Method for establishing a communication between two devices

US 7,716,483 B2
Filed: 11/16/2004
Issued: 05/11/2010
Est. Priority Date: 11/18/2003
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

establishing an encrypted communication by using keys, the encrypted communication between a first electronic device associated with a first trusted authority and a second electronic device associated with a second trusted authority, the establishing including;

providing a first identity associated with the first electronic device, a second identity associated with the second electronic device, a further first identity associated with the first trusted authority, and a further second identity associated with the second trusted authority;

making a first secret key associated with the first electronic device available to the first electronic device for encrypted communication between the first trusted authority and the first electronic device, said first trusted authority being able to generate the first secret key;

making a second secret key available to the second electronic device, the second trusted authority being able to generate the second secret key for encrypted communication between the second trusted authority and the second electronic device;

making available the second identity and the further second identity to the first electronic device upon connection of the second electronic device with the first electronic device;

transmitting a message by the first electronic device to the first trusted authority, said message containing the second identity and the further second identity, wherein the message is encrypted with the first secret key;

generating by the first trusted authority a public key associated with the second electronic device, said public key generated from the received second identity;

generating by said first trusted authority a communication key to be used in a communication between said first electronic device and said second electronic device;

sending by the first trusted authority a first message to the first electronic device, said first message containing the communication key, wherein the first message is encrypted with the first secret key; and

sending by the first trusted authority a second message, different than the first message, to the second electronic device, said second message containing the communication key, wherein the second message is encrypted with the public key associated with the second device;

wherein the second electronic device is not associated with the first trusted authority and the first electronic device is not associated with the second trusted authority and the second trusted authority is distinct and autonomous with respect to the first trusted authority.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method establishes a communication between a first electronic device associated with a first trusted authority and a second electronic device. The method includes: making a first key available to the first device for the communication between the first authority and the first device. A second trusted authority, associated with the second device and distinct and autonomous with respect to the first authority, generates a second key in order to communicate with the second device. Furthermore, the method includes: making the second key available to the second device; and providing the first and second devices with a communication key, to be used communication between the first and second devices, through at least one of the first and second authorities.

55 Citations

View as Search Results

32 Claims

1. A method comprising:
- establishing an encrypted communication by using keys, the encrypted communication between a first electronic device associated with a first trusted authority and a second electronic device associated with a second trusted authority, the establishing including;
  
  providing a first identity associated with the first electronic device, a second identity associated with the second electronic device, a further first identity associated with the first trusted authority, and a further second identity associated with the second trusted authority;
  
  making a first secret key associated with the first electronic device available to the first electronic device for encrypted communication between the first trusted authority and the first electronic device, said first trusted authority being able to generate the first secret key;
  
  making a second secret key available to the second electronic device, the second trusted authority being able to generate the second secret key for encrypted communication between the second trusted authority and the second electronic device;
  
  making available the second identity and the further second identity to the first electronic device upon connection of the second electronic device with the first electronic device;
  
  transmitting a message by the first electronic device to the first trusted authority, said message containing the second identity and the further second identity, wherein the message is encrypted with the first secret key;
  
  generating by the first trusted authority a public key associated with the second electronic device, said public key generated from the received second identity;
  
  generating by said first trusted authority a communication key to be used in a communication between said first electronic device and said second electronic device;
  
  sending by the first trusted authority a first message to the first electronic device, said first message containing the communication key, wherein the first message is encrypted with the first secret key; and
  
  sending by the first trusted authority a second message, different than the first message, to the second electronic device, said second message containing the communication key, wherein the second message is encrypted with the public key associated with the second device;
  
  wherein the second electronic device is not associated with the first trusted authority and the first electronic device is not associated with the second trusted authority and the second trusted authority is distinct and autonomous with respect to the first trusted authority.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1, further comprising generating, by the one of said trusted authorities, an electronic signature by starting from said communication key.
  - 3. The method according to claim 2 wherein the communication key and the electronic signature are encoded in accordance with an identity based encryption method.
  - 4. The method according to claim 1 wherein communication key sent to the first electronic device is encoded in accordance with a symmetrical type encryption method or in accordance with an asymmetric identity based encryption method.
  - 5. The method according to claim 4 wherein said symmetrical encryption method is a global system for mobile (GSM) communication standard encryption method.
  - 6. The method according to claim 1, further comprising:
    - sending the further first identity to the second electronic device, by the first electronic device; and
      
      sending the second identity and the further second identity to the first electronic device, by the second electronic device.
  - 7. The method according to claim 1 wherein the transmission of the second identity and the transmission of the further second identity by the first electronic device to the first trusted authority is carried out symmetrically using the first secret key or by using a session key in accordance with a global system for mobile (GSM) communication standard.
  - 8. The method according to claim 1 wherein the transmission of the second identity and the transmission of the further second identity by the first electronic device to the first trusted authority is carried out by using an identity based encryption method and by using a further first public key obtained by staffing from the further first identity associated with the first trusted authority and a further first intermediate private key in turn obtained by staffing from the further first public key.
  - 9. The method according to claim 1 wherein said first electronic device is an integrated circuit card and the second device is a mobile telephone or a remote internet server.

10. An encrypted communication system using keys, the system comprising:
- a first electronic device associated with a first trusted authority, the first electronic device configured to;
  
  receive a first secret key from the first trusted authority;
  
  transmit a second identity and a further second identity to the first trusted authority;
  
  receive a first message having a communication key, the first message encrypted with the first secret key;
  
  a second electronic device associated with a second trusted authority and not associated with said first trusted authority, the first electronic device not associated with said second trusted authority, and the second trusted authority is distinct and autonomous with respect to the first trusted authority, the second electronic device configured to;
  
  receive a second secret key from the second trusted authority;
  
  receive a second message having the communication key, the second message encrypted with a public key, the second message received from the first trusted authority, the second message different than the first message; and
  
  communication means for having an encrypted communication between the first electronic device and the second electronic device using the communication key to encrypt the communication,wherein said communication key is generated and sent by only said first trusted authority.
- View Dependent Claims (11, 12, 13)
- - 11. The system of claim 10 wherein the communication key is received by the first electronic device in encrypted form, and the first electronic device further includes decoding means for decoding the encrypted communication key using the first secret key.
  - 12. The system of claim 10 wherein the second electronic device includes means for transmitting an identifier to the first electronic device and the first electronic device includes means for transmitting the identifier to the first trusted authority to enable the first trusted authority to generate a public key from the identifier and encode the communication key using the public key.
  - 13. The system of claim 10 wherein said first electronic device is an integrated circuit card and the second electronic device is a mobile telephone or a remote internet server.

14. A method for establishing an encrypted communication between a first electronic device associated with a first trusted authority and a second electronic device associated with a second trusted authority, the method comprising:
- receiving at the first electronic device a first secret key from the first trusted authority, said first electronic device not being associated with said second trusted authority;
  
  using the first secret key for encrypted communication between the first electronic device and the first trusted authority;
  
  receiving at the second electronic device a second secret key from the second trusted authority, said second electronic device not being associated with said first trusted authority;
  
  using the second secret key for encrypted communication between the second electronic device and the second trusted the authority;
  
  making available the second identity and the further second identity to the first electronic device or making available the first identity and the further first identity to the second electronic device upon connection of the second electronic device with the first electronic device;
  
  transmitting the second identity and the further second identity by the first electronic device to the first trusted authority or transmitting the first identity and the further first identity by the second electronic device to the second trusted authority;
  
  receiving at the first electronic device, a first message having a communication key, the first message encrypted with the first secret key or a first public key, the first message received from only one of the first trusted authority or the second trusted authority respectively;
  
  receiving at the second electronic device, a second message having the communication key, the second message encrypted with a public key or the second secret key, the second message received from the only one of the first trusted authority or the second trusted authority respectively, the second message different than the first message; and
  
  using the received communication key for encrypted communication between the first and second electronic devices.
- View Dependent Claims (15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 15. The method of claim 14, further comprising receiving at the second electronic device an electronic signature created from the communication key by the first trusted authority.
  - 16. The method of claim 14 wherein the receiving the communication key at the first electronic device includes receiving the communication key in an encrypted message, the method further comprising decoding the encrypted message using the first secret key.
  - 17. The method of claim 14, further comprising:
    - transmitting an identifier from the second electronic device to the first electronic device; and
      
      transmitting the identifier from the first electronic device to the first trusted authority to enable the first trusted authority to generate a public key from the identifier and encode the communication key using the public key.
  - 18. The method of claim 14 wherein the communication key is received by the first electronic device in encrypted form and the method further comprises decoding the encrypted communication key in accordance with a symmetrical type decryption method or in accordance with an asymmetric identity based decryption method.
  - 19. The method of claim 14 wherein first and second electronic device identities are associated with the first and the second electronic devices, respectively and first and second trusted authority identities are associated with the first and the second electronic devices, respectively;
    - the method further comprising;
      
      sending the first trusted authority identity from the first electronic device to the second electronic device; and
      
      sending the second electronic device identity and the second trusted authority identity from the second electronic device to the first electronic device.
  - 20. The method of claim 19, further comprising transmitting, in encrypted form, the second electronic device identity and the second trusted authority identity from the first electronic device to the first trusted authority.
  - 21. The method of claim 20 wherein the transmitting is carried out symmetrically using the first secret key or by using a session key in accordance with a global system for mobile (GSM) communication standard.
  - 22. The method of claim 20 wherein the transmitting is carried out by using an identity based encryption method and by using a further first public key obtained from the first trusted authority identity and an intermediate private key received from the first trusted authority.
  - 23. The method of claim 14 wherein the first electronic device is an integrated circuit card and the second electronic device is a mobile telephone or a remote internet server.
  - 24. The method of claim 14 wherein said second electronic device is a Universal Mobile Telecommunications System (UMTS) portable electronic communication device.
  - 25. The method of claim 14 wherein said second electronic device is a General Packet Radio Service (GPRS) portable electronic communication device.

26. A trusted authority device comprising:
- a transceiver configured to;
  
  receive a first identity from a first device, the first identity associated with the first device, the first device associated with the trusted authority; and
  
  receive a second identity and a second further identity from the first device, the second identity associated with a second device and the further second identity associated with a second trusted authority device,wherein the second device is not associated with the trusted authority device and the first device is not associated with the second trusted authority device and the second trusted authority device is distinct and autonomous with respect to the trusted authority device;
  
  a processor, the processor configured to;
  
  generate a secret key from the first identity,generate a public key from the second identity, andgenerate a communication key from the first identity and the second identity,wherein the communication key is useful to encrypt and decrypt communication between the first device and the second device; and
  
  a storage unit configured to;
  
  store the secret key,store the public key andstore the communication key; and
  
  wherein the transceiver is further configured to;
  
  transmit a first message to the first device, the first message having the communication key, wherein the first message is encrypted with the secret key, andtransmit a second message to the second device, the second message different than the first message, the second message having the communication key, wherein the second message is encrypted with the public key.
- View Dependent Claims (27, 28, 29, 30, 31, 32)
- - 27. The trusted authority device of claim 26 wherein the first device is a smart card and the second device is a mobile telephone.
  - 28. The trusted authority device of claim 26 wherein the communication key is encoded in accordance with a symmetrical type encryption method.
  - 29. The trusted authority device of claim 28 wherein the symmetrical encryption method is a global system for mobile (GSM) communication standard encryption method.
  - 30. The trusted authority device of claim 26 wherein the communication key is encoded in accordance with an asymmetric identity based encryption method.
  - 31. The trusted authority device of claim 26 wherein the processor is further configured to generate a second communication key and the transceiver is further configured to transmit a third message to the first device, the third message having the second communication key encrypted with first secret key, and a fourth message to the second device, the fourth message different than the third message, the fourth message having the second communication key encrypted with the first public key.
  - 32. The trusted authority device of claim 31 wherein the processor is further configured to detect that at least one of the first identity or the second identity has been refreshed, said detection initiating generation of the second communication key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
STMicroelectronics SRL (STMicroelectronics NV)
Original Assignee
STMicroelectronics SRL (STMicroelectronics NV)
Inventors
Sozzani, Fabio, Fragneto, Pasqualina, Bertoni, Guido Marco, Pelosi, Gerardo, Sannino, Roberto Valerio
Primary Examiner(s)
Moise; Emmanuel L
Assistant Examiner(s)
PHAM, LUU T

Application Number

US10/990,319
Publication Number

US 20050125670A1
Time in Patent Office

2,002 Days
Field of Search

713/155
US Class Current

713/171
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/0442   wherein the sending and rec...

H04L 63/062   for key distribution, e.g. ...

H04L 63/0853   using an additional device,...

H04L 9/0822   using key encryption key

H04L 9/083   involving central third par...

H04L 9/3073   involving pairings, e.g. id...

Method for establishing a communication between two devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

55 Citations

32 Claims

Specification

Use Cases

Quick Links

Others

Method for establishing a communication between two devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

55 Citations

32 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others