Method for protecting privacy when using a bluetooth device

US 20020174364A1
Filed: 05/21/2001
Published: 11/21/2002
Est. Priority Date: 05/21/2001
Status: Active Grant

First Claim

Patent Images

1. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:

substituting a pseudonym address for the real device address; and

using the pseudonym address in functions of the device that normally use the real device address.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The user'"'"'s Bluetooth device substitutes a pseudonym address for the Bluetooth Device Address (BD_ADDR). The pseudonym address is a randomized version of the BD_ADDR. The pseudonym address is used in all the functions of the Bluetooth device that normally use the BD_ADDR, including the frequency hopping sequence, the device access code, the initialization key in link encryption, the authentication code, and the various packet addresses. In this manner, the user'"'"'s privacy is protected by preventing the user'"'"'s identity, routes, and activities from being correlated with his/her device'"'"'s address. In addition to the Bluetooth standard, the technique also applies to other wireless standards.

Citations

78 Claims

1. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- substituting a pseudonym address for the real device address; and
  
  using the pseudonym address in functions of the device that normally use the real device address.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 2. The method of claim 1, which further comprises:
    - forming the pseudonym address as a randomized version of the real device address.
  - 3. The method of claim 1, which further comprises:
    - using the pseudonym address in packet address functions of the device that normally use the real device address.
  - 4. The method of claim 1, which further comprises:
    - using the pseudonym address in modulation functions of the device that normally use the real device address.
  - 5. The method of claim 4, which further comprises:
    - using the pseudonym address in frequency hopping sequence modulation functions of the device that normally use the real device address.
  - 6. The method of claim 1, which further comprises:
    - using the pseudonym address in device access code functions of the device that normally use the real device address.
  - 7. The method of claim 1, which further comprises:
    - using the pseudonym address in link encryption functions of the device that normally use the real device address.
  - 8. The method of claim 1, which further comprises:
    - using the pseudonym address in authentication functions of the device that normally use the real device address.
  - 9. The method of claim 1, which further comprises:
    - enabling the user to select a part of the real device address and randomize it to form the pseudonym address.
  - 10. The method of claim 1, which further comprises:
    - enabling the user to select a parameter to combine with the real device address and randomize it to form the pseudonym address.
  - 11. The method of claim 1, which further comprises:
    - enabling the user to select a true random number to combine with the real device address and randomize it to form the pseudonym address.
  - 12. The method of claim 1, which further comprises:
    - storing the pseudonym address and associating it with a paired device with which the pseudonym address is exchanged.
  - 13. The method of claim 1, which further comprises:
    - using the pseudonym address for a predetermined time or count selected by the user.
  - 14. The method of claim 1, which further comprises:
    - using the pseudonym address for a duration that at least begins with an inquiry received from another device and ends if no connection is made after the inquiry.
  - 15. The method of claim 1, which further comprises:
    - using the pseudonym address for a duration that at least begins with an inquiry by the user'"'"'s device and ends if no connection is made after the inquiry.
  - 16. The method of claim 1, which further comprises:
    - using the pseudonym address for a duration that ends when a piconet context changes for the user'"'"'s device.
  - 17. The method of claim 1, which further comprises:
    - using the pseudonym address for a duration that at least begins with sensing of a current physical location of the user'"'"'s device, and ends if that physical location changes beyond a predefined distance.
  - 18. The method of claim 1, which further comprises:
    - using the pseudonym address for a duration that at least begins with an inquiry that establishes a connection with another device, and ends when that connection is terminated.
  - 19. The method of claim 1, which further comprises:
    - comparing a newly generated pseudonym address with known addresses of other devices;
      
      discarding the newly generated pseudonym address if it duplicates the known addresses of other devices; and
      
      generating another pseudonym address.
  - 20. The method of claim 19, which further comprises:
    - notifying the user if there are many repeated attempts to generate a pseudonym address that fail because of other duplicate addresses; and
      
      enabling the user to modify a randomization of the real device address to generate another pseudonym address.
  - 21. The method of claim 1, wherein the wireless device principle of operation is the Bluetooth standard.
  - 22. The method of claim 1, wherein the wireless device principle of operation is a IEEE 802.11 Wireless LAN standard.
  - 23. The method of claim 1, wherein the wireless device principle of operation is the Japanese 3rd Generation (3G) wireless standard.
  - 24. The method of claim 1, wherein the wireless device principle of operation is a cellular telephone system standard.
  - 25. The method of claim 1, wherein the wireless device principle of operation is the Infrared Data Association (IrDA) standard.
  - 26. The method of claim 1, wherein the wireless device principle of operation is the Digital Enhanced Cordless Telecommunications (DECT) standard.
  - 27. The method of claim 1, wherein the wireless device principle of operation is the Shared Wireless Access Protocol (SWAP) standard.
  - 28. The method of claim 1, wherein the wireless device principle of operation is the IEEE 802.15 Wireless Personal Area Network (WPAN) standard.
  - 29. The method of claim 1, wherein the wireless device principle of operation is the High Performance Radio Local Area Network (HIPERLAN) standard.
  - 30. The method of claim 1, wherein the wireless device principle of operation is the Multimedia Mobile Access Communication (MMAC) Systems standard.

31. A system for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- a generator in the wireless device, for substituting a pseudonym address for the real device address; and
  
  a processor coupled to the generator, for using the pseudonym address in functions of the device that normally use the real device address.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
- - 32. The system of claim 31, which further comprises:
    - said generator forming the pseudonym address as a randomized version of the real device address.
  - 33. The system of claim 31, which further comprises:
    - said processor using the pseudonym address in packet address functions of the device that normally use the real device address.
  - 34. The system of claim 31, which further comprises:
    - said processor using the pseudonym address in modulation functions of the device that normally use the real device address.
  - 35. The system of claim 34, which further comprises:
    - said processor using the pseudonym address in frequency hopping sequence modulation functions of the device that normally use the real device address.
  - 36. The system of claim 31, which further comprises:
    - said processor using the pseudonym address in device access code functions of the device that normally use the real device address.
  - 37. The system of claim 31, which further comprises:
    - said processor using the pseudonym address in link encryption functions of the device that normally use the real device address.
  - 38. The system of claim 31, which further comprises:
    - said processor using the pseudonym address in authentication functions of the device that normally use the real device address.
  - 39. The system of claim 31, which further comprises:
    - an interface coupled to the processor, for enabling the user to select a part of the real device address and randomize it to form the pseudonym address.
  - 40. The system of claim 31, which further comprises:
    - an interface coupled to the processor, for enabling the user to select a parameter to combine with the real device address and randomize it to form the pseudonym address.
  - 41. The system of claim 31, which further comprises:
    - an interface coupled to the processor, for enabling the user to select a true random number to combine with the real device address and randomize it to form the pseudonym address.
  - 42. The system of claim 31, which further comprises:
    - a memory coupled to the processor, for storing the pseudonym address and associating it with a paired device with which the pseudonym address is exchanged.
  - 43. The system of claim 31, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a predetermined time or count selected by the user.
  - 44. The system of claim 31, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a duration that at least begins with an inquiry received from another device and ends if no connection is made after the inquiry.
  - 45. The system of claim 31, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a duration that at least begins with an inquiry by the user'"'"'s device and ends if no connection is made after the inquiry.
  - 46. The system of claim 31, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a duration that ends when a piconet context changes for the user'"'"'s device.
  - 47. The system of claim 31, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a duration that at least begins with sensing of a current physical location of the user'"'"'s device, and ends if that physical location changes beyond a predefined distance.
  - 48. The system of claim 31, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a duration that at least begins with an inquiry that establishes a connection with another device, and ends when that connection is terminated.
  - 49. The system of claim 31, which further comprises:
    - said processor comparing a newly generated pseudonym address with known addresses of other devices;
      
      said processor discarding the newly generated pseudonym address if it duplicates the known addresses of other devices; and
      
      said generator generating another pseudonym address.
  - 50. The system of claim 49, which further comprises:
    - an interface coupled to the processor, for notifying the user if there are many repeated attempts to generate a pseudonym address that fail because of other duplicate addresses; and
      
      said interface enabling the user to modify a randomization of the real device address to generate another pseudonym address.
  - 51. The system of claim 31, wherein the wireless device principle of operation is the Bluetooth standard.
  - 52. The system of claim 31, wherein the wireless device principle of operation is a IEEE 802.11 Wireless LAN standard.
  - 53. The system of claim 31, wherein the wireless device principle of operation is the Japanese 3rd Generation (3G) wireless standard.
  - 54. The system of claim 31, wherein the wireless device principle of operation is a cellular telephone system standard.
  - 55. The system of claim 31, wherein the wireless device principle of operation is the Infrared Data Association (IrDA) standard.
  - 56. The system of claim 31, wherein the wireless device principle of operation is the Digital Enhanced Cordless Telecommunications (DECT) standard.
  - 57. The system of claim 31, wherein the wireless device principle of operation is the Shared Wireless Access Protocol (SWAP) standard.
  - 58. The system of claim 31, wherein the wireless device principle of operation is the IEEE 802.15 Wireless Personal Area Network (WPAN) standard.
  - 59. The system of claim 31, wherein the wireless device principle of operation is the High Performance Radio Local Area Network (HIPERLAN) standard.
  - 60. The system of claim 31, wherein the wireless device principle of operation is the Multimedia Mobile Access Communication (MMAC) Systems standard.

61. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- forming a pseudonym address as a randomized version of the real device address;
  
  substituting the pseudonym address for the real device address; and
  
  using the pseudonym address in functions of the device that normally use the real device address.

62. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- enabling the user to select a part of the real device address and randomize it to form a first part of a pseudonym address;
  
  combining a remaining part of the real device address with the first part of the pseudonym address to form a complete pseudonym address;
  
  substituting the complete pseudonym address for the real device address; and
  
  using the complete pseudonym address in functions of the device that normally use the real device address.

63. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- enabling the user to select a parameter to combine with the real device address;
  
  combining the parameter with the real device address and forming a random number as a pseudonym address;
  
  substituting the pseudonym address for the real device address; and
  
  using the pseudonym address in functions of the device that normally use the real device address.

64. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- forming a pseudonym address as a randomized version of the real device address;
  
  substituting the pseudonym address for the real device address;
  
  using the pseudonym address in functions of the device that normally use the real device address; and
  
  using the pseudonym address for a predetermined time or count.

65. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- forming a pseudonym address as a randomized version of the real device address;
  
  substituting the pseudonym address for the real device address;
  
  using the pseudonym address in functions of the device that normally use the real device address; and
  
  using the pseudonym address for a duration that at least begins with an inquiry received from another device and ends if no connection is made after the inquiry.

66. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- forming a pseudonym address as a randomized version of the real device address;
  
  substituting the pseudonym address for the real device address;
  
  using the pseudonym address in functions of the device that normally use the real device address; and
  
  using the pseudonym address for a duration that at least begins with an inquiry by the user'"'"'s device and ends if no connection is made after the inquiry.

67. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- forming a pseudonym address as a randomized version of the real device address;
  
  substituting the pseudonym address for the real device address;
  
  using the pseudonym address in functions of the device that normally use the real device address; and
  
  using the pseudonym address for a duration that ends when a piconet context changes for the user'"'"'s device.

68. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- forming a pseudonym address as a randomized version of the real device address;
  
  substituting the pseudonym address for the real device address;
  
  using the pseudonym address in functions of the device that normally use the real device address; and
  
  using the pseudonym address for a duration that at least begins with sensing of a current physical location of the user'"'"'s device, and ends if that physical location changes beyond a predefined distance.

69. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- forming a pseudonym address as a randomized version of the real device address;
  
  substituting the pseudonym address for the real device address;
  
  using the pseudonym address in functions of the device that normally use the real device address; and
  
  using the pseudonym address for a duration that at least begins with an inquiry that establishes a connection with another device, and ends when that connection is terminated.

70. A method for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- forming a pseudonym address as a randomized version of the real device address;
  
  comparing the pseudonym address with known addresses of other devices;
  
  notifying the user if there are repeated attempts to generate a pseudonym address that fail because of duplicate addresses of other devices;
  
  enabling the user to specify a modified randomization of the real device address;
  
  performing the modified randomization and generating a new pseudonym address from the real device address; and
  
  using the new pseudonym address in functions of the device that normally use the real device address.

71. A computer program product for a Bluetooth wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- a computer readable medium;
  
  program code in said computer readable medium for forming a pseudonym address by randomizing at least a portion of the real Bluetooth device address;
  
  program code in said computer readable medium for substituting the pseudonym address for the real Bluetooth device address; and
  
  program code in said computer readable medium for using the pseudonym address in functions of the device that normally use the real Bluetooth device address.

72. A system for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- a memory storing a plurality of pseudonym addresses, each as a randomized version of the real device address;
  
  a processor coupled to the memory, for substituting one of the pseudonym addresses for the real device address; and
  
  said processor using the one pseudonym address in functions of the device that normally use the real device address.

73. A system for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- a memory storing a plurality of pseudonym addresses, each as a randomized version of the real device address;
  
  a processor coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a predetermined time or count.

74. A system for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- a memory storing a plurality of pseudonym addresses, each as a randomized version of the real device address;
  
  a processor coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a duration that at least begins with an inquiry received from another device and ends if no connection is made after the inquiry.

75. A system for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- a memory storing a plurality of pseudonym addresses, each as a randomized version of the real device address;
  
  a processor coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a duration that at least begins with an inquiry by the user'"'"'s device and ends if no connection is made after the inquiry.

76. A system for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- a memory storing a plurality of pseudonym addresses, each as a randomized version of the real device address;
  
  a processor coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a duration that ends when a piconet context changes for the user'"'"'s device.

77. A system for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- a memory storing a plurality of pseudonym addresses, each as a randomized version of the real device address;
  
  a processor coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a duration that at least begins with sensing of a current physical location of the user'"'"'s device, and ends if that physical location changes beyond a predefined distance.

78. A system for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address, comprising:
- a memory storing a plurality of pseudonym addresses, each as a randomized version of the real device address;
  
  a processor coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a duration that at least begins with an inquiry that establishes a connection with another device, and ends when that connection is terminated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Tarkiainen, Mikko, Nordman, Ian, Gyorbiro, Norbert, Gripenberg, Casper, Alamaki, Tero, Vanska, Marko

Granted Patent

US 7,194,760 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

H04L 2101/622   Layer-2 addresses, e.g. med...

H04L 61/00   Network arrangements, proto...

H04L 61/45   Network directories; Name-t...

H04L 63/0421   Anonymous communication, i....

H04W 12/02   Protecting privacy or anony...

H04W 8/26   Network addressing or numbe...

H04W 84/18   Self-organising networks, e...

Method for protecting privacy when using a bluetooth device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

78 Claims

Specification

Solutions

Use Cases

Quick Links

Method for protecting privacy when using a bluetooth device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

78 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links