Communication method in wireless LAN system
US-9497691-B2 · Nov 15, 2016 · US
Secure connection establishment
US2016165649A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016165649-A1 |
| Application number | US-201514590949-A |
| Country | US |
| Kind code | A1 |
| Filing date | Jan 6, 2015 |
| Priority date | Dec 9, 2014 |
| Publication date | Jun 9, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A wireless device implementing secure connection establishment may include at least one processor circuit. The at least one processor circuit may be configured to receive an advertising packet from a device over a first channel and generate, in response to receiving the advertising packet, a connection request packet that comprises control information for establishing a connection with the device over a second channel. The at least one processor circuit may be further configured to encrypt and authenticate at least a portion of the connection request packet based at least in part on a connection entry key previously exchanged with the device and transmit the at least partially encrypted connection request packet over the first channel. The at least one processor circuit may be further configured to establish the connection with the device over the second channel based at least in part on the control information of the connection request packet.
First claim
Opening claim text (preview).
What is claimed is: 1 . A device comprising: at least one processor circuit that is configured to: receive an advertising packet from a device over a first channel; generate, in response to receiving the advertising packet, a connection request packet that comprises control information for establishing a connection with the device over a second channel; encrypt and authenticate at least a portion of the connection request packet based at least in part on a connection entry key previously exchanged with the device; transmit the at least partially encrypted connection request packet over the first channel; and establish the connection with the device over the second channel based at least in part on the control information of the connection request packet. 2 . The device of claim 1 , wherein the connection comprises a Bluetooth low energy (BLE) connection. 3 . The device of claim 2 , wherein the first channel comprises an advertising or data channel and the second channel comprises a data channel. 4 . The device claim 1 , wherein the at least one processor circuit is further configured to: pair and bond with the device; establish a secure link with the device upon completion of the pairing and bonding; and exchange the connection entry key, nonce, and counter start values with the device over the secure link prior to receiving the advertising packet. 5 . The device of claim 1 , wherein at least one processor circuit is further configured to: encrypt and authenticate the at least the portion of the connection request packet based at least in part on the connection request packet and a counter value. 6 . The device, of claim 5 , wherein the at least one processor circuit is further configured to: synchronize, with the device, the encrypting and authenticating based at least in part on the counter value. 7 . The device of claim 1 , wherein the at least the portion of the connection request packet that is encrypted comprises at least timing information and a hopping pattern, and another portion of the connection request packet that is unencrypted comprises a public address of the device. 8 . A method for secure connection establishment with a device, the method comprising: receiving, over a first channel, a connection request packet comprising control information, wherein at least a portion of the connection request packet is encrypted; decrypting and authenticating the at least the portion of the connection request packet based at least in part on a connection entry key previously exchanged with the device; and establishing, over a second channel, a connection with the device based at least in part on the control information of the connection request packet. 9 . The method of claim 8 , further comprising: transmitting an advertising packet to the device over the first channel, wherein the connection request packet is received in response to transmitting the advertising packet. 10 . The method of claim 8 , wherein the connection comprises a Bluetooth low energy (BLE) connection. 11 . The method of claim 10 , wherein the first channel comprises an advertising channel and the second channel comprises a data channel. 12 . The method of claim 8 , further comprising: pairing and bonding with the device; establishing a secure link with the device upon completion of the pairing and bonding; and exchanging the connection entry key with the device over the secure link prior to receiving the connection request packet. 13 . The method of claim 8 , wherein decrypting and authenticating the at least the portion of the connection request packet based at least in part on the connection entry key previously exchanged with the device comprises decrypting and authenticating the at least the portion of the connection request packet based at least on the connection entry key and a counter value. 14 . The method of claim 13 , further comprising: synchronizing, with the device, the decrypting and authenticating based at least in part on the counter value. 15 . The method of claim 8 , wherein the at least the portion of the connection request packet that is encrypted comprises at least timing information and a hopping pattern, and another portion of the connection request packet that is unencrypted comprises a public address of the device. 16 . A computer program product comprising instructions stored in a tangible computer-readable storage medium, the instructions comprising: instructions to generate a packet comprising control information for establishing a connection with a device; instructions to encrypt and authenticate at least a portion of the packet based at least on a connection entry key and a counter value, wherein the connection entry key was previously exchanged with the device; instructions to transmit the packet to the device; and instructions to establish the connection with the device based at least in part on the information. 17 . The computer program product of claim 16 , wherein the instructions further comprise: instructions to bond and pair with the device; instructions to establish an encrypted link with the device after bonding and pairing with the device; and instructions to exchange the connection entry key with the device over the encrypted link prior to encrypting and authenticating the at least the portion of the packet. 18 . The computer program product of claim 16 , wherein the device comprises a Bluetooth low energy device and the connection comprises a Bluetooth low energy connection. 19 . The computer program product of claim 16 , wherein the at least the portion of the packet that is encrypted comprises at least timing information and a hopping pattern, and another portion of the packet that is unencrypted comprises a public address of the device. 20 . The computer program product of claim 16 , wherein the packet is transmitted to the device over a Bluetooth low energy advertising channel and the connection is established with the device over a Bluetooth low energy data channel.
Assignees
Inventors
Classifications
- H04W12/02Primary
Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII] · CPC title
- H04L63/0428Primary
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
Address processing for routing · CPC title
by using a location-limited connection, e.g. near-field communication or limited proximity of entities · CPC title
Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016165649A1 cover?
- A wireless device implementing secure connection establishment may include at least one processor circuit. The at least one processor circuit may be configured to receive an advertising packet from a device over a first channel and generate, in response to receiving the advertising packet, a connection request packet that comprises control information for establishing a connection with the devi…
- Who is the assignee on this patent?
- Broadcom Corp
- What technology area does this patent fall under?
- Primary CPC classification H04W12/02. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Jun 09 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).