Securing a computing device accessory
First Claim
1. At an accessory device, a method of authenticating pairing between a host device and the accessory device, the method comprising:
- establishing a connection with the host device;
sending information including a security chip certificate to the host device;
receiving a pairing certificate from the host device, the pairing certificate encrypted via a private key of a remote pairing service, wherein the pairing certificate includes a pairing public key and a digest of the security chip certificate, signed via the private key of the remote pairing service;
decrypting the pairing certificate using a public key of the remote pairing service;
verifying the information in the pairing certificate; and
if the host device is verified, then completing pairing between the host device and the accessory device.
2 Assignments
0 Petitions
Accused Products
Abstract
Various embodiments are disclosed that relate to security of a computer accessory device. For example, one non-limiting embodiment provides a host computing device configured to conduct an initial portion of a mutual authentication session with an accessory device, and send information regarding the host computing device and the accessory device to a remote pairing service via a computer network. The host computing device is further configured to, in response, receive a pairing certificate from the remote pairing service, the pairing certificate being encrypted via a private key of the remote pairing service, and complete the mutual authentication with the accessory device using the pairing certificate from the remote pairing service.
-
Citations
20 Claims
-
1. At an accessory device, a method of authenticating pairing between a host device and the accessory device, the method comprising:
-
establishing a connection with the host device; sending information including a security chip certificate to the host device; receiving a pairing certificate from the host device, the pairing certificate encrypted via a private key of a remote pairing service, wherein the pairing certificate includes a pairing public key and a digest of the security chip certificate, signed via the private key of the remote pairing service; decrypting the pairing certificate using a public key of the remote pairing service; verifying the information in the pairing certificate; and if the host device is verified, then completing pairing between the host device and the accessory device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An accessory device, comprising:
-
one or more sensors; a security chip; a system on a chip (SOC); a logic subsystem; a storage subsystem comprising instructions executable by the logic subsystem to; establish a connection with a host device; send information including a security chip certificate to the host device; receive a pairing certificate from the host device, the pairing certificate encrypted via a private key of a remote pairing service, wherein the pairing certificate includes a pairing public key and a digest of the security chip certificate, signed via the private key of the remote pairing service; decrypt the pairing certificate using a public key of the remote pairing service; verify the information in the pairing certificate; and if the host device is verified, then complete pairing between the host device and the accessory device. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. An accessory device, comprising:
-
a security chip; and a system on a chip (SOC) in communication with the security chip, the SOC comprising a security hardware module, wherein the accessory device includes instructions executable to perform an unlocking process during pairing with a host device by sending information including a security chip certificate to the host device; receiving a pairing certificate from the host device, the pairing certificate encrypted via a private key of a remote pairing service, wherein the pairing certificate includes a pairing public key and a digest of the security chip certificate, signed via the private key of the remote pairing service; decrypting the pairing certificate using a public key of the remote pairing service; verifying the information in the pairing certificate; and if the host device is verified, then unlocking the accessory device by sending an unlock request from the security chip to the SOC, receiving the unlock request at the SOC, and requesting the security hardware module of the SOC to generate a challenge message, generating and encrypting the challenge message at the security hardware module of the SOC for sending to security chip, receiving the challenge message at security chip, decrypting the challenge message, performing an operation on the challenge message to form a new message, and encrypting the new message for sending to the security hardware module of the SOC, receiving the new message at the security hardware module, decrypting the new message, performing an inverse operation on the new message to obtain and original message, compare the new message to the original message, and unlock the accessory device if comparison of the new message to the original message is correct. - View Dependent Claims (18, 19, 20)
-
Specification