CRYPTOGRAPHIC COMMUNICATION WITH MOBILE DEVICES
First Claim
1. A method for establishing a communication key which is a shared key for communication between a first apparatus and a second apparatus, the first apparatus being a mobile apparatus, wherein a shared key can be generated as being associated with any one of a set of keys available at the mobile apparatus, (wherein the shared key and its associated key may or may not be equal to each other), the set of keys including a current key and one or more previous keys, all said keys being secret keys, the method comprising the mobile apparatus performing operations of:
- (1) receiving, from the second apparatus, key data indicating a key version of a shared key available at the second apparatus, wherein the shared key available at the second apparatus is not transmitted between the mobile apparatus and the second apparatus wherein all said keys are secret keys;
(2) examining the key version, wherein;
(2A) if the mobile apparatus determines that the key version corresponds to the current key, then the communication key used by the mobile apparatus is the shared key associated with the current key;
(2B) if the mobile apparatus determines that the key version corresponds to a previous key available at the mobile apparatus, then the mobile apparatus uses the shared key associated with the previous key to establish the communication key.
1 Assignment
0 Petitions
Accused Products
Abstract
A mobile device (110), e.g. a token, holds a current key and one or more previous (expired) keys in memory (130). If the token needs to communicate with another device (144), e.g. with a reader, and the reader does not have the current key but has a previous key, the token encrypts the current key with the previous key and sends the ciphertext to the reader, which decrypts the current key. The token use different cryptographic material for communication with respective different facilities. Rather than requesting the reader to identify the facility, the token assumes that the facility is the same as in the most recent successful authentication. If the authentication fails, only then the token requests the reader to identify the facility. Authentication time and electric power are saved if the facility is the same. Other embodiments are also provided.
85 Citations
37 Claims
-
1. A method for establishing a communication key which is a shared key for communication between a first apparatus and a second apparatus, the first apparatus being a mobile apparatus, wherein a shared key can be generated as being associated with any one of a set of keys available at the mobile apparatus, (wherein the shared key and its associated key may or may not be equal to each other), the set of keys including a current key and one or more previous keys, all said keys being secret keys, the method comprising the mobile apparatus performing operations of:
-
(1) receiving, from the second apparatus, key data indicating a key version of a shared key available at the second apparatus, wherein the shared key available at the second apparatus is not transmitted between the mobile apparatus and the second apparatus wherein all said keys are secret keys; (2) examining the key version, wherein; (2A) if the mobile apparatus determines that the key version corresponds to the current key, then the communication key used by the mobile apparatus is the shared key associated with the current key; (2B) if the mobile apparatus determines that the key version corresponds to a previous key available at the mobile apparatus, then the mobile apparatus uses the shared key associated with the previous key to establish the communication key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method for establishing a communication key which is a shared key for communication between a first apparatus and a second apparatus, the first apparatus being a mobile apparatus, wherein a shared key can be generated as being associated with any one of a plurality of keys available at the mobile apparatus, (wherein the shared key and its associated key may or may not be equal to each other), the plurality of keys including a current key and one or more previous keys, all said keys being secret keys, the method comprising the second apparatus performing operations of:
-
(1) sending, to the mobile apparatus, key data indicating a key version of a shared key available at the second apparatus, wherein the shared key available at the second apparatus is not transmitted between the mobile apparatus and the second apparatus, wherein all said keys are secret keys; (2) receiving, from the mobile apparatus, encrypted data defining the communication key; (3) using the shared key available at the second apparatus to decrypt the encrypted data and recover the communication key. - View Dependent Claims (15, 16, 17, 18, 19)
-
-
20. A method for establishing a communication key which is a shared key for communication between a first apparatus and a second apparatus, the first apparatus being a mobile apparatus, wherein a shared key can be generated as being associated with any one of a plurality of keys available at the mobile apparatus, (wherein the shared key and its associated key may or may not be equal to each other), the plurality of keys including a current key and one or more previous keys, all said keys being secret keys, the method comprising the second apparatus performing operations of:
-
(1) engaging in communication with the mobile apparatus to obtain an indication of whether or not there is a shared key available at both the mobile apparatus and the second apparatus; (2) if a shared secret key is not available at both the second apparatus and the mobile apparatus, then; (2A) the second apparatus engaging in cryptographic communication using asymmetric cryptography with the mobile apparatus to generate an ephemeral key which is a secret key shared with the mobile apparatus; (2B) the second apparatus receiving, from the mobile apparatus, encrypted data defining the communication key; (2C) the second apparatus using the ephemeral key available at the second apparatus to decrypt the encrypted data and recover the communication key. - View Dependent Claims (21, 22)
-
-
23. A method for conducting cryptographic communication between a first apparatus and a second apparatus which is one of a plurality of apparatuses, the first apparatus being a mobile apparatus, wherein the mobile apparatus stores a plurality of sets of cryptographic data which are associated with respective facilities, each facility comprising one or more of the apparatuses of the plurality of apparatuses, different sets being associated with different facilities, each set being for use in cryptographic communication with the associated facility, wherein each set and its associated facility are associated with one or more possible error conditions at least one of which is an indication that the mobile apparatus may be communicating with a facility different from the associated facility,
wherein the mobile apparatus comprises storage for storing prior history of facility access; -
wherein the method comprises the mobile apparatus performing operations of; (1) selecting a facility based on the prior history; (2) using the set associated with the facility selected based on the prior history to engage in the cryptographic communication with the second apparatus; (3) if the cryptographic communication in (2) fails due to one or more of the one or more error conditions associated with the set selected by the mobile apparatus, then; (3A) the mobile apparatus selecting another facility for the cryptographic communication; and (3B) the mobile apparatus using the set associated with the other facility to engage in the cryptographic communication with the second apparatus. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A method for updating cryptographic material stored on a first apparatus and one or more second apparatuses, the first apparatus being a mobile apparatus, the cryptographic material being for use by the mobile apparatus in cryptographic communication with at least one of the one or more second apparatuses, the method comprising performing, by an updating system, operations of:
-
sending a mobile-apparatus update of the cryptographic material to the mobile apparatus which is configured to remain operable to use non-updated cryptographic material even after receiving the mobile-apparatus update at least until each second apparatus receives a second-apparatus update; and sending a second-apparatus update of the cryptographic material to the one or more second apparatuses, wherein the second-apparatus update and the mobile-apparatus update correspond to each other by allowing the cryptographic communication between the mobile apparatus and the one or more second apparatuses; wherein the updating system does not enable the one or more second apparatuses to use the second-apparatus update until the updating system receives a confirmation that the mobile apparatus has received the mobile-apparatus update. - View Dependent Claims (33, 34, 35, 36, 37)
-
Specification