Method and Devices for Secure Measurements of Time-Based Distance Between Two Devices

US 20090217037A1
Filed: 06/02/2006
Published: 08/27/2009
Est. Priority Date: 06/20/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method of secure calculation at a first device of time based distance to a second device in a network, comprising the steps of:

sending a first message sent to the second device;

receiving from the second device a second message sent in response to the first message;

calculating the time distance based on the time of transmission of the first message and the time of reception of the second message;

receiving a further message comprising authentication data cryptographically linked to one of;

at least the first message, at least the second message, and at least the first message and the second message; and

verifying the authentication data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In order to provide a secure measurement of Round Trip Time (RTT), the calculation of RTT and the authentication data are separated. A device A sends a message to device B to start the method. Both devices generate a random number and device A waits for device B to finish. Device A sends its random number to B, which answers with its own random number, and device A calculates the RTT. If the RTT is below a certain limit, device A then requires authentication data, which is calculated by device B and sent to device A that verifies the authentication data. The RTT can thus be securely calculated regardless of the calculating resources of device B. Alternate embodiments, a system and devices are also provided.

Citations

15 Claims

1. A method of secure calculation at a first device of time based distance to a second device in a network, comprising the steps of:
- sending a first message sent to the second device;
  
  receiving from the second device a second message sent in response to the first message;
  
  calculating the time distance based on the time of transmission of the first message and the time of reception of the second message;
  
  receiving a further message comprising authentication data cryptographically linked to one of;
  
  at least the first message, at least the second message, and at least the first message and the second message; and
  
  verifying the authentication data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, further comprising the step of sending a message to request the further message comprising authentication data if the calculated time based distance is below a predetermined limit.
  - 3. The method of claim 1, wherein the first message comprises a first cryptographic element and the second message comprises a second cryptographic element, and the authentication data is calculated based on the first and the second cryptographic elements.
  - 4. The method of claim 3, wherein the cryptographic elements are random numbers and the authentication data is a result of a function calculated using the random numbers, the function being dependent on a secret.
  - 5. The method of claim 3, further comprising the steps of:
    - sending a fourth message to the second device to let it know that the method has been initiated;
      
      generating the first cryptographic element.
  - 6. The method of claim 5, further comprising the step of waiting a predetermined time so as to give the second device time to finish the generation of the second cryptographic element.
  - 7. The method of claim 2, wherein the authentication data is second authentication data, the method further comprising the step of calculating first authentication data, and wherein the message, sent to the second device to request the further message comprising second authentication data, comprises the first authentication data.
  - 8. The method of claim 1, further comprising the step of validating the calculation of the time based distance to the second device upon successful verification of the authentication data.

9. A method of responding at a second device in a network to a protocol for secure calculation at a first device of time based distance to the second device, comprising the steps of:
- receiving, from the first device, a first message;
  
  in response to the first message, sending to the first device, a second message;
  
  calculating authentication data, cryptographically linked to one of;
  
  at least the first message, at least the second message, and at least the first message and the second message; and
  
  sending, to the first device, a third message comprising the authentication data.

10. A first device adapted for secure calculation of time based distance to a second device in a network, the first device comprising:
- an input/output unit adapted to;
  
  send a first message to the second device;
  
  receive from the second device a second message sent in response to the first message; and
  
  receive a further message comprising authentication data, the authentication data being cryptographically linked to one of;
  
  at least the first message, at least the second message, and at least the first message and the second message; and
  
  a processor adapted to;
  
  calculate the time distance based on the time of transmission of the first message and the time of reception of the second message; and
  
  verify the authentication data.
- View Dependent Claims (11, 12, 13)
- - 11. The device of claim 10, wherein the input/output unit is further adapted to send a message to request authentication data only if the calculated time based distance is below a predetermined limit.
  - 12. The device of claim 10, wherein the processor is further adapted to calculate first authentication data, and wherein the input/output unit is further adapted include the first authentication data in the message sent to the second device to request authentication data, which is second authentication data.
  - 13. The device of claim 10, wherein:
    - the processor is further adapted to;
      
      generate a first cryptographic element; and
      
      verify the received authentication data, the authentication data being cryptographically linked by being based on the first cryptographic element and a second cryptographic element; and
      
      the input/output unit is further adapted to;
      
      include the first cryptographic element in the first message; and
      
      receive the second cryptographic element in the second message.

14. A second device in a network adapted to respond to a protocol, launched at a first device, for secure calculation of time based distance to the second device, the second device comprising:
- a processor adapted to;
  
  calculate authentication data, cryptographically linked to one of;
  
  at least a first message, at least a second message, and at least the first message and the second message; and
  
  an input/output unit adapted to;
  
  receive, from the first device, the first message;
  
  in response to the message, send to the first device, the second message; and
  
  send, to the first device, a third message comprising the authentication data.
- View Dependent Claims (15)
- - 15. The device of claim 14, wherein the input/output unit is further adapted to receive a message from the first device, the message comprising authentication data calculated by the first device, and the processor is further adapted to verify the received authentication data and calculate its own authentication data only if the received authentication data is successfully verified.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Thomson Licensing (Vantiva SA)
Original Assignee
Thomson Licensing (Vantiva SA)
Inventors
Karroumi, Mohamed, Durand, Alain, Courtay, Olivier

Application Number

US11/922,441
Publication Number

US 20090217037A1
Time in Patent Office

Days
Field of Search
US Class Current

713/168
CPC Class Codes

H04L 63/0869   for achieving mutual authen...

H04L 63/126   the source of the received ...

H04L 69/16   Implementation or adaptatio...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

Method and Devices for Secure Measurements of Time-Based Distance Between Two Devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Method and Devices for Secure Measurements of Time-Based Distance Between Two Devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links