Method and system for authenticating a security device
First Claim
1. In a security system comprising a control panel and a plurality of security devices interconnected to the control panel over a communications medium located in a premises, a method of authenticating a security device to determine if it is authorized to be used with the security system, the method comprising the steps of:
- a. storing a first encryption key and a second encryption key in the control panel;
b. storing the first encryption key and the second encryption key in the security device;
c. generating a challenge index at the control panel;
d. producing a challenge message by encrypting the challenge index using the first encryption key at the control panel and including the encrypted challenge index in the challenge message;
e. transmitting the challenge message over the communications medium to the security device;
f. receiving at the security device the challenge message over the communications medium from the control panel;
g. extracting the encrypted challenge index from the challenge message;
h. decrypting the encrypted challenge index using the first encryption key at the security device to produce a response index;
i. producing a response message by encrypting the response index using the second encryption key at the security device and including the encrypted response index in the response message;
j. transmitting the response message over the communications medium to the control panel;
k. receiving at the control panel the response message over the communications medium from the security device;
l. extracting the encrypted response index from the response message;
m. decrypting the encrypted response index using the second encryption key at the control panel to produce the response index;
n. comparing the response index decrypted by the control panel with the challenge index generated by the control panel;
i. if the response index decrypted by the control panel is the same as the challenge index generated by the control panel, then indicating that the security device is authentic and allowing further communications between the control panel and the security device; and
ii. if the response index decrypted by the control panel is not the same as the challenge index generated by the control panel, then indicating that the security device is not authentic and disallowing further communications between the control panel and the security device.
4 Assignments
0 Petitions
Accused Products
Abstract
A method of authenticating a security device to determine if it is authorized to be used with a security system. First and second encryption keys are stored in the control panel and the security device. A challenge message is produced by encrypting, with the first key, a challenge index (such as a random number generated by the control panel). The challenge message is transmitted the security device, where the encrypted challenge index is extracted from the challenge message and then decrypted using the first key at the security device to produce a response index. A response message is produced by encrypting, with the second key, the response index decrypted by the security device. The response message is transmitted to the control panel, and the encrypted response index is extracted and then decrypted using the second key at the control panel to produce the response index. The control panel then compares the response index with the challenge index previously generated. If they are the same, then the control panel indicates that the security device is authentic and allows further communications between the control panel and the security device. If they are not the same, then the control panel indicates that the security device is not authentic and disallows further communications between the control panel and the security device.
-
Citations
35 Claims
-
1. In a security system comprising a control panel and a plurality of security devices interconnected to the control panel over a communications medium located in a premises, a method of authenticating a security device to determine if it is authorized to be used with the security system, the method comprising the steps of:
-
a. storing a first encryption key and a second encryption key in the control panel;
b. storing the first encryption key and the second encryption key in the security device;
c. generating a challenge index at the control panel;
d. producing a challenge message by encrypting the challenge index using the first encryption key at the control panel and including the encrypted challenge index in the challenge message;
e. transmitting the challenge message over the communications medium to the security device;
f. receiving at the security device the challenge message over the communications medium from the control panel;
g. extracting the encrypted challenge index from the challenge message;
h. decrypting the encrypted challenge index using the first encryption key at the security device to produce a response index;
i. producing a response message by encrypting the response index using the second encryption key at the security device and including the encrypted response index in the response message;
j. transmitting the response message over the communications medium to the control panel;
k. receiving at the control panel the response message over the communications medium from the security device;
l. extracting the encrypted response index from the response message;
m. decrypting the encrypted response index using the second encryption key at the control panel to produce the response index;
n. comparing the response index decrypted by the control panel with the challenge index generated by the control panel;
i. if the response index decrypted by the control panel is the same as the challenge index generated by the control panel, then indicating that the security device is authentic and allowing further communications between the control panel and the security device; and
ii. if the response index decrypted by the control panel is not the same as the challenge index generated by the control panel, then indicating that the security device is not authentic and disallowing further communications between the control panel and the security device. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. In a security system comprising a control panel and a plurality of security devices interconnected to the control panel over a communications medium located in a premises, a method for a control panel to authenticate a security device to determine if it is authorized to be used with the security system, the method comprising the steps of:
-
a. storing a first encryption key and a second encryption key in the control panel;
b. generating a challenge index at the control panel;
c. producing a challenge message by encrypting the challenge index using the first encryption key at the control panel and including the encrypted challenge index in the challenge message;
d. transmitting the challenge message over the communications medium to the security device;
e. receiving at the control panel a response message over the communications medium from the security device;
f. extracting an encrypted response index from the response message;
g. decrypting the encrypted response index using the second encryption key at the control panel to produce the response index;
h. comparing the response index decrypted by the control panel with the challenge index generated by the control panel;
i. if the response index decrypted by the control panel is the same as the challenge index generated by the control panel, then indicating that the security device is authentic and disallowing further communications between the control panel and the security device; and
ii. if the response index decrypted by the control panel is not the same as the challenge index generated by the control panel, then indicating that the security device is not authentic and disallowing further communications between the control panel and the security device. - View Dependent Claims (9)
-
-
10. In a security system comprising a control panel and a plurality of security devices interconnected to the control panel over a communications medium located in a premises, a method for a security device to respond to an authentication request to determine if it is authorized to be used with the security system, the method comprising the steps of:
-
a. storing a first encryption key and a second encryption key in the security device;
b. receiving at the security device a challenge message over the communications medium from the control panel;
c. extracting an encrypted challenge index from the challenge message;
d. decrypting the encrypted challenge index using the first encryption key at the security device to produce a response index;
e. producing a response message by encrypting the response index using the second encryption key at the security device and including the encrypted response index in the response message; and
f. transmitting the response message over the communications medium to the control panel. - View Dependent Claims (11)
-
-
12. A security system comprising:
-
a. a control panel;
b. a plurality of security devices; and
c. a communications medium interconnecting the plurality of security devices with the control panel;
d. wherein the control panel comprises;
(i) a memory that stores a first encryption key and a second encryption key; and
(ii) processing circuitry adapted to;
(a) generate a challenge index;
(b) produce a challenge message by encrypting the challenge index using the first encryption key and including the encrypted challenge index in the challenge message; and
(c) transmit the challenge message over the communications medium to a security device being authenticated for use with the security system;
e. wherein the security device being authenticated for use with the security system comprises;
(i) a memory that stores the first encryption key and the second encryption key; and
(ii) processing circuitry adapted to;
(a) receive the challenge message over the communications medium from the control panel;
(b) extract the encrypted challenge index from the challenge message;
(c) decrypt the encrypted challenge index using the first encryption key stored at the security device to produce a response index;
(d) produce a response message by encrypting the response index using the second encryption key stored at the security device and including the encrypted response index in the response message; and
(e) transmit the response message over the communications medium to the control panel; and
f. wherein the processing circuitry at the control panel is further adapted to;
(i) receive the response message over the communications medium from the security device;
(ii) extract the encrypted response index from the response message;
(iii) decrypt the encrypted response index using the second encryption key stored at the control panel to produce the response index;
(iv) compare the response index decrypted by the control panel with the challenge index generated by the control panel; and
(a) if the response index decrypted by the control panel is the same as the challenge index generated by the control panel, then indicate that the security device is authentic and allow further communications between the control panel and the security device; and
(b) if the response index decrypted by the control panel is not the same as the challenge index generated by the control panel, then indicate that the security device is not authentic and disallow further communications between the control panel and the security device. - View Dependent Claims (13, 14, 15)
-
-
16. A control panel for use with a security system comprising:
-
a. a memory that stores a first encryption key and a second encryption key; and
b. processing circuitry adapted to;
(i) generate a challenge index;
(ii) produce a challenge message by encrypting the challenge index using the first encryption key and including the encrypted challenge index in the challenge message; and
(iii) transmit the challenge message over a communications medium to a security device being authenticated for use with the security system;
(iv) receive a response message over the communications medium from the security device;
(v) extract an encrypted response index from the response message;
(vi) decrypt the encrypted response index using the second encryption key stored at the control panel to produce the response index;
(vii) compare the decrypted response index with the generated challenge index generated; and
(a) if the response index decrypted by the control panel is the same as the challenge index generated by the control panel, then indicate that the security device is authentic and allow further communications between the control panel and the security device; and
(b) if the response index decrypted by the control panel is not the same as the challenge index generated by the control panel, then indicate that the security device is not authentic and disallow further communications between the control panel and the security device. - View Dependent Claims (17)
-
-
18. A security device for use with a security system comprising:
-
a. a memory that stores a first encryption key and a second encryption key; and
b. processing circuitry adapted to;
i. receive a challenge message over a communications medium from a control panel;
ii. extract an encrypted challenge index from the challenge message;
iii. decrypt the encrypted challenge index using the first encryption key stored at the security device to produce a response index;
iv. produce a response message by encrypting the response index using the second encryption key stored at the security device and including the encrypted response index in the response message; and
v. transmit the response message over the communications medium to the control panel. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. In a security system comprising a plurality of security devices interconnected over a communications medium located in a premises, wherein a first security device of said plurality of security devices is known to be authentic, a method of authenticating a second security device to determine if it is authorized to be used with the security system, the method comprising the steps of:
-
a. storing a first encryption key and a second encryption key in the first security device;
b. storing the first encryption key and the second encryption key in the second security device;
c. generating a challenge index at the first security device;
d. producing a challenge message by encrypting the challenge index using the first encryption key at the first security device and including the encrypted challenge index in the challenge message;
e. transmitting the challenge message over the communications medium to the second security device;
f. receiving at the second security device the challenge message over the communications medium from the first security device;
g. extracting the encrypted challenge index from the challenge message;
h. decrypting the encrypted challenge index using the first encryption key at the second security device to produce a response index;
i. producing a response message by encrypting the response index using the second encryption key at the second security device and including the encrypted response index in the response message;
j. transmitting the response message over the communications medium to the first security device;
k. receiving at the first security device the response message over the communications medium from the second security device;
l. extracting the encrypted response index from the response message;
m. decrypting the encrypted response index using the second encryption key at the first security device to produce the response index;
n. comparing the response index decrypted by the first security device with the challenge index generated by the first security device;
i. if the response index decrypted by the first security device is the same as the challenge index generated by the first security device, then indicating that the second security device is authentic and allowing further communications between the first security device and the second security device; and
ii. if the response index decrypted by the first security device is not the same as the challenge index generated by the first security device, then indicating that the second security device is not authentic and disallowing further communications between the first security device and the second security device.
-
-
35. A security system comprising:
-
a. a plurality of security devices comprising a first security device known to be authentic and a second security device to be authenticated for use with the security system; and
b. a communications medium interconnecting the plurality of security devices;
c. wherein the first security device comprises;
i. a memory that stores a first encryption key and a second encryption key; and
ii. processing circuitry adapted to;
(a) generate a challenge index;
(b) produce a challenge message by encrypting the challenge index using the first encryption key and including the encrypted challenge index in the challenge message; and
(c) transmit the challenge message over the communications medium to the second security device;
d. wherein the second security device comprises;
i. a memory that stores the first encryption key and the second encryption key; and
ii. processing circuitry adapted to;
(a) receive the challenge message over the communications medium from the first security device;
(b) extract the encrypted challenge index from the challenge message;
(c) decrypt the encrypted challenge index using the first encryption key stored at the second security device to produce a response index;
(d) produce a response message by encrypting the response index using the second encryption key stored at the second security device and including the encrypted response index in the response message; and
(e) transmit the response message over the communications medium to the first security device;
e. wherein the processing circuitry at the first security device is further adapted to;
i. receive the response message over the communications medium from the second security device;
ii. extract the encrypted response index from the response message;
iii. decrypt the encrypted response index using the second encryption key stored at the first security device to produce the response index;
iv. compare the response index decrypted by the first security device with the challenge index generated by the first security device; and
(a) if the response index decrypted by the first security device is the same as the challenge index generated by the first security device, then indicate that the second security device is authentic and allow further communications between the first security device and the second security device; and
(b) if the response index decrypted by the first security device is not the same as the challenge index generated by the first security device, then indicate that the second security device is not authentic and disallow further communications between the first security device and the second security device.
-
Specification