Anti-takeover systems and methods for network attached peripherals

US 10,536,848 B2
Filed: 02/26/2018
Issued: 01/14/2020
Est. Priority Date: 03/28/2014
Status: Active Grant

First Claim

Patent Images

1. A method for an automation and security system, comprising:

receiving, at a control panel, an event message from a peripheral device of the automation and security system;

determining, at the control panel, whether the event message is encrypted or unencrypted;

processing, at the control panel, the event message using a first protocol based at least in part on determining that the event message is encrypted and using a second protocol different from the first protocol based at least in part on determining that the event message is unencrypted; and

extracting, at the control panel, a decryption key value element and a key serial number from at least one packet of the event message based at least in part on processing the event message using the second protocol, the decryption key value element comprising at least one static bit field and the key serial number comprising at least one dynamic bit field adjustable based at least in part on a number of occurrences of peripheral device events.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, systems, and devices are described for the prevention of network peripheral takeover activity. In some embodiments, peripheral devices may implement an anti-takeover mechanism encrypting messages and transmitting unencrypted decryption keys for a limited period of time. Anti-takeover peripheral devices may transition from a plain operational mode, to a decryption key transmission mode, to a secure mode based on pre-defined triggering events, commands, or timers. Random decryption key values may be generated by peripheral devices and transmitted to listening devices for later storage and retrieval by the listening device. Decryption keys may be stored in remote data stores for later retrieval by anti-takeover aware controller devices.

40 Citations

16 Claims

1. A method for an automation and security system, comprising:
- receiving, at a control panel, an event message from a peripheral device of the automation and security system;
  
  determining, at the control panel, whether the event message is encrypted or unencrypted;
  
  processing, at the control panel, the event message using a first protocol based at least in part on determining that the event message is encrypted and using a second protocol different from the first protocol based at least in part on determining that the event message is unencrypted; and
  
  extracting, at the control panel, a decryption key value element and a key serial number from at least one packet of the event message based at least in part on processing the event message using the second protocol, the decryption key value element comprising at least one static bit field and the key serial number comprising at least one dynamic bit field adjustable based at least in part on a number of occurrences of peripheral device events.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein processing the event message using the second protocol different from the first protocol further comprises:
    - parsing one or more packets of the event message based at least in part on determining that the event message is unencrypted; and
      
      determining whether at least one of the packets of the event message includes the decryption key value element based at least in part on the parsing.
  - 3. The method of claim 1, further comprising:
    - identifying a peripheral device identification value based at least in part on the event message;
      
      associating the extracted decryption key value element and the extracted key serial number to the peripheral device based at least in part on the peripheral device identification value; and
      
      storing the extracted decryption key value element and the extracted key serial number including the association in a cache memory of the control panel or a remote database of a service provider of the automation and security system.
  - 4. The method of claim 1, further comprising:
    - transmitting the extracted decryption key value element and the extracted key serial number associated with the peripheral device to a service provider of the automation and security system; and
      
      processing the event message based at least in part on the transmitting.
  - 5. The method of claim 1, further comprising:
    - synchronizing an encryption iteration or a decryption iteration, or both of the control panel to communicate with the peripheral device based at least in part on the extracted decryption key value element and the extracted key serial number associated with the peripheral device.
  - 6. The method of claim 5, wherein synchronizing the encryption iteration or the decryption iteration, or both further comprises:
    - modifying a decryption key value element and a key serial number, stored in a cache memory of the control panel or a remote database of a service provider of the automation and security system, to the extracted decryption key value element and the extracted key serial number; and
      
      decrypting at least a portion of the event message using the modified decryption key value element and the key serial number.
  - 7. The method of claim 1, wherein processing the event message using the first protocol further comprises:
    - identifying at least one decryption key value element stored in local memory of the control panel or a remote database based at least in part on determining that the event message is encrypted;
      
      decrypting at least a portion of the event message using the decryption key value element;
      
      parsing the decrypted portion of the event message;
      
      identifying any unencrypted portions of the event message; and
      
      processing the unencrypted portions of the event message.

8. An apparatus for an automation and security system, comprising:
- a processor;
  
  memory in electronic communication with the processor; and
  
  instructions stored in the memory and executable by the processor to cause the apparatus to;
  
  receive, at the apparatus, an event message from a peripheral device of the automation and security system;
  
  determine, at the apparatus, whether the event message is encrypted or unencrypted; and
  
  process, at the apparatus, the event message using a first protocol based at least in part on determining that the event message is encrypted and using a second protocol different from the first protocol based at least in part on determining that the event message is unencrypted; and
  
  extract, at the apparatus, a decryption key value element and a key serial number from at least one packet of the event message based at least in part on processing the event message using the second protocol, the decryption key value element comprising at least one static bit field and the key serial number comprising at least one dynamic bit field adjustable based at least in part on a number of occurrences of peripheral device events.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The apparatus of claim 8, wherein the instructions for processing the event message using the second protocol different from the first protocol are further executable by the processor to cause the apparatus to:
    - parse one or more packets of the event message based at least in part on determining that the event message is unencrypted; and
      
      determine whether at least one of the packets of the event message includes the decryption key value element based at least in part on the parsing.
  - 10. The apparatus of claim 8, wherein the instructions are further executable by the processor to cause the apparatus to:
    - identify a peripheral device identification value based at least in part on the event message;
      
      associate the extracted decryption key value element and the extracted key serial number to the peripheral device based at least in part on the peripheral device identification value; and
      
      store the extracted decryption key value element and the extracted key serial number including the association in a cache memory of the control panel or a remote database of a service provider of the automation and security system.
  - 11. The apparatus of claim 8, wherein the instructions are further executable by the processor to cause the apparatus to:
    - transmit the extracted decryption key value element and the extracted key serial number associated with the peripheral device to a service provider of the automation and security system; and
      
      process the event message based at least in part on the transmitting.
  - 12. The apparatus of claim 8, wherein the instructions are further executable by the processor to cause the apparatus to:
    - synchronize an encryption iteration or a decryption iteration, or both of the control panel to communicate with the peripheral device based at least in part on the extracted decryption key value element and the extracted key serial number associated with the peripheral device.
  - 13. The apparatus of claim 12, wherein the instructions for synchronizing the encryption iteration or the decryption iteration, or both are further executable by the processor to cause the apparatus to:
    - modify a decryption key value element and a key serial number, stored in a cache memory of the control panel or a remote database of a service provider of the automation and security system, to the extracted decryption key value element and the extracted key serial number; and
      
      decrypt at least a portion of the event message using the modified decryption key value element and the key serial number.
  - 14. The apparatus of claim 8, wherein the instructions for processing the event message using the first protocol are further executable by the processor to cause the apparatus to:
    - identify at least one decryption key value element stored in local memory of the control panel or a remote database based at least in part on determining that the event message is encrypted;
      
      decrypt at least a portion of the event message using the decryption key value element;
      
      parse the decrypted portion of the event message;
      
      identify any unencrypted portions of the event message; and
      
      process the unencrypted portions of the event message.

15. A non-transitory computer-readable medium storing code for an automation and security system, the code comprising instructions executable by a processor to:
- receive, at a control panel, an event message from a peripheral device of the automation and security system;
  
  determine, at the control panel, whether the event message is encrypted or unencrypted;
  
  process, at the control panel, the event message using a first protocol based at least in part on determining that the event message is encrypted and using a second protocol different from the first protocol based at least in part on determining that the event message is unencrypted; and
  
  extract, at the control panel, a decryption key value element and a key serial number from at least one packet of the event message based at least in part on processing the event message using the second protocol, the decryption key value element comprising at least one static bit field and the key serial number comprising at least one dynamic bit field adjustable based at least in part on a number of occurrences of peripheral device events.
- View Dependent Claims (16)
- - 16. The non-transitory computer-readable medium of claim 15, wherein the instructions for processing the event message using the second protocol different from the first protocol are further executable by the processor to cause the processor to:
    - parse one or more packets of the event message based at least in part on determining that the event message is unencrypted; and
      
      determine whether at least one of the packets of the event message includes the decryption key value element based at least in part on the parsing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vivint Incorporated (NRG Energy, Inc.)
Original Assignee
Vivint Incorporated (NRG Energy, Inc.)
Inventors
Warren, Jeremy B.
Primary Examiner(s)
Simitoski, Michael

Application Number

US15/905,487
Publication Number

US 20180249328A1
Time in Patent Office

687 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/74   operating in dual or compar...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/0861   Generation of secret inform...

H04W 12/02   Protecting privacy or anony...

H04W 12/04   Key management, e.g. using ...

H04W 12/126   Anti-theft arrangements, e....

H04W 12/61   Time-dependent

Anti-takeover systems and methods for network attached peripherals

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

40 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Anti-takeover systems and methods for network attached peripherals

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

40 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links