Will the still unpublished EPC UHF Generation 2 protocol improve the security and privacy and range of EPCglobal compliant RFID Tags ?
According an article in RFID Journal, a candidate standard has been submitted by 13 RFID chip suppliers, including the giant Phillips and Texas Instruments, so there is a very good chance that their views will prevail.
The new standard is supposed to replace the existing Class 0 and Class 1 RFID tags:
"The proposed specification describes a 96-bit field-programmable RFID tag that can operate in the UHF spectrum (868 to 956 MHz) globally and supports secure communication between reader and tag. The protocol includes a 32-bit kill command that renders the tag inoperable. Allen says systems using the protocol would be able to read 1,700 tags per second in North America and 600 per second in Europe, where there are tighter restrictions on the power output of readers."
Compared to the existing weak 24 bit Class 0 and the trivially weak 8 bit Class 1 "Kill Codes" the proposal to have a 32 bit one must be an improvement, but whether this actually offers any real improvement in security from Denial of Service attacks or actually helps with privacy is still open to question until the full specification and the alleged "secure communications between reader and tag" are explained.
It will still be possible for developers and retailers to be stupid and to program one master "kill code" into a batch or an entire ware house of RFID tagged goods, instead of allocating a separate, random "kill code" to each RFID tag, which would then have to be retrieved securely from a database at the checkout.