Portable electronic door opener device and method for secure door opening
First Claim
1. A portable computing device for opening a door, comprising:
- a memory, wherein a content of the memory comprises;
a first copy of a shared secret key;
a first standard certificate, wherein the first standard certificate is being used in responding to a challenge of the door; and
means for communicating with the door, wherein the door possesses a second copy of the shared secret key, and wherein the door adapted to validate identicalness of the first and the second copies of the shared secret key, and wherein the door further adapted to issue the challenge to the computing device.
3 Assignments
0 Petitions
Accused Products
Abstract
A portable computing device for opening a door (an electronic door opener) and a method for its use is disclosed. The computing device has a shared secret key, a standard certificate, means for communicating with the door, and a processor adapted for performing operations with shared secret keys and standard certificates. The door also possesses the same shared secret key. Under normal operation, messages encoded with the shared secret key serve to establish a right to open the door. The portable computing device'"'"'s standard certificate is used to respond to occasional challenges by the door, and to generate the shared secret key. Biometric capabilities of the portable computing device add an additional layer of security in screening the identity of the user of the device. A security system for controlling access, involving a first plurality of computing devices and a second plurality of doors, and operating based on shared secret keys and occasional challenges is also disclosed.
-
Citations
20 Claims
-
1. A portable computing device for opening a door, comprising:
-
a memory, wherein a content of the memory comprises;
a first copy of a shared secret key;
a first standard certificate, wherein the first standard certificate is being used in responding to a challenge of the door; and
means for communicating with the door, wherein the door possesses a second copy of the shared secret key, and wherein the door adapted to validate identicalness of the first and the second copies of the shared secret key, and wherein the door further adapted to issue the challenge to the computing device. - View Dependent Claims (2, 3)
-
-
4. A method for secure unlocking of a door based on a shared secret key, comprising the steps of:
-
providing a portable computing device, wherein the computing device is equipped with a memory, and the memory holds a first copy of the shared secret key and a first standard certificate, wherein the computing device is adapted for performing operations with shared secret keys and standard certificates, and wherein the computing device is also having means for communicating with the door;
communicating by the computing device to the door a device identifier;
issuing a challenge by the door to the computing device, wherein the challenge is issued only on randomly selected occasions;
responding to the challenge by the computing device by demonstrating possession of a private key part of the first standard certificate;
responding by the door with a door identifier and with a message, wherein the message is encrypted with a second copy of the shared secret key, and wherein using the second copy of the shared secret key for encrypting the message resulted from recognizing the device identifier communicated by the computing device;
responding by the computing device with a signal attesting decryption of the message, wherein the message has been decrypted in the computing device by the first copy of the shared secret key, and wherein using the first copy of the shared secret key for decrypting the message resulted from recognizing the door identifier transmitted by the door; and
unlocking the door upon recognizing validity of the signal attesting decryption of the message. - View Dependent Claims (5, 6, 7, 8, 9)
-
- 10. A security system for controlling access, comprising a first plurality of doors and a second plurality of portable computing devices for opening doors, each computing device equipped with a memory, wherein any one of the computing devices holds in its memory a unique first standard certificate, and wherein the any one computing device further holds in its memory door identifiers for all those doors out of the first plurality of doors that the any one computing device is permitted to open, and wherein each of the door identifier is uniquely linked to a first copy of a shared secret key, wherein any one of the doors possesses a matching information for each one of those computing devices out of the second plurality of computing devices that are permitted to open the any one door, wherein the matching information comprises a device identifier, wherein the device identifier is linked to a public key part of the unique first standard certificate and to a second copy of the shared secret key, and wherein the first plurality of doors and the second plurality of computing devices have means for communicating between any device and any door, and wherein the any one door is adapted to recognize the device identifier, and further adapted to use the matching information to validate identicalness of the first and the second copies of the shared secret key, and to issue a challenge to the unique first standard certificate using the public key part of the unique first standard certificate.
-
20. A computer data signal embodied in a carrier wave encoding a computer program of instructions for executing a computer process performing the steps for secure unlocking of a door based on a shared secret key, as recited in the steps of:
-
communicating by a computing device to the door a device identifier;
issuing a challenge by the door to the computing device, wherein the challenge is issued only on randomly selected occasions;
responding to the challenge by the computing device by demonstrating possession of a private key part of a first standard certificate;
responding by the door with a door identifier and with a message, wherein the message is encrypted with a second copy of the shared secret key, and wherein using the second copy of the shared secret key for encrypting the message resulted from recognizing the device identifier communicated by the computing device;
responding by the computing device with a signal attesting decryption of the message, wherein the message has been decrypted in the computing device by the first copy of the shared secret key, and wherein using the first copy of the shared secret key for decrypting the message resulted from recognizing the door identifier transmitted by the door;
andunlocking the door upon recognizing validity of the signal attesting decryption of the message.
-
Specification