Secure mobile telephony

US 8,555,068 B2
Filed: 12/05/2007
Issued: 10/08/2013
Est. Priority Date: 11/13/2007
Status: Active Grant

First Claim

Patent Images

1. A system for end to end encrypted mobile telephony, the system comprising:

a tamper resistant and tamper evident integrated circuit adapted to be coupled to a commodity mobile phone, the integrated circuit comprising a cryptographic engine, a programmable processor, a first cryptographic key and a nonvolatile memory, at least a portion of which is at least partially protected by the first cryptographic key; and

software associated with the integrated circuit configured to be installed in the commodity mobile phone, the software, when installed in the commodity mobile phone, configured to operate in conjunction with the integrated circuit to, when the commodity mobile phone connects to a destination phone using a connection technique of the commodity mobile phone;

receive a signal from the destination phone indicating that the destination phone is capable of cooperating to provide an encrypted connection;

authenticate the destination phone; and

establish an encrypted connection with the destination phone, whereby voice communications between the commodity mobile phone and the destination phone are encrypted end to end.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An system for and method of providing end-to-end encrypted real-time phone calls using a commodity mobile phone and without requiring service provider cooperation is presented. The system and method improve upon prior art techniques by omitting any requirement for mobile phones that are specially manufactured to include end-to-end encryption functionality.

Citations

90 Claims

1. A system for end to end encrypted mobile telephony, the system comprising:
- a tamper resistant and tamper evident integrated circuit adapted to be coupled to a commodity mobile phone, the integrated circuit comprising a cryptographic engine, a programmable processor, a first cryptographic key and a nonvolatile memory, at least a portion of which is at least partially protected by the first cryptographic key; and
  
  software associated with the integrated circuit configured to be installed in the commodity mobile phone, the software, when installed in the commodity mobile phone, configured to operate in conjunction with the integrated circuit to, when the commodity mobile phone connects to a destination phone using a connection technique of the commodity mobile phone;
  
  receive a signal from the destination phone indicating that the destination phone is capable of cooperating to provide an encrypted connection;
  
  authenticate the destination phone; and
  
  establish an encrypted connection with the destination phone, whereby voice communications between the commodity mobile phone and the destination phone are encrypted end to end.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The system of claim 1 wherein the integrated circuit comprises a microSD card.
  - 3. The system of claim 1 wherein the software, when installed in the commodity mobile phone, is further configured to, upon receiving confirmation from the destination phone that the destination phone is capable of cooperating to provide an encrypted connection, operate to disconnect from the destination phone and establish a second connection with the destination phone, wherein the second connection is determined in part by information contained in the signal and wherein the encrypted connection comprises the second connection.
  - 4. The system of claim 1 wherein the connection technique comprises manually dialing a number of the destination phone.
  - 5. The system of claim 1 wherein the connection technique comprises using an automatic dialer.
  - 6. The system of claim 1 wherein the software is supplied to the commodity mobile phone via over the air downloading.
  - 7. The system of claim 1 wherein the software is stored on the integrated circuit prior to installation in the commodity mobile phone.
  - 8. The system of claim 1 wherein the signal comprises DTMF tones.
  - 9. The system of claim 1 wherein the software, when installed in the commodity mobile phone, is further configured to record that the destination phone was capable of cooperating to provide an encrypted connection.
  - 10. The system of claim 9 wherein the software, when installed in the commodity mobile phone, is further configured to operate in conjunction with the integrated circuit to, when the commodity mobile phone subsequently connects to the destination phone, establish an encrypted connection with the destination phone without first receiving a signal indicating that an encrypted connection is available.
  - 11. The system of claim 1 wherein programming the programmable processor requires a cryptographic key.
  - 12. The system of claim 1 wherein the software, when installed in the commodity mobile phone, is further configured to retrieve, from the commodity mobile phone, an identification of the commodity mobile phone upon being first coupled to the commodity mobile phone and to store the identification in the nonvolatile memory, the integrated circuit being configured to reduce available operations if coupled to an electronic device other than a commodity mobile phone corresponding to an identification stored in the nonvolatile memory.
  - 13. The system of claim 1 wherein the destination phone and the commodity mobile phone are manufactured by different entities.
  - 14. The system of claim 1 wherein the software, when installed in the commodity mobile phone, is configured to operate in conjunction with the integrated circuit to establish a secure context for the commodity mobile phone and the destination phone as part of authenticating the destination phone.
  - 15. The system of claim 1 wherein the commodity mobile phone provides an indication to a user that an encrypted connection is available.
  - 16. The system of claim 1 wherein the destination phone is not a mobile phone.

17. A system for end to end encrypted mobile telephony, the system comprising:
- a tamper resistant and tamper evident integrated circuit adapted to be coupled to a commodity mobile phone, the integrated circuit comprising a cryptographic engine, a programmable processor, a first cryptographic key and a nonvolatile memory protected by the first cryptographic key; and
  
  software associated with the integrated circuit configured to be installed in the commodity mobile phone, the software, when installed in the commodity mobile phone, configured to operate in conjunction with the integrated circuit to, when the commodity mobile phone receives a call from a calling phone;
  
  send a signal to the calling phone indicating that the commodity mobile phone is capable of cooperating to provide an encrypted connection;
  
  authenticate itself to the calling phone; and
  
  establish an encrypted connection with the calling phone, whereby voice communications between the commodity mobile phone and the calling phone are encrypted end to end.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 18. The system of claim 17 wherein the integrated circuit comprises a microSD card.
  - 19. The system of claim 17 wherein the software, when installed and executing in the commodity mobile phone, is further configured to, upon sending the signal to the calling phone and being disconnected from the calling phone, operate to automatically establish a second connection with the calling phone, wherein the second connection is determined in part by information contained in the signal and wherein the encrypted connection comprises the second connection.
  - 20. The system of claim 17 wherein the software is supplied to the commodity mobile phone via over the air downloading.
  - 21. The system of claim 17 wherein the software is stored on the integrated circuit prior to installation in the commodity mobile phone.
  - 22. The system of claim 17 wherein the signal comprises DTMF tones.
  - 23. The system of claim 17 wherein programming the programmable processor requires a cryptographic key.
  - 24. The system of claim 17 wherein at least one of the integrated circuit and the software, when executed in the commodity mobile phone, is further configured to retrieve, from the commodity mobile phone, an identification of the commodity mobile phone upon being first coupled to the commodity mobile phone and to store the identification in the nonvolatile memory, the at least one of the software and the integrated circuit being configured to reduce available operations if coupled to an electronic device associated with an identification that is not stored in the nonvolatile memory.
  - 25. The system of claim 17 wherein the calling phone and the commodity mobile phone are manufactured by different entities.
  - 26. The system of claim 17 wherein the software, when installed and executing in the commodity mobile phone, is configured to operate in conjunction with the integrated circuit to establish a secure context for the commodity mobile phone and the calling phone as part of authenticating the commodity mobile phone to the calling phone.
  - 27. The system of claim 17 wherein the commodity mobile phone provides an indication to a user that an encrypted connection is available.
  - 28. The system of claim 17 wherein the calling phone is not a mobile phone.

29. A method of establishing an encrypted end to end phone call from a commodity mobile phone provisioned with software and a detachable tamper resistant and tamper evident integrated circuit, the integrated circuit comprising a cryptographic engine, a programmable processor, a first cryptographic key and a nonvolatile memory protected by the first cryptographic key, the method comprising:
- receiving, in response to a connection placed from the commodity mobile phone to a destination phone, a signal from the destination phone, the signal indicating that the destination phone is capable of cooperating to provide an encrypted connection;
  
  authenticating, using the software and the integrated circuit, the destination phone; and
  
  establishing an encrypted connection with the destination phone, whereby voice communications between the commodity mobile phone and the destination phone are encrypted end to end.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44)
- - 30. The method of claim 29 wherein the integrated circuit comprises a microSD card.
  - 31. The method of claim 29 further comprising disconnecting from the destination phone and establishing a second connection with the destination phone, wherein the second connection is determined in part by information contained in the signal and wherein the encrypted connection comprises the second connection.
  - 32. The method of claim 29 wherein the connection comprises manually dialing a number of the destination phone.
  - 33. The method of claim 29 wherein the connection comprises using an automatic dialer.
  - 34. The method of claim 29 wherein the software is supplied to the commodity mobile phone via over the air downloading.
  - 35. The method of claim 29 wherein the software is stored on the integrated circuit prior to installation in the commodity mobile phone.
  - 36. The method of claim 29 wherein the signal comprises DTMF tones.
  - 37. The method of claim 29 further comprising recording that the destination phone was capable of cooperating to provide an encrypted connection.
  - 38. The method of claim 37 further comprising, when the commodity mobile phone subsequently connects to the destination phone, establishing an encrypted connection with the destination phone without first receiving a signal indicating that an encrypted connection is available.
  - 39. The method of claim 29 wherein programming the programmable processor requires a cryptographic key.
  - 40. The method of claim 29 further comprising:
    - retrieving from the commodity mobile phone, upon the integrated circuit being coupled to the commodity mobile phone, an identification of the commodity mobile phone and storing the identification in the nonvolatile memory; and
      
      reducing available operations of one or more of the integrated circuit and the software if the integrated circuit is coupled to an electronic device associated with an identification that is not stored in the nonvolatile memory.
  - 41. The method of claim 29 wherein the destination phone and the commodity mobile phone are manufactured by different entities.
  - 42. The method of claim 29 wherein the authenticating comprises establishing a secure context for the commodity mobile phone and the destination phone.
  - 43. The method of claim 29 further comprising providing an indication to a user that an encrypted connection is available.
  - 44. The method of claim 29 wherein the destination phone is not a mobile phone.

45. A method of establishing an encrypted end to end phone call placed from a calling phone to a commodity mobile phone provisioned with software and a detachable tamper resistant and tamper evident integrated circuit, the integrated circuit comprising a cryptographic engine, a programmable processor, a first cryptographic key and a nonvolatile memory protected by the first cryptographic key, the method comprising:
- sending, by the commodity mobile phone and in response to a connection placed to the commodity mobile phone from the calling phone, a signal indicating that the commodity mobile phone is capable of cooperating to provide an encrypted connection;
  
  authenticating, using the software and the integrated circuit, the commodity mobile phone to the calling phone; and
  
  establishing an encrypted connection with the commodity mobile phone, whereby voice communications between the commodity mobile phone and the calling phone are encrypted end to end.
- View Dependent Claims (46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56)
- - 46. The method of claim 45 wherein the integrated circuit comprises a microSD card.
  - 47. The method of claim 45 further comprising automatically establishing a second connection with the calling phone upon sending the signal to the calling phone and being disconnected from the calling phone, wherein the second connection is determined in part by information contained in the signal and wherein the encrypted connection comprises the second connection.
  - 48. The method of claim 45 further comprising supplying the software to the commodity mobile phone via over the air downloading.
  - 49. The method of claim 45 further comprising storing the software on the integrated circuit prior to installation in the commodity mobile phone.
  - 50. The method of claim 45 wherein the signal comprises DTMF tones.
  - 51. The method of claim 45 wherein programming the programmable processor requires a cryptographic key.
  - 52. The method of claim 45 further comprising:
    - retrieving from the commodity mobile phone, upon the integrated circuit being coupled to the commodity mobile phone, an identification of the commodity mobile phone and storing the identification in the nonvolatile memory; and
      
      reducing available operations of one or more of the integrated circuit and the software if the integrated circuit is coupled to an electronic device associated with an identification that is not stored in the nonvolatile memory.
  - 53. The method of claim 45 wherein the calling phone and the commodity mobile phone are manufactured by different entities.
  - 54. The method of claim 45 further comprising establishing a secure context for the commodity mobile phone and the calling phone as part of authenticating the commodity mobile phone to the calling phone.
  - 55. The method of claim 45 further comprising providing, by the commodity mobile phone, an indication to a user that an encrypted connection is available.
  - 56. The method of claim 45 wherein the calling phone is not a mobile phone.

57. A system for end to end encrypted mobile telephony, the system comprising:
- a tamper resistant and tamper evident integrated circuit adapted to be coupled to a commodity mobile phone, the integrated circuit comprising a cryptographic engine, a programmable processor, a first cryptographic key and a nonvolatile memory, at least a portion of which is at least partially protected by the first cryptographic key; and
  
  software associated with the integrated circuit configured to be installed in the commodity mobile phone, the software, when installed in the commodity mobile phone, configured to operate in conjunction with the integrated circuit to, when a user of the commodity mobile phone initiates a connection to a destination phone using a connection technique of the commodity mobile phone;
  
  retrieve a record associated with the destination phone, the record reflecting that an encrypted connection may be established, the record being previously stored as a result of a prior connection between the commodity mobile phone and the destination phone;
  
  establish a connection to the destination phone;
  
  authenticate the destination phone; and
  
  provide end to end encrypted voice communications between the commodity mobile phone and the destination phone.
- View Dependent Claims (58, 59, 60, 61, 62, 63, 64, 65, 66, 67)
- - 58. The system of claim 57 wherein the integrated circuit comprises a microSD card.
  - 59. The system of claim 57 wherein the connection technique comprises manually dialing a number of the destination phone.
  - 60. The system of claim 57 wherein the connection technique comprises using an automatic dialer.
  - 61. The system of claim 57 wherein the software is supplied to the commodity mobile phone via over the air downloading.
  - 62. The system of claim 57 wherein the software is stored on the integrated circuit prior to installation in the commodity mobile phone.
  - 63. The system of claim 57 wherein at least one of the integrated circuit and the software, when executed in the commodity mobile phone, is further configured to retrieve, from the commodity mobile phone, an identification of the commodity mobile phone upon being first coupled to the commodity mobile phone and to store the identification in the nonvolatile memory, the at least one of the software and the integrated circuit being configured to reduce available operations if coupled to an electronic device associated with an identification that is not stored in the nonvolatile memory.
  - 64. The system of claim 57 wherein the destination phone and the commodity mobile phone are manufactured by different entities.
  - 65. The system of claim 57 wherein the software, when installed and executing in the commodity mobile phone, is configured to operate in conjunction with the integrated circuit to establish a secure context for the commodity mobile phone and the destination phone as part of authenticating the destination phone.
  - 66. The system of claim 57 wherein the commodity mobile phone provides an indication to a user that an encrypted connection is available.
  - 67. The system of claim 57 wherein the destination phone is not a mobile phone.

68. A method of establishing an encrypted end to end phone call from a commodity mobile phone provisioned with software and a detachable tamper resistant and tamper evident integrated circuit, the integrated circuit comprising a cryptographic engine, a programmable processor, a first cryptographic key and a nonvolatile memory protected by the first cryptographic key, the method comprising:
- retrieving, in response to a user of the commodity mobile phone initiating a connection to a destination phone using a connection technique of the commodity mobile phone, a record associated with the destination phone, the record reflecting that an encrypted connection may be established, the record being previously stored as a result of a prior connection between the commodity mobile phone and the destination phone;
  
  establishing a connection to the destination phone;
  
  authenticating the destination phone; and
  
  providing end to end encrypted voice communications between the commodity mobile phone and the destination phone.
- View Dependent Claims (69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79)
- - 69. The method of claim 68 wherein the integrated circuit comprises a microSD card.
  - 70. The method of claim 68 wherein the initiating comprises manually dialing a number of the destination phone.
  - 71. The method of claim 68 wherein the initiating comprises using an automatic dialer.
  - 72. The method of claim 68 wherein the software is supplied to the commodity mobile phone via over the air downloading.
  - 73. The method of claim 68 wherein the software is stored on the integrated circuit prior to installation in the commodity mobile phone.
  - 74. The method of claim 68 wherein programming the programmable processor requires a cryptographic key.
  - 75. The method of claim 68 further comprising:
    - retrieving from the commodity mobile phone, upon the integrated circuit being coupled to the commodity mobile phone, an identification of the commodity mobile phone and storing the identification in the nonvolatile memory; and
      
      reducing available operations of one or more of the integrated circuit and the software if the integrated circuit is coupled to an electronic device associated with an identification that is not stored in the nonvolatile memory.
  - 76. The method of claim 68 wherein the destination phone and the commodity mobile phone are manufactured by different entities.
  - 77. The method of claim 68 wherein the authenticating comprises establishing a secure context for the commodity mobile phone and the destination phone.
  - 78. The method of claim 68 further comprising providing an indication to a user that an encrypted connection is available.
  - 79. The method of claim 68 wherein the destination phone is not a mobile phone.

80. A non-transitory computer readable medium containing instructions adapted to be installed in a commodity mobile phone provisioned with a detachable tamper resistant and tamper evident integrated circuit, wherein the integrated circuit comprises a cryptographic engine, a programmable processor, a first cryptographic key and a nonvolatile memory protected by the first cryptographic key, the instructions adapted to cause the commodity mobile phone to:
- retrieve, in response to a user of the commodity mobile phone initiating a connection to a destination phone using a connection technique of the commodity mobile phone, a record associated with the destination phone, the record reflecting that an encrypted connection may be established, the record being previously stored as a result of a prior connection between the commodity mobile phone and the destination phone;
  
  establish a connection to the destination phone;
  
  authenticate the destination phone; and
  
  provide end to end encrypted voice communications between the commodity mobile phone and the destination phone.
- View Dependent Claims (81, 82, 83, 84, 85, 86, 87, 88, 89, 90)
- - 81. The computer readable medium of claim 80 wherein the integrated circuit comprises computer readable medium.
  - 82. The computer readable medium of claim 80 wherein the integrated circuit comprises a microSD card.
  - 83. The computer readable medium of claim 80 wherein the initiating comprises manually dialing a number of the destination phone.
  - 84. The computer readable medium of claim 80 wherein the initiating comprises using an automatic dialer.
  - 85. The computer readable medium of claim 80 wherein programming the programmable processor requires a cryptographic key.
  - 86. The computer readable medium of claim 80 wherein the instructions are further adapted to:
    - retrieve from the commodity mobile phone, upon the integrated circuit being coupled to the commodity mobile phone, an identification of the commodity mobile phone and store the identification in the nonvolatile memory; and
      
      reduce available operations of one or more of the integrated circuit and the software if the integrated circuit is coupled to an electronic device associated with an identification that is not stored in the nonvolatile memory.
  - 87. The computer readable medium of claim 80 wherein the destination phone and the commodity mobile phone are manufactured by different entities.
  - 88. The computer readable medium of claim 80 wherein the authenticating comprises establishing a secure context for the commodity mobile phone and the destination phone.
  - 89. The computer readable medium of claim 80 wherein the instructions are further adapted to provide an indication to a user that an encrypted connection is available.
  - 90. The computer readable medium of claim 80 wherein the destination phone is not a mobile phone.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
KoolSpan, Inc.
Original Assignee
KoolSpan, Inc.
Inventors
Fascenda, Anthony C., Sturniolo, Emil, Benware, Paul, Cichielo, Robert
Primary Examiner(s)
Barron, Jr., Gilberto
Assistant Examiner(s)
KANAAN, SIMON P

Application Number

US11/951,202
Publication Number

US 20090122984A1
Time in Patent Office

2,134 Days
Field of Search

None
US Class Current

713/171
CPC Class Codes

H04K 1/00   Secret communication

H04L 2209/80   Wireless

H04L 63/0428   wherein the data content is...

H04L 9/3226   using a predetermined code,...

H04W 12/06   Authentication

Secure mobile telephony

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

90 Claims

Specification

Solutions

Use Cases

Quick Links

Secure mobile telephony

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

90 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links