Securing pairing verification of devices with minimal user interfaces

US 8,260,261 B2
Filed: 08/31/2009
Issued: 09/04/2012
Est. Priority Date: 08/31/2009
Status: Active Grant

First Claim

Patent Images

1. A method for verifying a secure pairing between two communication devices, comprising:

calculating on each of the two communication devices a verification value based upon security information exchanged between the two communication devices;

performing on each of the two communication devices a table look up process using at least a portion of the verification value to select a verification pattern from a table of verification patterns;

presenting on each of the two communication devices the verification pattern for perception by a user as one of a flashing light pattern and a sound pattern; and

receiving a user input indicating that the verification patterns on each of the two communication devices are the same.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method, system and devices for enabling secure pairing between two communication devices equipped with a minimal user interface includes determining a verification pattern based upon security information exchanged between the two communication devices and presenting the verification pattern in a manner that can be perceived by a user who can determine whether the verification patterns are the same. The verification patterns may be presented as flashing light displays, such as flashing sequences of a light emitting diode, or as sounds, such as tones or click patterns emitted by a speaker. If a user perceives that the verification patterns emitted by both communication devices are the same, the user may so indicate by pressing a button on each of the devices. Obtaining such user confirmation of the verification patterns enables establishing a secure pairing between the two communication devices that is protected from active and passive eavesdropping.

Citations

37 Claims

1. A method for verifying a secure pairing between two communication devices, comprising:
- calculating on each of the two communication devices a verification value based upon security information exchanged between the two communication devices;
  
  performing on each of the two communication devices a table look up process using at least a portion of the verification value to select a verification pattern from a table of verification patterns;
  
  presenting on each of the two communication devices the verification pattern for perception by a user as one of a flashing light pattern and a sound pattern; and
  
  receiving a user input indicating that the verification patterns on each of the two communication devices are the same.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, wherein the verification pattern is presented as a flashing light pattern displayed by a light emitting diode.
  - 3. The method of claim 1, wherein the verification pattern is presented as a sound pattern emitted by a speaker.
  - 4. The method of claim 1, further comprising:
    - exchanging public keys between the two communication devices;
      
      selecting a first nonce in a first one of the two communication devices;
      
      selecting a second nonce in a second one of the two communication devices;
      
      calculating a commitment value in the first one of the two communication devices based upon the exchanged public keys and the first nonce;
      
      transmitting the commitment value from the first one of the two communication devices to the second one of the two communication devices;
      
      transmitting the second nonce from the second one of the two communication devices to the first one of the two communication devices in response to receiving the commitment value; and
      
      transmitting the first nonce from the first one of the two communication devices to the second one of the two communication devices in response to receiving the second nonce;
      
      wherein calculating on each of the two communication devices the verification value based upon security information exchanged between the two communication devices comprises;
      
      calculating on each of the two communication devices the verification value based upon the exchanged public keys, the first nonce and the second nonce.

5. A communication system, comprising:
- a first communication device; and
  
  a second communication device,wherein each of the first and second communication devices comprise;
  
  a processor;
  
  a transceiver coupled to the processor;
  
  a button coupled to the processor; and
  
  a simple signaling mechanism coupled to the processor,wherein the processor of each of the first and second communication devices is configured with processor-executable instructions to perform operations comprising;
  
  calculating a verification value based upon security information exchanged between the first and second communication devices;
  
  performing a table look up process using at least a portion of the verification value to select a verification pattern from a table of verification patterns;
  
  presenting on the simple signaling mechanism of each of the first and second communication devices the verification pattern for perception by a user; and
  
  completing a secure pairing between the first and second communication devices if a button press is received on both first and second communication devices.
- View Dependent Claims (6, 7, 8)
- - 6. The communication system of claim 5, wherein:
    - the simple signaling mechanism of each of the first and second communication devices is a light emitting diode; and
      
      the verification pattern is presented as a flashing light pattern displayed by the light emitting diodes.
  - 7. The communication system of claim 5, wherein:
    - the simple signaling mechanism of each of the first and second communication devices is a speaker; and
      
      the verification pattern is presented as a sound pattern emitted by the speakers.
  - 8. The communication system of claim 5, wherein the processor of each of the first and second communication devices is configured with processor-executable instructions to perform operations further comprising:
    - exchanging public keys between the first and second communication devices;
      
      selecting a first nonce in the first communication device;
      
      selecting a second nonce in the second communication device;
      
      calculating a commitment value in the first communication device;
      
      transmitting the commitment value from the first communication device to the second communication device;
      
      transmitting the second nonce from the second communication device to the first communication device in response to receiving the commitment value; and
      
      transmitting the first nonce from the first communication device to the second communication device in response to receiving the second nonce;
      
      wherein calculating the verification value based upon security information exchanged between the two communication devices comprises;
      
      calculating on each of the first and second communication devices a verification value based upon the exchanged public keys, the first nonce and the second nonce.

9. A first communication device, comprising:
- a processor;
  
  a transceiver coupled to the processor;
  
  a button coupled to the processor; and
  
  a simple signaling mechanism coupled to the processor,wherein the processor is configured with processor-executable instructions to perform operations comprising;
  
  exchanging security information with a second communication device;
  
  calculating a verification value based upon the exchanged security information;
  
  performing a table look up process using at least a portion of the verification value to select a verification pattern from a table of verification patterns;
  
  activating the simple signaling mechanisms according to the selected verification pattern; and
  
  completing a secure pairing with the second communication device if the button is pressed after the simple signaling mechanism is activated.
- View Dependent Claims (10, 11, 12)
- - 10. The communication device of claim 9, wherein:
    - the simple signaling mechanism is a light emitting diode; and
      
      the verification pattern is presented as a flashing light pattern displayed by the light emitting diode.
  - 11. The communication device of claim 9, wherein:
    - the simple signaling mechanism is a speaker; and
      
      the verification pattern is presented as a sound pattern emitted by the speaker.
  - 12. The communication device of claim 9, wherein the processor is configured with processor-executable instructions to perform operations further comprising:
    - transmitting a first public key to the second communication device;
      
      receiving a second public key from the second communication device;
      
      selecting a first nonce;
      
      calculating a commitment value based upon the first public key, the second public key and the first nonce;
      
      transmitting the commitment value to the second communication device;
      
      receiving a second nonce from the second communication device; and
      
      transmitting the first nonce to the second communication device in response to receiving the second nonce, andwherein calculating the verification value based upon the exchanged security information comprises;
      
      calculating the verification value based upon the first and second public key, the first nonce and the second nonce.

13. A first communication device, comprising:
- means for exchanging security information with a second communication device;
  
  means for calculating a verification value based upon the exchanged security information;
  
  means for performing a table look up process using at least a portion of the verification value to select a verification pattern from a table of verification patterns;
  
  means for signaling the verification pattern; and
  
  means for completing a secure pairing between with the second communication device if a button is pressed after the means for signaling the verification pattern is activated.
- View Dependent Claims (14, 15, 16)
- - 14. The communication device of claim 13, wherein:
    - means for signaling the verification pattern comprises means for flashing a light according to the verification pattern.
  - 15. The communication device of claim 13, wherein:
    - means for signaling the verification pattern comprises means for emitting sound according to the verification pattern.
  - 16. The communication device of claim 13, further comprising:
    - means for transmitting a first public key to the second communication device;
      
      means for receiving a second public key from the second communication device;
      
      means for selecting a first nonce;
      
      means for calculating a commitment value based upon the first public key, the second public key and the first nonce;
      
      means for transmitting the commitment value to the second communication device;
      
      means for receiving a second nonce from the second communication device; and
      
      means for transmitting the first nonce to the second communication device in response to receiving the second nonce, andwherein the means for calculating the verification value based upon the exchanged security information comprises;
      
      means for calculating the verification value based upon the first and second public key, the first nonce and the second nonce.

17. A non-transitory processor-readable medium having stored thereon processor-executable instructions configured to cause a processor of a first communication device to perform operations comprising:
- exchanging security information with a second communication device;
  
  calculating a verification value based upon the exchanged security information;
  
  performing a table look up process using at least a portion of the verification value to select a verification pattern from a table of verification patterns;
  
  activating a simple signaling mechanism according to the verification pattern; and
  
  completing a secure pairing with the second communication device if a button on the first communication device is pressed after the simple signaling mechanism is activated.
- View Dependent Claims (18, 19, 20)
- - 18. The non-transitory processor-readable medium of claim 17, wherein activating the simple signaling mechanism according to the verification pattern comprises flashing a light pattern on a light emitting diode.
  - 19. The non-transitory processor-readable medium of claim 17, wherein activating the simple signaling mechanism according to the verification pattern comprises sounding a pattern from a speaker.
  - 20. The non-transitory processor-readable medium of claim 17, wherein the stored processor-executable instructions are configured to cause a processor of a first communication device to perform operations further comprising:
    - transmitting a first public key to the second communication device;
      
      receiving a second public key from the second communication device;
      
      selecting a first nonce;
      
      calculating a commitment value based upon the first public key, the second public key and the first nonce;
      
      transmitting the commitment value to the second communication device;
      
      receiving a second nonce from the second communication device; and
      
      transmitting the first nonce to the second communication device in response to receiving the second nonce; and
      
      wherein calculating the verification value based upon the exchanged security information comprises;
      
      calculating the verification value based upon the first and second public key, the first nonce and the second nonce.

21. A method for verifying a secure pairing between two communication devices, comprising:
- calculating on each of the two devices a verification value based upon security information exchanged between the two communication devices;
  
  using on each of the two devices at least a portion of the verification value as an input to an algorithm to generate a verification pattern;
  
  presenting on each of the two communication devices the verification pattern for perception by a user as one of a flashing light pattern and a sound pattern; and
  
  receiving a user input indicating that the verification patterns on each of the two communication devices are the same.
- View Dependent Claims (22, 23)
- - 22. The method of claim 21, wherein the verification pattern is presented as one of a flashing light pattern displayed by a light emitting diode or as a sound pattern emitted by a speaker.
  - 23. The method of claim 21, further comprising:
    - exchanging public keys between the two communication devices;
      
      selecting a first nonce in a first one of the two communication devices;
      
      selecting a second nonce in a second one of the two communication devices;
      
      calculating a commitment value in the first one of the two communication devices based upon the exchanged public keys and the first nonce;
      
      transmitting the commitment value from the first one of the two communication devices to the second one of the two communication devices;
      
      transmitting the second nonce from the second one of the two communication devices to the first one of the two communication devices in response to receiving the commitment value; and
      
      transmitting the first nonce from the first one of the two communication devices to the second one of the two communication devices in response to receiving the second nonce;
      
      wherein calculating on each of the two communication devices the verification value based upon security information exchanged between the two communication devices comprises;
      
      calculating on each of the two communication devices the verification value based upon the exchanged public keys, the first nonce and the second nonce.

24. A communication system, comprising:
- a first communication device; and
  
  a second communication device,wherein each of the first and second communication devices comprise;
  
  a processor;
  
  a transceiver coupled to the processor;
  
  a button coupled to the processor; and
  
  a simple signaling mechanism coupled to the processor,wherein the processor of each of the first and second communication devices is configured with processor-executable instructions to perform operations comprising;
  
  calculating a verification value based upon security information exchanged between the first and second communication devices;
  
  using at least a portion of the verification value as an input to an algorithm to generate a verification pattern;
  
  presenting on the simple signaling mechanism of each of the first and second communication devices the verification pattern for perception by a user; and
  
  completing a secure pairing between the first and second communication devices if a button press is received on both first and second communication devices.
- View Dependent Claims (25, 26, 27)
- - 25. The communication system of claim 24, wherein:
    - the simple signaling mechanism of each of the first and second communication devices is a light emitting diode; and
      
      the verification pattern is presented as a flashing light pattern displayed by the light emitting diodes.
  - 26. The communication system of claim 24, wherein:
    - the simple signaling mechanism of each of the first and second communication devices is a speaker; and
      
      the verification pattern is presented as a sound pattern emitted by the speakers.
  - 27. The communication system of claim 24, wherein the processor of each of the first and second communication devices is configured with processor-executable instructions to perform operations further comprising:
    - exchanging public keys between the first and second communication devices;
      
      selecting a first nonce in the first communication device;
      
      selecting a second nonce in the second communication device;
      
      calculating a commitment value in the first communication device;
      
      transmitting the commitment value from the first communication device to the second communication device;
      
      transmitting the second nonce from the second communication device to the first communication device in response to receiving the commitment value; and
      
      transmitting the first nonce from the first communication device to the second communication device in response to receiving the second nonce;
      
      wherein calculating on each of the first and second communication devices the verification value based upon security information exchanged between the first and second communication devices comprises;
      
      calculating on each of the first and second communication devices the verification value based upon the exchanged public keys, the first nonce and the second nonce.

28. A first communication device, comprising:
- a processor;
  
  a transceiver coupled to the processor;
  
  a button coupled to the processor; and
  
  a simple signaling mechanism coupled to the processor,wherein the processor is configured with processor-executable instructions to perform operations comprising;
  
  exchanging security information with a second communication device;
  
  calculating a verification value based upon the exchanged security information;
  
  using at least a portion of the verification value as an input to an algorithm to generate a verification pattern;
  
  activating the simple signaling mechanisms according to the verification pattern; and
  
  completing a secure pairing between with the second communication device if the button is pressed after the simple signaling mechanism is activated.
- View Dependent Claims (29, 30, 31)
- - 29. The communication device of claim 28, wherein:
    - the simple signaling mechanism is a light emitting diode; and
      
      the verification pattern is presented as a flashing light pattern displayed by the light emitting diode.
  - 30. The communication device of claim 28, wherein:
    - the simple signaling mechanism is a speaker; and
      
      the verification pattern is presented as a sound pattern emitted by the speaker.
  - 31. The communication device of claim 28, wherein the processor is configured with processor-executable instructions to perform operations further comprising:
    - transmitting a first public key to the second communication device;
      
      receiving a second public key from the second communication device;
      
      selecting a first nonce;
      
      calculating a commitment value based upon the first public key, the second public key and the first nonce;
      
      transmitting the commitment value to the second communication device;
      
      receiving a second nonce from the second communication device; and
      
      transmitting the first nonce to the second communication device in response to receiving the second nonce, andwherein calculating the verification value based upon the exchanged security information comprises;
      
      calculating the verification value based upon the first and second public key, the first nonce and the second nonce.

32. A first communication device, comprising:
- means for exchanging security information with a second communication device;
  
  means for calculating a verification value based upon the exchanged security information;
  
  means for performing a table look up process using at least a portion of the verification value to select a verification pattern from a table of verification patterns;
  
  means for signaling the verification pattern; and
  
  means for completing a secure pairing between with the second communication device if a button is pressed after the means for signaling the verification pattern is activated.
- View Dependent Claims (33, 34)
- - 33. The communication device of claim 32, wherein:
    - means for signaling the verification pattern comprises one of means for flashing a light according to the verification pattern or means for emitting sound according to the verification pattern.
  - 34. The communication device of claim 32, further comprising:
    - means for transmitting a first public key to the second communication device;
      
      means for receiving a second public key from the second communication device;
      
      means for selecting a first nonce;
      
      means for calculating a commitment value based upon the first public key, the second public key and the first nonce;
      
      means for transmitting the commitment value to the second communication device;
      
      means for receiving a second nonce from the second communication device; and
      
      means for transmitting the first nonce to the second communication device in response to receiving the second nonce, andwherein the means for calculating the verification value based upon the exchanged security information comprises;
      
      means for calculating the verification value based upon the first and second public key, the first nonce and the second nonce.

35. A non-transitory processor-readable medium having stored thereon processor-executable instructions configured to cause a processor of a first communication device to perform operations comprising:
- exchanging security information with a second communication device;
  
  calculating a verification value based upon the exchanged security information;
  
  using at least a portion of the verification value as an input to an algorithm to generate a verification pattern;
  
  activating a simple signaling mechanism according to the verification pattern; and
  
  completing a secure pairing with the second communication device if a button on the first communication device is pressed after the simple signaling mechanism is activated.
- View Dependent Claims (36, 37)
- - 36. The non-transitory processor-readable medium of claim 35, wherein activating the simple signaling mechanism according to the verification pattern comprises one of flashing a light pattern on a light emitting diode, or sounding a pattern from a speaker.
  - 37. The non-transitory processor-readable medium of claim 35, wherein the stored processor-executable instructions are configured to cause a processor of a first communication device to perform operations further comprising:
    - transmitting a first public key to the second communication device;
      
      receiving a second public key from the second communication device;
      
      selecting a first nonce;
      
      calculating a commitment value based upon the first public key, the second public key and the first nonce;
      
      transmitting the commitment value to the second communication device;
      
      receiving a second nonce from the second communication device; and
      
      transmitting the first nonce to the second communication device in response to receiving the second nonce; and
      
      wherein calculating the verification value based upon the exchanged security information comprises;
      
      calculating the verification value based upon the first and second public key, the first nonce and the second nonce.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Teague, Edward Harrison
Primary Examiner(s)
Patel, Ajit

Application Number

US12/551,536
Publication Number

US 20110053558A1
Time in Patent Office

1,100 Days
Field of Search

None
US Class Current

455/411
CPC Class Codes

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 2209/88   Medical equipments

H04L 63/0869   for achieving mutual authen...

H04L 63/18   using different networks or...

H04L 9/3273   for mutual authentication n...

H04W 12/50   Secure pairing of devices

H04W 12/65   Environment-dependent, e.g....

Securing pairing verification of devices with minimal user interfaces

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

Securing pairing verification of devices with minimal user interfaces

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links