Automated secure pairing for wireless devices

US 8,989,706 B2
Filed: 12/22/2011
Issued: 03/24/2015
Est. Priority Date: 10/31/2006
Status: Active Grant

First Claim

Patent Images

1. A method for pairing at least two devices, the method comprising:

performing, via a direct connection between the at least two devices, a first authentication protocol including;

receiving, at a target device of the at least two devices, a pairing request that includes an identifier; and

comparing, by the target device, the identifier to entries previously stored in an address book;

in an event that the comparing indicates that the identifier coincides with at least one of the entries previously stored in the address book, performing, via an indirect connection between the at least two devices, a second authentication protocol including;

generating a random nonce;

encrypting the random nonce using a security key;

sending a challenge that includes the encrypted random nonce;

receiving a challenge response that includes the random nonce that is decrypted; and

comparing the random that is decrypted and received in the challenge response to the random nonce that is generated; and

determining, by the target device, to accept the pairing request based at least in part on whether the random nonce that is decrypted matches the random nonce that is generated.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems, methods, and/or techniques (“tools”) are described herein that relate to automated secure pairing for devices, and that relate to parallel downloads of content using devices. The tools for pairing the devices may perform authentication protocols that are based on addresses and on keys. The address-based authentication protocol may operate on address book entries maintained by the devices. The key-based authentication protocol may operate using a key exchange between the devices.

63 Citations

View as Search Results

20 Claims

1. A method for pairing at least two devices, the method comprising:
- performing, via a direct connection between the at least two devices, a first authentication protocol including;
  
  receiving, at a target device of the at least two devices, a pairing request that includes an identifier; and
  
  comparing, by the target device, the identifier to entries previously stored in an address book;
  
  in an event that the comparing indicates that the identifier coincides with at least one of the entries previously stored in the address book, performing, via an indirect connection between the at least two devices, a second authentication protocol including;
  
  generating a random nonce;
  
  encrypting the random nonce using a security key;
  
  sending a challenge that includes the encrypted random nonce;
  
  receiving a challenge response that includes the random nonce that is decrypted; and
  
  comparing the random that is decrypted and received in the challenge response to the random nonce that is generated; and
  
  determining, by the target device, to accept the pairing request based at least in part on whether the random nonce that is decrypted matches the random nonce that is generated.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method as recited in claim 1, wherein the direct connection includes a direct Bluetooth or WiFi communication link established between the at least two devices.
  - 3. The method as recited in claim 1, wherein the indirect connection uses a third-party communication service.
  - 4. The method as recited in claim 1, wherein the second authentication protocol is performed over an SMS link established between the at least two devices via the indirect connection.
  - 5. The method as recited in claim 1, wherein the identifier is a hashed identifier.
  - 6. The method as recited in claim 5, wherein the previously stored address book entries are hashed.
  - 7. The method as recited in claim 1, wherein at least one of the at least two devices is a wireless handheld device.
  - 8. The method as recited in claim 1, the first authentication protocol further including:
    - sending a second challenge via the direct connection in response to the pairing request;
      
      receiving a second challenge response via the direct connection;
      
      determining if the second challenge response is valid; and
      
      determining to accept the pairing request further based in part on whether the second challenge response is valid.
  - 9. The method as recited in claim 1, wherein the challenge is sent in response to the receiving the pairing request.
  - 10. The method as recited in claim 1, the second authentication protocol further including:
    - receiving an authentication request via the indirect connection; and
      
      receiving, generating or determining the security key based in part on the authentication request.
  - 11. The method as recited in claim 1, the second authentication protocol further including:
    - receiving a secret number via the indirect connection; and
      
      receiving, generating or determining the security key based in part on the secret number.

12. A computer storage media comprising machine-readable instructions that, when executed by the machine, cause the machine to:
- receive a pairing request containing an identifier of an initiating device over a direct communication link between the initiating device and a target device;
  
  perform a first authentication protocol via the direct communication link, the first authentication protocol comprising verifying, by the target device, that the identifier coincides with at least one previously stored entry in an address book of the target device; and
  
  in an event that the identifier coincides with the at least one previously stored entry in the address book of the target device, perform a second authentication protocol via an indirect communication link between the initiating device and the target device, the second authentication protocol to;
  
  generate a first nonce and a second nonce;
  
  encrypt the first nonce using an authentication key;
  
  send a challenge to the initiating device, the challenge including the first nonce in an encrypted form and the second nonce in a decrypted form; and
  
  receive a challenge response containing the first nonce in a decrypted form.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The computer storage media of claim 12, wherein the direct communication link includes a direct Bluetooth or WiFi communication link established between the initiating device and the target device.
  - 14. The computer storage media of claim 12, wherein the indirect communication link uses a third-party communication service.
  - 15. The computer storage media of claim 12, wherein the second authentication protocol is performed over an SMS link established between the initiating device and the target device via the indirect communication link.
  - 16. The computer storage media of claim 12, the second authentication protocol further to:
    - compare the received first nonce in the decrypted form to the first nonce generated;
      
      determine to accept the pairing request based in part on whether the received first nonce in the decrypted form matches the first nonce generated.
  - 17. The computer storage media of claim 16, the first authentication protocol further to:
    - send a second challenge via the direct communication link in response to the pairing request;
      
      receive a second challenge response via the direct communication link; and
      
      determine if the second challenge response is valid.
  - 18. The computer storage media of claim 17, the second authentication protocol further to determine to accept the pairing request further based in part on whether the second challenge response is valid.
  - 19. The computer storage media of claim 12, the identifier is a hashed identifier and the at least one previously stored entry is a hashed entry.

20. A computer storage media comprising machine-readable instructions that, when executed by the machine, cause the machine to:
- perform a first authentication protocol over a direct communication link between at least two devices, the first authentication protocol to;
  
  receive, by a target device of the at least two devices, a pairing request that includes an identifier via a direct connection between the at least two devices;
  
  compare, by the target device, the identifier to previously stored entries in an address book of the target device; and
  
  in an event that the identifier coincides with at least one of the previously stored entries in the address book of the target device, verify a success of a second authentication protocol performed over an indirect communication link between the at least two devices, the second authentication protocol to;
  
  generate a random nonce;
  
  encrypt the random nonce using a security key;
  
  send a challenge that includes the encrypted random nonce;
  
  receive a challenge response that includes the random nonce that is decrypted;
  
  compare the random nonce that is decrypted to the random nonce that is generated; and
  
  determine, by the target device, to accept the pairing request at least when the random nonce that is decrypted matches the random nonce that is generated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Ananthanarayanan, Ganesh, Venkatesan, Ramarathnam, Blagsvedt, Sean
Primary Examiner(s)
Siddiqui, Kashif

Application Number

US13/335,454
Publication Number

US 20120094635A1
Time in Patent Office

1,188 Days
Field of Search
US Class Current

455/411
CPC Class Codes

H04L 63/18   using different networks or...

H04W 12/04   Key management, e.g. using ...

H04W 12/06   Authentication

H04W 12/50   Secure pairing of devices

H04W 84/18   Self-organising networks, e...

Automated secure pairing for wireless devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

63 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Automated secure pairing for wireless devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links