Method and Devices for Secure Measurements of Time-Based Distance Between Two Devices
First Claim
1. A method of secure calculation at a first device of time based distance to a second device in a network, comprising the steps of:
- sending a first message sent to the second device;
receiving from the second device a second message sent in response to the first message;
calculating the time distance based on the time of transmission of the first message and the time of reception of the second message;
receiving a further message comprising authentication data cryptographically linked to one of;
at least the first message, at least the second message, and at least the first message and the second message; and
verifying the authentication data.
1 Assignment
0 Petitions
Accused Products
Abstract
In order to provide a secure measurement of Round Trip Time (RTT), the calculation of RTT and the authentication data are separated. A device A sends a message to device B to start the method. Both devices generate a random number and device A waits for device B to finish. Device A sends its random number to B, which answers with its own random number, and device A calculates the RTT. If the RTT is below a certain limit, device A then requires authentication data, which is calculated by device B and sent to device A that verifies the authentication data. The RTT can thus be securely calculated regardless of the calculating resources of device B. Alternate embodiments, a system and devices are also provided.
-
Citations
15 Claims
-
1. A method of secure calculation at a first device of time based distance to a second device in a network, comprising the steps of:
-
sending a first message sent to the second device; receiving from the second device a second message sent in response to the first message; calculating the time distance based on the time of transmission of the first message and the time of reception of the second message; receiving a further message comprising authentication data cryptographically linked to one of;
at least the first message, at least the second message, and at least the first message and the second message; andverifying the authentication data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method of responding at a second device in a network to a protocol for secure calculation at a first device of time based distance to the second device, comprising the steps of:
-
receiving, from the first device, a first message; in response to the first message, sending to the first device, a second message; calculating authentication data, cryptographically linked to one of;
at least the first message, at least the second message, and at least the first message and the second message; andsending, to the first device, a third message comprising the authentication data.
-
-
10. A first device adapted for secure calculation of time based distance to a second device in a network, the first device comprising:
-
an input/output unit adapted to; send a first message to the second device; receive from the second device a second message sent in response to the first message; and receive a further message comprising authentication data, the authentication data being cryptographically linked to one of;
at least the first message, at least the second message, and at least the first message and the second message; anda processor adapted to; calculate the time distance based on the time of transmission of the first message and the time of reception of the second message; and verify the authentication data. - View Dependent Claims (11, 12, 13)
-
-
14. A second device in a network adapted to respond to a protocol, launched at a first device, for secure calculation of time based distance to the second device, the second device comprising:
-
a processor adapted to; calculate authentication data, cryptographically linked to one of;
at least a first message, at least a second message, and at least the first message and the second message; andan input/output unit adapted to; receive, from the first device, the first message; in response to the message, send to the first device, the second message; and send, to the first device, a third message comprising the authentication data. - View Dependent Claims (15)
-
Specification