DATA INTEGRITY FOR PROXIMITY-BASED COMMUNICATION

US 20140137197A1
Filed: 07/11/2011
Published: 05/15/2014
Est. Priority Date: 07/11/2011
Status: Active Grant

First Claim

Patent Images

1. A method for trusted communication among mobile devices, the method comprising:

accessing a message at a first mobile device;

accessing a shared secret value stored at the first mobile device and associated with a second mobile device;

generating an authentication value at the first mobile device based on the message and the shared secret value;

detecting proximity of the second mobile device at the first mobile device; and

in response to detecting proximity of the second mobile device, wirelessly transmitting the message and the authentication value from the first mobile device directly to the second mobile device.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and computer programs for trusted communication among mobile devices are described. In some aspects, an authentication value is generated at a first mobile device based on a message and a shared secret value stored on the first mobile device. In response to detecting proximity of a second mobile device, the message and the authentication value are wirelessly transmitted from the first mobile device to the second mobile device. In some implementations, the message and the authentication value can be wirelessly transmitted by a proximity-activated wireless interface, such as, for example, a Near Field Communication (NFC) interface.

26 Citations

View as Search Results

34 Claims

1. A method for trusted communication among mobile devices, the method comprising:
- accessing a message at a first mobile device;
  
  accessing a shared secret value stored at the first mobile device and associated with a second mobile device;
  
  generating an authentication value at the first mobile device based on the message and the shared secret value;
  
  detecting proximity of the second mobile device at the first mobile device; and
  
  in response to detecting proximity of the second mobile device, wirelessly transmitting the message and the authentication value from the first mobile device directly to the second mobile device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, wherein detecting proximity of the second mobile device comprises detecting proximity of the second mobile device by a proximity-activated wireless interface of the first mobile device.
  - 3. The method of claim 2, wherein the proximity-activated wireless interface comprises a Near Field Communication (NFC) interface.
  - 4. The method of claim 2, wherein the message and the authentication value are wirelessly transmitted by the proximity-activated wireless interface.
  - 5. The method of claim 1, wherein wirelessly transmitting the message and the authentication value from the first mobile device directly to the second mobile device comprises wirelessly transmitting the message and the authentication value from a mobile telecommunication device directly to a tablet device by a proximity-activated wireless interface.
  - 6. The method of claim 1, further comprising establishing the shared secret value between the first mobile device and the second mobile device.
  - 7. The method of claim 6, wherein the first mobile device includes a user interface, and establishing the shared secret value between the first mobile device and the second mobile device includes receiving the shared secret value at the first mobile device based on a user interaction with the user interface.
  - 8. The method of claim 6, wherein the first mobile device includes a first wireless communication module and a second wireless communication module, and wherein the message and the authentication value are wirelessly transmitted from the first mobile device by the first wireless communication module, and the shared secret value is established based in part on transmitting data from the first mobile device by the second wireless communication module.
  - 9. The method of claim 8, wherein the first wireless communication module transmits wireless signals at a frequency of 13.56 MHz, and the second wireless communication module transmits wireless signals at a second frequency in a range of 2400 MHz to 2480 MHz.
  - 10. The method of claim 8, wherein the first wireless communication module transmits wireless signals at a frequency of 13.56 MHz, and the second wireless communication module transmits wireless signals at a second frequency greater than 1 GHz.
  - 11. The method of claim 6, wherein establishing the shared secret value between the first mobile device and the second mobile device includes:
    - accessing, at the first mobile device, a certificate issued by a certificate authority; and
      
      deriving the shared secret at the first mobile device based on the certificate.
  - 12. The method of claim 1, wherein the authentication value is generated by evaluating a keyed hashing algorithm based on the message and the shared secret value.
  - 13. The method of claim 1, wherein generating the authentication value comprises generating a Message Authentication Code (MAC) by evaluating a keyed Hash-based Message Authentication Code (HMAC) algorithm based on the message and the shared secret value, and the method further comprises appending the MAC to the message at the first mobile device.
  - 14. The method of claim 1, further comprising:
    - generating a timestamp value associated with the authentication value; and
      
      wirelessly transmitting the timestamp value from the first mobile device directly to the second mobile device.
  - 15. The method of claim 14, further comprising appending the timestamp value and the authentication value to the message at the first mobile device.

16. A mobile device comprising:
- memory operable to store a shared secret value;
  
  a wireless communication interface;
  
  data processing apparatus operable to perform operations comprising;
  
  detecting proximity of a second mobile device;
  
  generating an authentication value based on a message and the shared secret value; and
  
  in response to detecting proximity of the second mobile device, wirelessly transmitting, by the wireless communication interface, the message and the authentication value directly to the second mobile device.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24)
- - 17. The mobile device of claim 16, wherein the wireless communication interface includes a Near Field Communication (NFC) interface.
  - 18. The mobile device of claim 17, wherein the message and the authentication value are wirelessly transmitted by the NFC interface.
  - 19. The mobile device of claim 16, wherein the mobile device includes a first wireless communication module comprising the wireless communication interface, wherein the first wireless communication module is operable to communicate with the second mobile device by wireless signals in a first frequency range, and the mobile device further comprises a second wireless communication module operable to communicate with the second mobile device by wireless signals in a second frequency range.
  - 20. The mobile device of claim 16, wherein the authentication value is generated by evaluating a keyed hashing algorithm based on the message and the shared secret value.
  - 21. The mobile device of claim 16, wherein generating the authentication value comprises generating a Message Authentication Code (MAC) by evaluating a keyed Hash-based Message Authentication Code (HMAC) algorithm based on the message and the shared secret value.
  - 22. The mobile device of claim 16, the operations further comprising:
    - generating a timestamp value associated with the authentication value; and
      
      wirelessly transmitting the timestamp value directly to the second mobile device.
  - 23. The mobile device of claim 16, wherein the mobile device comprises a mobile telecommunication handset.
  - 24. The mobile device of claim 16, wherein the mobile device comprises a tablet device.

25. A non-transitory computer-readable medium storing instructions that are operable when executed by data processing apparatus to perform operations for trusted communication among mobile devices, the operations comprising:
- accessing a message at a first mobile device;
  
  accessing a shared secret value stored at the first mobile device and associated with a second mobile device;
  
  generating an authentication value at the first mobile device based on the message and the shared secret value;
  
  detecting proximity of the second mobile device at the first mobile device; and
  
  in response to detecting proximity of the second mobile device, wirelessly transmitting the message and the authentication value from the first mobile device directly to the second mobile device.
- View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34)
- - 26. The computer-readable medium of claim 25, wherein detecting proximity of the second mobile device comprises detecting proximity of the second mobile device by a proximity-activated wireless interface of the first mobile device.
  - 27. The computer-readable medium of claim 26, wherein the proximity-activated wireless interface comprises a Near Field Communication (NFC) interface.
  - 28. The computer-readable medium of claim 26, wherein the message and the authentication value are wirelessly transmitted by the proximity-activated wireless interface.
  - 29. The computer-readable medium of claim 25, further comprising establishing the shared secret value between the first mobile device and the second mobile device.
  - 30. The computer-readable medium of claim 29, wherein the first mobile device includes a user interface, and establishing the shared secret value between the first mobile device and the second mobile device includes receiving the shared secret value at the first mobile device based on a user interaction with the user interface.
  - 31. The computer-readable medium of claim 29, wherein the first mobile device includes a first wireless communication module and a second wireless communication module, and wherein the message and the authentication value are wirelessly transmitted from the first mobile device by the first wireless communication module, and the shared secret value is established based in part on transmitting data from the first mobile device by the second wireless communication module.
  - 32. The computer-readable medium of claim 25, wherein establishing the shared secret value between the first mobile device and the second mobile device includes:
    - accessing, at the first mobile device, a certificate issued by a certificate authority; and
      
      deriving the shared secret at the first mobile device based on the certificate.
  - 33. The computer-readable medium of claim 25, wherein the authentication value is generated by evaluating a keyed hashing algorithm based on the message and the shared secret value.
  - 34. The computer-readable medium of claim 25, the operations further comprising:
    - generating a timestamp value associated with the authentication value; and
      
      wirelessly transmitting the timestamp value from the first mobile device directly to the second mobile device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited, Certicom Corporation (Blackberry Limited)
Inventors
Lazaridis, Mihal, Pecen, Mark E., VANSTONE, Scott Alexander, Campagna, Matthew John, Rosati, Anthony

Granted Patent

US 9,615,257 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

H04L 63/0492   by using a location-limited...

H04L 63/0823   using certificates cryptogr...

H04L 63/126   the source of the received ...

H04W 12/06   Authentication

H04W 12/10   Integrity

H04W 12/50   Secure pairing of devices

H04W 12/61   Time-dependent

H04W 4/80   Services using short range ...

H04W 92/18   between terminal devices

DATA INTEGRITY FOR PROXIMITY-BASED COMMUNICATION

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

26 Citations

34 Claims

Specification

Solutions

Use Cases

Quick Links

DATA INTEGRITY FOR PROXIMITY-BASED COMMUNICATION

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

26 Citations

34 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links