Managing data for authentication devices

US 9,137,025 B2
Filed: 05/03/2012
Issued: 09/15/2015
Est. Priority Date: 05/06/2011
Status: Active Grant

First Claim

Patent Images

1. A method for managing authentication data for an authentication device associated with a mobile device component, the method comprising:

accessing, at a manufacturing entity, encrypted authentication data stored on an authentication device associated with a mobile device component, wherein the mobile device component is configured to provide electrical power to a mobile device and to receive an interrogation message from the mobile device;

generating, at the manufacturing entity, unencrypted authentication data for the authentication device by decrypting the encrypted authentication data; and

storing, at the manufacturing entity, the unencrypted authentication data on the authentication device associated with the mobile device component, wherein storing the unencrypted authentication data on the authentication device enables the authentication device to provide a valid reply message in response to receiving the interrogation message from the mobile device.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and computer programs for managing authentication data for an authentication device are disclosed. An authentication device may be included, for example, in a mobile device battery so that the battery can be authenticated by a mobile device. In some implementations, encrypted certificate data are stored on an authentication device. The encrypted certificate data are accessed, and unencrypted certificate data are generated by decrypting the encrypted certificate data. The unencrypted certificate data are stored on the authentication device. The unencrypted certificate data enable the authentication device to provide a valid reply message, for example, in response to receiving an interrogation message from an interrogation device. In some implementations, the reply message includes the unencrypted certificate data and a response value generated by the authentication device based on a secret value.

81 Citations

View as Search Results

33 Claims

1. A method for managing authentication data for an authentication device associated with a mobile device component, the method comprising:
- accessing, at a manufacturing entity, encrypted authentication data stored on an authentication device associated with a mobile device component, wherein the mobile device component is configured to provide electrical power to a mobile device and to receive an interrogation message from the mobile device;
  
  generating, at the manufacturing entity, unencrypted authentication data for the authentication device by decrypting the encrypted authentication data; and
  
  storing, at the manufacturing entity, the unencrypted authentication data on the authentication device associated with the mobile device component, wherein storing the unencrypted authentication data on the authentication device enables the authentication device to provide a valid reply message in response to receiving the interrogation message from the mobile device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 31)
- - 2. The method of claim 1, wherein the encrypted authentication data include encrypted certificate data, the unencrypted authentication data include unencrypted certificate data, and the valid reply message provided by the authentication device includes the unencrypted certificate data.
  - 3. The method of claim 2, wherein the unencrypted certificate data included in the reply message certify a public key value, and the valid reply message provided by the authentication device further includes a proffered response value generated by the authentication device using a private key value associated with the public key value.
  - 4. The method of claim 2, wherein the unencrypted certificate data include a public key reconstruction value of an Elliptic Curve Qu-Vanstone (ECQV) implicit certificate.
  - 5. The method of claim 1, further comprising receiving a decryption key independent of accessing the encrypted authentication data, wherein the encrypted authentication data are decrypted using the decryption key.
  - 6. The method of claim 5, wherein the decryption key is used to decrypt the encrypted authentication data according to a symmetric encryption scheme.
  - 7. The method of claim 5, wherein the decryption key is used to decrypt the encrypted authentication data according to an asymmetric encryption scheme.
  - 8. The method of claim 1, wherein the unencrypted authentication data are stored on the mobile device component before the mobile device component is coupled to the mobile device.
  - 9. The method of claim 1, wherein enabling the authentication device to provide a valid reply message comprises enabling the authentication device during a component manufacturing process.
  - 10. The method of claim 9, wherein the component manufacturing process comprises:
    - receiving, at a first manufacturing entity, the authentication device previously manufactured by a second manufacturing entity, wherein the authentication device received from the second manufacturing entity has the encrypted authentication data stored thereon; and
      
      associating, at the first manufacturing entity, the authentication device with the mobile device component.
  - 31. The method of claim 1, wherein the mobile device component comprises a mobile device battery.

11. A non-transitory computer-readable medium storing instructions that are operable when executed by data processing apparatus to perform operations for managing authentication data, the operations comprising:
- accessing, at a manufacturing entity, encrypted authentication data stored on an authentication device associated with a mobile device component wherein the mobile device component comprises an interface configured to provide electrical power to a mobile device and to receive an interrogation message from the mobile device;
  
  generating, at the manufacturing entity, unencrypted authentication data for the authentication device by decrypting the encrypted authentication data; and
  
  storing, at the manufacturing entity, the unencrypted authentication data on the authentication device associated with the mobile device component, wherein the unencrypted authentication data enable the authentication device to provide a valid reply message in response to receiving the interrogation message from the mobile device.
- View Dependent Claims (12, 13, 14, 15, 16, 32)
- - 12. The computer-readable medium of claim 11, wherein the encrypted authentication data include encrypted certificate data, the unencrypted authentication data include unencrypted certificate data, and the valid reply message provided by the authentication device includes the unencrypted certificate data.
  - 13. The computer-readable medium of claim 12, wherein the unencrypted certificate data included in the reply message certify a public key value, and the reply message provided by the authentication device further includes a proffered response value generated by the authentication device using a private key value associated with the public key value.
  - 14. The computer-readable medium of claim 11, wherein the valid reply message includes certificate data and a proffered response value, the authentication device is configured to generate the proffered response value based on a private key value, and the unencrypted authentication data include at least a portion of the private key value.
  - 15. The computer-readable medium of claim 12, wherein the unencrypted certificate data include a portion of an implicit certificate.
  - 16. The computer-readable medium of claim 11, the operations further comprising receiving a decryption key independent of accessing the encrypted authentication data, wherein the encrypted authentication data are decrypted using the decryption key.
  - 32. The computer-readable medium of claim 11, wherein the mobile device component comprises a mobile device battery.

17. A system for managing authentication data for mobile device components, the system comprising:
- an information management device configured to perform operations comprising;
  
  accessing, at a manufacturing entity, encrypted authentication data stored on an authentication device of a mobile device component, the mobile device component comprising a mobile device interface configured to provide electrical power to a mobile device and to receive an interrogation message from the mobile device;
  
  generating, at the manufacturing entity, unencrypted authentication data by decrypting the encrypted authentication data; and
  
  enabling, at the manufacturing entity, the authentication device to provide a valid reply message by storing the unencrypted authentication data on the authentication device, wherein the authentication device is configured to provide the valid reply message in response to receiving the interrogation message.
- View Dependent Claims (18, 19, 20, 21, 33)
- - 18. The system of claim 17, wherein the encrypted authentication data include encrypted certificate data, the unencrypted authentication data include unencrypted certificate data, and the valid reply message provided by the authentication device includes the unencrypted certificate data.
  - 19. The system of claim 18, wherein the unencrypted certificate data included in the reply message certify a public key value, and the valid reply message provided by the authentication device further includes a proffered response value generated by the authentication device using a private key value associated with the public key value.
  - 20. The system of claim 17, wherein the information management device stores a decryption key used to decrypt the encrypted authentication data.
  - 21. The system of claim 17, further comprising the mobile device.
  - 33. The system of claim 17, wherein the mobile device component comprises a mobile device battery.

22. A method for managing authentication data for an authentication device, the method comprising:
- accessing, at a manufacturing entity, encrypted certificate data stored on an authentication device;
  
  generating, at the manufacturing entity, unencrypted certificate data by decrypting the encrypted certificate data; and
  
  enabling, at the manufacturing entity, the authentication device to provide a valid reply message by storing the unencrypted certificate data on the authentication device, wherein the authentication device is configured to provide a valid reply message in response to receiving an interrogation message.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30)
- - 23. The method of claim 22, wherein enabling the authentication device to provide a valid reply message comprises enabling the authentication device during a manufacturing process.
  - 24. The method of claim 23, wherein the manufacturing process comprises:
    - receiving the authentication device having the encrypted certificate data stored thereon; and
      
      associating the authentication device with a particular article of manufacture prior to generating the unencrypted certificate data.
  - 25. The method of claim 24, wherein the article of manufacture includes a mobile device component configured to be interfaced with a mobile device.
  - 26. The method of claim 25, wherein the mobile device component comprises a mobile device component.
  - 27. The method of claim 22, wherein the valid reply message includes the unencrypted certificate data and a proffered response value, and the authentication device is configured to generate the proffered response value based on evaluating a cryptographic function using a secret value stored on the authentication device.
  - 28. The method of claim 27, wherein the valid reply message further includes additional certificate data stored on the authentication device and not included in the unencrypted certificate data.
  - 29. The method of claim 22, further comprising receiving a decryption key independent of accessing the encrypted certificate data, wherein the encrypted authentication data are decrypted using the decryption key.
  - 30. The method of claim 22, wherein the unencrypted certificate data include implicit certificate data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Certicom Corporation (Blackberry Limited)
Inventors
Lambert, Robert John
Primary Examiner(s)
BROWN, ANTHONY D

Application Number

US13/462,975
Publication Number

US 20120284514A1
Time in Patent Office

1,230 Days
Field of Search

713/161, 713/168, 726/2
US Class Current

1/1
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/81   by operating on the power s...

G06F 2221/2103   Challenge-response

G06F 2221/2105   Dual mode as a secondary as...

H01M 10/4257   Smart batteries, e.g. elect...

H02J 7/00   Circuit arrangements for ch...

H02J 7/00045   Authentication, i.e. circui...

H04L 63/0823   using certificates cryptogr...

H04L 9/0819   Key transport or distributi...

H04L 9/12   Transmitting and receiving ...

H04L 9/32   including means for verifyi...

H04L 9/3263   involving certificates, e.g...

H04L 9/3271   using challenge-response

H04M 1/0262   for a battery compartment

Y02E 60/10   Energy storage using batteries

Managing data for authentication devices

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

81 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Managing data for authentication devices

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

81 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links