Method for exchanging strong encryption keys between devices using alternate input methods in wireless personal area networks (WPAN)

US 8,688,986 B2
Filed: 12/27/2006
Issued: 04/01/2014
Est. Priority Date: 12/27/2006
Status: Active Grant

First Claim

Patent Images

1. A method for secure communication comprising:

setting at least two devices that want to communicate with one another in key exchange mode, wherein the at least two devices are to communicate over an in-bound transmission channel, wherein the at least two devices negotiate with one another to determine which of the at least two devices will generate an encryption key by determining which of the at least two devices comprises more processing power, wherein device A comprises the negotiated device based on having more processing power than device B;

enabling device A togenerate the encryption key using audible background noise as a random seed; and

transmit the encryption key to device B using audio tones via an out-of-band audio transmission channel;

determining whether the encryption key has been successfully validated; and

if the encryption key has been successfully validated, enabling the at least two devices to automatically accept communications between them over the inbound transmission channel.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for exchanging strong encryption keys between devices using alternate input methods. At least two devices that want to communicate with one another are set in key exchange mode. The at least two devices are to communicate with one another using a short range radio or personal area network. The at least two devices negotiate with one another to determine which of the at least two devices will generate an encryption key, wherein device A represents the negotiated device and device B represents the non-negotiated device. Device A generates the encryption key and transmits the encryption key to device B using an out-of band transmission channel. The out-of-band transmission channel may be transmitting the encryption key via audio tones. A validation process determines whether the transmission of the encryption key via the out-of-band transmission channel was successful. If the encryption key has been successfully validated, the at least two devices are enabled to automatically accept communications between them over the short range radio or personal area network.

Citations

19 Claims

1. A method for secure communication comprising:
- setting at least two devices that want to communicate with one another in key exchange mode, wherein the at least two devices are to communicate over an in-bound transmission channel, wherein the at least two devices negotiate with one another to determine which of the at least two devices will generate an encryption key by determining which of the at least two devices comprises more processing power, wherein device A comprises the negotiated device based on having more processing power than device B;
  
  enabling device A togenerate the encryption key using audible background noise as a random seed; and
  
  transmit the encryption key to device B using audio tones via an out-of-band audio transmission channel;
  
  determining whether the encryption key has been successfully validated; and
  
  if the encryption key has been successfully validated, enabling the at least two devices to automatically accept communications between them over the inbound transmission channel.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the audio tones enable the encryption key to be of a length greater than four (4) characters.
  - 3. The method of claim 1, wherein the audio tones enable the encryption key to be of a length greater than sixteen (16) characters.
  - 4. The method of claim 1, wherein determining whether the encryption key has been successfully validated comprises:
    - after receiving the encryption key, transmitting, by device B, encrypted random data to device A using the encryption key via a wireless transmission that requires pairing; and
      
      receiving, by device B, data back from device A, wherein device A, after receiving the encrypted random data from device B, decrypts the data, adds a time stamp to the random data, and re-encrypts the random data with the time stamp;
      
      wherein if the data received back from device A does not include the random data sent to device A by device B and the time stamp, the encryption key is invalid and wherein if the data received back from device A does include the random data sent to device A by device B and the time stamp, the encryption key is valid.
  - 5. The method of claim 1, wherein if the encryption is not validated, the method further comprising repeating the process of enabling device A to generate the encryption key and to transmit the encryption key to device B using an out-of-band transmission channel;
    - and determining whether the encryption key has been validated.
  - 6. The method of claim 1, wherein the in-bound transmission channel comprises one of a local, short range, or personal area network.

7. An article comprising:
- a non-transitory storage medium having a plurality of machine accessible instructions,wherein when the machine accessible instructions are executed by a processor, the machine accessible instructions provide for;
  
  setting at least two devices that want to communicate with one another in key exchange mode, wherein the at least two devices are to communicate using a short-range radio or personal area network, wherein the at least two devices negotiate with one another to determine which of the at least two devices will generate an encryption key by determining which of the at least two devices first offers to generate the encryption key, wherein device A comprises the negotiated device based on first offering to generate the encryption key and device B comprises the non-negotiated device;
  
  enabling device A togenerate the encryption key using audible background noise as a random seed; and
  
  transmit the encryption key to device B using audio tones via an out-of-band audio transmission channel;
  
  determining whether the encryption key has been successfully validated; and
  
  if the encryption key has been successfully validated, enabling the at least two devices to automatically accept communications between them over the short range radio network or the personal area network.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The article of claim 7, wherein the audio tones enable the encryption key to be of a length greater than four (4) characters.
  - 9. The article of claim 7, wherein the audio tones enable the encryption key to be of a length greater than sixteen (16) characters.
  - 10. The article of claim 7, wherein instructions for determining whether the encryption key has been successfully validated comprises instructions for:
    - after receiving the encryption key, transmitting, by device B, encrypted random data to device A using the encryption key via a wireless transmission that requires pairing; and
      
      receiving, by device B, data back from device A, wherein device A, after receiving the encrypted random data from device B, decrypts the data, adds a time stamp to the random data, and re-encrypts the random data with the time stamp;
      
      wherein if the data received back from device A does not include the random data sent to device A by device B and the time stamp, the encryption key is invalid and wherein if the data received back from device A does include the random data sent to device A by device B and the time stamp, the encryption key is valid.
  - 11. The article of claim 7, wherein if the encryption is not validated, the article further comprising instructions for repeating the process of enabling device A to generate the encryption key and to transmit the encryption key to device B using an out-of-band transmission channel;
    - and determining whether the encryption key has been validated.

12. A system for secure communications comprising:
- at least two devices capable of communicating with one another via a local, short-range, or personal area network, wherein the at least two devices to negotiate as to which device will generate an encryption key, wherein the negotiated device (i) to generate the encryption key using audible background noise as a random seed and (ii) to transmit the encryption key to the non-negotiated device using audio tones via an out-of band audio transmission channel, the non-negotiated device to transmit random data to the negotiated device using the encryption key and the negotiated device to transmit return data back to the non-negotiated device to determine whether the encryption key is valid, wherein the return data transmitted by the negotiated device comprises the random data received from the non-negotiated device and a time stamp encrypted using the encryption key.
- View Dependent Claims (13, 14, 15)
- - 13. The system of claim 12, wherein the negotiated device comprises the device of the at least two devices having more processing power.
  - 14. The system of claim 12, wherein the negotiated device comprises the device that initiated the communication of the at least two devices.
  - 15. The system of claim 12, wherein the negotiated device comprises the device that offers first to generate the encryption key of the at least two devices.

16. One or more non-transitory machine readable media comprising a plurality of instructions stored thereon, which in response to execution by a computing device, cause the computing device to:
- communicate, in a key exchange mode, with another computing device via an in-bound transmission channel;
  
  negotiate with the another computing device to determine which device will generate an encryption key based on a determination of which of the devices comprises the more processing power;
  
  generate the encryption key using audible background noise as a random seed in response to the determination that the computing device comprises more processing power;
  
  transmit the encryption key to the another computing device as audio tones via an out-of-band audio transmission channel;
  
  determine whether the encryption key has been successfully validated; and
  
  enable the computing device to automatically accept communications from the another computing device over the in-bound transmission channel in response to the determination that the encryption key has been successfully validated.
- View Dependent Claims (17, 18, 19)
- - 17. The one or more non-transitory machine readable media of claim 16, wherein to determine whether the encryption key has been successfully validated comprises to:
    - receive, subsequent to transmission of the encryption key, encrypted random data from the another computing device via a wireless transmission that requires pairing, the encrypted random data comprises random data encrypted with the encryption key;
      
      decrypt the encrypted random data received from the another computing device with the encryption key to obtain the random data;
      
      add a time stamp to the random data;
      
      re-encrypt the random data with the encryption key, the re-encrypted random data includes the time stamp; and
      
      transmit the re-encrypted random data that includes the time stamp to the another computing device.
  - 18. The one or more non-transitory machine readable media of claim 16, wherein the plurality of instructions further cause the computing device to:
    - regenerate the encryption key using audible background noise as the random seed in response to a determination that the encryption key is not validated;
      
      transmit the regenerated encryption key to the another computing device as audio tones via the out-of-band audio transmission channel; and
      
      determine whether the regenerated encryption key has been successfully validated.
  - 19. The one or more non-transitory machine readable media of claim 16, wherein the in-bound transmission channel comprises one of a local, short range, or personal area network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Kohlenberg, Tobias Max, Aissi, Selim
Primary Examiner(s)
Truong, Thanhnga B
Assistant Examiner(s)
LANE, GREGORY A

Application Number

US11/646,013
Publication Number

US 20080162937A1
Time in Patent Office

2,652 Days
Field of Search

713/176, 713/169, 713/171, 380/255, 380277-279
US Class Current

713/169
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 63/18   using different networks or...

H04L 9/0838   Key agreement, i.e. key est...

H04W 12/04   Key management, e.g. using ...

H04W 12/50   Secure pairing of devices

H04W 12/65   Environment-dependent, e.g....

Method for exchanging strong encryption keys between devices using alternate input methods in wireless personal area networks (WPAN)

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Method for exchanging strong encryption keys between devices using alternate input methods in wireless personal area networks (WPAN)

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links