Method for ensuring data transmission security, communication system and communication device
First Claim
1. A method for ensuring data transmission security between a first and a second communication device in short-range wireless communication in which, to set up a data transmission connection, the communication devices conduct a key exchange stage to exchange at least two keys between the communication devices, and on the basis of said exchanged keys at least one encryption key is derived in the communication devices, wherein at said key exchange stage at least a first and a second check string are formed, said strings being based on the keys derived at least at said key exchange stage, and that the security of the established connection is ensured by comparing the correspondence of said check strings.
2 Assignments
0 Petitions
Accused Products
Abstract
The invention relates to a method for ensuring data transmission security between a first and a second communication device in short-range wireless communication. To set up a secure data transmission connection, the communication devices conduct a key exchange stage to generate at least one shared key between the communication devices. After said key exchange stage at least a first and a second check string is formed, said strings being based at least on a unique short random string and on the keys generated in each communication device at said key exchange stage. Thus, the security of the connection that is set up is ensured by comparing the correspondence of said check strings. The invention also relates to a communication system and a communication device, in which the method will be applied.
79 Citations
32 Claims
- 1. A method for ensuring data transmission security between a first and a second communication device in short-range wireless communication in which, to set up a data transmission connection, the communication devices conduct a key exchange stage to exchange at least two keys between the communication devices, and on the basis of said exchanged keys at least one encryption key is derived in the communication devices, wherein at said key exchange stage at least a first and a second check string are formed, said strings being based on the keys derived at least at said key exchange stage, and that the security of the established connection is ensured by comparing the correspondence of said check strings.
-
19. A communication system that comprises at least a first and a second communication device, means for setting up a short-range wireless data transmission connection between said first and second communication device, and means for ensuring data transmission security in the data transmission connection, comprising means for conducting a key exchange stage to exchange at least two keys between the communication devices, and means for deriving at least one encryption key on the basis of the exchanged keys in the communication devices, wherein the means for ensuring data transmission security comprise means for forming at least a first and a second check string, said strings being based on the keys exchanged at least at said key exchange stage, and means for comparing the correspondence of said check strings.
-
28. A communication system that comprises at least a first and a second communication device, means for setting up a short-range wireless data transmission connection between said first and second communication device, and means for ensuring data transmission security in the data transmission connection, comprising means for conducting a key exchange stage to exchange at least two keys between the communication devices, and means for deriving at least one encryption key on the basis of the exchanged keys in the communication devices, wherein the communication system comprises means for determining a first encryption key in the first communication device, means for determining a second encryption key in the second communication device, means for determining a link encryption key for encryption of information to be transmitted in the data transmission connection, means for selecting a random check string, the means for ensuring data transmission security comprise means for forming a first check string in the first communication device at least on the basis of said first encryption key and said random string and means for forming a second check string in the second communication device at least on the basis of said second encryption key and said random string, and the communication system further comprising means for comparing said first check string and said second check string, wherein, if said check strings correspond to each other, the link encryption key selected at said key exchange stage is arranged to be used in the data transmission connection.
-
29. A communication device that comprises at least means for setting up a short-range wireless data transmission connection between a communication device and another communication device, and means for ensuring data transmission security in the data transmission connection, comprising means for conducting a key exchange stage with another communication device to exchange at least two keys between the communication devices, and means for deriving at least one encryption key on the basis of the exchanged keys, wherein the means for ensuring data transmission security comprise means for forming at least one check string, said string being based at least on the keys exchanged at said key exchange stage, and means for comparing the correspondence of said check strings.
-
32. A wireless communication device that comprises at least means for setting up a short-range wireless data transmission connection between the wireless communication device and another communication device, and means for ensuring data transmission security in the data transmission connection, comprising means for conducting a key exchange stage with another communication device to exchange at least two keys between said wireless communication device and said another communication device, and means for deriving at least one encryption key on the basis of the exchanged keys, wherein the means for ensuring data transmission security comprise means for forming at least one check string, said string being based at least on the keys exchanged at said key exchange stage, and means for comparing the correspondence of said check strings.
Specification