Wireless key management for authentication
First Claim
1. A method of authentication, comprising:
- waking a locking device from a sleep function;
broadcasting, by the locking device, a unique identifier corresponding to the locking device in response to waking the locking device from the sleep function;
receiving, at a mobile device, the unique identifier;
transmitting, by the mobile device, a request to the locking device, wherein transmitting the request to the locking device is based on determining that the unique identifier is associated with a user profile;
transmitting, by the locking device, a security challenge to the mobile device;
transmitting, by the mobile device, a response to the challenge and an encrypted user profile for the locking device, wherein the response comprises data generated with an access key that is stored by both the mobile device and the locking device, and wherein the user profile is encrypted by a server using a secret key that is stored by the server and the locking device;
verifying, by the locking device, the response to the challenge, wherein the response is verified using the access key;
validating, by the locking device in response to verifying the response, data from the mobile device, wherein validating the data comprises;
decrypting the encrypted user profile, wherein the user profile is decrypted using the secret key; and
verifying the decrypted user profile; and
initiating, by the locking device in response to validating the data, an action of the locking device as specified by the request, wherein the action comprises activating a physical locking component of the locking device to unlock the locking device.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed are methods, systems, and computer-readable media for wireless key management for authentication. Authentication includes transmitting a request to a locking device, transmitting a security challenge to the mobile device, and transmitting a response to the challenge and an encrypted user profile for the locking device. The response includes data generated with an access key that is stored by both the mobile device and the locking device, and the user profile is encrypted by a server using a secret key that is stored by the server and the locking device. Authentication further includes verifying the response to the challenge, where the response is verified using the access key, and validating additional data from the mobile device. An action of the locking device may be initiated as specified by the request.
59 Citations
21 Claims
-
1. A method of authentication, comprising:
-
waking a locking device from a sleep function; broadcasting, by the locking device, a unique identifier corresponding to the locking device in response to waking the locking device from the sleep function; receiving, at a mobile device, the unique identifier; transmitting, by the mobile device, a request to the locking device, wherein transmitting the request to the locking device is based on determining that the unique identifier is associated with a user profile; transmitting, by the locking device, a security challenge to the mobile device; transmitting, by the mobile device, a response to the challenge and an encrypted user profile for the locking device, wherein the response comprises data generated with an access key that is stored by both the mobile device and the locking device, and wherein the user profile is encrypted by a server using a secret key that is stored by the server and the locking device; verifying, by the locking device, the response to the challenge, wherein the response is verified using the access key; validating, by the locking device in response to verifying the response, data from the mobile device, wherein validating the data comprises; decrypting the encrypted user profile, wherein the user profile is decrypted using the secret key; and verifying the decrypted user profile; and initiating, by the locking device in response to validating the data, an action of the locking device as specified by the request, wherein the action comprises activating a physical locking component of the locking device to unlock the locking device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An electronic locking device, comprising:
-
a wireless transceiver; a memory; an electronically controllable locking mechanism; and a processor configured to; store a secret key in the memory, wherein the secret key is associated with a first code for the electronic locking device; store an access key in the memory, wherein the access key is associated with a second code for the electronic locking device; receive, via the transceiver, a request from a mobile device; wake from a sleep function of the electronic locking device; broadcast, via the wireless transceiver, a unique identifier corresponding to the electronic locking device in response to waking from the sleep function; transmit, via the transceiver, a security challenge to the mobile device; verify, using the access key, a response to the challenge, wherein the response is received from the mobile device, and wherein the response comprises data generated with a copy of the access key stored by the mobile device; validate, in response to verifying the response, data from the mobile device, wherein validating the data comprises; decrypting an encrypted user profile, wherein the user profile is decrypted using the secret key, and wherein the user profile is encrypted by a server with a copy of the secret key stored by the server; and verifying the decrypted user profile; and initiate, in response to validating the data, an action of the electronic locking device as specified by the request. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
Specification