INTERROGATING AN AUTHENTICATION DEVICE

US 20120242459A1
Filed: 03/23/2012
Published: 09/27/2012
Est. Priority Date: 03/25/2011
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating an accessory of a mobile device, the method comprising:

receiving at a mobile device an authentication request from a mobile device accessory;

selecting an initial challenge value at the mobile device in response to receiving the authentication request, the initial challenge value selected from a plurality of challenge values based on challenge-response distribution data stored on the mobile device, the challenge-response distribution data indicating selection probabilities for the plurality of challenge values; and

sending an interrogation message from the mobile device to the mobile device accessory, the interrogation message comprising the initial challenge value.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and computer programs for interrogating an authentication device are disclosed. For example, a mobile device can include an interrogator module that interrogates an authentication module in a mobile device accessory, for example, upon installation of the mobile device accessory. In some implementations, challenge-response pairs and a challenge-response distribution are stored in a memory of an interrogator module. The challenge-response distribution defines selection probabilities for the challenge values. In some instances, the interrogator module receives an authentication request from an authentication module, and in response to the authentication request, the interrogator module selects an initial challenge value according to the challenge-response distribution. The interrogator module sends the authentication module an interrogation message that includes the initial challenge value. The interrogator module can modify the challenge-response distribution, for example, based on suspicious behavior.

Citations

33 Claims

1. A method for authenticating an accessory of a mobile device, the method comprising:
- receiving at a mobile device an authentication request from a mobile device accessory;
  
  selecting an initial challenge value at the mobile device in response to receiving the authentication request, the initial challenge value selected from a plurality of challenge values based on challenge-response distribution data stored on the mobile device, the challenge-response distribution data indicating selection probabilities for the plurality of challenge values; and
  
  sending an interrogation message from the mobile device to the mobile device accessory, the interrogation message comprising the initial challenge value.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, wherein the selection probability for at least one of the plurality of challenge values is higher than the selection probability for at least another one of the plurality of challenge values.
  - 3. The method of claim 1, further comprising receiving, at the mobile device, a reply message from the mobile device accessory in response the interrogation message.
  - 4. The method of claim 3, wherein the mobile device stores challenge-response pair data that include the plurality of challenge values and a plurality of response values, each of the response values corresponds to one of the challenge values, the reply message from the mobile device accessory includes a proffered response value, and the method further comprises comparing the proffered response value to a particular response value that corresponds to the initial challenge value.
  - 5. The method of claim 4, wherein each of the response values is related to one of the challenge values by a cryptographic function, and the cryptographic function includes at least one of a hashing function or a key-derivation function.
  - 6. The method of claim 1, further comprising modifying the challenge-response distribution data stored on the mobile device, wherein modifying the challenge-response distribution data changes the selection probability for at least one of the plurality of challenge values.
  - 7. The method of claim 6, wherein modifying the challenge-response distribution data increases the selection probability for the initial challenge value.
  - 8. The method of claim 7, further comprising:
    - selecting a subsequent challenge value from the plurality of challenge values based on the modified challenge-response distribution data; and
      
      sending a subsequent interrogation message from the mobile device to the mobile device accessory, the subsequent interrogation message comprising the subsequent challenge value.
  - 9. The method of claim 8, wherein the subsequent challenge value is the same as the initial challenge value.
  - 10. The method of claim 8, further comprising imposing a time delay before sending the subsequent interrogation message.
  - 11. The method of claim 1, wherein the challenge-response distribution data comprises a tree structure, wherein each of the plurality of challenge values corresponds to a different path through the tree structure, and wherein selecting the initial challenge value at the mobile device comprises:
    - obtaining a random value; and
      
      traversing the tree structure according to the random value.
  - 12. The method of claim 11, further comprising updating the challenge-response distribution data on the mobile device by selecting a different tree structure.
  - 13. The method of claim 1, wherein the mobile device accessory is a battery for the mobile device.
  - 14. The method of claim 1, further comprising deriving one or more of the plurality of challenge values at the mobile device by evaluating a cryptographic function based on one or more seed values stored on the mobile device.

15. A mobile device comprising:
- memory storing;
  
  challenge-response pair data including a plurality of challenge values;
  
  challenge-response distribution data indicating selection probabilities for each of the plurality of challenge values;
  
  an interface configured to receive an authentication request from a mobile device accessory; and
  
  data processing apparatus operable to execute instructions stored on the mobile device to perform operations comprising;
  
  selecting an initial challenge value in response to receiving an authentication request from an accessory of the mobile device, the initial challenge value selected from a plurality of challenge values based on the challenge-response distribution; and
  
  sending an interrogation message from the mobile device to the mobile device accessory, the interrogation message comprising the initial challenge value.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The mobile device of claim 15, further comprising the mobile device accessory, wherein the mobile device accessory includes an accessory interface communicably coupled to the interface of the mobile device.
  - 17. The mobile device of claim 16, wherein the mobile device accessory comprises a mobile device battery, and the accessory interface comprises a battery terminal.
  - 18. The mobile device of claim 16, wherein the mobile device accessory comprises at least one of a user input accessory or a user output accessory.
  - 19. The mobile device of claim 18, wherein the interface comprises at least one of a port connection or a wireless interface.

20. A non-transitory computer-readable medium storing instructions that are operable when executed by data processing apparatus to perform operations for authenticating an accessory of a mobile device, the operations comprising:
- receiving at a mobile device an authentication request from a mobile device accessory;
  
  selecting an initial challenge value at the mobile device in response to receiving the authentication request, the initial challenge value selected from a plurality of challenge values based on challenge-response distribution data stored on the mobile device, the challenge-response distribution data indicating selection probabilities for the plurality of challenge values; and
  
  sending an interrogation message from the mobile device to the mobile device accessory, the interrogation message comprising the initial challenge value.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
- - 21. The computer-readable medium of claim 20, the operations further comprising:
    - receiving a reply message from the mobile device accessory in response the interrogation message, the reply message including a proffered response value; and
      
      comparing the proffered response value to a particular response value that corresponds to the initial challenge value.
  - 22. The computer-readable medium of claim 21, the operations further comprising approving the mobile device accessory in response to determining that the proffered response value matches the particular response value.
  - 23. The computer-readable medium of claim 21, the operations further comprising rejecting the mobile device accessory in response to determining that the proffered response value does not match the particular response value.
  - 24. The computer-readable medium of claim 23, the operations further comprising modifying the challenge-response distribution data, wherein modifying the challenge-response distribution data increases the selection probability for the initial challenge value.
  - 25. The computer-readable medium of claim 24, the operations further comprising:
    - selecting a subsequent challenge value from the plurality of challenge values based on the modified challenge-response distribution data; and
      
      sending a subsequent interrogation message from the mobile device to the mobile device accessory, the subsequent interrogation message comprising the subsequent challenge value.
  - 26. The computer-readable medium of claim 20, wherein the challenge-response distribution data comprises a tree structure, wherein each of the plurality of challenge values corresponds to a different path through the tree structure, and wherein selecting the initial challenge value at the mobile device comprises:
    - obtaining a random value; and
      
      traversing the tree structure according to the random value.
  - 27. The computer-readable medium of claim 20, wherein the mobile device accessory comprises a battery for the mobile device.

28. A method comprising:
- receiving at an interrogator device an authentication request from an authentication device;
  
  selecting an initial challenge value at the interrogator device in response to receiving the authentication request, the initial challenge value selected from a plurality of challenge values based on challenge-response distribution data stored on the interrogator device, the challenge-response distribution data indicating selection probabilities for the plurality of challenge values; and
  
  sending an interrogation message from the interrogator device to the authentication device, the interrogation message comprising the initial challenge value.
- View Dependent Claims (29, 30, 31, 32, 33)
- - 29. The method of claim 28, wherein the selection probability for at least one of the plurality of challenge values is higher than the selection probability for at least another one of the plurality of challenge values.
  - 30. The method of claim 28, further comprising modifying the challenge-response distribution data on the interrogator device, wherein modifying the challenge-response distribution data changes the selection probability for at least one of the plurality of challenge values.
  - 31. The method of claim 28, wherein the interrogator device and the authentication device communicate over a wired connection.
  - 32. The method of claim 28, wherein the interrogator device and the authentication device communicate over a wireless connection.
  - 33. The method of claim 28, further comprising deriving one or more of the plurality of challenge values at the interrogator device by evaluating a cryptographic function based on one or more seed values stored on the interrogator device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Certicom Corporation (Blackberry Limited)
Inventors
Lambert, Robert John

Granted Patent

US 9,294,287 B2
Time in Patent Office

Days
Field of Search
US Class Current

340/10.3
CPC Class Codes

H04L 9/3271 using challenge-response

H04W 12/065 Continuous authentication

INTERROGATING AN AUTHENTICATION DEVICE

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

INTERROGATING AN AUTHENTICATION DEVICE

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links