Secure communications in a wireless system

US 6,026,165 A
Filed: 06/20/1996
Issued: 02/15/2000
Est. Priority Date: 06/20/1996
Status: Expired due to Term

First Claim

Patent Images

1. In a communications system comprising a remote transmitting device and a receiving station having a receiver associated therewith, a method of configuring said remote transmitting device and said receiver with an encryption key useful for decrypting encrypted data message transmissions, said method comprising the steps of:

a) generating a new encryption key as a result of a command input by a user into said transmitting device, said encryption key being generated by utilization of circuitry embedded within the transmitting device;

b) storing in memory at said transmitting device said new encryption key;

c) transmitting to said receiver a data message comprised of said new encryption key; and

d) receiving said data message at said receiver and storing in a memory table said new encryption key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are three major aspects relating to wireless transmission of encrypted data messages in a security system wherein the receiver stores locally an encryption key utilized by the transmitting device to encrypt the data message and the receiver uses the encryption key to decrypt an encrypted data message, and wherein a sequence number generator is used to synchronously track the message sequence at both the transmitter and receiver. A first major aspect involves encrypted device registration (learning) methods that are user-friendly and immune from detection by technically skilled intruders with special RF equipment, and periodic user-friendly changing of the encryption key per encrypted transmitting device in the system. A second major aspect involves encrypted device de-registration (unlearning, or deletion) that is likewise user friendly. A third major aspect of the invention allows the receiver to process encrypted and non-encrypted messages, interchangeably, within the same wireless security system.

251 Citations

20 Claims

1. In a communications system comprising a remote transmitting device and a receiving station having a receiver associated therewith, a method of configuring said remote transmitting device and said receiver with an encryption key useful for decrypting encrypted data message transmissions, said method comprising the steps of:
- a) generating a new encryption key as a result of a command input by a user into said transmitting device, said encryption key being generated by utilization of circuitry embedded within the transmitting device;
  
  b) storing in memory at said transmitting device said new encryption key;
  
  c) transmitting to said receiver a data message comprised of said new encryption key; and
  
  d) receiving said data message at said receiver and storing in a memory table said new encryption key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein said data message further comprises a device identification code unique to said transmitting device, and wherein said device identification code is stored in said memory table at said receiver with said encryption key.
  - 3. The method of claim 2 wherein said encryption key is generated within said transmitting device by a random number generation means.
  - 4. The method of claim 3 further comprising the step of configuring said receiving station and said transmitting device into a programming mode in order to configure said receiver with an encryption key.
  - 5. The method of claim 4 further comprising the steps of initializing a sequence number generator in said transmitting device to an initial state, and including said initial state in said data message along with said new encryption key and said device identification code unique to said transmitting device.
  - 6. The method of claim 5 wherein said data message is stored in said memory table at said receiver by the steps of:
    - i) determining if a previous data record exists in said memory table which comprises said device identification code;
      
      ii) if such a previous data record exists, then overwriting said previous data record with said new data message, andiii) if such a previous data record does not exist, then adding said new data message as a new record in said memory table.
  - 7. The method of claim 6 further comprising the step of verifying that said data message was properly received by said receiver, said verification step comprising the steps of:
    - transmitting to said receiver a second data message comprised of said device identification code and an encrypted version of said sequence number generator initial state;
      
      receiving said second data message at said receiver and fetching from said memory table the previously stored encryption key and sequence number generator initial state matched with said identification code from said received second data message;
      
      using said fetched encryption key to decrypt said encrypted sequence number generator initial state received from said second data message;
      
      comparing said decrypted sequence number generator initial state with the fetched sequence number generator initial state; and
      
      providing an indication that said receiver has successfully registered said transmitting device when said comparison step has passed.

8. In a communications system comprising a remote transmitting device and a receiving station having a receiver associated therewith, a method of configuring said receiver to register internally said transmitting device for subsequent encrypted data communications therewith, said method comprising the steps of:
- a) transmitting from said transmitting device to said receiver a first, unencrypted initialization message;
  
  b) storing at least a portion of said initialization message in memory at said receiver;
  
  c) transmitting to said receiver from said transmitting device a second message, wherein at least a portion of said message is in encrypted format; and
  
  d) verifying registration of said transmitting device with said receiver by utilizing at least part of said stored first message to decrypt said second message portion.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The method of claim 8 further comprising the step of initializing a sequence number generator in said transmitting device to an initial state;
    - and wherein said first, unencrypted data message comprises the sequence number generator initial state.
  - 10. The method of claim 9 further comprising the step of randomly generating at said transmitting device an encryption key;
    - and wherein said first, unencrypted data message comprises the randomly generated encryption key.
  - 11. The method of claim 10 wherein said first, unencrypted data message comprises a device identification code unique to said transmitting device.
  - 12. The method of claim 11 wherein said storing step comprises the step of storing as a new data record in a memory table said device identification code, said encryption key, and said sequence number generator initial state;
    - by performing the steps of;
      
      i) determining if a previous data record exists in said memory table which comprises said device identification code;
      
      ii) if such a previous data record exists, then overwriting said previous data record with said new data record, andiii) if such a previous data record does not exist, then adding said new data record to a new location in said memory table.
  - 13. The method of claim 12 wherein said second data message comprises said device identification code and an encrypted version of said sequence number generator initial state.
  - 14. The method of claim 13 wherein said verification step comprises the steps of:
    - i) fetching from said memory table the previously stored encryption key and sequence number generator initial state matched with said identification code from said received second data message;
      
      ii) using said fetched encryption key to decrypt said encrypted sequence number generator initial state received from said second data message; and
      
      iii) comparing said decrypted sequence number generator initial state with the fetched sequence number generator initial state.
  - 15. The method of claim 14 comprising the further step of providing an indication that said receiver has successfully registered said transmitting device when said comparison step has passed.

16. In a communications system comprising a plurality of remote transmitting devices and a receiving station having a receiver associated therewith, wherein said receiver has previously registered internally said transmitting devices for data communications therewith, a method of configuring said receiver to de-register all of said transmitting devices and temporarily disable subsequent encrypted data communications therewith pending re-registration of a transmitting device, said method comprising the steps of:
- a) configuring said receiving station and said transmitting device into a programming mode;
  
  b) transmitting to said receiver from one of said previously registered transmitting devices a first data message comprised of a command to delete all registration data from an internal memory table;
  
  c) deleting all registration data from said receiver internal memory table; and
  
  d) temporarily disabling said receiver from responding to further encrypted data messages.
- View Dependent Claims (17)
- - 17. The method of claim 16 further comprising the step of transmitting to said receiver from said transmitting device a second data message in unencrypted format, said second data message comprising a command to cause an indication that said de-registration process was successful.

18. In a communications system comprising a plurality of remote transmitting devices and a receiving station having a receiver associated therewith, wherein said receiver has previously registered internally said transmitting devices for data communications therewith, a method of configuring said receiver to de-register a selected one of said transmitting devices and temporarily disable subsequent encrypted data communications therewith pending re-registration of said transmitting device, said method comprising the steps of:
- a) configuring said receiving station and said transmitting device into a programming mode;
  
  b) transmitting to said receiver from a different one of said previously registered transmitting devices a first data message comprised of a command to delete the registration data associated with said selected device from an internal memory table;
  
  c) deleting said registration data from said receiver internal memory table; and
  
  d) temporarily disabling said receiver from responding to further encrypted data messages from said selected transmitting device.

19. A secure data communications system suitable for transmission of data messages, comprising:
- a) a plurality of remote transmitting devices for transmitting said data messages, each of said devices comprising;
  
  i) a random key generator for randomly generating data encryption keys, as a result of a command input by a user into said transmitting device, suitable for use in encrypting data messages prior to transmission;
  
  ii) a sequence number generator for keeping track of the transmission sequence number, said sequence number generator being incremented for each data transmission;
  
  iii) a memory for storing said randomly generated encryption key and a device identification code unique to said transmitting device;
  
  iv) means for encrypting data prior to transmission, said encrypting means utilizing said encryption key stored in memory; and
  
  v) transmitter means for transmitting a data message comprised of an encrypted data field, an unencrypted device identification field, and an encrypted sequence number field; and
  
  b) a receiving station comprising a data receiver for receiving said data messages from said transmitting devices, said receiver comprising;
  
  i) a memory table comprising a plurality of data records, each of said data records comprising a device identification code, an encryption key, and a transmission sequence number associated with one of said transmitting devices;
  
  ii) means for fetching from said memory table the data record associated with a data message received from a transmitting device by utilizing a device identification code from the received data message;
  
  iii) means for decrypting said sequence number from said received data message by using the encryption key fetched from memory;
  
  iv) means for comparing the decrypted received sequence number sequence number with said transmission sequence number sequence number fetched from memory; and
  
  v) means for allowing said received data message to be transmitted to a control unit associated with said receiver when the decrypted received sequence number sequence number and said transmission sequence number sequence number fetched from memory are within a predetermined range.

20. A remote transmitting device for transmitting data messages to a centrally located receiving station, said device comprising:
- a) a random key generator for randomly generating data encryption keys, as a result of a command input by a user into said transmitting device, suitable for use in encrypting data messages prior to transmission;
  
  b) a sequence number generator for keeping track of the transmission sequence number, said sequence number generator being incremented for each data transmission;
  
  c) a memory for storing said randomly generated encryption key and a device identification code unique to said transmitting device;
  
  d) means for encrypting data prior to transmission, said encrypting means utilizing said encryption key stored in memory; and
  
  e) transmitter means for transmitting a data message comprised of an encrypted data field, an unencrypted device identification field, and an encrypted sequence number sequence number field.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Honeywell International Inc.
Original Assignee
Pittway Corporation (Honeywell International Inc.)
Inventors
Marino, Francis C., Schmit, Thomas P.
Primary Examiner(s)
OEN, WILLIAM L

Application Number

US08/667,847
Time in Patent Office

1,335 Days
Field of Search

380/21, 380/23, 380/28, 380/29, 380/43, 380/46, 340/506, 340/539, 340/825.22, 340/825.31, 340/825.32, 340/825.34, 340/825.5, 340/825.69, 340/825.72
US Class Current

380/273
CPC Class Codes

G07C 2009/0023   with encription of the tran...

G07C 2009/00253   dynamically, e.g. variable ...

G07C 9/00182   operated with unidirectiona...

G07C 9/28   the pass enabling tracking ...

G07C 9/33   by means of a password

G08C 17/02   using a radio link

G08C 19/28   using pulse code

G08C 2201/61   Password, biometric

H04L 63/06   for supporting key manageme...

H04L 9/0891   Revocation or update of sec...

H04L 9/3226   using a predetermined code,...

H04W 12/033   of the user plane, e.g. use...

H04W 12/04   Key management, e.g. using ...

Secure communications in a wireless system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

251 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure communications in a wireless system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

251 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links