Systems and methods for initial authentication of wireless communication

US 10,440,570 B2
Filed: 12/21/2016
Issued: 10/08/2019
Est. Priority Date: 12/21/2016
Status: Active Grant

First Claim

Patent Images

1. A method, comprising using at least one programmable integrated circuit of a first wireless device to determine whether to initially authenticate a wireless connection with a second wireless device based on a comparison between an angle of arrival (AoA) of a first wireless signal received from the second wireless device to a predefined range of allowable AoA values;

and then to establish an authenticated wireless connection between the first and second wireless device only if it is determined to initially authenticate the wireless connection with the second wireless device;

where the method further comprises;

receiving the first wireless signal from the second wireless device at the first wireless device while the first wireless device and second wireless device are communicating across an unauthenticated wireless connection; and

using the at least one programmable integrated circuit of the first wireless device to;

determine the AoA of the received first wireless signal relative to a reference vector defined to extend from a position of the first wireless device,compare the determined AoA of the received first wireless signal to a predefined range of allowable AoA values that define a cone of allowable values for the first wireless device centered about and extending outward from all sides of the reference vector to determine if the AoA of the received first wireless signal is within the cone of allowable AoA values for the first wireless device, andestablish an authenticated wireless connection between the first and second wireless device only if the AoA of the received first wireless signal is within the predefined cone of allowable AoA values for the first wireless device and to deny an authenticated wireless connection between the first and second wireless devices if the AoA of the received first wireless signal is not within the cone of allowable AoA values for the first wireless device; and

where the cone of allowable values for the first wireless device are non-overlapping with a cone of allowable values centered about and extending outward from all sides of a reference vector that extends from a position of a third wireless device that is positioned adjacent to the first wireless device;

where the method further comprises receiving the first wireless signal from the second wireless device at the third wireless device while the second wireless device is simultaneously in wireless communication range with both the first wireless device and the third wireless device, and while the third wireless device and second wireless device are communicating across an unauthenticated wireless connection, and using at least one programmable integrated circuit of the third wireless device to;

determine the AoA of the received first wireless signal relative to the reference vector defined to extend from a position of the third wireless device,compare the determined AoA of the received first wireless signal to a predefined range of allowable AoA values that define the cone of allowable values for the third wireless device centered about and extending outward from all sides of the reference vector extending from the position of the third wireless device to determine if the AoA of the received first wireless signal is within the cone of allowable AoA values for the third wireless device, andestablish an authenticated wireless connection between the third and second wireless device and deny an authenticated wireless connection between the first and second wireless devices only if the AoA of the received first wireless signal is within the predefined cone of allowable AoA values for the third wireless device while at the same time the AoA of the received first wireless signal is not within the predefined cone of allowable AoA values for the first wireless device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided that may be implemented to use angle of arrival (AoA) of a signal transmitted between two Bluetooth Low Energy (BLE) wireless devices to initially authenticate a connection between the two BLE devices. In one example, bonding or pairing with a first BLE device may be restricted to only those other BLE devices having an antenna currently positioned to transmit a signal to the first BLE device from an allowed direction and within a predefined permitted range of AoA relative to the first BLE device.

39 Citations

View as Search Results

16 Claims

1. A method, comprising using at least one programmable integrated circuit of a first wireless device to determine whether to initially authenticate a wireless connection with a second wireless device based on a comparison between an angle of arrival (AoA) of a first wireless signal received from the second wireless device to a predefined range of allowable AoA values;
- and then to establish an authenticated wireless connection between the first and second wireless device only if it is determined to initially authenticate the wireless connection with the second wireless device;
  
  where the method further comprises;
  
  receiving the first wireless signal from the second wireless device at the first wireless device while the first wireless device and second wireless device are communicating across an unauthenticated wireless connection; and
  
  using the at least one programmable integrated circuit of the first wireless device to;
  
  determine the AoA of the received first wireless signal relative to a reference vector defined to extend from a position of the first wireless device,compare the determined AoA of the received first wireless signal to a predefined range of allowable AoA values that define a cone of allowable values for the first wireless device centered about and extending outward from all sides of the reference vector to determine if the AoA of the received first wireless signal is within the cone of allowable AoA values for the first wireless device, andestablish an authenticated wireless connection between the first and second wireless device only if the AoA of the received first wireless signal is within the predefined cone of allowable AoA values for the first wireless device and to deny an authenticated wireless connection between the first and second wireless devices if the AoA of the received first wireless signal is not within the cone of allowable AoA values for the first wireless device; and
  
  where the cone of allowable values for the first wireless device are non-overlapping with a cone of allowable values centered about and extending outward from all sides of a reference vector that extends from a position of a third wireless device that is positioned adjacent to the first wireless device;
  
  where the method further comprises receiving the first wireless signal from the second wireless device at the third wireless device while the second wireless device is simultaneously in wireless communication range with both the first wireless device and the third wireless device, and while the third wireless device and second wireless device are communicating across an unauthenticated wireless connection, and using at least one programmable integrated circuit of the third wireless device to;
  
  determine the AoA of the received first wireless signal relative to the reference vector defined to extend from a position of the third wireless device,compare the determined AoA of the received first wireless signal to a predefined range of allowable AoA values that define the cone of allowable values for the third wireless device centered about and extending outward from all sides of the reference vector extending from the position of the third wireless device to determine if the AoA of the received first wireless signal is within the cone of allowable AoA values for the third wireless device, andestablish an authenticated wireless connection between the third and second wireless device and deny an authenticated wireless connection between the first and second wireless devices only if the AoA of the received first wireless signal is within the predefined cone of allowable AoA values for the third wireless device while at the same time the AoA of the received first wireless signal is not within the predefined cone of allowable AoA values for the first wireless device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising using the at least one programmable integrated circuit of the first wireless deviceto notify the second wireless device of an authentication failure when the authenticated wireless connection is denied.
  - 3. The method of claim 1, further comprising using the at least one programmable integrated circuit of the first wireless device to determine to initially authenticate a wireless connection with the second wireless device and to establish an authenticated wireless connection between the first and second wireless device only when the AoA of the first wireless signal received from the second wireless device is determined to be within the predefined cone of allowable AoA values for the first wireless device;
    - and then to maintain the authenticated wireless connection established between the first and second wireless devices even when a position of the second wireless device changes relative to the first wireless device such that a second wireless signal received from the second wireless device across the authenticated wireless connection has an AoA that is not within the predefined cone of allowable AoA values for the first wireless device.
  - 4. The method of claim 1, where the method further comprises using the at least one programmable integrated circuit of the first wireless device to:
    - implement a host layer coupled to a baseband processor by a link layer on first wireless device;
      
      use the baseband processor to determine the AoA of the first wireless signal received from the second wireless device;
      
      pass the determined AoA of the first wireless signal from the baseband processor to the host layer; and
      
      use the host layer to compare the AoA of the first wireless signal received from the second wireless device to the predefined cone of allowable AoA values for the first wireless device, and then to determine whether to initially authenticate the wireless connection with the second wireless device based on the comparison between the AoA of the first wireless signal to the predefined cone of allowable AoA values for the first wireless device.
  - 5. The method of claim 1, where the first and second wireless devices are each a Bluetooth Low Energy (BLE) enabled device;
    - and where the method further comprises;
      
      receiving a request for pairing or bonding at the first wireless device from the second wireless device while the first wireless device and second wireless device are communicating as slave and master across an unauthenticated wireless connection, the request for pairing or bonding being the same or different than the first wireless signal received from the second wireless device; and
      
      using the at least one programmable integrated circuit of the first wireless device to;
      
      determine the AoA of the received first wireless signal relative to the reference vector defined to extend from a position of the first wireless device,compare the determined AoA of the received first wireless signal to the predefined cone of allowable AoA for the first wireless device to determine if the AoA of the received first wireless signal is within the predefined cone of allowable AoA values for the first wireless device, andaccept the pairing or bonding request and establish an authenticated paired or bonded wireless connection between the first and second wireless devices only if the AoA of the received first wireless signal is within the predefined cone of allowable AoA values for the first wireless device and deny the pairing or bonding request and not establish an authenticated wireless connection between the first and second wireless devices if the AoA of the received first wireless signal is not within the predefined cone of allowable AoA values for the first wireless device.
  - 6. The method of claim 1, further comprising operating the first wireless device in a common wireless communication environment with the second wireless device and the third wireless device;
    - using the at least one programmable integrated circuit of the first wireless device to determine to initially authenticate a wireless connection with the third wireless device based on a comparison between an angle of arrival (AoA) of a second wireless signal received from the third wireless device to the predefined cone of allowable AoA values for the third wireless device; and
      
      then to establish an authenticated wireless connection between the first and second wireless device only if it is determined to initially authenticate the wireless connection with the second wireless device.
  - 7. The method of claim 1, further comprising using the least one programmable integrated circuit of the first wireless device to determine whether to initially authenticate the wireless connection with the second wireless device based only on the comparison between the angle of arrival (AoA) of the first wireless signal received at the first wireless device from the second wireless device to the predefined cone of allowable AoA values for the first wireless device.
  - 8. The method of claim 1, where each of the first and third wireless devices are different spaced-apart overhead light fixtures that are mounted to the ceiling of the same room above a floor of the same room;
    - and where the second wireless device is at least one of a smart phone, tablet, handheld remote control, or notebook computer that is positioned between the floor of the room and the ceiling of the room.
  - 9. The method of claim 1, where the range of allowable AoA values extends outward from all sides of the reference vector of the first wireless device by an absolute value of a maximum allowable AoA (P) to define the cone of allowable AoA values for the first wireless device in three-dimensional space.
  - 10. The method of claim 9, where the value of the maximum allowable AoA (β
    - ) is equal to 30′
      
      ; and
      
      where the cone of allowable AoA values for the first wireless device has an aperture of 60°
      
      .
  - 11. The method of claim 1, further comprising using the least one programmable integrated circuit of the first wireless device to determine whether to initially authenticate the wireless connection with the second wireless device based on the comparison between the angle of arrival (AoA) of the first wireless signal received from the second wireless device to the predefined cone of allowable AoA values for the first wireless device and without requiring a user of the second wireless device to have physical access to the second wireless device and without requiring any other user authentication action.
  - 12. The method of claim 5, further comprising using the at least one programmable integrated circuit of the first wireless device to accept the pairing or bonding request by exchanging short term keys and/or long term keys with the second wireless device to establish an authenticated paired or bonded wireless connection between the first and second wireless devices only if the AoA of the received first wireless signal is within the predefined cone of allowable AoA values for the first wireless device and deny the pairing or bonding request and not exchanging short term keys and/or long term keys with the second wireless device to establish an authenticated wireless connection between the first and second wireless devices if the AoA of the received first wireless signal is not within the predefined cone of allowable AoA values for the first wireless device.

13. A system, comprising:
- a first wireless device, a second wireless device, and a third wireless device, the first wireless device including at least one programmable integrated circuit coupled to radio circuitry and an antenna, the second wireless device including at least one programmable integrated circuit coupled to radio circuitry and an antenna, and the third wireless device including at least one programmable integrated circuit coupled to radio circuitry and an antenna,where the at least one programmable integrated circuit of the second wireless device is programmed to transmit a first wireless signal to the first wireless device and the third wireless device; and
  
  where the at least one programmable integrated circuit of the first wireless device is programmed to;
  
  determine whether to initially authenticate a wireless connection with the second wireless device based on a comparison between an angle of arrival (AoA) of the first wireless signal received from the second wireless device to a predefined range of allowable AoA values, andthen to establish an authenticated wireless connection between the first and second wireless device only if it is determined to initially authenticate the wireless connection with the second wireless device;
  
  where the at least one programmable integrated circuit of the first wireless device is further programmed to;
  
  determine the AoA of the received first wireless signal relative to a reference vector defined to extend from a position of the first wireless device when the first wireless signal is received from the second wireless device at the first wireless device while the first wireless device and second wireless device are communicating across an unauthenticated wireless connection,compare the determined AoA of the received first wireless signal to a predefined range of allowable AoA values that define a cone of allowable values for the first wireless device centered about and extending outward from all sides of the reference vector to determine if the AoA of the received first wireless signal is within the cone of allowable AoA values for the first wireless device, andestablish an authenticated wireless connection between the first and second wireless device only if the AoA of the received first wireless signal is within the predefined cone of allowable AoA values for the first wireless device and to deny an authenticated wireless connection between the first and second wireless devices if the AoA of the received first wireless signal is not within the cone of allowable AoA values for the first wireless device;
  
  where the cone of allowable values for the first wireless device are non-overlapping with a cone of allowable values centered about and extending outward from all sides of a reference vector that extends from a position of a third wireless device that is positioned adjacent to the first wireless device; and
  
  where the at least one programmable integrated circuit of the third wireless device is further programmed to;
  
  determine the AoA of the received first wireless signal relative to the reference vector defined to extend from a position of the third wireless device when the first wireless signal is received from the second wireless device at the third wireless device while the second wireless device is simultaneously in wireless communication range with both the first wireless device and the third wireless device and while the third wireless device and second wireless device are communicating across an unauthenticated wireless connection,compare the determined AoA of the received first wireless signal to a predefined range of allowable AoA values that define the cone of allowable values for the third wireless device centered about and extending outward from all sides of the reference vector extending from the position of the third wireless device to determine if the AoA of the received first wireless signal is within the cone of allowable AoA values for the third wireless device, andestablish an authenticated wireless connection between the third and second wireless device while the at least one programmable integrated circuit of the first wireless device denies an authenticated wireless connection between the first and second wireless devices only if the AoA of the received first wireless signal is within the predefined cone of allowable AoA values for the third wireless device while at the same time the AoA of the received first wireless signal is not within the predefined cone of allowable AoA values for the first wireless device.
- View Dependent Claims (14, 15, 16)
- - 14. The system of claim 13, where the at least one programmable integrated circuit of the first wireless device is further programmed:
    - to notify the second wireless device of an authentication failure when the authenticated wireless connection is denied.
  - 15. The system of claim 13, where the at least one programmable integrated circuit of the first wireless device is further programmed to:
    - determine to initially authenticate a wireless connection with the second wireless device and to establish an authenticated wireless connection between the first and second wireless devices only when the AoA of the first wireless signal received from the second wireless device is determined to be within the predefined cone of allowable AoA values for the first wireless device; and
      
      then to maintain the authenticated wireless connection established between the first and second wireless devices even when a position of the second wireless device changes relative to the first wireless device such that a second wireless signal received from the second wireless device across the authenticated wireless connection has an AoA that is not within the predefined cone of allowable AoA values for the first wireless device.
  - 16. The system of claim 13, where the first and second wireless devices are each a Bluetooth Low Energy (BLE) enabled device;
    - where the at least one programmable integrated circuit of the second wireless device is further programmed to;
      
      transmit the first wireless signal to the first wireless device while the first wireless device and second wireless device are communicating across an unauthenticated wireless connection; and
      
      transmit a request for pairing or bonding to the first wireless device while the first wireless device and second wireless device are communicating as slave and master across an unauthenticated wireless connection, the request for pairing or bonding being the same or different than the first wireless signal transmitted to the first wireless device; and
      
      where the at least one programmable integrated circuit of the first wireless device is further programmed to;
      
      determine the AoA of the received first wireless signal relative to the reference vector defined to extend from a position of the first wireless device,compare the determined AoA of the received first wireless signal to the predefined cone of allowable AoA values for the first wireless device to determine if the AoA of the received first wireless signal is within the predefined cone of allowable AoA values for the first wireless device, andaccept the pairing or bonding request and establish an authenticated paired or bonded wireless connection between the first and second wireless devices only if the AoA of the received first wireless signal is within the predefined cone of allowable AoA values for the first wireless device and deny the pairing or bonding request and not establish an authenticated wireless connection between the first and second wireless devices if the AoA of the received first wireless signal is not within the predefined cone of allowable AoA values for the first wireless device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Silicon Laboratories Incorporated
Original Assignee
Silicon Laboratories Incorporated
Inventors
Knaappila, Jani K.
Primary Examiner(s)
Turchen, James R

Application Number

US15/387,004
Publication Number

US 20180176776A1
Time in Patent Office

1,021 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2111   Location-sensitive, e.g. ge...

H04W 12/06   Authentication

H04W 12/08   Access security

H04W 12/50   Secure pairing of devices

H04W 12/64   using geofenced areas

H04W 4/023   using mutual or relative lo...

H04W 4/80   Services using short range ...

H04W 76/14   Direct-mode setup

H04W 84/20   Master-slave selection or c...

Systems and methods for initial authentication of wireless communication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

39 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Systems and methods for initial authentication of wireless communication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others