Method and system for providing secure communications between a first and a second peer device

US 8,271,786 B1
Filed: 10/16/2002
Issued: 09/18/2012
Est. Priority Date: 10/16/2002
Status: Active Grant

First Claim

Patent Images

1. A method for providing secure communications between first and second peer devices, comprising:

generating a wireless link from the first peer device;

creating a zone of privacy with the first peer device that is defined by restricting a range of the wireless link to a predetermined communication range that is less than a second communication range used for transferring data to the second peer device on the wireless link after the first and second peer devices verify an authenticity of each other,wherein restricting a range of the wireless link comprises operating a power source, wherein the power source is associated with the wireless link, at a sufficiently low power whereby the range of the wireless link is limited to the predetermined communication range;

allowing the first and second peer devices to verify the authenticity of each other only while the second peer device is within the zone of privacy, and activating a cue, wherein the cue is an indicator on the first peer device that provides an indication to a user, and the cue is activated only when the second peer device enters the zone of privacy; and

allowing encrypted data to transfer between the first and second peer devices only after the authenticity of each peer device has been verified, wherein the encrypted data transfer includes the first peer device transmitting at least some of the encrypted data to the second peer device on the wireless link in the second communication range greater than the predetermined communication range.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for providing secure communications between a first and second peer device is disclosed. The invention includes allowing the first and second peer devices to verify the authenticity of each other only while each peer device is within an established zone of privacy wherein the established zone of privacy is an area close (for example, almost touching) to the peer device. Because the authenticity of the other device is verified only while each peer device is within the established zone of privacy, users can visually confirm that there are no potential interlopers within the zone. As a result, the two peer devices can discover each other in a more secure fashion The method and system include creating a zone of privacy with the first peer device, allowing the first and second peer devices to verify the authenticity of each other only while the second peer device is within the zone of privacy, and allowing encrypted data to transfer between the first and second peer device once the authenticity of each peer device has been verified.

31 Citations

View as Search Results

28 Claims

1. A method for providing secure communications between first and second peer devices, comprising:
- generating a wireless link from the first peer device;
  
  creating a zone of privacy with the first peer device that is defined by restricting a range of the wireless link to a predetermined communication range that is less than a second communication range used for transferring data to the second peer device on the wireless link after the first and second peer devices verify an authenticity of each other,wherein restricting a range of the wireless link comprises operating a power source, wherein the power source is associated with the wireless link, at a sufficiently low power whereby the range of the wireless link is limited to the predetermined communication range;
  
  allowing the first and second peer devices to verify the authenticity of each other only while the second peer device is within the zone of privacy, and activating a cue, wherein the cue is an indicator on the first peer device that provides an indication to a user, and the cue is activated only when the second peer device enters the zone of privacy; and
  
  allowing encrypted data to transfer between the first and second peer devices only after the authenticity of each peer device has been verified, wherein the encrypted data transfer includes the first peer device transmitting at least some of the encrypted data to the second peer device on the wireless link in the second communication range greater than the predetermined communication range.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 wherein the act of allowing the two peer devices to verify the authenticity of each other further comprises:
    - creating a second zone of privacy with the second peer device; and
      
      allowing the first and second peer devices to verify the authenticity of each other only when the first peer device resides in the second zone of privacy and the second peer device resides in the zone of privacy of the first peer device.
  - 3. The method of claim 1 wherein the predetermined communication range is less than 20 centimeters.
  - 4. The method of claim 1 wherein the act of allowing encrypted data to transfer between the first and second peer device further comprises:
    - increasing the power being utilized to generate the wireless link thereby enabling the first peer device to be moved beyond the predetermined communication range while the first and second peer devices are transferring encrypted data between them.
  - 5. The method of claim 2 wherein the first and second peer devices verify the authenticity of each other by utilizing a public-private key exchange.
  - 6. The method of claim 5 wherein the public-private key exchange comprises a Diffie-Hellman key exchange.
  - 7. The method of claim 1, wherein the cue remains activated during the authenticity verification of the peer devices and during the encrypted data transfer, and wherein the cue is deactivated when the encrypted data transfer is completed.

8. A peer device comprising:
- a processor; and
  
  a memory storing machine readable instructions, which when executed by the processor, cause the peer device to perform a method comprising;
  
  generating a wireless link from the peer device;
  
  creating a zone of privacy that is defined by restricting a range of the wireless link to a predetermined communication range and allowing the peer device to verify the authenticity of another peer device only while the another peer device is within the zone of privacy,wherein restricting a range of the wireless link comprises operating a power source, wherein the power source is associated with the wireless link, at a sufficiently low power whereby the range of the wireless link is limited to the predetermined communication range;
  
  activating a cue, wherein the cue is an indicator on the peer device that provides an indication to a user, wherein the cue is activated only when the another peer device enters the zone of privacy; and
  
  transferring encrypted data to the another peer device only after the authenticity of the another peer device has been verified.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The peer device of claim 8 wherein allowing the peer device to verify the authenticity of the another peer device further comprises:
    - allowing the peer device to verify the authenticity of the another peer device only when the peer device resides in another zone of privacy and the another peer device resides in the zone of privacy of the peer device wherein the another zone of privacy is created by the another peer device.
  - 10. The peer device of claim 8, wherein the predetermined communication range is less than 20 centimeters.
  - 11. The peer device of claim 8, wherein transferring encrypted data to the another peer device further comprises:
    - increasing the power being utilized to generate the wireless link thereby enabling the peer device to be moved beyond the predetermined communication range while the peer device transfers encrypted data to the another peer device.
  - 12. The peer device of claim 9 wherein the authenticity of the another peer device is verified by utilizing a public-private key exchange.
  - 13. The peer device of claim 12 wherein the public-private key exchange comprises a Diffie-Hellman key exchange.
  - 14. The peer device of claim 8, wherein the cue remains activated during the authenticity verification of the peer devices and during the encrypted data transfer, and wherein the cue is deactivated when the encrypted data transfer is completed.

15. A system for providing secure communications between two peer devices, the system comprising:
- first and second peer devices wherein the first and second peer devices each comprise;
  
  a processor; and
  
  a memory storing machine readable instructions, which when executed by the processor, cause the peer device to perform a method comprising;
  
  generating a wireless link;
  
  creating a zone of privacy that is defined by restricting a range of the wireless link to a predetermined communication range and allow the peer device to verify the authenticity of another peer device only while the another peer device is within the zone of privacy,wherein restricting a range of the wireless link comprises operating a power source, wherein the power source is associated with the wireless link, at a sufficiently low power whereby the range of the wireless link is limited to the predetermined communication range;
  
  activating a cue, wherein the cue is an indicator on the peer device that provides an indication to a user, wherein the cue is activated only when the another peer device enters the zone of privacy; and
  
  transferring encrypted data to the another peer device only after the authenticity of the another peer device has been verified.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The system of claim 15 wherein allowing the peer device to verify the authenticity of the another peer device further comprises:
    - allowing the peer device to verify the authenticity of the another peer device only when the peer device resides in another zone of privacy and the another peer device resides in the zone of privacy of the peer device, wherein the another zone of privacy is created by the another peer device.
  - 17. The system of claim 15, wherein the predetermined communication range is less than 20 centimeters.
  - 18. The system of claim 15, wherein transferring encrypted data to the another peer device further comprises:
    - increasing the power being utilized to generate the wireless link thereby enabling the peer device to be moved beyond the predetermined communication range while the peer device transfers encrypted data to the another peer device.
  - 19. The system of claim 16 wherein the authenticity of the another peer device is verified by utilizing a public-private key exchange.
  - 20. The system of claim 19 wherein the public-private key exchange comprises a Diffie-Hellman key exchange.
  - 21. The system of claim 15, wherein the cue remains activated during the authenticity verification of the peer devices and during the encrypted data transfer, and wherein the cue is deactivated when the encrypted data transfer is completed.

22. A non-transitory computer program product for providing secure communications between first and second peer devices, the computer program product comprising:
- a computer readable program stored on a computer readable storage device for causing a computer to perform the steps of;
  
  generating a wireless link from the first peer device;
  
  creating a zone of privacy with the first peer device that is defined by restricting a range of the wireless link to a predetermined communication range,wherein restricting a range of the wireless link comprises operating a power source, wherein the power source is associated with the wireless link, at a sufficiently low power whereby the range of the wireless link is limited to the predetermined communication range;
  
  allowing the first and second peer devices to verify the authenticity of each other only while the second peer device is within the zone of privacy;
  
  activating a cue, wherein the cue is an indicator on the first peer device that provides an indication to a user, wherein the cue is activated only when the second peer device enters the zone of privacy; and
  
  allowing encrypted data to transfer between the first and second peer devices only after the authenticity of each peer device has been verified.
- View Dependent Claims (23, 24, 25)
- - 23. The computer program product of claim 22 wherein the act of allowing the two peer devices to verify the authenticity of each other further comprises:
    - creating a second zone of privacy with the second peer device; and
      
      allowing the first and second peer devices to verify the authenticity of each other only when the first peer device resides in the second zone of privacy and the second peer device resides in the zone of privacy of the first peer device.
  - 24. The computer program product of claim 22 wherein the predetermined communication range is less than 20 centimeters.
  - 25. The computer program product of claim 22, wherein the cue remains activated during the authenticity verification of the peer devices and during the encrypted data transfer, and wherein the cue is deactivated when the encrypted data transfer is completed.

26. A method for conducting a secure business transaction between a first and a second peer device comprising:
- generating a wireless link from the first peer device;
  
  creating a zone of privacy with the first peer device that is defined by restricting a range of the wireless link to a predetermined communication range,wherein restricting a range of the wireless link comprises operating a power source, wherein the power source is associated with the wireless link, at a sufficiently low power whereby the range of the wireless link is limited to the predetermined communication range;
  
  allowing the first and second peer devices to verify the authenticity of each other only while the second peer device is within the zone of privacy;
  
  activating a cue, wherein the cue is an indicator on the first peer device that provides an indication to a user, wherein the cue is activated only when the second peer device enters the zone of privacy; and
  
  allowing encrypted data to transfer between the first and second peer devices only after the authenticity of each peer device has been verified.
- View Dependent Claims (27, 28)
- - 27. The method of claim 26 wherein the first device comprises a mobile device and the second device comprises a point-of-sale terminal.
  - 28. The method of claim 26, wherein the cue remains activated during the authenticity verification of the peer devices and during the encrypted data transfer, and wherein the cue is deactivated when the encrypted data transfer is completed.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Pradhan, Salil Vjaykumar, Lyon, Geoffrey Martin, Serra, Bill
Primary Examiner(s)
Brown, Christopher

Application Number

US10/271,662
Time in Patent Office

3,625 Days
Field of Search

455/426.2, 725/81, 380/273, 713/169, 713/168
US Class Current

713/169
CPC Class Codes

G06F 21/445   by mutual authentication, e...

G06F 2221/2111   Location-sensitive, e.g. ge...

G06Q 20/223   based on the use of peer-to...

G06Q 20/3278   RFID or NFC payments by mea...

G06Q 20/388   using mutual authentication...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/60   Digital content management,...

H04L 2209/80   Wireless network architectu...

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/32   including means for verifyi...

H04W 12/10   Integrity

H04W 12/50   Secure pairing of devices

H04W 12/63   Location-dependent; Proximi...

H04W 12/64   using geofenced areas

Method and system for providing secure communications between a first and a second peer device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

31 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing secure communications between a first and a second peer device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links