The chips used in the Black Hat demo - EPC Gen 2 - respond by tuning the radio waves that they reflect, absorbing some of them to power the chip, which then determines how much of the signal to reflect back at the transmitter, which is much the same way radar works. Paget used equations used in predicting radar performance to optimize standard, off-the-shelf RFID transmitters/receivers.
The chips use what is known as the 900MHz industrial, scientific and medical (ISM) frequency band, which is a frequency that ham radio operators are allowed to use for communication, but they have to accept whatever interference ISM devices cause. In RFID applications, the maximum power used to transmit radio waves to the chips is 1 Watt, Paget says.
But making the transmitter behave instead like a ham radio station and applying the maximum legal power that hams can use - 1.5K watts - the theoretical upper limit for the read range of his architecture jumps from feet to about two miles. Larger antennas and more powerful transmitters, such those available to the military, could push that limit to 80 miles, he says.
He applied more power than would normally be used and optimized the antennas receiving data from the chips to extend the range at which they can be read with standard transmitters and receivers, about 35 feet. The chips themselves are unmodified, Paget says.
Limiting factors include noise and interference from other transmitters, crosstalk with the transmitting side.
Read more about wide area network in Network World's Wide Area Network section.