Secure wireless ranging
First Claim
1. A method for performing secure wireless ranging, comprising:
- initiating a handshake process between a first wireless communication device and a second wireless communication device;
collecting first measurement data at the first wireless communication device;
encrypting the first measurement data using an initialization vector and a transient key to produce first encrypted measurement data;
transmitting the first encrypted measurement data from the first wireless device to the second wireless communication device;
receiving second encrypted measurement data from the second wireless communication device at the first wireless communication device;
collecting third measurement data at the first wireless communication device;
monotonically increasing the initialization vector to produce an updated initialization vector;
encrypting the third measurement data using the updated initialization vector and the transient key to produce third encrypted measurement data; and
determining a separation distance between the first and second wireless communication devices using the first, second, and third encrypted measurement data.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments for securely determining a separation distance between wireless communication devices is provided. These embodiments include receiving a measurement request and a first random identifier from a first wireless communication device at a second wireless communication device. The embodiments also includes deriving a transient key using the first random identifier, a second random identifier (generated by the second device), and a pre-shared key. The first and second random identifiers, the pre-shared key, and the transient key derived therefrom are shared between the first and second devices, but are not known to any other devices. The embodiments further include encrypting measurement data exchanged between the two devices using the transient key, and using the encrypted measurement data to calculate and verify a separation distance between the devices. The embodiments thus prevent dishonest wireless communication devices from intercepting communications and spoofing a location of one of the two honest devices.
16 Citations
19 Claims
-
1. A method for performing secure wireless ranging, comprising:
-
initiating a handshake process between a first wireless communication device and a second wireless communication device; collecting first measurement data at the first wireless communication device; encrypting the first measurement data using an initialization vector and a transient key to produce first encrypted measurement data; transmitting the first encrypted measurement data from the first wireless device to the second wireless communication device; receiving second encrypted measurement data from the second wireless communication device at the first wireless communication device; collecting third measurement data at the first wireless communication device; monotonically increasing the initialization vector to produce an updated initialization vector; encrypting the third measurement data using the updated initialization vector and the transient key to produce third encrypted measurement data; and determining a separation distance between the first and second wireless communication devices using the first, second, and third encrypted measurement data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A wireless communication device, comprising:
-
a wireless interface configured to; initiate a one-time only handshake process with a second wireless communication device; a hardware processor configured to; collect first measurement data, and encrypt the first measurement data using a transient key to produce first encrypted measurement data, wherein the first measurement data is encrypted by combining an initialization vector with the transient key such that a first sequence of bits is used to encrypt the first measurement data; wherein the wireless interface is further configured to; transmit the first encrypted measurement data to the second wireless communication device, and receive second encrypted measurement data from the second wireless communication device, wherein the hardware processor is further configured to; collect third measurement data, monotonically increase the initialization vector to produce an updated initialization vector; encrypt the third measurement data using the transient key to produce third encrypted measurement data, wherein the third measurement data is encrypted by combining the updated initialization vector with the transient key such that a second sequence of bits is used to encrypt the third measurement data, and determine a separation distance from the second wireless communication device using the first, second, and third encrypted measurement data; and memory, coupled to the hardware processor, configured to store the transient key, the initialization vector, the first, second, and third measurement data, and a set of instructions for execution by the hardware processor. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A secure wireless communication system, comprising:
-
a first wireless communication device, having a first processor, a wireless interface, and memory; and a second wireless communication device, having a second processor, a wireless interface, and memory, wherein the first wireless communication device is configured to; initiate a handshake process with the second wireless communication device, collect first measurement data, encrypt the first measurement data using a transient key to produce first encrypted measurement data, wherein the first measurement data is encrypted by combining an initialization vector with the transient key such that a first sequence of bits is used to encrypt the first measurement data, transmit the first encrypted measurement data to the second wireless communication device, collect third measurement data, and encrypt the third measurement data using the transient key to produce third encrypted measurement data, wherein the third measurement data is encrypted by combining the initialization vector with the transient key such that a third sequence of bits is used to encrypt the third measurement data, and wherein the second wireless communication device is configured to; complete the handshake process with the first wireless communication device, collect second measurement data, encrypt the second measurement data using a transient key to produce second encrypted measurement data, wherein the second measurement data is encrypted by combining the initialization vector with the transient key such that a second sequence of bits is used to encrypt the second measurement data, and transmit the second encrypted measurement data to the first wireless communication device, and wherein the first wireless communication device is further configured to; determine a separation distance from the second wireless communication device using the first, second, and third encrypted measurement data. - View Dependent Claims (17, 18, 19)
-
Specification