Cryptographic protocol for portable devices
First Claim
1. A method for employing a mobile device to communicate data over a network, wherein the mobile device performs actions, comprising:
- employing an authorized authentication device (AAD) to authenticate a user of the mobile device; and
when the user of the mobile device is authenticated, performing further actions, including;
providing one or more advertising information packets based on one or more provisioning keys; and
communicating the one or more advertising information packets to one or more remote access points, wherein each remote access point employs the one or more provisioning keys to provide one or more local versions of the one or more advertising information packets; and
when one or more comparisons performed by the one or more remote access points between its one or more local versions of the advertising information packets to the communicated one or more advertising information packets is a match, providing the user with access to each remote access point having the one or more matching comparisons.
2 Assignments
0 Petitions
Accused Products
Abstract
Embodiments are directed towards communicating using a mobile device that performs actions including. A mobile device may be provisioned with an access point such that a provisioning key and a provisioning token for each of the provisioned access points may be stored on the mobile device. The mobile device may be determined to be in the presence of a provisioned access point based on the provisioning key and an advertising nonce. The advertising nonce may be encrypted with the provisioning key. A communication channel between the mobile device and the access point may be established based on a session nonce, the advertising nonce, and the provisioning key. A session key may be generated based in part on the advertising nonce and a message counter. And, encrypted message packets that include a message and a message authentication tag may be communicated to the access point.
49 Citations
30 Claims
-
1. A method for employing a mobile device to communicate data over a network, wherein the mobile device performs actions, comprising:
-
employing an authorized authentication device (AAD) to authenticate a user of the mobile device; and when the user of the mobile device is authenticated, performing further actions, including; providing one or more advertising information packets based on one or more provisioning keys; and communicating the one or more advertising information packets to one or more remote access points, wherein each remote access point employs the one or more provisioning keys to provide one or more local versions of the one or more advertising information packets; and when one or more comparisons performed by the one or more remote access points between its one or more local versions of the advertising information packets to the communicated one or more advertising information packets is a match, providing the user with access to each remote access point having the one or more matching comparisons. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A mobile device for communicating data over a network, comprising:
-
a transceiver that communicates over a network; a memory that stores at least instructions; and a processor device that executes instructions that enable actions, including; employing an authorized authentication device (AAD) to authenticate a user of the mobile device; and when the user of the mobile device is authenticated, performing further actions, including; providing one or more advertising information packets based on one or more provisioning keys; and communicating the one or more advertising information packets to one or more remote access points, wherein each remote access point employs the one or more provisioning keys to provide one or more local versions of the one or more advertising information packets; and when one or more comparisons performed by the one or more remote access points between its one or more local versions of the advertising information packets to the communicated one or more advertising information packets is a match, providing the user with access to each remote access point having the one or more matching comparisons. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for employing a mobile device to communicate data, comprising:
-
an authorized authentication device (AAD), comprising; a transceiver that communicates over a network; a memory that stores at least instructions; and one or more processors that execute instructions that perform actions, including authenticating a user of the mobile device; and the mobile device comprising; a transceiver that communicates over a network; a memory that stores at least instructions; and one or more processor devices that execute instructions that perform actions, including; when the user of the mobile device is authenticated, performing further actions, including; providing one or more advertising information packets based on one or more provisioning keys; and communicating the one or more advertising information packets to one or more remote access points, wherein each remote access point employs the one or more provisioning keys to provide one or more local versions of the one or more advertising information packets; and when one or more comparisons performed by the one or more remote access points between its one or more local versions of the advertising information packets to the communicated one or more advertising information packets is a match, providing the user with access to each remote access point having the one or more matching comparisons. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24)
-
-
25. A processor readable non-transitory storage media that includes instructions for employing a mobile device to communicate data over a network, wherein execution of the instructions by one of more processors performs actions, comprising:
-
employing an authorized authentication device (AAD) to authenticate a user of the mobile device; and when the user of the mobile device is authenticated, performing further actions, including; providing one or more advertising information packets based on one or more provisioning keys; and communicating the one or more advertising information packets to one or more remote access points, wherein each remote access point employs the one or more provisioning keys to provide one or more local versions of the one or more advertising information packets; and when one or more comparisons performed by the one or more remote access points between its one or more local versions of the advertising information packets to the communicated one or more advertising information packets is a match, providing the user with access to each remote access point having the one or more matching comparisons. - View Dependent Claims (26, 27, 28, 29, 30)
-
Specification