SECURE WIRELESS COMMUNICATION BETWEEN CONTROLLERS AND ACCESSORIES

US 20170201499A1
Filed: 01/06/2017
Published: 07/13/2017
Est. Priority Date: 02/05/2015
Status: Active Grant

First Claim

Patent Images

1. A method for controlling an accessory using a controller, the method comprising:

establishing, by the controller, a session key usable to encrypt messages exchanged with the accessory;

determining, by the controller, write data to be written to a target characteristic of the accessory;

generating, by the controller, a first payload that comprises the write data and an identifier of the target characteristic, the first payload being encrypted with the session key;

sending, by the controller, a first instruction to the accessory, the first instruction comprising the first payload and an indication that the accessory should temporarily store the write data;

receiving, by the controller, a first response from the accessory, the first response comprising a first signed data block indicating that the accessory received the first instruction;

in response to receiving the first response, sending, by the controller, a second instruction to the accessory, the second instruction comprising a second payload indicating that the accessory should write the write data from the first payload to the target characteristic; and

receiving, by the controller, a second response from the accessory, the second response comprising a second signed data block indicating that the accessory received and executed the second instruction.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A controller and an accessory controllable by the controller can communicate using secure read and write procedures. The procedures can include encrypting identifiers of accessory characteristics targeted by a read or write operation as well as any data being read or written. The procedures can also include the accessory returning a cryptographically signed response verifying receipt and execution of the read or write instruction. In some instances, a write procedure can be implemented as a timed write in which a first instruction containing the write data is sent separately from a second instruction to execute the write operation; the accessory can disregard the write data if the second instruction is not received within a timeout period after receiving the first instruction.

25 Citations

27 Claims

1. A method for controlling an accessory using a controller, the method comprising:
- establishing, by the controller, a session key usable to encrypt messages exchanged with the accessory;
  
  determining, by the controller, write data to be written to a target characteristic of the accessory;
  
  generating, by the controller, a first payload that comprises the write data and an identifier of the target characteristic, the first payload being encrypted with the session key;
  
  sending, by the controller, a first instruction to the accessory, the first instruction comprising the first payload and an indication that the accessory should temporarily store the write data;
  
  receiving, by the controller, a first response from the accessory, the first response comprising a first signed data block indicating that the accessory received the first instruction;
  
  in response to receiving the first response, sending, by the controller, a second instruction to the accessory, the second instruction comprising a second payload indicating that the accessory should write the write data from the first payload to the target characteristic; and
  
  receiving, by the controller, a second response from the accessory, the second response comprising a second signed data block indicating that the accessory received and executed the second instruction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the first payload further comprises a time to live parameter, the time to live parameter indicating a time to live for the first instruction, wherein the accessory executes the second instruction only if the second instruction is received before the time to live expires.
  - 3. The method of claim 1, wherein the controller sends the second instruction only if the first response is received within a timeout period after sending the first instruction.
  - 4. The method of claim 1, wherein writing the write data to the target characteristic results in changing an aspect of a physical state of the accessory.
  - 5. The method of claim 1, wherein the first payload further comprises a transaction identifier generated by the controller and wherein the first response comprises a response payload signed by the accessory, the response payload comprising the transaction identifier.
  - 6. The method of claim 1, wherein the controller communicates with the accessory using a Bluetooth LE transport and wherein the first instruction is sent as a GATT write request identifying the target characteristic.
  - 7. The method of claim 1, wherein the controller communicates with the accessory using an HTTP transport and wherein the first instruction is sent as an HTTP POST request to a first URL defined at the accessory.
  - 8. The method of claim 6, wherein the first payload also comprises an identifier of the target characteristic.

9. An electronic device, comprising:
- a wireless communication interface to communicate with an accessory;
  
  one or more processors coupled to the wireless communication interface, the one or more processors being configured to;
  
  establish, via the wireless communication interface, a session key usable to encrypt messages exchanged with the accessory;
  
  determine write data to be written to a target characteristic of the accessory;
  
  generate a first payload that comprises the write data and an identifier of the target characteristic, the first payload being encrypted with the session key;
  
  send, via the wireless communication interface, a first instruction to the accessory, the first instruction comprising the first payload and an indication that the accessory should temporarily store the write data;
  
  receive, via the wireless communication interface, a first response from the accessory, the first response comprising a first signed data block indicating that the accessory received the first instruction;
  
  send, in response to receiving the first response, a second instruction to the accessory via the wireless communication interface, the second instruction comprising a second payload indicating that the accessory should write the write data from the first payload to the target characteristic; and
  
  receive, via the wireless communication interface, a second response from the accessory, the second response comprising a second signed data block indicating that the accessory received and executed the second instruction.
- View Dependent Claims (10, 11, 12, 13)
- - 10. The electronic device of claim 9, wherein the wireless communication interface is configured to communicate with the accessory using a Bluetooth LE protocol and wherein the processing subsystem is further configured to send the first instruction and the second instruction as GATT write requests conforming to the Bluetooth LE protocol.
  - 11. The electronic device of claim 10, wherein the processing subsystem is further configured to send a GATT read request to the accessory after sending the first instruction and wherein the first response is received as a response to the GATT read request.
  - 12. The electronic device of claim 9, wherein the wireless communication interface is configured to communicate with the accessory using an HTTP-based protocol and wherein the processing subsystem is further configured to send the first instruction and the second instruction as HTTP POST requests addressed to two different URLs at the accessory.
  - 13. The electronic device of claim 9, wherein the first payload further comprises a time to live parameter, the time to live parameter indicating a time to live for the first instruction, wherein the accessory executes the second instruction only if the second instruction is received before the time to live expires.

14. A computer-readable storage medium having stored therein program code that, when executed by one or more processors of an accessory device, cause the one or more processors to perform operations comprising:
- establishing a session key usable to encrypt messages exchanged with the controller;
  
  receiving a first instruction from the controller, the first instruction comprising a first payload encrypted with the session key;
  
  extracting from the first payload write data and an identifier of a target characteristic to which the write data is to be written;
  
  sending a first response to the controller, the first response comprising a first signed data block indicating that the accessory received the first instruction;
  
  receiving a second instruction from the controller, the second instruction comprising a second payload indicating that the accessory should write the write data from the first payload to the target characteristic;
  
  determining whether the second instruction is received within a time to live after sending the first response;
  
  in response to determining that the second instruction is not received within the time to live, ignoring the second instruction; and
  
  in response to determining that the second instruction is received within the time to live, executing the second instruction,the execution of the second instruction comprising writing the write data from the first payload to the target characteristic.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The computer-readable storage medium of claim 14, wherein executing the second instruction further comprises changing an aspect of a physical state of the accessory based on the write data and the target characteristic.
  - 16. The computer-readable storage medium of claim 14, further comprising:
    - extracting, by the accessory, a time to live parameter from the first payload,wherein the time to live is determined based on the time to live parameter.
  - 17. The computer-readable storage medium of claim 14, further comprising:
    - after executing the second instruction, sending, by the accessory, a second response to the controller, the second response comprising a second signed data block indicating that the accessory executed the second instruction.
  - 18. The computer-readable storage medium of claim 14, further comprising:
    - sending, by the accessory, an error message to the controller in the event that the second instruction is not received within the time to live.
  - 19. The computer-readable storage medium of claim 14, wherein the accessory communicates with the controller using a Bluetooth LE transport and wherein the first instruction is sent as a GATT write request comprising a first identifier of the target characteristic.
  - 20. The computer-readable storage medium of claim 19, further comprising:
    - extracting, by the accessory, a second identifier of the target characteristic from the first payload;
      
      determining, by the accessory, whether the first identifier of the target characteristic and the second identifier of the target characteristic correspond to the same target characteristic,wherein the accessory does not write the write data to the target characteristic unless the first identifier of the target characteristic and the second identifier of the target characteristic correspond to the same target characteristic.

21. An electronic device, comprising:
- a wireless communication interface to communicate with a controller;
  
  one or more processors coupled to the wireless communication interface, the one or more processors being configured to;
  
  establish, via the wireless communication interface, a session key usable to encrypt messages exchanged with the controller;
  
  receive, via the wireless communication interface, a first instruction from the controller, the first instruction comprising a first payload encrypted with the session key;
  
  extract, from the first payload, write data and an identifier of a target characteristic to which the write data is to be written;
  
  send, via the wireless communication interface, a first response to the controller, the first response comprising a first signed data block indicating that the electronic device received the first instruction;
  
  receive, via the wireless communication interface, a second instruction from the controller, the second instruction comprising a second payload indicating that the electronic device should write the write data from the first payload to the target characteristic;
  
  determine whether the second instruction is received within a time to live after sending the first response;
  
  in response to determining that the second instruction is not received within the time to live, ignore the second instruction; and
  
  in response to determining that the second instruction is received within the time to live, execute the second instruction,the execution of the second instruction comprising writing the write data from the first payload to the target characteristic.
- View Dependent Claims (22, 23, 24, 25, 26, 27)
- - 22. The electronic device of claim 21 further comprising:
    - a hardware component having a physical state, the physical state being changeable in response to control signals from the processing subsystem,wherein the processing subsystem is further configured such that executing the second instruction further comprises changing the physical state of the hardware component based on the write data and the target characteristic.
  - 23. The electronic device of claim 21 wherein the processing subsystem is further configured to:
    - extract a time to live parameter from the first payload; and
      
      determine the time to live based on the time to live parameter.
  - 24. The electronic device of claim 21 wherein the processing subsystem is further configured to:
    - send, after executing the second instruction, a second response to the controller via the wireless communication interface, the second response comprising a second signed data block indicating that the electronic device executed the second instruction.
  - 25. The electronic device of claim 21 wherein the wireless communication interface is configured to communicate with the controller using a Bluetooth LE protocol and wherein the processing subsystem is further configured to receive the first instruction and the second instruction as GATT write requests conforming to the Bluetooth LE protocol.
  - 26. The electronic device of claim 25 wherein the processing subsystem is further configured to receive a GATT read request from the controller after receiving the first instruction and to send the first response as a response to the GATT read request.
  - 27. The electronic device of claim 21 wherein the wireless communication interface is configured to communicate with the controller using HTTP and wherein the processing subsystem is further configured to receive the first instruction and the second instruction as HTTP POST requests directed to two different URLs defined at the electronic device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Apple Inc.
Original Assignee
Apple Inc.
Inventors
McLaughlin, Kevin P., Nadathur, Anush G., Lucas, Matthew C., Rama, Srinivas, Mathews, Dennis

Granted Patent

US 10,630,647 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

H04L 1/16   in which the return channel...

H04L 63/0428   wherein the data content is...

H04L 63/0435   wherein the sending and rec...

H04L 63/101   Access control lists [ACL]

H04L 67/02   based on web technology, e....

H04L 9/0838   Key agreement, i.e. key est...

H04L 9/3247   involving digital signatures

H04W 12/03   Protecting confidentiality,...

H04W 12/08   Access security

H04W 12/121   Wireless intrusion detectio...

H04W 12/122   Counter-measures against at...

H04W 4/70   Services for machine-to-mac...

H04W 4/80   Services using short range ...

SECURE WIRELESS COMMUNICATION BETWEEN CONTROLLERS AND ACCESSORIES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

25 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

SECURE WIRELESS COMMUNICATION BETWEEN CONTROLLERS AND ACCESSORIES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links