Radio channel metrics for secure wireless network pairing

US 8,639,934 B2
Filed: 06/10/2010
Issued: 01/28/2014
Est. Priority Date: 06/10/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method for securely pairing a new node into a wireless network including a plurality of existing nodes, the method comprising:

receiving, at the new node, a plurality of data packets from at least two of the plurality of existing nodes;

measuring, at the new node, an attenuation-related characteristic of a radio channel between the new node and the at least two of the plurality of existing nodes in the wireless network based on the plurality of data packets received at the new node from the at least two of the plurality of existing nodes over the wireless network, wherein measuring the attenuation-related characteristic of the radio channel further includesdetermining a difference between a count number of the plurality of received data packets received at the new node and a specified count number of transmitted data packets transmitted by each of the at least two of the plurality of existing nodes;

establishing, at the new node, a signal signature based upon each difference between the count number of the plurality of received data packets and the specified count number of transmitted data packets; and

establishing, at the new node, secure communications between the new node and the existing node in the wireless network secured by the signal signature.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technologies are generally described for using metrics of radio path characteristics within a wireless network to establish signal signature vectors. These signal signature vectors may be used as a shared secret between network nodes to establish affirmative identification. For example, a signal signature vector may be established when a new node sends a fixed number of packets to the existing nodes and the existing nodes send a fixed number of other packets back to the new node. The number of properly received packets can be counted to establish a success probability between the new node and each existing node. These probabilities can be normalized and quantized to generate signal signature vectors at each node. Without every transmitting any of the vectors, the vector at the new node should be highly correlated to the vectors at existing nodes since the pair-wise channels between each of the nodes should be reasonably symmetrical.

Citations

20 Claims

1. A computer-implemented method for securely pairing a new node into a wireless network including a plurality of existing nodes, the method comprising:
- receiving, at the new node, a plurality of data packets from at least two of the plurality of existing nodes;
  
  measuring, at the new node, an attenuation-related characteristic of a radio channel between the new node and the at least two of the plurality of existing nodes in the wireless network based on the plurality of data packets received at the new node from the at least two of the plurality of existing nodes over the wireless network, wherein measuring the attenuation-related characteristic of the radio channel further includesdetermining a difference between a count number of the plurality of received data packets received at the new node and a specified count number of transmitted data packets transmitted by each of the at least two of the plurality of existing nodes;
  
  establishing, at the new node, a signal signature based upon each difference between the count number of the plurality of received data packets and the specified count number of transmitted data packets; and
  
  establishing, at the new node, secure communications between the new node and the existing node in the wireless network secured by the signal signature.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer-implemented method of claim 1, wherein establishing the signal signature based upon the measured characteristic of the radio channel comprises establishing a vector of signal signatures, wherein each of the signal signatures in the vector is associated with a respective radio channel between the new node and each of a plurality of existing nodes.
  - 3. The computer-implemented method of claim 1, wherein establishing the signal signature based upon the measured characteristic of the radio channel comprises:
    - determining a reception probability associated with the radio channel; and
      
      establishing the signal signature based upon the reception probability associated with the radio channel.
  - 4. The computer-implemented method of claim 1, wherein establishing secure communications between the new node and the existing node in the wireless network secured by the signal signature comprises applying the signal signature as a shared key to securely exchange data between the new node and the existing node.
  - 5. The computer-implemented method of claim 1, wherein establishing secure communications between the new node and the existing node in the wireless network secured by the signal signature comprises applying the signal signature as a shared secret to securely exchange a key between the new node and the existing node.
  - 6. The computer-implemented method of claim 1, further comprising applying a quorum technique to tolerate variations in the signal signature.

7. A physical computer storage medium having non-transitory computer-executable instructions stored thereon for a method which, when executed by a computer, adapt the computer to securely pair a new node into a wireless network including a plurality of existing nodes by a method comprising:
- receiving, at the new node, a plurality of data packets from at least two of the plurality of existing nodes;
  
  measuring, at the new node, an attenuation-related characteristic of a radio channel between the new node and the at least two of the plurality of existing nodes in the wireless network based on the plurality of data packets received at the new node from the at least two of the plurality of existing nodes over the wireless network, wherein measuring the attenuation-related characteristic of the radio channel further includesdetermining a difference between a count number of the plurality of received data packets received at the new node and a specified count number of transmitted data packets transmitted by each of the at least two of the plurality of existing nodes;
  
  establishing, at the new node, a signal signature based upon each difference between the count number of the plurality of received data packets and the specified count number of transmitted data packets; and
  
  establishing, at the new node, secure communications between the new node and the existing node in the wireless network secured by the signal signature.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The non-transitory computer storage medium of claim 7, wherein establishing the signal signature based upon the measured characteristic of the radio channel comprises establishing a vector of signal signatures, wherein each of the signal signatures in the vector is associated with a respective radio channel between the new node and each of a plurality of existing nodes.
  - 9. The non-transitory computer storage medium of claim 7, wherein establishing the signal signature based upon the measured characteristic of the radio channel comprises:
    - determining a reception probability associated with the radio channel; and
      
      establishing the signal signature based upon the reception probability associated with the radio channel.
  - 10. The non-transitory computer storage medium of claim 7, wherein establishing secure communications between the new node and the existing node in the wireless network secured by the signal signature comprises applying the signal signature as a shared key to securely exchange data between the new node and the existing node.
  - 11. The non-transitory computer storage medium of claim 7, wherein establishing secure communications between the new node and the existing node in the wireless network secured by the signal signature comprises applying the signal signature as a shared secret to securely exchange a key between the new node and the existing node.
  - 12. The non-transitory computer storage medium of claim 7, further comprising applying a quorum technique to tolerate variations in the signal signature.

13. An apparatus adapted to establish a secure communication channel between a new node and an existing node in a wireless network, the apparatus comprising:
- a radio configured to receive and transmit radio communication over a radio channel between the new node and the existing node; and
  
  a controller that is coupled to the radio and configured to;
  
  measure, at the new node, an attenuation-related characteristic of a radio channel between the new node and at least two existing nodes in the wireless network based on determining a difference between a count number of a plurality of received data packets received at the new node and a specified count number of transmitted data packets transmitted from each of the at least two existing nodes over the wireless network,establish, at the new node, a signal signature based upon each difference between the count number of the plurality of received data packets and the specified count number of transmitted data packets, andestablish, at the new node, secure communications between the new node and the existing node in the wireless network secured by the signal signature without transmitting the signal signature from the new node to the existing node.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The apparatus of claim 13, wherein the signal signature comprises a vector.
  - 15. The apparatus of claim 13, wherein the controller is configured to cooperate with the radio to transmit a first set of test traffic and receive a second set of test traffic, wherein the controller is configured to measure the characteristic of the radio channel based on the first set of test traffic and the second set of test traffic.
  - 16. The apparatus of claim 13, wherein the controller is configured to normalize the signal signature.
  - 17. The apparatus of claim 13, wherein the controller is configured to quantize the signal signature.
  - 18. The apparatus of claim 13, wherein, to establish secure communications between the new node and the existing node in the wireless network secured by the signal signature, the controller is further configured to apply the signal signature as a shared key.
  - 19. The apparatus of claim 13, wherein, to establish secure communications between the new node and the existing node in the wireless network secured by the signal signature, the controller is further configured to apply the signal signature as a shared secret to securely exchange a key.
  - 20. The apparatus of claim 19, wherein the controller is further configured to encrypt the key that includes the signal signature, a node key, and a nonce.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Empire Technology Development LLC (Allied Inventors Management, LLC)
Original Assignee
Empire Technology Development LLC (Allied Inventors Management, LLC)
Inventors
Kruglick, Ezekiel
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
SHOLEMAN, ABU S

Application Number

US12/999,770
Publication Number

US 20110307953A1
Time in Patent Office

1,328 Days
Field of Search

726/22, 380/270, 713/180, 713/189, 713/179, 375/296, 375/242, 375/244
US Class Current

713/180
CPC Class Codes

H04L 63/126   the source of the received ...

H04W 12/10   Integrity

H04W 12/50   Secure pairing of devices

H04W 76/14   Direct-mode setup

Radio channel metrics for secure wireless network pairing

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Radio channel metrics for secure wireless network pairing

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links