Method for protecting privacy when using a Bluetooth device

US 7,194,760 B2
Filed: 05/21/2001
Issued: 03/20/2007
Est. Priority Date: 05/21/2001
Status: Expired due to Term

First Claim

Patent Images

1. A method in a wireless device to prevent user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:

forming a pseudonym address by initiating in the wireless device a random number generator responsive to a random sequence or a pseudo random sequence and the wireless device real address for generating the pseudonym address as a substitute for the real device address; and

using the pseudonym address in protocol functions of the device that normally uses the real device address in wireless messaging.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The user'"'"'s Bluetooth device substitutes a pseudonym address for the Bluetooth Device Address (BD_ADDR). The pseudonym address is a randomized version of the BD_ADDR. The pseudonym address is used in all the functions of the Bluetooth device that normally use the BD_ADDR, including the frequency hopping sequence, the device access code, the initialization key in link encryption, the authentication code, and the various packet addresses. In this manner, the user'"'"'s privacy is protected by preventing the user'"'"'s identity, routes, and activities from being correlated with his/her device'"'"'s address. In addition to the Bluetooth standard, the technique also applies to other wireless standards.

Citations

78 Claims

1. A method in a wireless device to prevent user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- forming a pseudonym address by initiating in the wireless device a random number generator responsive to a random sequence or a pseudo random sequence and the wireless device real address for generating the pseudonym address as a substitute for the real device address; and
  
  using the pseudonym address in protocol functions of the device that normally uses the real device address in wireless messaging.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29)
- - 2. The method of claim 1, which further comprises:
    - initiating in the wireless device the pseudonym address as a randomized version of the real device address.
  - 3. The method of claim 1, which further comprises:
    - using the pseudonym address in packet address functions of the device that normally uses the real device address.
  - 4. The method of claim 1, which further comprises:
    - using the pseudonym address in modulation functions of the device that normally use the real device address.
  - 5. The method of claim 4, which further comprises:
    - using the pseudonym address in frequency hopping sequence modulation functions of the device that normally use the real device address.
  - 6. The method of claim 1, which further comprises:
    - using the pseudonym address in device access code functions of the device that normally use the real device address.
  - 7. The method of claim 1, which further comprises:
    - using the pseudonym address in link encryption functions of the device that normally use the real device address.
  - 8. The method of claim 1, which further comprises:
    - using the pseudonym address in authentication functions of the device that normally use the real device address.
  - 9. The method of claim 1, which further comprises:
    - enabling the user to select a parameter to combine with the real device address and randomize it to form the pseudonym address.
  - 10. The method of claim 1, which further comprises:
    - enabling the user to select a true random number to combine with the real device address and randomize it to form the pseudonym address.
  - 11. The method of claim 1, which further comprises:
    - storing the pseudonym address and associating it with a paired device with which the pseudonym address is exchanged.
  - 12. The method of claim 1, which further comprises:
    - using the pseudonym address for a predetermined time or count selected by the user.
  - 13. The method of claim 1, which further comprises:
    - using the pseudonym address for a duration that at least begins with an inquiry received from another device and ends if no connection is made after the inquiry.
  - 14. The method of claim 1, which further comprises:
    - using the pseudonym address for a duration that at least begins with an inquiry by the user'"'"'s device and ends if no connection is made after the inquiry.
  - 15. The method of claim 1, which further comprises:
    - using the pseudonym address for a duration that ends when a piconet context changes for the user'"'"'s device.
  - 16. The method of claim 1, which further comprises:
    - using the pseudonym address for a duration that at least begins with sensing of a current physical location of the user'"'"'s device, and ends if that physical location changes beyond a predefined distance.
  - 17. The method of claim 1, which further comprises:
    - using the pseudonym address for a duration that at least begins with an inquiry that establishes a connection with another device, and ends when that connection is terminated.
  - 18. The method of claim 1, which further comprises:
    - comparing a newly generated pseudonym address with known addresses of other devices;
      
      discarding the newly generated pseudonym address if it duplicates the known addresses of other devices; and
      
      generating another pseudonym address.
  - 19. The method of claim 18, which further comprises:
    - notifying the user if there are many repeated attempts to generate a pseudonym address that fail because of other duplicate addresses; and
      
      enabling the user to modify a randomization of the real device address to generate another pseudonym address.
  - 20. The method of claim 1, wherein the wireless device principle of operation is the Bluetooth standard.
  - 21. The method of claim 1, wherein the wireless device principle of operation is a IEEE 802.11 Wireless LAN standard.
  - 22. The method of claim 1, wherein the wireless device principle of operation is the Japanese 3rd Generation (3G) wireless standard.
  - 23. The method of claim 1, wherein the wireless device principle of operation is a cellular telephone system standard.
  - 24. The method of claim 1, wherein the wireless device principle of operation is the Infrared Data Association (IrDA) standard.
  - 25. The method of claim 1, wherein the wireless device principle of operation is the Digital Enhanced Cordless Telecommunications (DECT) standard.
  - 26. The method of claim 1, wherein the wireless device principle of operation is the Shared Wireless Access Protocol (SWAP) standard.
  - 27. The method of claim 1, wherein the wireless device principle of operation is the IEEE 802.15 Wireless Personal Area Network (WPAN) standard.
  - 28. The method of claim 1, wherein the wireless device principle of operation is the High Performance Radio Local Area Network (HIPERLAN) standard.
  - 29. The method of claim 1, wherein the wireless device principle of operation is the Multimedia Mobile Access Communication (MMAC) Systems standard.

30. A system for a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- a random number generator in the wireless device, the generator responsive to a random sequence or pseudo random sequence and the wireless device real address for initiating a pseudonym address as a substitute for the real device address in a wireless communication; and
  
  a processor coupled to the generator, for using the pseudonym address in protocol functions of the device that normally use the real device address.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59)
- - 31. The system of claim 30, which further comprises:
    - said generator initiating the pseudonym address as a randomized version of the real device address.
  - 32. The system of claim 30, which further comprises:
    - said processor using the pseudonym address in packet address functions of the device that normally use the real device address.
  - 33. The system of claim 30, which further comprises:
    - said processor using the pseudonym address in modulation functions of the device that normally use the real device address.
  - 34. The system of claim 33, which further comprises:
    - said processor using the pseudonym address in frequency hopping sequence modulation functions of the device that normally use the real device address.
  - 35. The system of claim 30, which further comprises:
    - said processor using the pseudonym address in device access code functions of the device that normally use the real device address.
  - 36. The system of claim 30, which further comprises:
    - said processor using the pseudonym address in link encryption functions of the device that normally use the real device address.
  - 37. The system of claim 30, which further comprises:
    - said processor using the pseudonym address in authentication functions of the device that normally use the real device address.
  - 38. The system of claim 30, which further comprises:
    - an interface coupled to the processor, for enabling the user to select a part of the real device address and randomize it to form the pseudonym address.
  - 39. The system of claim 30, which further comprises:
    - an interface coupled to the processor, for enabling the user to select a parameter to combine with the real device address and randomize it to form the pseudonym address.
  - 40. The system of claim 30, which further comprises:
    - an interface coupled to the processor, for enabling the user to select a true random number to combine with the real device address and randomize it to form the pseudonym address.
  - 41. The system of claim 30, which further comprises:
    - a memory coupled to the processor, for storing the pseudonym address and associating it with a paired device with which the pseudonym address is exchanged.
  - 42. The system of claim 30, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a predetermined time or count selected by the user.
  - 43. The system of claim 30, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a duration that at least begins with an inquiry received from another device and ends if no connection is made after the inquiry.
  - 44. The system of claim 30, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a duration that at least begins with an inquiry by the user'"'"'s device and ends if no connection is made after the inquiry.
  - 45. The system of claim 30, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a duration that ends when a piconet context changes for the user'"'"'s device.
  - 46. The system of claim 30, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a duration that at least begins with sensing of a current physical location of the user'"'"'s device, and ends if that physical location changes beyond a predefined distance.
  - 47. The system of claim 30, which further comprises:
    - a memory coupled to the processor, for retaining the pseudonym address for a duration that at least begins with an inquiry that establishes a connection with another device, and ends when that connection is terminated.
  - 48. The system of claim 30, which further comprises:
    - said processor comparing a newly generated pseudonym address with known addresses of other devices;
      
      said processor discarding the newly generated pseudonym address if it duplicates the known addresses of other devices; and
      
      said generator generating another pseudonym address.
  - 49. The system of claim 48, which further comprises:
    - an interface coupled to the processor, for notifying the user if there are many repeated attempts to generate a pseudonym address that fail because of other duplicate addresses; and
      
      said interface enabling the user to modify a randomization of the real device address to generate another pseudonym address.
  - 50. The system of claim 30, wherein the wireless device principle of operation is the Bluetooth standard.
  - 51. The system of claim 30, wherein the wireless device principle of operation is a IEEE 802.11 Wireless LAN standard.
  - 52. The system of claim 30, wherein the wireless device principle of operation is the Japanese 3rd Generation (3) wireless standard.
  - 53. The system of claim 30, wherein the wireless device principle of operation is a cellular telephone system standard.
  - 54. The system of claim 30, wherein the wireless device principle of operation is the Infrared Data Association (IrDA) standard.
  - 55. The system of claim 30, wherein the wireless device principle of operation is the Digital Enhanced Cordless Telecommunications (DECT) standard.
  - 56. The system of claim 30, wherein the wireless device principle of operation is the Shared Wireless Access Protocol (SWAP) standard.
  - 57. The system of claim 30, wherein the wireless device principle of operation is the IEEE 802.15 Wireless Personal Area Network (WPAN) standard.
  - 58. The system of claim 30, wherein the wireless device principle of operation is the High Performance Radio Local Area Network (HIPERLAN) standard.
  - 59. The system of claim 30, wherein the wireless device principle of operation is the Multimedia Mobile Access Communication (MMAC) Systems standard.

60. A method in a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- initiating in a wireless device a random number generator response to a random sequence or a pseudo random sequence and the wireless device real address for generating a pseudonym address in the wireless device as a randomized version of the real device address;
  
  substituting the pseudonym address for the real device address in wireless messaging; and
  
  using the pseudonym address in protocol functions of the device that normally use the real device address in the wireless messaging.

61. A method in a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- enabling the user to select in the wireless device a part of the real device address;
  
  forming a pseudonym address by initiating a random number generator responsive to a random sequence or pseudo random sequence and the real device real address to randomize the first part of the real device address to form a first part of a pseudonym address;
  
  combining in the wireless device a remaining part of the real device address with the first part of the pseudonym address to form a complete pseudonym address;
  
  substituting in the wireless device the complete pseudonym address for the real device address; and
  
  using the complete pseudonym address in protocol functions of the device that normally use the real device address.

62. A method in a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- enabling the user in the wireless device to select a parameter to combine with the real device address;
  
  forming a pseudonym address by combining in the wireless device the parameter with the real device address and forming a random number as a the pseudonym address;
  
  substituting in the wireless device the pseudonym address for the real device address; and
  
  using the pseudonym address in protocol functions of the device that normally use the real device address.

63. A method in a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- forming a pseudonym address by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  substituting in the wireless device the pseudonym address for the real device address;
  
  using the pseudonym address in protocol functions of the device that normally use the real device address; and
  
  using the pseudonym address for a predetermined time or count.

64. A method in a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- forming a pseudonym address by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  substituting in the wireless device the pseudonym address for the real device address;
  
  using the pseudonym address in protocol functions of the device that normally use the real device address; and
  
  using the pseudonym address for a duration that at least begins with an inquiry received from another device and ends if no connection is made after the inquiry.

65. A method in a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- forming a pseudonym address by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  substituting in the wireless device the pseudonym address for the real device address;
  
  using the pseudonym address in functions of the device that normally use the real device address; and
  
  using the pseudonym address for a duration that at least begins with an inquiry by the user'"'"'s device and ends if no connection is made after the inquiry.

66. A method in a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- forming a pseudonym address by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  substituting in the wireless device the pseudonym address for the real device address;
  
  using the pseudonym address in protocol functions of the device that normally use the real device address; and
  
  using the pseudonym address for a duration that ends when a piconet context changes for the user'"'"'s device.

67. A method in a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- forming a pseudonym address by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  substituting in the wireless device the pseudonym address for the real device address;
  
  using the pseudonym address in protocol functions of the device that normally use the real device address; and
  
  using the pseudonym address for a duration that at least begins with sensing of a current physical location of the user'"'"'s device, and ends if that physical location changes beyond a predefined distance.

68. A method in a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- forming a pseudonym address by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  substituting in the wireless device the pseudonym address for the real device address;
  
  using the pseudonym address in protocol functions of the device that normally use the real device address; and
  
  using the pseudonym address for a duration that at least begins with an inquiry that establishes a connection with another device, and ends when that connection is terminated.

69. A method in a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- forming a pseudonym address by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  comparing in the wireless device the pseudonym address with known addresses of other devices;
  
  notifying the user if there are repeated attempts to generate a pseudonym address that fails because of duplicate addresses of other devices;
  
  enabling the user to specify a modified randomization of the real device address;
  
  performing in the wireless device the modified randomization and generating a new pseudonym address from the real device address; and
  
  using the new pseudonym address in protocol functions of the device that normally use the real device address.

70. A computer program product for a Bluetooth wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- a computer readable medium in the wireless device;
  
  program code in said computer readable medium for forming a pseudonym address by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  program code in said computer readable medium for substituting the pseudonym address for the real Bluetooth device address; and
  
  program code in said computer readable medium for using the pseudonym address in protocol functions of the device that normally use the real Bluetooth device address.

71. A system for a wireless device to prevent the user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- a memory in the wireless device storing a plurality of pseudonym addresses, each pseudonym address formed by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  a processor in the wireless device coupled to the memory, for substituting one of the pseudonym addresses for the real device address; and
  
  said processor using the one pseudonym address in protocol functions of the device that normally use the real device address.

72. A system for a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- a memory in the wireless device storing a plurality of pseudonym addresses, each pseudonym address formed by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  processor in the wireless device coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in protocol functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a predetermined time or count.

73. A system for a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication comprising:
- a memory in the wireless device storing a plurality of pseudonym addresses, each pseudonym address formed by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  a processor in the wireless device coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a duration that at least begins with an inquiry received from another device and ends if no connection is made after the inquiry.

74. A system for a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- a memory in the wireless device storing a plurality of pseudonym addresses, each pseudonym address formed by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  a processor in the wireless device coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a duration that at least begins with an inquiry by the user'"'"'s device and ends if no connection is made after the inquiry.

75. A system for a wireless device to prevent a-user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- a memory in the wireless device storing a plurality of pseudonym addresses, each pseudonym address formed by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  a processor in the wireless device coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a duration that ends when a piconet context changes for the user'"'"'s device.

76. A system for a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication comprising:
- a memory in the wireless device storing a plurality of pseudonym addresses, each pseudonym address formed by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  a processor in the wireless device coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a duration that at least begins with sensing of a current physical location of the user'"'"'s device, and ends if that physical location changes beyond a predefined distance.

77. A system for a wireless device to prevent a user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- a memory in the wireless device storing a plurality of pseudonym addresses, each pseudonym address formed by initiating in the wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  a processor in the wireless device coupled to the memory, for substituting one of the pseudonym addresses for the real device address;
  
  said processor using the one pseudonym address in protocol functions of the device that normally use the real device address; and
  
  said processor using the one pseudonym address for a duration that at least begins with an inquiry that establishes a connection with another device, and ends when that connection is terminated.

78. A method in a wireless device to prevent user'"'"'s identity, routes, or activities from being correlated with the user'"'"'s real device address in a wireless communication, comprising:
- forming a pseudonym address by initiating in a wireless device a random number generator responsive to random sequences or pseudo random sequences and a user'"'"'s real device address for generating the pseudonym address as a randomized version of the real device address;
  
  enabling the user to select and randomize a part of the real device address in forming the pseudonym address, andusing the pseudonym address in protocol functions of the device that normally uses the real device address in wireless messaging.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Tarkiainen, Mikko, Gripenberg, Casper, Vanska, Marko, Nordman, Ian, Gyorbiro, Norbert, Alamaki, Tero
Primary Examiner(s)
Jung; David

Application Number

US09/860,553
Publication Number

US 20020174364A1
Time in Patent Office

2,129 Days
Field of Search

713200-202, 726/3, 726/4, 726/5
US Class Current

726/5
CPC Class Codes

H04L 2101/622   Layer-2 addresses, e.g. med...

H04L 61/00   Network arrangements, proto...

H04L 61/45   Network directories; Name-t...

H04L 63/0421   Anonymous communication, i....

H04W 12/02   Protecting privacy or anony...

H04W 8/26   Network addressing or numbe...

H04W 84/18   Self-organising networks, e...

Method for protecting privacy when using a Bluetooth device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

78 Claims

Specification

Solutions

Use Cases

Quick Links

Method for protecting privacy when using a Bluetooth device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

78 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links