (RFIDs) that are often affixed to prod­ucts to ver­i­fy their authen­tic­i­ty.

This tiny tag, which offers improved secu­ri­ty over RFIDs, uti­lizes ter­a­hertz waves, which are small­er and trav­el much faster than radio waves. But this ter­a­hertz tag shared a major secu­ri­ty vul­ner­a­bil­i­ty with tra­di­tion­al RFIDs: A coun­ter­feit­er could peel the tag off a gen­uine item and reat­tach it to a fake, and the authen­ti­ca­tion sys­tem would be none the wis­er.

The researchers have now sur­mount­ed this secu­ri­ty vul­ner­a­bil­i­ty by lever­ag­ing ter­a­hertz waves to devel­op an anti­ta­m­per­ing ID tag that still offers the ben­e­fits of being tiny, cheap, and secure.

They mix micro­scop­ic met­al par­ti­cles into the glue that sticks the tag to an object and then use ter­a­hertz waves to detect the unique pat­tern those par­ti­cles form on the item’s sur­face. Akin to a fin­ger­print, this ran­dom glue pat­tern is used to authen­ti­cate the item, explains Eun­seok Lee, an elec­tri­cal engi­neer­ing and com­put­er sci­ence (EECS) grad­u­ate stu­dent and lead author of a paper on the anti­ta­m­per­ing tag.

“These met­al par­ti­cles are essen­tial­ly like mir­rors for ter­a­hertz waves. If I spread a bunch of mir­ror pieces onto a sur­face and then shine a light on that, depend­ing on the ori­en­ta­tion, size, and loca­tion of those mir­rors, I would get a dif­fer­ent reflect­ed pat­tern. But if you peel the chip off and reat­tach it, you destroy that pat­tern,” adds Ruo­nan Han, an asso­ciate pro­fes­sor in EECS, who leads the Ter­a­hertz Inte­grat­ed Elec­tron­ics Group in the Research Lab­o­ra­to­ry of Elec­tron­ics.

The researchers pro­duced a light-pow­ered anti­ta­m­per­ing tag that is about 4 square mil­lime­ters in size. They also demon­strat­ed a machine-learn­ing mod­el that helps detect tam­per­ing by iden­ti­fy­ing sim­i­lar glue pat­tern fin­ger­prints with more than 99 per­cent accu­ra­cy.

Because the ter­a­hertz tag is so cheap to pro­duce, it could be imple­ment­ed through­out a mas­sive sup­ply chain. Its tiny size enables the tag to attach to items too small for tra­di­tion­al RFIDs, such as cer­tain med­ical devices.

The paper, which will be pre­sent­ed at the IEEE Sol­id State Cir­cuits Con­fer­ence, is a col­lab­o­ra­tion between Han’s group and the Ener­gy-Effi­cient Cir­cuits and Sys­tems Group of Anan­tha P. Chan­drakasan, MIT’s chief inno­va­tion and strat­e­gy offi­cer, dean of the MIT School of Engi­neer­ing, and the Van­nevar Bush Pro­fes­sor of EECS. Co-authors include EECS grad­u­ate stu­dents Xibi Chen, Mait­ryi Ashok, and Jaeyeon Won.

Preventing tampering

This research project was part­ly inspired by Han’s favorite car wash. The busi­ness stuck an RFID tag onto his wind­shield to authen­ti­cate his car wash mem­ber­ship. For added secu­ri­ty, the tag was made from frag­ile paper so it would be destroyed if a less-than-hon­est cus­tomer tried to peel it off and stick it on a dif­fer­ent wind­shield.

But that is not a ter­ri­bly reli­able way to pre­vent tam­per­ing. For instance, some­one could use a solu­tion to dis­solve the glue and safe­ly remove the frag­ile tag.

Rather than authen­ti­cat­ing the tag, a bet­ter secu­ri­ty solu­tion is to authen­ti­cate the item itself, Han says. To achieve this, the researchers tar­get­ed the glue at the inter­face between the tag and the item’s sur­face.

Their anti­ta­m­per­ing tag con­tains a series of minus­cule slots that enable ter­a­hertz waves to pass through the tag and strike micro­scop­ic met­al par­ti­cles that have been mixed into the glue.

Ter­a­hertz waves are small enough to detect the par­ti­cles, where­as larg­er radio waves would not have enough sen­si­tiv­i­ty to see them. Also, using ter­a­hertz waves with a 1‑millimeter wave­length allowed the researchers to make a chip that does not need a larg­er, off-chip anten­na.

After pass­ing through the tag and strik­ing the objec­t’s sur­face, ter­a­hertz waves are reflect­ed or backscat­tered to a receiv­er for authen­ti­ca­tion. How those waves are backscat­tered depends on the dis­tri­b­u­tion of met­al par­ti­cles that reflect them.

The researchers put mul­ti­ple slots onto the chip so waves can strike dif­fer­ent points on the objec­t’s sur­face, cap­tur­ing more infor­ma­tion on the ran­dom dis­tri­b­u­tion of par­ti­cles.

“These respons­es are impos­si­ble to dupli­cate, as long as the glue inter­face is destroyed by a coun­ter­feit­er,” Han says.

A ven­dor would take an ini­tial read­ing of the anti­ta­m­per­ing tag once it was stuck onto an item and then store those data in the cloud, using them lat­er for ver­i­fi­ca­tion.

AI for authentication

But when it came time to test the anti­ta­m­per­ing tag, Lee ran into a prob­lem: It was very dif­fi­cult and time-con­sum­ing to take pre­cise enough mea­sure­ments to deter­mine whether two glue pat­terns were a match.

He reached out to a friend in the MIT Com­put­er Sci­ence and Arti­fi­cial Intel­li­gence Lab­o­ra­to­ry (CSAIL), and togeth­er, they tack­led the prob­lem using AI. They trained a machine-learn­ing mod­el that could com­pare glue pat­terns and cal­cu­late their sim­i­lar­i­ty with more than 99 per­cent accu­ra­cy.

“One draw­back is that we had a lim­it­ed data sam­ple for this demon­stra­tion, but we could improve the neur­al net­work in the future if a large num­ber of these tags were deployed in a sup­ply chain, giv­ing us a lot more data sam­ples,” Lee says.

The authen­ti­ca­tion sys­tem is also lim­it­ed by the fact that ter­a­hertz waves suf­fer from high lev­els of loss dur­ing trans­mis­sion, so the sen­sor can only be about 4 cen­time­ters from the tag to get an accu­rate read­ing. This dis­tance would­n’t be an issue for an appli­ca­tion like bar­code scan­ning, but it would be too short for some poten­tial uses, such as in an auto­mat­ed high­way toll booth. Also, the angle between the sen­sor and tag needs to be less than 10 degrees, or the ter­a­hertz sig­nal will degrade too much.

They plan to address these lim­i­ta­tions in future work and hope to inspire oth­er researchers to be more opti­mistic about what can be accom­plished with ter­a­hertz waves despite the many tech­ni­cal chal­lenges, says Han.

“One thing we real­ly want to show here is that the appli­ca­tion of the ter­a­hertz spec­trum can go well beyond broad­band wire­less. In this case, you can use ter­a­hertz for ID, secu­ri­ty, and authen­ti­ca­tion. There are a lot of pos­si­bil­i­ties out there,” he adds.