System and method for security using a sibling smart card

US 9,021,557 B2
Filed: 10/27/2011
Issued: 04/28/2015
Est. Priority Date: 10/27/2011
Status: Active Grant

First Claim

Patent Images

1. A device, comprising:

a first subscriber identity module having a first time-synchronized key;

a memory configured to store data;

a communications module coupled to the memory and configured to detect a remote device; and

a controller coupled to the memory and configured to;

operate the communications module to establish a pairing relationship with the remote device;

determine a common time reference as a function of an initial time for said pairing and a random value;

calculate said first time-synchronized key as a function of the common time reference;

operate the communications module to transfer the random value to the remote device, said remote device operable to calculate a second time-synchronized key using the transferred random value; and

determine if the remote device includes a second subscriber identity module having the second time-synchronized key that matches the first time-synchronized key of the first subscriber identity module.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for realizing specific security features for a mobile device that may store sensitive and private data by providing secured communications to a paired remote device. In this respect, both the mobile device (which may be a mobile phone, for example) and the paired remote device (which may be a keychain, for example) include a SIM card that may have identification data stored therein. Once paired, the two devices may communicate encrypted security messages back and forth in order to implement various security measures to protect data and wireless communications. Such messages may be generated from initial information known only to each respective device such as a randomly generated offset number and a common time reference.

20 Citations

View as Search Results

25 Claims

1. A device, comprising:
- a first subscriber identity module having a first time-synchronized key;
  
  a memory configured to store data;
  
  a communications module coupled to the memory and configured to detect a remote device; and
  
  a controller coupled to the memory and configured to;
  
  operate the communications module to establish a pairing relationship with the remote device;
  
  determine a common time reference as a function of an initial time for said pairing and a random value;
  
  calculate said first time-synchronized key as a function of the common time reference;
  
  operate the communications module to transfer the random value to the remote device, said remote device operable to calculate a second time-synchronized key using the transferred random value; and
  
  determine if the remote device includes a second subscriber identity module having the second time-synchronized key that matches the first time-synchronized key of the first subscriber identity module.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The device of claim 1, wherein the data stored in the memory is encrypted.
  - 3. The device of claim 2, wherein if the controller determines that the first and second subscriber identity modules match, then decrypting the stored data.
  - 4. The device of claim 1, further comprising a device from the group including:
    - a smart phone, a cellular phone, a laptop computer;
      
      a hard drive, a portable flash drive, and a personal data assistant.
  - 5. The device of claim 1, further comprising a device configured to authorize a financial transaction if and only if the first and second time-synchronized keys are determined to match.
  - 6. The device of claim 1 wherein the communications module is configured to communicate using a wireless Bluetooth wireless method.

7. A remote device, comprising:
- a first subscriber identity module having a first time-synchronized key;
  
  a communications module coupled to the first subscriber identity module and configured to;
  
  wirelessly communicate with a second device to establish a pairing relationship;
  
  receive from said second device a random value, wherein said random value is used by said second device to calculate a second time-synchronized key derived from a common time reference set as a function of an initial time for said pairing and said random value; and
  
  a controller coupled to the communications module and configured to calculate the first time-synchronized key as a function of the received random value for use in determining if the second device includes a second subscriber identity module that is synchronized with the first subscriber identity module by the first and second time-synchronized keys matching.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The remote device of claim 7, further comprising a power button coupled to the controller and configured to initiate different power modes for the remote device.
  - 9. The remote device of claim 7, further comprising an enable button coupled to the controller and configured to authorize a data transaction.
  - 10. The remote device of claim 7, further comprising a disable button coupled to the controller and configured to disallow a data transaction.
  - 11. The remote device of claim 7, further comprising a power management circuit coupled to the controller and configured to manage power consumption in the remote device.
  - 12. The remote device of claim 7, further comprising a clock coupled to the controller and configured to provide clocking operation for the controller.
  - 13. The remote device of claim 7, further comprising one of the group including:
    - a keychain, wrist watch, a credit card, a smart phone, a personal data assistant, a necklace, and an earpiece.

14. A system, comprising:
- a first device, comprising;
  
  a first controller;
  
  a first subscriber identity module coupled to the first controller;
  
  a memory coupled to the first controller configured to store data; and
  
  a first communications module coupled to the first controller;
  
  wherein the first controller is configured to;
  
  establish a pairing relationship with a second device;
  
  determine a common time reference as a function of an initial time for said pairing and a random value;
  
  calculate a first time-synchronized key as a function of the common time reference; and
  
  transfer the random value to the second device, said second device operable to calculate a second time-synchronized key using the transferred random value; and
  
  the second device comprising;
  
  a second controller;
  
  a second subscriber identity module coupled to the second controller; and
  
  a second communications module coupled to the second controller;
  
  wherein the second controller is configured to calculate a second time-synchronized key using the transferred random value;
  
  wherein matching of the first and second time-synchronized keys facilitates communications between the first communications module to the second communications module.

15. A method, comprising:
- establishing a pairing relationship between a remote device and a device having encrypted data;
  
  determining, by the device, a common time reference as a function of an initial time for said pairing and a random value;
  
  calculating a first time-synchronized key by said device as a function of the common time reference;
  
  transferring, by the device, the random value to said remote device;
  
  calculating a second time-synchronized key by said remote device as a function of the transferred random value;
  
  determining, by the device, if the first and second time-synchronized keys match; and
  
  if the first and second time-synchronized keys match, then decrypting by the device of the encrypted data.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The method of claim 15, further comprising using a wireless communication protocol to establish the pairing relationship between the device and the remote device.
  - 17. The method of claim 16, wherein the wireless communication protocol is Bluetooth.
  - 18. The method of claim 15, further comprising disallowing decryption of the data if the first and second time-synchronized keys do not match.
  - 19. The method of claim 15, further comprising enabling a financial transaction using the device if the first and second time-synchronized keys match.

20. A method, comprising:
- initiating a wireless transaction at a device, the wireless transaction protected by a security protocol;
  
  detecting a remote device having a key for the security protocol;
  
  determining if the remote device includes a subscriber identity module that is time-synchronized with a subscriber identity module in the device; and
  
  if the remote device is synchronized, then allowing the wireless transaction;
  
  wherein determining time-synchronization between the subscriber identity modules comprises;
  
  determining, by the device, a common time reference as a function of an initial time for said detecting and a random value;
  
  calculating a first time-synchronized key by said device as a function of the common time reference;
  
  transferring, by the device, the random value to said remote device;
  
  calculating a second time-synchronized key by said remote device as a function of the transferred random value; and
  
  determining, by the device, if the first and second time-synchronized keys match.
- View Dependent Claims (21, 22, 23)
- - 21. The method of claim 20, wherein the wireless transaction is a financial transaction.
  - 22. The method of claim 21, further comprising determining that an enable function has been actuated at the remote device.
  - 23. The method of claim 21, further comprising determining that a disable function has been actuated at the remote device and in response, disallowing the transaction.

24. A non-transitory computer readable storage medium having computer executable instructions that, when executed by a device, are operable to:
- establishing a pairing relationship between a remote device and the device having encrypted data;
  
  determining, by the device, a common time reference as a function of an initial time for said pairing and a random value;
  
  calculating a first time-synchronized key by said device as a function of the common time reference;
  
  transferring, by the device, the random value to said remote device;
  
  calculating a second time-synchronized key by said remote device as a function of the transferred random value;
  
  determining, by the device, if the first and second time-synchronized keys match remote; and
  
  if the first and second time-synchronized keys match, then decrypting by the device of the encrypted data.

25. A non-transitory computer readable storage medium having computer executable instructions that, when executed by a device, are operable to:
- initiate a wireless transaction at the device, the wireless transaction protected by a security protocol;
  
  detect a remote device having a key for the security protocol;
  
  determine if the remote device includes a subscriber identity module that is time-synchronized with a subscriber identity module in the device; and
  
  if the remote device is synchronized, then allow the wireless transaction;
  
  wherein the time-synchronization determination between the subscriber identity modules comprises;
  
  determining, by the device, a common time reference as a function of an initial time for said detecting and a random value;
  
  calculating a first time-synchronized key by said device as a function of the common time reference;
  
  transferring, by the device, the random value to said remote device;
  
  calculating a second time-synchronized key by said remote device as a function of the transferred random value; and
  
  determining, by the device, if the first and second time-synchronized keys match.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Stmicroelectronics Pte Limited (STMicroelectronics NV)
Original Assignee
Stmicroelectronics Pte Limited (STMicroelectronics NV)
Inventors
Leneel, Olivier
Primary Examiner(s)
HERZOG, MADHURI R

Application Number

US13/283,381
Publication Number

US 20130111555A1
Time in Patent Office

1,279 Days
Field of Search

726 1- 21, 726 26- 30, 713164-173, 713182-186, 380255- 43, 380/28, 455410-411, 455 411- 413
US Class Current

726/4
CPC Class Codes

G06F 15/16   Combinations of two or more...

G06F 21/34   involving the use of extern...

G06F 21/44   Program or device authentic...

G06F 21/445   by mutual authentication, e...

G06F 21/60   Protecting data

G06F 21/606   by securing the transmissio...

G06F 21/62   Protecting access to data v...

G06F 21/6245   Protecting personal data, e...

H04L 63/068   using time-dependent keys, ...

H04L 63/0853   using an additional device,...

H04L 9/0816   Key establishment, i.e. cry...

H04L 9/0838   Key agreement, i.e. key est...

H04L 9/0861   Generation of secret inform...

H04L 9/0869   involving random numbers or...

H04W 12/03   Protecting confidentiality,...

H04W 12/082   using revocation of authori...

H04W 12/35   Protecting application or s...

H04W 12/45   using multiple identity mod...

H04W 12/50   Secure pairing of devices

H04W 12/61   Time-dependent

H04W 12/63 : Location-dependent; Proximi...

View All

System and method for security using a sibling smart card

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

20 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for security using a sibling smart card

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links