Automated secure pairing for wireless devices

US 8,103,247 B2
Filed: 10/31/2006
Issued: 01/24/2012
Est. Priority Date: 10/31/2006
Status: Active Grant

First Claim

Patent Images

1. A tangible computer-readable storage medium comprising machine-readable instructions that, when executed by the machine, cause the machine to perform a method for pairing at least two devices via a direct connection, the method comprising:

performing a first authentication protocol via the direct connection between the at least two devices based in part on address book entries maintained by at least one of the devices, the first authentication protocol comprising;

receiving, at a target device of the at least two devices, a pairing request including a hashed identifier;

comparing, by the target device, the hashed identifier of the pairing request to previously stored hashed address book entries of the target device; and

determining whether to accept the pairing request when the hashed identifier coincides with at least one of the previously stored hashed address book entries;

performing a second authentication protocol via an indirect connection between the at least two devices that is based on an exchange of security keys between the at least two devices, the second authentication protocol comprising;

receiving, generating or determining at a target device, a security key based on data received from an initiating device;

generating, by the target device, a randomly generated nonce after the receiving, generating or determining the security key;

encrypting the randomly generated nonce using the security key;

sending a challenge to the initiating device, the challenge including the encrypted randomly generated nonce;

receiving a challenge response from the initiating device including the randomly generated nonce that is decrypted; and

comparing the randomly generated nonce that is decrypted and received in the challenge response to the randomly generated nonce that is generated to further determine whether to accept the pairing request.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and/or techniques (“tools”) are described herein that relate to automated secure pairing for devices, and that relate to parallel downloads of content using devices. The tools for pairing the devices may perform authentication protocols that are based on addresses and on keys. The address-based authentication protocol may operate on address book entries maintained by the devices. The key-based authentication protocol may operate using a key exchange between the devices.

123 Citations

View as Search Results

16 Claims

1. A tangible computer-readable storage medium comprising machine-readable instructions that, when executed by the machine, cause the machine to perform a method for pairing at least two devices via a direct connection, the method comprising:
- performing a first authentication protocol via the direct connection between the at least two devices based in part on address book entries maintained by at least one of the devices, the first authentication protocol comprising;
  
  receiving, at a target device of the at least two devices, a pairing request including a hashed identifier;
  
  comparing, by the target device, the hashed identifier of the pairing request to previously stored hashed address book entries of the target device; and
  
  determining whether to accept the pairing request when the hashed identifier coincides with at least one of the previously stored hashed address book entries;
  
  performing a second authentication protocol via an indirect connection between the at least two devices that is based on an exchange of security keys between the at least two devices, the second authentication protocol comprising;
  
  receiving, generating or determining at a target device, a security key based on data received from an initiating device;
  
  generating, by the target device, a randomly generated nonce after the receiving, generating or determining the security key;
  
  encrypting the randomly generated nonce using the security key;
  
  sending a challenge to the initiating device, the challenge including the encrypted randomly generated nonce;
  
  receiving a challenge response from the initiating device including the randomly generated nonce that is decrypted; and
  
  comparing the randomly generated nonce that is decrypted and received in the challenge response to the randomly generated nonce that is generated to further determine whether to accept the pairing request.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The tangible computer-readable storage medium of claim 1, wherein the instructions for performing the first authentication protocol include instructions for performing the first authentication protocol over a direct Bluetooth or WiFi communication link established between the devices.
  - 3. The tangible computer-readable storage medium of claim 1, wherein the instructions for performing the second authentication protocol include instructions for performing the second authentication protocol over an indirect communication link between the devices, wherein the indirect communication uses a third-party communication service.
  - 4. The tangible computer-readable storage medium of claim 1, wherein the instructions for performing the second authentication protocol include instructions for performing the second authentication protocol over an SMS link established between the devices.
  - 5. The tangible computer-readable storage medium of claim 1, wherein the challenge is sent in response to the receiving the pairing request.
  - 6. The tangible computer-readable storage medium of claim 1, wherein the receiving the pairing request receives the pairing request directly from the initiating device, and further wherein the security key is a combination of a first key portion received indirectly from the initiating device and a second key portion generated at the target device.
  - 7. The tangible computer-readable storage medium of claim 1, wherein the security key is exchanged between the target device and the initiating device in an initial pairing occurrence between the initiating device and the target device.
  - 8. The tangible computer-readable storage medium of claim 1, wherein the hashed identifier is associated with the initiating device.
  - 9. One or more computer readable storage media comprising computer executable instructions that, when executed, direct a computing device to perform the method as recited in claim 1.
  - 10. The tangible computer-readable storage medium of claim 1, wherein the first authentication protocol further comprises denying the paring request when the comparing the hashed identifier with any hashed address book entries fails to match the hashed identifier to a hashed address book entries.

11. A tangible computer-readable storage medium comprising machine-readable instructions that, when executed by the machine, cause the machine to perform a method for pairing at least two devices, the method comprising:
- confirming that at least one of a target device or an initiating device successfully complete a first authentication protocol and a second authentication protocol prior to receiving an associated pairing request;
  
  receiving, at the target device, the pairing request from the initiating device over a direct communication link between the initiating device and the target device, the pairing request including a hashed identifier;
  
  verifying, by the target device, that the hashed identifier coincides with at least one previously stored hashed address book entry of the target device;
  
  receiving, determining or generating an authentication key at the target device; and
  
  sending a challenge response to the initiating device, the challenge response including a first nonce in an encrypted form and a second nonce in a decrypted form, the first nonce generated by the target device after the receiving, determining or generating the authentication key and encrypted by the target device via the authentication key and the second nonce generated by the initiating device after the receiving, determining or generating the authentication key and decrypted by the target device via the authentication key.
- View Dependent Claims (12, 13)
- - 12. The tangible computer-readable storage medium of claim 11, wherein the instructions for sending at least one pairing request include instructions for sending the pairing request via a Bluetooth communication link.
  - 13. The tangible computer-readable storage medium of claim 11, wherein the instructions for sending at least one authentication request include instructions for sending the authentication request via a Short Message Service (SMS) link.

14. A tangible computer-readable storage medium comprising machine-readable instructions that, when executed by the machine, cause the machine to perform a method for pairing at least two devices, the method comprising:
- requiring, before accepting at least one pairing request, that at least one of the at least two devices successfully complete;
  
  a first authentication protocol via a direct connection between the at least two devices; and
  
  a second authentication protocol via an indirect connection between the at least two devices;
  
  receiving at least one pairing request from an initiating device, the pairing request including a hashed identifier;
  
  verifying that the hashed identifier coincides with at least one previously stored hashed address book entry by;
  
  searching an address book of at least one of the at least two devices that receives the at least one pairing request from an initiating device; and
  
  determining that the hashed identifier matches the at least one previously stored hashed address book entry in the address book;
  
  encrypting a randomly generated nonce using a security key that is received from the initiating device during a prior pairing occurrence with the initiating device;
  
  transmitting the encrypted randomly generated nonce to the initiating device; and
  
  receiving the randomly generated nonce from the initiating device to determine whether to accept the at least one pairing request, the randomly generated nonce that is received from the initiating device being a decrypted form of the encrypted randomly generated nonce transmitted to the initiating device.
- View Dependent Claims (15, 16)
- - 15. The tangible computer-readable storage medium of claim 14, wherein the instructions for receiving at least one pairing request include instructions for receiving the pairing request via a Bluetooth communication link.
  - 16. The tangible computer-readable storage medium of claim 14, wherein the instructions for receiving at least one authentication request include instructions for receiving the authentication request via a Short Message Service (SMS) link.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Ananthanarayanan, Ganesh, Blagsvedt, Sean, Venkatesan, Ramarathnam
Primary Examiner(s)
Pérez-Gutiérrez, Rafael
Assistant Examiner(s)
NOBILE, DANIEL A

Application Number

US11/555,093
Publication Number

US 20080102793A1
Time in Patent Office

1,911 Days
Field of Search

None
US Class Current

455/411
CPC Class Codes

H04L 63/18   using different networks or...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/50   Secure pairing of devices

H04W 84/18   Self-organising networks, e...

Automated secure pairing for wireless devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

123 Citations

16 Claims

Specification

Use Cases

Quick Links

Others

Automated secure pairing for wireless devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

123 Citations

16 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others