Communication protocol for device authentication
First Claim
1. A method for a device to authenticate an accessory having at least one communication port connected to the device, the method comprising:
- monitoring the at least one communication port;
detecting the accessory attached to the at least one communication port;
driving the at least one communication port to a first voltage level to maintain the accessory in a sleep mode;
transitioning the at least one communication port to a second voltage level to initiate a wake up condition in the accessory;
transmitting a wake up command to the accessory via the at least one communication port;
transmitting from the device to the accessory an authentication command via the at least one communication port, wherein the authentication command comprises a plaintext challenge to the accessory, wherein the device stores multiple challenge/response vectors before transmitting the plaintext challenge, each of the vectors being different from the other vectors and the different vectors being concurrently stored by the device, and each vector including a plaintext challenge associated with a cyphertext response, and wherein the device selects the plaintext challenge included in the authentication command from among the plaintext challenges included in the stored multiple challenge/response vectors;
receiving an information request response via the at least one communication port from the accessory, the received information request response comprising a cyphertext response;
comparing the received cyphertext response with the stored cyphertext response associated with the transmitted plaintext challenge;
permitting use of the accessory when the received cyphertext response matches the stored cyphertext response associated with the transmitted plaintext challenge; and
limiting use of the accessory when the received cyphertext response does not match the stored cyphertext response associated with the transmitted plaintext challenge;
wherein the accessory comprises a secure authentication image file including data in an array of locations, and an accessory processor for receiving the wake up command, generating the cyphertext response using the secure authentication image file, and transmitting the cyphertext response to the device through the at least one communication port.
5 Assignments
0 Petitions
Accused Products
Abstract
A communication protocol between a master device, such as a mobile phone, and a peripheral device facilitates authentication of the peripheral device. When a peripheral device is detected, the master device initiates a wake-up command to the peripheral device, transmits an authentication request command followed by challenge data to the peripheral device, and awaits responses from the peripheral device. The accessory receives the challenge data, performs a hash function on the challenge data, and generates response data. An authentication response type byte is sent to the handset followed by the response data. The handset compares the response data to pre-stored data that is associated with the challenge data. A match indicates that the accessory is authentic. The challenge/response data, also referred to as a plaintext/cyphertext pair, is pre-generated external to the handset using the hash function, then pre-stored in the handset.
57 Citations
16 Claims
-
1. A method for a device to authenticate an accessory having at least one communication port connected to the device, the method comprising:
-
monitoring the at least one communication port; detecting the accessory attached to the at least one communication port; driving the at least one communication port to a first voltage level to maintain the accessory in a sleep mode; transitioning the at least one communication port to a second voltage level to initiate a wake up condition in the accessory; transmitting a wake up command to the accessory via the at least one communication port; transmitting from the device to the accessory an authentication command via the at least one communication port, wherein the authentication command comprises a plaintext challenge to the accessory, wherein the device stores multiple challenge/response vectors before transmitting the plaintext challenge, each of the vectors being different from the other vectors and the different vectors being concurrently stored by the device, and each vector including a plaintext challenge associated with a cyphertext response, and wherein the device selects the plaintext challenge included in the authentication command from among the plaintext challenges included in the stored multiple challenge/response vectors; receiving an information request response via the at least one communication port from the accessory, the received information request response comprising a cyphertext response; comparing the received cyphertext response with the stored cyphertext response associated with the transmitted plaintext challenge; permitting use of the accessory when the received cyphertext response matches the stored cyphertext response associated with the transmitted plaintext challenge; and limiting use of the accessory when the received cyphertext response does not match the stored cyphertext response associated with the transmitted plaintext challenge; wherein the accessory comprises a secure authentication image file including data in an array of locations, and an accessory processor for receiving the wake up command, generating the cyphertext response using the secure authentication image file, and transmitting the cyphertext response to the device through the at least one communication port. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for authenticating an accessory, comprising:
-
a device comprising; at least one communication port for connection to the accessory; a memory for storing at least one information request command and at least one expected information request response; and a processor coupled to the memory and the at least one communication port, the processor monitoring the at least one communication port, detecting the accessory attached to the at least one communication port, driving the at least one communication port to a first voltage level to maintain the accessory in a sleep mode, transitioning the at least one communication port to a second voltage level to initiate a wake up condition in the accessory, transmitting a wake up command to the accessory via the at least one communication port, transmitting from the device to the accessory an authentication command via the at least one communication port to the accessory, receiving an information request response via the at least one communication port from the accessory, comparing the received information request response with the at least one expected information request response, permitting use of the accessory when at least a portion of the received information request response matches the at least one expected information request response, and limiting use of the accessory when the at least a portion of the received information request response does not match the at least one expected information request response, wherein the authentication command comprises a plaintext challenge to the accessory, wherein the device stores multiple challenge/response vectors before transmitting the plaintext challenge, each of the vectors being different from the other vectors and the different vectors being concurrently stored by the device, and each vector including a plaintext challenge associated with a cyphertext response, and wherein the device selects the plaintext challenge included in the authentication command from among the plaintext challenges included in the stored challenge/response vectors; and wherein the pre-stored expected information request response is the cyphertext response that the device associates with the selected plaintext challenge; and the accessory for attachment to the device through the at least one communication port, the accessory comprising; a secure authentication image file, the image file including data for an array of regularly spaced locations; and a accessory processor for detecting a voltage level transition, entering a command listen mode, detecting the first and second voltage levels, receiving the transmitted authentication command, generating an information request response, and transmitting the information request response to the device through the at least one communication port. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method for a device to authenticate an accessory having at least one communication port connected to the device, the method comprising:
-
monitoring the at least one communication port; detecting the accessory attached to the at least one communication port; driving the at least one communication port to a first voltage level to maintain the accessory in a sleep mode; transitioning the at least one communication port to a second voltage level to initiate a wake up condition in the accessory; transmitting a wake up command to the accessory via the at least one communication port; transmitting to the accessory a plaintext challenge via the at least one communication port, wherein the device stores multiple challenge/response vectors before transmitting the plaintext challenge, each of the multiple challenge/response vectors being different from the other vectors and the different vectors being concurrently stored by the device, and each vector including a plaintext challenge associated with a cyphertext response, and wherein the device selects the plaintext challenge from among the plaintext challenges included in the stored challenge/response vectors; receiving, in response to the transmitted plaintext challenge a cyphertext response via the at least one communication port from the accessory; comparing the received cyphertext response with a stored cyphertext response associated with the transmitted plaintext challenge; permitting use of the accessory when the received cyphertext response matches the stored cyphertext response that the device associated with the transmitted plaintext challenge selected by the device; and limiting use of the accessory when the received cyphertext response does not match the stored cyphertext response; wherein the accessory comprises a secure authentication image file including data in an array of locations, and an accessory processor for receiving the wake up command, generating the cyphertext response using the secure authentication image file, and transmitting the cyphertext response to the device through the at least one communication port.
-
Specification