GENERATION OF COMMUNICATION DEVICE SIGNATURES FOR USE IN SECURING NOMADIC ELECTRONIC TRANSACTIONS

US 20100185865A1
Filed: 12/21/2009
Published: 07/22/2010
Est. Priority Date: 12/20/2007
Status: Active Grant

First Claim

Patent Images

1. A method for execution in a communication device, comprising:

accessing an identifier stored in a memory;

receiving a first data set and a second data set over a first communication path;

generating a first signature from the identifier and the first data set;

generating a second signature from the identifier and the second data set;

responding to a first request by releasing a first response including the first signature over a local communication path different from the first communication path; and

responding to a subsequent request by releasing a second response including the second signature over the local communication path.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for execution in a communication device, which comprises accessing an identifier stored in a memory; receiving a first data set and a second data set over a first communication path; generating a first signature from the identifier and the first data set; generating a second signature from the identifier and the second data set; responding to a first request by releasing a first response including the first signature over a local communication path different from the first communication path; and responding to a subsequent request by releasing a second response including the second signature over the local communication path.

104 Citations

View as Search Results

34 Claims

1. A method for execution in a communication device, comprising:
- accessing an identifier stored in a memory;
  
  receiving a first data set and a second data set over a first communication path;
  
  generating a first signature from the identifier and the first data set;
  
  generating a second signature from the identifier and the second data set;
  
  responding to a first request by releasing a first response including the first signature over a local communication path different from the first communication path; and
  
  responding to a subsequent request by releasing a second response including the second signature over the local communication path.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 2. The method defined in claim 1, wherein generating the first signature from the identifier and the first data set comprises encrypting the identifier and the first data set using an encryption key.
  - 3. The method defined in claim 2, wherein generating the second signature from the identifier and the second data set comprises encrypting the identifier and the second data set using the encryption key.
  - 4. The method defined in claim 3, wherein the encryption key is a private key associated with the communication device.
  - 5. The method defined in claim 4, the first response further including a key index allowing a recipient of the first response to identify, from a set of potential decryption key, a particular decryption key usable to decrypt the identifier and the first data set from the first signature.
  - 6. The method defined in claim 5, wherein the second response includes the key index.
  - 7. The method defined in claim 1, wherein the first data set and the second data set are distributed by a control server.
  - 8. The method defined in claim 7, wherein the first communication path supports a communication session established between the communication device and the control server.
  - 9. The method defined in claim 7, wherein the second data set is related to the first data set by a function of time implemented by the control server, the function of time being unknown to the communication device.
  - 10. The method defined in claim 9, wherein the function of time is deterministic.
  - 11. The method defined in claim 9, wherein the function of time is stochastic.
  - 12. The method defined in claim 1, wherein the first communication path includes a wireless portion.
  - 13. The method defined in claim 1, wherein the local communication path includes a contactless portion.
  - 14. The method defined in claim 1, wherein the first request and the subsequent request are received over the local communication path.
  - 15. The method defined in claim 14, wherein the first request and the subsequent request are received via a radio frequency receiver at the communication device.
  - 16. The method defined in claim 15, wherein the radio frequency receiver operates in a frequency range that supports low-power short-range communication.
  - 17. The method defined in claim 15, wherein the radio frequency receiver operates in a frequency range that supports RFID communication.
  - 18. The method defined in claim 15, wherein the radio frequency receiver operates in a frequency range that supports mobile wireless telephony.
  - 19. The method defined in claim 15, wherein the first data set and the second data set are also received via the radio frequency receiver.
  - 20. The method defined in claim 1, wherein the second data set is received before the first signature is generated.
  - 21. The method defined in claim 1, wherein the second data set is received after the first signature is generated.
  - 22. The method defined in claim 21, wherein the second data set is received before the first response is released.
  - 23. The method defined in claim 21, wherein the second data set is received after the first response is released.
  - 24. The method defined in claim 1, further comprising responding to all requests received between the first request and the subsequent request by releasing respective responses including the first signature over the local communication path.
  - 25. The method defined in claim 24, wherein the subsequent request occurs exactly N requests after the first request, wherein N is an integer.
  - 26. The method defined in claim 25, wherein N is fixed and known to the communication device.
  - 27. The method defined in claim 25, wherein N is dynamic and varies in accordance with a pattern known to the communication device.
  - 28. The method defined in claim 1, wherein the second signature is generated after a pre-determined amount of time has elapsed following generation of the first signature.
  - 29. The method defined in claim 1, wherein the second signature is generated after an amount of time has elapsed following generation of the first signature, wherein the amount of time varies in accordance with a pattern known to the communication device.
  - 30. The method defined in claim 1, wherein upon receipt, the first data set is included within first encrypted data obtained by encrypting the first data set using an encryption key, the method further comprising decrypting the first data set from the first encrypted data using a decryption key that is complementary to the encryption key.
  - 31. The method defined in claim 30, wherein upon receipt, the second data set is included within second encrypted data obtained by encrypting the second data set using the encryption key, the method further comprising decrypting the second data set from the second encrypted data using the decryption key.
  - 32. The method defined in claim 30, wherein the encryption key is a private key maintained by a control server, and wherein the decryption key is a public key, knowledge of which is available to the communication device.

33. A computer-readable storage medium comprising a set of instructions for execution by a processing entity of a communication device, wherein execution of the set of instructions by the processing entity causes the processing entity to execute a method that includes:
- accessing an identifier stored in a memory;
  
  receiving a first data set and a second data set over a first communication path;
  
  generating a first signature from the identifier and the first data set;
  
  generating a second signature from the identifier and the second data set;
  
  responding to a first request by releasing a first response including the first signature over a local communication path different from the first communication path; and
  
  responding to a subsequent request by releasing a second response including the second signature over the local communication path.

34. A communication device, comprising:
- a memory storing an identifier;
  
  an interface configured to communicate over a first communication path and over a local communication path different from the first communication path; and
  
  a processing entity configured to;
  
  receive from the interface a first data set and a second data set received over the first communication path;
  
  receive from the interface a first request and a subsequent request received over the local communication path;
  
  generate a first signature from the identifier and the first data set;
  
  generate a second signature from the identifier and the second data set;
  
  respond to the first request by releasing a first response including the first signature via the interface over the local communication path; and
  
  respond to the second request by releasing a second response including the second signature via the interface over the local communication path.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
BCE Incorporated
Original Assignee
BCE Incorporated
Inventors
O'Brien, William G., Yeap, Tet Hin, Murray, Sean Maclean

Granted Patent

US 8,553,888 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06F 21/43   wireless channels

G06F 21/79   in semiconductor storage me...

G06F 9/445   Program loading or initiati...

G06Q 10/087   Inventory or stock manageme...

G06Q 20/02   involving a neutral party, ...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3825   Use of electronic signatures

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 20/401   Transaction verification

G06Q 20/40975   using encryption therefor

G06Q 20/425   using two different network...

G07F 7/1008   Active credit-cards provide...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 2209/84   Vehicles

H04L 63/0823   using certificates cryptogr...

H04L 63/0846   using time-dependent-passwo...

H04L 63/126   the source of the received ...

H04L 9/3247 : involving digital signatures

H04W 12/08 : Access security

H04W 12/10 : Integrity

H04W 12/47 : using near field communicat...

View All

GENERATION OF COMMUNICATION DEVICE SIGNATURES FOR USE IN SECURING NOMADIC ELECTRONIC TRANSACTIONS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

104 Citations

34 Claims

Specification

Use Cases

Quick Links

Others

GENERATION OF COMMUNICATION DEVICE SIGNATURES FOR USE IN SECURING NOMADIC ELECTRONIC TRANSACTIONS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

104 Citations

34 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others