Method for ensuring data transmission security, communication system and communication device

US 7,995,760 B2
Filed: 06/05/2002
Issued: 08/09/2011
Est. Priority Date: 06/08/2001
Status: Active Grant

First Claim

Patent Images

1. A system for checking that earlier derived encryption keys, a first encryption key in a first device and a second encryption key in a second device, are the same, comprising:

a first device and a second device;

the first device comprising;

a first control block and a first communication block;

the second device comprising;

a second control block and a second communication block;

wherein said first communication block and said second communication block are configured to establish a connection between said first and second devices;

wherein said first control block is configured to;

generate a random string,calculate a first check string based at least partly on said random string and said first encryption key, anddisplay said random string and said first check string;

wherein said second control block is configured to;

receive said random string and said first check string,calculate a second check string based at least partly on said random string and said second encryption key, andcompare the correspondence of said first and second check strings to verify that said first encryption key and said second encryption key are the same, andindicate the result of the comparison.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a method for ensuring data transmission security between a first and a second communication device in short-range wireless communication. To set up a secure data transmission connection, the communication devices conduct a key exchange stage to generate at least one shared key between the communication devices. After said key exchange stage at least a first and a second check string is formed, said strings being based at least on a unique short random string and on the keys generated in each communication device at said key exchange stage. Thus, the security of the connection that is set up is ensured by comparing the correspondence of said check strings. The invention also relates to a communication system and a communication device, in which the method will be applied.

Citations

27 Claims

1. A system for checking that earlier derived encryption keys, a first encryption key in a first device and a second encryption key in a second device, are the same, comprising:
- a first device and a second device;
  
  the first device comprising;
  
  a first control block and a first communication block;
  
  the second device comprising;
  
  a second control block and a second communication block;
  
  wherein said first communication block and said second communication block are configured to establish a connection between said first and second devices;
  
  wherein said first control block is configured to;
  
  generate a random string,calculate a first check string based at least partly on said random string and said first encryption key, anddisplay said random string and said first check string;
  
  wherein said second control block is configured to;
  
  receive said random string and said first check string,calculate a second check string based at least partly on said random string and said second encryption key, andcompare the correspondence of said first and second check strings to verify that said first encryption key and said second encryption key are the same, andindicate the result of the comparison.
- View Dependent Claims (2)
- - 2. The system according to claim 1, wherein a user reads said random string and said first check string from said first device, and enters said random string and said first check string to the input module of said second device.

3. A method for checking that earlier derived first encryption key in a first device and a second encryption key in a second device are the same, the method comprising:
- generating, by the first device, a random string,calculating, by the first device, a first check string based at least partly on said random string and said first encryption key, anddisplaying, by the first device, said random string and said first check string;
  
  wherein said random string is for enabling the second device to calculate a second check string based at least partly on said random string and said second encryption key;
  
  wherein said first check string is for comparing the correspondence of said first and second check strings to verify that said first encryption key and said second encryption key are the same.
- View Dependent Claims (4)
- - 4. The method according to claim 3, further comprising transmitting said random string to said second device.

5. A method for checking that earlier derived encryption keys, a first encryption key in a first device and a second encryption key in a second device, are the same, comprising:
- receiving, by the second device, a random string and a first check string,calculating, by the second device, a second check string based at least partly on said random string and said second encryption key, andcomparing, by the second device, the correspondence of said first and second check strings to verify that said first encryption key and said second encryption key are the same, andindicating, by the second device, the result of the comparison.

6. A system for checking that earlier derived encryption keys, a first encryption key in a first device and a second encryption key in a second device, are the same, comprising:
- a first device and a second device;
  
  the first device comprising;
  
  a first control block and a first communication block;
  
  the second device comprising;
  
  a second control block and a second communication block;
  
  wherein said first communication block and said second communication block are configured to establish a connection between said first and second devices;
  
  wherein said first control block is configured to;
  
  generate a random string,calculate a first check string based at least partly on said random string and said first encryption key,display said random string and said first check string, andtransmit said random string to said second device;
  
  wherein said second control block is configured to;
  
  receive said random string,calculate a second check string based at least partly on said random string and said second encryption key, anddisplay said second check string.

7. A method for checking that earlier derived encryption keys, a first encryption key in a first device and a second encryption key in a second device, are the same, comprising:
- receiving, by the second device, a random string,calculating, by the second device, a second check string based at least partly on said random string and said second encryption key, anddisplaying, by the second device, said second check string;
  
  wherein said random string is for enabling the first device to calculate a first check string based at least partly on said random string and said first encryption key;
  
  wherein said second check string is for comparing the correspondence of said first and second check strings to verify that said first encryption key and said second encryption key are the same.

8. A device comprising:
- a memory;
  
  a processing device configured to generate a random string, and to calculate a first check string based at least partly on said random string and a first encryption key; and
  
  a display configured to display said random string and said first check string;
  
  wherein said random string is for enabling a second device to calculate a second check string based at least partly on said random string and a second encryption key; and
  
  wherein the processing device is further configured to compare the correspondence of said first and second check strings to verify that said first encryption key and said second encryption key are the same.
- View Dependent Claims (9, 10, 11)
- - 9. The device according to claim 8, wherein said processor is configured to derive said first encryption key.
  - 10. The device according to claim 8, further comprising a transmitter configured to transmit said first check string.
  - 11. The device according to claim 8, comprising an input module for inputting the result of the comparison.

12. A device comprising:
- a memory;
  
  a receiver configured to receive a random string and a first check string calculated in a first device based at least partly on the random string and a first encryption key; and
  
  a processing device configured to;
  
  calculate a second check string based at least partly on said random string and a second encryption key,compare the correspondence of said first and second check strings to verify that said first encryption key and said second encryption key are the same, andindicate the result of the comparison.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The device according to claim 12, wherein said processor is configured to derive said second encryption key.
  - 14. The device according to claim 12, wherein said processor is configured to perform the comparison.
  - 15. The device according to claim 12, comprising an input for inputting said random string.
  - 16. The device according to claim 12, comprising a display to indicate the result of the comparison at least when the first check string and the second check string do not correspond to each other.
  - 17. The device according to claim 12, a transmitter configured to report the result of the comparison to said first device.
  - 18. The device according to claim 12, comprising a display to display said random string and said second check string.
  - 19. The device according to claim 12, comprising an input module for inputting the result of the comparison.

20. A device comprising:
- a memory;
  
  a receiver configured to receive a random string,a processing device configured to calculate a second check string based at least partly on said random string and a second encryption key; and
  
  a display configured to display the second check string; and
  
  wherein said second check string is for comparing the correspondence of said first and second check strings to verify that said first encryption key and said second encryption key are the same.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
- - 21. The device according to claim 20, wherein said processor is configured to perform the comparison.
  - 22. The device according to claim 20, wherein said receiver is configured to receive said first check string.
  - 23. The device according to claim 20, further comprising an input for inputting said random string.
  - 24. The device according to claim 20, wherein the display is further configured to indicate the result of the comparison at least when the first check string and the second check string do not correspond to each other.
  - 25. The device according to claim 20, further comprising a transmitter configured to report the result of the comparison to said first device.
  - 26. The device according to claim 20, wherein the display is further configured to display said random string.
  - 27. The device according to claim 20, comprising an input module for inputting the result of the comparison.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Corporation
Inventors
Nyberg, Kaisa, Niemi, Valtteri
Primary Examiner(s)
Gergiso; Techane

Application Number

US10/164,437
Publication Number

US 20020186846A1
Time in Patent Office

3,352 Days
Field of Search

380/277, 380/273, 713/171
US Class Current

380/273
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/061   for key exchange, e.g. in p...

H04L 9/0841   involving Diffie-Hellman or...

H04W 12/50   Secure pairing of devices

H04W 84/18   Self-organising networks, e...

Method for ensuring data transmission security, communication system and communication device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Method for ensuring data transmission security, communication system and communication device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links