WIRELESS KEY MANAGEMENT FOR AUTHENTICATION
First Claim
1. A method comprising:
- receiving, at a mobile device, a lock identifier from a locking device, the lock identifier associated with the locking device;
determining, by the mobile device, that the lock identifier is associated with a user profile on the mobile device by comparing the lock identifier to a set of lock identifiers on the mobile device, wherein a user profile is associated with a lock identifier and is authenticated and encrypted by a server using a lock key that is stored by the server and the locking device, and wherein the user profile comprises a user key;
transmitting, by the mobile device, the user profile associated with the lock identifier to the locking device;
decrypting, by the locking device, the user profile to generate a decrypted user profile, wherein the user profile is decrypted and verified using the lock key;
transmitting, by the locking device, a security code to the mobile device;
generating, by the mobile device, an encrypted command, the encrypted command comprising the security code and encrypted using the user key of the user profile;
transmitting, by the mobile device, the encrypted command to the locking device;
validating, by the locking device, the encrypted command from the mobile device, wherein validating the encrypted command comprises;
decrypting the encrypted command using the user key obtained from the decrypted user profile;
determining whether the security code is valid; and
authenticating the decrypted command using the user key; and
initiating, by the locking device in response to validating the command, an action of the locking device as specified by the command.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are methods, and devices for wireless key management for authentication. One method includes receiving a lock identifier from a locking device; determining that the lock identifier is associated with a user profile, wherein a user profile is authenticated and encrypted by a server using a lock key that is stored by the server and the locking device, and wherein the user profile comprises a user key; transmitting the user profile; decrypting the user profile using the lock key; transmitting a security code; generating an encrypted command comprising the security code and encrypted using the user key; transmitting the command; validating the command. Validating the command can include decrypting using the user key; determining whether the security code is valid; and authenticating using the user key; and initiating, in response to validating, an action of the locking device as specified by the command.
77 Citations
22 Claims
-
1. A method comprising:
-
receiving, at a mobile device, a lock identifier from a locking device, the lock identifier associated with the locking device; determining, by the mobile device, that the lock identifier is associated with a user profile on the mobile device by comparing the lock identifier to a set of lock identifiers on the mobile device, wherein a user profile is associated with a lock identifier and is authenticated and encrypted by a server using a lock key that is stored by the server and the locking device, and wherein the user profile comprises a user key; transmitting, by the mobile device, the user profile associated with the lock identifier to the locking device; decrypting, by the locking device, the user profile to generate a decrypted user profile, wherein the user profile is decrypted and verified using the lock key; transmitting, by the locking device, a security code to the mobile device; generating, by the mobile device, an encrypted command, the encrypted command comprising the security code and encrypted using the user key of the user profile; transmitting, by the mobile device, the encrypted command to the locking device; validating, by the locking device, the encrypted command from the mobile device, wherein validating the encrypted command comprises; decrypting the encrypted command using the user key obtained from the decrypted user profile; determining whether the security code is valid; and authenticating the decrypted command using the user key; and initiating, by the locking device in response to validating the command, an action of the locking device as specified by the command. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An electronic locking device, comprising:
-
a wireless transceiver; a memory; an electronically controllable locking mechanism; and a processor configured to; store a lock identifier and a lock key in the memory, wherein the lock identifier and the lock key are associated with the electronic locking device; broadcast, via the transceiver, the lock identifier; receive, via the transceiver, an encrypted user profile from a mobile device; authenticate and decrypt the encrypted user profile, wherein the encrypted user profile is authenticated and decrypted using the lock key, and wherein the user profile is encrypted by a server with a copy of the lock key stored by the server and comprises a user key; transmit, via the transceiver, a security code to the mobile device; receive, via the transceiver, an encrypted command from the mobile device; validate the encrypted command, wherein validating the encrypted command comprises; decrypting the encrypted command using the user key from the decrypted user profile; determining whether the security code is valid; and authenticating the decrypted command using the user key; and initiate, in response to validating the command, an action of the electronic locking device as specified by the command. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. A method comprising:
-
receiving, by a server, from a mobile device of the user, a selection of a lock identifier associated with a locking device to share with a mobile device of a guest user from a set of lock identifiers stored on the mobile device of a user; receiving, by the server, a guest user profile request from the mobile device of the user; generating, by the server, an authenticated and encrypted guest user profile based on the guest user profile request and a guest user key, wherein the authenticated and encrypted guest user profile is encrypted using a lock key associated with the locking device and wherein the authenticated and encrypted guest user profile comprises the guest user key; when the server determines the mobile device of the guest user can access the guest user profile; receiving, by the server, from the mobile device of the user, a selection of the guest user, from a set of users on the mobile device of the user; transmitting, by the server, the authenticated and encrypted guest user profile and the guest user key to the mobile device of the guest user; and adding, by the server, the lock identifier to the set of lock identifiers on the mobile device of the guest user; and when the server determines the mobile device of the guest user cannot access the guest user profile; generating and transmitting, by the server, a message containing a link and code to the mobile device of the guest user; determining, by the server, that the link has been used to allow access to user profiles on the mobile device of the guest user; determining, by the server, that the code has been entered on the mobile device of the guest user; transmitting, by the server, the authenticated and encrypted guest user profile and the guest user key to the mobile device of the guest user; and adding, by the server, the lock identifier to the set of lock identifiers on the mobile device of the guest user. - View Dependent Claims (22)
-
Specification