Methods and apparatus for securing communications of a user operated device
First Claim
1. In a user operated input device that provides user input to a computerized device, a method for establishing a secure communications session between the user operated input device and the computerized device in communications with the user operated input device, the method comprising:
- transferring an enable security message from the user operated input device to the computerized device via a first interface of the user operated input device;
receiving, at the first interface of the user operated input device, a first communications enablement message from the computerized device, the first communications enablement message including first key material generated by the computerized device, the first key material being a complete public key transmitted to the user operated input device from the computerized device;
receiving, at a second user interface of the user operated input device, a copy of a fingerprint of the first key material via input from a user operating the user operated input device to send to the computerized device, the fingerprint of the first key material having been displayed to the user on a display device coupled to the computerized device, wherein the copy of the fingerprint of the first key material is transmitted to the computerized device;
upon determining, by the computerized device, that the copy of the fingerprint of the first key material matches the fingerprint of the first key material, establishing an encrypted communications session between the user operated input device and the computerized device using the first communications enablement message; and
applying an encryption algorithm using at least the first key material to establish the encrypted communications session between the user operated input device and the computerized device such that subsequent communications taking place between the user operated input device and the computerized device are encrypted.
1 Assignment
0 Petitions
Accused Products
Abstract
A system provides secure communications between a user operated device and a computerized device. The user operated device transfers an enable security message to the computerized device, and in response, the computerized device sends a first communications enablement message to the user operated device and displays a second communications enablement message on a display of the computerized device for viewing by a user operating the user operated device. The user operated device receives the first communications enablement message from the computerized device and receives the second communications enablement message from the user and establishes a secure communications session between the user operated device and the computerized device using the first communications enablement message and the second communications enablement message. The communications enablement messages can contain key material that enable encryption between the user operated device and the computerized device.
69 Citations
28 Claims
-
1. In a user operated input device that provides user input to a computerized device, a method for establishing a secure communications session between the user operated input device and the computerized device in communications with the user operated input device, the method comprising:
-
transferring an enable security message from the user operated input device to the computerized device via a first interface of the user operated input device; receiving, at the first interface of the user operated input device, a first communications enablement message from the computerized device, the first communications enablement message including first key material generated by the computerized device, the first key material being a complete public key transmitted to the user operated input device from the computerized device; receiving, at a second user interface of the user operated input device, a copy of a fingerprint of the first key material via input from a user operating the user operated input device to send to the computerized device, the fingerprint of the first key material having been displayed to the user on a display device coupled to the computerized device, wherein the copy of the fingerprint of the first key material is transmitted to the computerized device; upon determining, by the computerized device, that the copy of the fingerprint of the first key material matches the fingerprint of the first key material, establishing an encrypted communications session between the user operated input device and the computerized device using the first communications enablement message; and applying an encryption algorithm using at least the first key material to establish the encrypted communications session between the user operated input device and the computerized device such that subsequent communications taking place between the user operated input device and the computerized device are encrypted. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. In a computerized device, a method for establishing a secure communications session between the computerized device and a user operated input device that provides user input to the computerized device, the method comprising the steps of:
-
receiving an enable security message from the user operated input device in communications with the computerized device; in response to the enable security message, generating, by the computerized device, first key material to send to the first interface of the user operated input device; sending a first communications enablement message to the user operated input device, the first communications enablement message including the first key material, the first key material being a complete public key transmitted to the user operated input device from the computerized device; displaying, on a display device in communications with the computerized device, a second communications enablement message for viewing by a user, the second communications enablement message including second key material containing a fingerprint of the first key material; responsive to the displayed second communications enablement message (i) having been input to the user operated input device and (ii) matching the displayed fingerprint of the first key material, establishing an encrypted communications session between the user operated input device and the computerized device based on the first communications enablement message and the second communications enablement message; and applying an encryption algorithm using at least the first key material to establish the encrypted communications session between the user operated input device and the computerized device such that the communications taking place between the user operated input device and the computerized device are encrypted.
-
-
13. A user operated input device that provides user input to a computerized device comprising:
-
a user input mechanism; a communications interface that can be engaged in communications with a computerized device; a memory; a processor; an interconnection mechanism coupling the user input mechanism, the communications interface, the memory and the processor; wherein the memory is encoded with a device encryption application that when executed in conjunction with the processor provides a device encryption process that establishes a secure communications session between the user operated input device and the computerized device in communications with the user operated input device by performing the steps of; transferring, from the user operated input device to the computerized device over the communications interface, an enable security message; receiving, over the communications interface, a first communications enablement message, the first communications enablement message including first key material generated by the computerized device, the first key material being a complete public key transmitted to the user operated input device from the computerized device; receiving, as input from a user operating the user operated input device via the user input mechanism, a second communications enablement message, the second communications enablement message including second key material containing a copy of a fingerprint of the first key material, the fingerprint of the first key material having been displayed to the user on a display device coupled to the computerized device, wherein the copy of the fingerprint of the first key material is transmitted to the computerized device; upon determining, by the computerized device, that the copy of the fingerprint of the first key material matches the displayed fingerprint of the first key material, establishing an encrypted communications session between the user operated input device and the computerized device over the communications interface using the first communications enablement message and the second communications enablement message; and applying an encryption algorithm using at least the first material to establish the encrypted communications session between the user operated input device and the computerized device such that the communications taking place between the user operated input device and the computerized device are encrypted. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24)
-
-
25. An apparatus, comprising:
-
a user operated input device; and a computerized device configured to receive input from the user operated input device including at least; a display interface capable of being coupled to a display device that presents information to a user, a communications interface, coupled to the computerized device, capable of being coupled to and communicating with the user operated input device, a memory, a processor, an interconnection mechanism coupling the display interface, the communications interface, the memory and the processor; wherein the memory is encoded with a secure device driver application that, when executed by the processor, produces a secure device driver process that causes the computerized device to establish a secure communications session between the computerized device and the user operated input device, by causing the computerized device to perform the steps of; receiving, over the communications interface, an enable security message from the user operated input device in communications with the computerized device; in response to the enable security message, obtaining, by the secure device driver application, first key material generated by the computerized device to send to the user operated input device; sending a first communications enablement message to the user operated input device over the communications interface, the first communications enablement message including the first key material, the first key material being a complete public key transmitted to the user operated input device from the computerized device; displaying, on the display device, a second communications enablement message for viewing by the user operating the user operated input device, the second communications enablement message including a fingerprint of the first key material; responsive to the displayed second communications enablement message (i) having been input to the user operated input device and (ii) matching the displayed fingerprint of the first key material, establishing an encrypted communications session between the user operated input device and the computerized device over the communications interface based on the first communications enablement message and the second communications enablement message; and applying an encryption algorithm using at least the first key material to establish the encrypted communications session between the user operated input device and the computerized device such that the communications taking place between the user operated input device and the computerized device are encrypted. - View Dependent Claims (26)
-
-
27. A non-transitory computer-readable storage medium including computer program logic encoded thereon that, when performed in a user operated input device coupled to a computerized device, causes the user operated input device to perform the operations of:
-
transferring an enable security message from the user operated input device to the computerized device via a first interface of the user operated input device; receiving, at the first interface of the user operated input device, a first communications enablement message from the computerized device, the first communications enablement message including first key material generated by the computerized device, the first key material being a complete public key transmitted to the user operated input device from the computerized device; receiving, at a second user interface of the user operated input device, a second communications enablement message as input from a user operating the user operated input device, the second communications enablement message including second key material containing a fingerprint of the first key material, the fingerprint of the first key material having been displayed to the user on a display device coupled to the computerized device, wherein the copy of the fingerprint of the first key material is transmitted to the computerized device; upon determining, by the computerized device, that the copy of the fingerprint of the first key material matches the fingerprint of the first key material, establishing an encrypted communications session between the user operated input device and the computerized device using the first communications enablement message and the second communications enablement message; and applying an encryption algorithm using at least one of the first and second key material to establish the encrypted communications session between the user operated input device and the computerized device such that the communications taking place between the user operated input device and the computerized device are encrypted.
-
-
28. A non-transitory computer-readable storage medium including computer program logic encoded thereon that, when performed in a computerized device having a coupling to a user operated input device that provides user input to the computerized device, causes the computerized device to perform the operations of:
-
receiving an enable security message from the user operated input device in communications with the computerized device; in response to the enable security message, generating first key material to send to the user operated input device; sending a first communication enablement message to the user operated input device, the first communications enablement message including the first key material, the first key material being a complete public key transmitted to the user operated input device from the computerized device; displaying, on a display device in communications with the computerized device, a second communications enablement message for viewing by a user operating the user operated input device, the second communications enablement message including second key material containing a fingerprint of the first key material that the computerized device displays on the display device of the computerized device and that the user can see and can provide as input to the user operated input device for receipt of the second communications enablement message; responsive to the displayed second communications enablement message (i) having been input to the user operated input device and (ii) matching the displayed fingerprint of the first key material, establishing an encrypted communications session between the user operated input device and the computerized device based on the first communications enablement message and the second communications enablement message; and applying an encryption algorithm using at least one of the first and second key material to establish the encrypted communications session between the user operated input device and the computerized device such that the communications taking place between the user operated input device and the computerized device are encrypted.
-
Specification