Remote device initialization using asymmetric cryptography

US 9,948,614 B1
Filed: 05/23/2013
Issued: 04/17/2018
Est. Priority Date: 05/23/2013
Status: Active Grant

First Claim

Patent Images

1. A system for remotely initializing at least one device, comprising:

a private and public key pair;

a local host device configured to;

initiate a cryptographic authorization sequence after receiving a secure input value,receive an authorization request, andsend an approval response including an encoded random value;

a remote device implemented within an unmanned vehicle and in communication with the local host device, the remote device configured to;

send the authorization request including a random value to the local host device, andreceive the approval response and the encoded random value from the local host device;

a local cryptographic controller in communication with the local host device, the local cryptographic controller configured to;

receive from the local host device, the random value,encode the random value utilizing a private key, andsend the encoded random value to the local host device; and

a remote cryptographic controller in communication with the remote device, the remote cryptographic controller configured to;

verify the random value received from the remote device by decoding the encoded random value with a public key paired with the private key, andsend a message to the remote device verifying the approval response is valid, the remote device and the vehicle being configured to initialize to an active state upon receipt of the message, and the remote device being further configured to securely communicate after initialization.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure is directed to a system and method for remotely initializing at least one device in communication with a local host device utilizing an asymmetric cryptographic authorization scheme. According to various embodiments, at least one remote device sends an authorization request including a random value to the local host device. The local host device returns an approval response to the remote device, where the approval response includes the random value encoded utilizing a private key. The remote device is then initialized (e.g. powered on or placed in an active state) upon verification of the encoded random value utilizing a public key that is paired with the private key.

Citations

20 Claims

1. A system for remotely initializing at least one device, comprising:
- a private and public key pair;
  
  a local host device configured to;
  
  initiate a cryptographic authorization sequence after receiving a secure input value,receive an authorization request, andsend an approval response including an encoded random value;
  
  a remote device implemented within an unmanned vehicle and in communication with the local host device, the remote device configured to;
  
  send the authorization request including a random value to the local host device, andreceive the approval response and the encoded random value from the local host device;
  
  a local cryptographic controller in communication with the local host device, the local cryptographic controller configured to;
  
  receive from the local host device, the random value,encode the random value utilizing a private key, andsend the encoded random value to the local host device; and
  
  a remote cryptographic controller in communication with the remote device, the remote cryptographic controller configured to;
  
  verify the random value received from the remote device by decoding the encoded random value with a public key paired with the private key, andsend a message to the remote device verifying the approval response is valid, the remote device and the vehicle being configured to initialize to an active state upon receipt of the message, and the remote device being further configured to securely communicate after initialization.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the active state comprises an enabled state of the remote device to exchange secure data and perform an authorized action including ignition of the vehicle or motor control.
  - 3. The system of claim 1, wherein the secure input value is receivable via a storage medium interfaced with the local host device.
  - 4. The system of claim 3, wherein the secure input value is stored on a cryptographic ignition key.
  - 5. The system of claim 1, wherein the private key is stored by the local cryptographic controller, and wherein the local host device is further configured to send secure data to the remote device only after the remote device is initialized.
  - 6. The system of claim 1, wherein the authorization request is a first ignition authorization request and the approval response is a first ignition approval response, and wherein the local host device is further configured to:
    - receive a second ignition authorization request including a second random value from at least a second remote device in communication with the local host device; and
      
      send a second ignition approval response including the second random value encoded utilizing a second private key to the second remote device, wherein the second remote device starts up and is initialized to an active state only when the second encoded random value is verified utilizing a second public key stored on a second remote cryptographic controller of the second remote device.
  - 7. The system of claim 1, wherein the authorization request is a first authorization request, the approval response is a first approval response, the private key is a first private key, and the public key is a first public key, and wherein the local host device is further configured to:
    - receive a second authorization request including a second random value from at least a second remote device in communication with the local host device;
      
      send a second approval response including the second random value encoded utilizing a second private key to the second remote device, wherein the second remote device is initialized when the second encoded random value is verified utilizing a second public key stored on a second remote cryptographic controller of the second remote device; and
      
      receive an acknowledgement message from the first remote device or the second remote device, acknowledging initialization.

8. A system for remotely initializing at least one device, comprising:
- an uninitialized remote device configured to initialize to an active state upon initiation and verification of a cryptographic authorization sequence, the remote device implemented within a vehicle and in communication with a local host device, and a remote cryptographic controller, the local host device being in communication with a local cryptographic controller, the cryptographic authorization sequence comprising;
  
  initiating of the cryptographic authorization sequence after receiving a secure input value at the local host device;
  
  send a first request from the remote device to the remote cryptographic controller;
  
  send a random value generated at the remote cryptographic controller to the remote device in response to the first request;
  
  sending an authorization request including the random value from the remote device to the local host device;
  
  sending the random value from the local host device to the local cryptographic controller;
  
  encoding, at the local cryptographic controller, the random value utilizing a private key for the encoding;
  
  sending the encoded random value from the local cryptographic controller to the local host device;
  
  sending an approval response including the encoded random value, from the local host device to the remote device;
  
  receiving the approval response including the encoded random value at the remote device;
  
  verifying the encoded random value at the remote cryptographic controller by decoding the encoded random value utilizing a public key paired with the private key, andsending a verification message to the remote device when the approval response including the random value is verified, wherein the remote device is initialized to the active state when the verification message is received by the remote device, enabling the remote device to securely communicate after initialization.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the private key is stored by the local cryptographic controller, wherein the public key is stored by the remote cryptographic controller, and wherein the local cryptographic controller and the remote cryptographic controller comprise at least two physically separated devices that are linked respectively to the local host device or the remote device.
  - 10. The system of claim 8, wherein the vehicle comprises an unmanned vehicle and initializing to the active state enables the unmanned vehicle to perform an authorized action and exchange secure data.
  - 11. The system of claim 8, wherein the secure input value is receivable via a storage medium interfaced with the local host device.
  - 12. The system of claim 11, wherein the secure input value is stored on a cryptographic ignition key.
  - 13. The system of claim 8, wherein the local host device is further configured to send secure data to the remote device only after the remote device is initialized.
  - 14. The system of claim 8, wherein initiating of the cryptographic authorization sequence after receiving a secure input value at the local host device comprises receiving the secure input value at the local cryptographic controller and then sending the secure input value from the local cryptographic controller to the local host device for initiating the cryptographic authorization sequence.

15. A method of remotely initializing at least one device, comprising:
- initiating, at a local host device, a cryptographic authorization sequence after receiving a secure input value;
  
  receiving, at the local host device, an authorization request including a random value from a remote device in communication with the local host device, the remote device implemented within an unmanned vehicle;
  
  receiving, at a local cryptographic controller, the random value from the local host device in communication with the local cryptographic controller;
  
  encoding, at the local cryptographic controller, the random value utilizing a private key for the encoding;
  
  sending the encoded random value from the local cryptographic controller to the local host device;
  
  sending, from the local host device to the remote device, an approval response including the encoded random value;
  
  receiving, at the remote device, the approval response including the encoded random value;
  
  receiving, at a remote cryptographic controller, the encoded random value for verification from the remote device in communication with the remote cryptographic controller;
  
  decoding, at the remote cryptographic controller, the random value utilizing a public key for the decoding; and
  
  initializing the remote device using the approval response when the encoded random value is decoded at the remote cryptographic controller and the random value is verified,wherein initializing the remote device authorizes transitioning the remote device to an active state to enable the remote device to engage in one or more communications over a secured network.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, further comprising:
    - sending an acknowledgement message from the remote device to the local host device to acknowledge initialization of the remote device.
  - 17. The method of claim 15, further comprising:
    - generating the random value via the remote cryptographic controller; and
      
      sending the random value from the remote cryptographic controller to the remote device.
  - 18. The method of claim 15, further comprising:
    - sending a verification message from the remote cryptographic controller to the remote device when the encoded random value is decoded and the random value is verified.
  - 19. The method of claim 15, wherein the remote device is implemented within the unmanned vehicle, the method further comprising:
    - performing one or more authorized actions after the remote device is initialized, wherein the one or more authorized actions comprises activating an ignition source of the unmanned vehicle;
      
      sending secure data from the local host device to the remote device only after the remote device is initialized; and
      
      receiving said secure data at the remote device and sending second secure data to said local host device after the remote device is initialized.
  - 20. The method of claim 15, wherein the private key is stored by the local cryptographic controller and the public key is stored by the remote cryptographic controller.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Rockwell Collins, Inc. (Rtx Corporation)
Original Assignee
Rockwell Collins, Inc. (Rtx Corporation)
Inventors
Howard, Sean D., Provolt, Brandon J., Ryon, Luke E., Jezek, James K., Sands, Jeremy K.
Primary Examiner(s)
Armouche, Hadi
Assistant Examiner(s)
Wright, Bryan

Application Number

US13/901,248
Time in Patent Office

1,790 Days
Field of Search

713150
US Class Current
CPC Class Codes

G06F 21/305   by remotely controlling dev...

G06F 21/32   using biometric data, e.g. ...

G06F 21/602   Providing cryptographic fac...

G06F 2221/2141   Access rights, e.g. capabil...

H04L 2209/84   Vehicles

H04L 63/0428   wherein the data content is...

H04L 63/0442   wherein the sending and rec...

H04L 9/0897   involving additional device...

H04L 9/3247   involving digital signatures

H04L 9/3265   using certificate chains, t...

H04L 9/3271   using challenge-response

Remote device initialization using asymmetric cryptography

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Remote device initialization using asymmetric cryptography

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links