System for proximity determination
First Claim
Patent Images
1. A method for determining proximity between a first device and a second device, the method comprising:
- providing a first device storing a first device private key, the first device having an associated secure first device certificate storing secured information, the secured information comprising;
a first device public key corresponding to the first device private key;
providing a second device storing a second device private key, the second device having an associated secure second device certificate storing secured information, the secured information comprising;
a second device public key corresponding to the second device private key; and
a second device processing delay;
providing a copy of the second device certificate to the first device;
establishing a secure authenticated channel between the first device and the second device;
sending a first proximity challenge from the first device to the second device, the proximity challenge including a numeric challenge value;
receiving the first proximity challenge at the second device, processing the proximity challenge at the second device to produce a response to the first proximity challenge, and sending the response to the first proximity challenge from the second device to the first device;
receiving the response to the first proximity challenge at the first device; and
performing the following at the first device;
verifying, at the first device, that the response to the first proximity challenge is legitimate;
determining a gross time between sending the first proximity challenge and receiving the response to the first proximity challenge;
subtracting the second device processing delay from the gross time to produce a first net response time; and
comparing the first net response time to a first threshold and determining whether the first device and the second device are in proximity based on a result of the comparing.
6 Assignments
0 Petitions
Accused Products
Abstract
In connection with network elements in a network, enhancing security by measuring proximity between elements, that are communicating with each other, by using facilities of secure devices and secure elements in the network. In some embodiments, secured information stored in a device certificate comprises a device processing delay, and the device processing delay is used in calculating a net response time which is compared to a threshold.
-
Citations
35 Claims
-
1. A method for determining proximity between a first device and a second device, the method comprising:
-
providing a first device storing a first device private key, the first device having an associated secure first device certificate storing secured information, the secured information comprising; a first device public key corresponding to the first device private key; providing a second device storing a second device private key, the second device having an associated secure second device certificate storing secured information, the secured information comprising; a second device public key corresponding to the second device private key; and a second device processing delay; providing a copy of the second device certificate to the first device; establishing a secure authenticated channel between the first device and the second device; sending a first proximity challenge from the first device to the second device, the proximity challenge including a numeric challenge value; receiving the first proximity challenge at the second device, processing the proximity challenge at the second device to produce a response to the first proximity challenge, and sending the response to the first proximity challenge from the second device to the first device; receiving the response to the first proximity challenge at the first device; and performing the following at the first device; verifying, at the first device, that the response to the first proximity challenge is legitimate; determining a gross time between sending the first proximity challenge and receiving the response to the first proximity challenge; subtracting the second device processing delay from the gross time to produce a first net response time; and comparing the first net response time to a first threshold and determining whether the first device and the second device are in proximity based on a result of the comparing. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
Specification