[go: up one dir, main page]

WO2003056746A1 - Method for establishing connections between rf devices and system comprising such rf devices - Google Patents

Method for establishing connections between rf devices and system comprising such rf devices Download PDF

Info

Publication number
WO2003056746A1
WO2003056746A1 PCT/EP2002/000057 EP0200057W WO03056746A1 WO 2003056746 A1 WO2003056746 A1 WO 2003056746A1 EP 0200057 W EP0200057 W EP 0200057W WO 03056746 A1 WO03056746 A1 WO 03056746A1
Authority
WO
WIPO (PCT)
Prior art keywords
devices
group
connection
link key
identity
Prior art date
Application number
PCT/EP2002/000057
Other languages
French (fr)
Inventor
Mario Goorden
Rakesh Taori
Jeroen Willekens
Jos Den Hartog
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget Lm Ericsson (Publ) filed Critical Telefonaktiebolaget Lm Ericsson (Publ)
Priority to AU2002231740A priority Critical patent/AU2002231740A1/en
Priority to PCT/EP2002/000057 priority patent/WO2003056746A1/en
Publication of WO2003056746A1 publication Critical patent/WO2003056746A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/50Secure pairing of devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W92/00Interfaces specially adapted for wireless communication networks
    • H04W92/16Interfaces between hierarchically similar devices
    • H04W92/18Interfaces between hierarchically similar devices between terminal devices

Definitions

  • the invention relates to a method for establishing a connection between a first RF (Radio Frequency) device and a second RF device and a subsequent connection between the first RF device and a third RF device, the method comprising the steps of initialising the connection between the first device and the second device, pairing the first device to the second device in a pairing procedure, the pairing procedure resulting in a link key being known to the first device and to the second device, the link key being for exchanging messages between the first device and the second device. Further, the invention relates to a system comprising a first RF device and a group of RF devices.
  • the Specification of the Bluetooth System describes a method for establishing a connection between devices.
  • the specification of the Bluetooth system describes a layered structure of protocols which are involved in connections between RF devices.
  • the layers include a baseband layer which determines an air interface, master and slave roles for devices, frequency hopping sequences and others.
  • the layers include a radio layer which includes radio- and frequency related items.
  • the layers include a linkmanager layer which includes bandwidth allocation and bandwidth reservation.
  • the link manager makes use of a challenge-response approach for authentication of devices.
  • link manager supervises pairing, being a creation of a trust relationship between two devices by generating and storing an authentication key for future device authentication.
  • initializing a connection between two devices refers to all actions and protocols which are involved in setting up a connection, up to but excluding a pairing procedure.
  • the pairing procedure is performed by a pair of devices for generating a link key in both devices, which link key can be used for a secure connection between these devices, which link key is stored in both devices and which can be recalled later when a following connection between these two devices is established.
  • the pairing procedure comprises the steps of generating an initialization key, which initialization key is derived from the Bluetooth address, a PIN-code, the length of the PIN-code and a random number.
  • the random number is sent from the first device to the second device, enabling generation of the initialization key in both devices.
  • an authentication is performed, in which the first device sends a random number (a challenge) , to the second device, followed by calculating a result in the first device and the second device, making use of the random number, the initialization key and the address of the second device, and sending a message from the second device to the first device, the message comprising the result.
  • a comparison is performed to verify if the result calculated in the first device is identical to the result calculated by the second device and sent to the first device.
  • a combination key is generated which will be used as the link key.
  • generation of the combination key involves several steps to be performed in the first device and several steps to be performed in the second device, and a message sent from the first device to the second device and a message sent from the second device to the first device, the steps finally resulting in calculation of an identical combination key in the first device as well as in the second device.
  • an authentication procedure is performed in which the first device sends a challenge, comprising a random number, to the second device, in which both devices calculate a result making use of the random number and of the combination key, in which a response is sent from the second device to the first device comprising the result, and in which in the first device the result calculated by the first device is compared with the result calculated by the second device and sent to the first device, thus enabling a verification of the link key generated.
  • the link key is known to the first device and the second device, during a following connection between these devices only the last step, being the authentication procedure is performed for verification of the link key.
  • a problem is that the pairing procedure, which involves entering PIN-codes for both devices involved in the pairing procedure, needs to be performed for each combination of devices separately.
  • a pairing procedure needs to be performed for the device with each device of the plurality of devices. Consequently, PIN-codes have to be entered during each pairing procedure.
  • PIN-codes have to be entered during each pairing procedure.
  • a second problem is that each link key needs to be stored for future use in the devices.
  • the invention intends to simplify the pairing procedure for a device with a plurality of devices which form part of a group of devices .
  • the method according to the invention is characterized in that establishing the connection between the first device and the third device comprises the steps of establishing a linking information associating the first device to a group of devices comprising the second and third devices, the linking information comprising the link key and an initial linking identity, initialising the connection between the first device and the third device, sending the initial linking identity from the third device to the first device, sending the link key to the third device, and assigning in the first device, based on the initial linking identity, the link key, being for exchanging messages between the first device and the third device.
  • the linking information, comprising the link key and the initial linking identity enables establishing a connection between the first device and the third device in a simple manner.
  • a link key is available to both these devices.
  • the initial linking identity is sent from the third device to the first device, thus enabling the first device to recognize that no new pairing procedure with the third device is required.
  • the link key which has been determined previously as a combination key in the pairing procedure between the first device and the second device, is sent (for example from the second device) to the third device, and in the first device the same link key which has already been determined during the pairing procedure between the first device and the second device is applied for the connection between the first device and the third device, in response to the initial linking identity sent from the third device to the first device.
  • the link key which has previously been determined during a pairing procedure between the first device and the second device, is now assigned for a connection between the first device and the third device, thus a pairing procedure between the first device and the third device is not required.
  • the steps can be performed in the order shown, however it is also possible that the step of establishing a linking information is performed after the step of initializing the connection between the first device and the third device. Further, the step of sending the link key to the third device can be performed before or after any of the other steps for establishing the connection between the first device and the third device as described above.
  • the method comprises the further step of performing an authentication procedure by the first device with the third device, making use of the link key, after sending the initial linking identity from the third device to the first device.
  • the first device to perform an authentication procedure with the third device, in a manner similar or identical to the authentication procedure performed by a device when setting up a link with an other device, the devices having performed a pairing procedure and consequently a link key for the connection between the two devices being known.
  • a verification of the link key can be performed by an authentication procedure which can be identical to a known authentication procedure.
  • the step of establishing the linking information associating the first device to the group of devices comprises the step of storing the linking information in a database which is comprised in a network interconnecting the group of devices.
  • the group of devices, which comprises the second and third device can be mutually connected via a network, such as a wired network or a wireless network, and a database can be comprised in the network.
  • the linking information comprising the link key and the initial linking identity can be stored in a database, allowing the devices which are comprised in the group of devices to have access to the linking information when required.
  • the linking information is stored in a device of the group of devices, such as the second device, and when an other device of the group of devices requires access to the linking information or part of this information, it is sent to such other device.
  • the initial linking identity comprises an identity of the second device. Consequently, when the connection between the first device and the third device is or has been initialized, the third device sends the identity of the second device to the first device, causing the first device to make use of the link key already known as the first device has already paired with the second device.
  • This makes it possible to simplify the first device, as in the first device only one entry is required, being an identity of the second device and the link key determined in the pairing procedure with the second device.
  • all other devices of the group now identify themselves towards the first device making use of the identity of the second device, no further link keys, and no further corresponding entries of identities of devices in a memory in the first device are required.
  • the first device is able to establish connections with all devices in the group of devices while requiring storing of only a single link key for establishing connections with all devices of the group of devices.
  • the identity of the second device can for example be an address of the second device.
  • the initial linking identity can comprise a group identification. Consequently, the third device sends a group identification to the first device. The first device, based on the group identification, assigns the link key already determined in the pairing procedure between the first device and the second device, to the connection between the first device and the third device. To accomplish this, at least the group identification and the link key are stored in or available to the first device. Thus, the first device assigns the link key previously determined in the pairing procedure between the first device and the second device to the connection with the third device as the group identification sent from the third device to the first device identifies the third device as belonging to the same group as the second device.
  • the group identification is known to the first device by, before establishing the connection between the first device and the third device, sending the group identification from the second device to the first device, and storing the group identification in the first device.
  • the group identification is sent to the first device in connection to the pairing procedure between the first device and the second device, enabling the first device to store the group identification in association with the link key determined.
  • the group identification is stored in the first device in a table, enabling storage of one or more group identifications, corresponding link keys, and possibly identities of individual devices belonging to the group in the first device in a structured manner.
  • the invention comprises a system comprising a first RF device and a group of RF devices comprising at least a second and a third device, enabling the first device to establish connections with at least one device of the group of devices, making use of the method according to the invention.
  • the devices of the group of devices are connected via a network to each other and to a database, the database comprising a memory for storing the linking information.
  • each device of the group of devices has access to the linking information, when required, via the network.
  • the linking information can be stored in the memory comprised in the database, allowing the devices of the group of devices to have convenient access to the linking information. Further, remote maintenance is facilitated, as, in case that a link key of a device, such as the first device needs to be removed, this can simply be performed by updating the linking information in the database.
  • the network comprises a wired network.
  • the devices comprised in the group of devices exchange information and transfer messages to each other via a wireless connection.
  • Fig. la-Id highly schematically shows a pairing procedure according to the state of the art
  • Fig. 2a and 2c highly schematically illustrate the method according to the invention.
  • Fig. la shows a generation of an initialization key K lnit .
  • the initialization key K init is generated by entering a PIN-code in the first device 1 as well as the second device 2. Further, in the first device 1 a random number IN_RAND a is generated and sent to the second device 2. Now, both devices calculate the initialization key K ini from the random number IN_RAND a , the PIN-code and an address BD_ADDR b of the second device.
  • Fig. lb shows a verification procedure in which the first device 1 sends a challenge, being a random number
  • both devices calculate a result SRES and the second device 2 sends the result SRES back to the first device 1.
  • the first device 1 now compares the results SRES, and if these are equal, the pairing procedure proceeds from this authentication step to the next step depicted in Fig. lc.
  • the link key Ka is calculated in both the first device 1 and the second device 2.
  • a number Ca is generated in the first device 1 and sent to the second device 2
  • a number Cb is generated in the second device 2 and sent to the first device 1.
  • the number Ca is generated in the first device 1 from a random number LK_RAND_ a and the initialization K inlt , and in the second device 2 the number Cb is generated from the initialization key K ini t and a random number LK_RAND b . Then, making use of the initialization key K init , in the first device 1 the random number LK_RAND b , which has been generated in the second device 2, and in the second device, the random number LK_RAND a which has been generated in the first device, are recovered.
  • a combination key which will be used as the link key Ka is generated from the random number LK_RAND a and LK_RAND b , as well as from the addresses of the first device 1 and the second device 2, BD_ADDR a and BD_ADDR b .
  • an authentication procedure is performed, similar to the challenge response procedure described in Fig. lb, in which a verification is performed if the link key Ka calculated in the first device 1 and the second device 2 is identical. Then, the link key Ka is stored in the first device 1 and the second device 2 and can be recalled later for future connections between the first device 1 and the second device 2.
  • FIG. 2a shows a first device 1, a second device 2 and a third device 3.
  • the first device 1 initializes a connection (indicated by arrows 4a, 4b) with- and performs a pairing procedure with the second device 2.
  • the second device 2 and the third device 3 both belong to an infrastructure, such as a public infrastructure. According to the invention, as shown in Fig. 2c a subsequent pairing procedure of the first device 1 with the third device 3 is not required.
  • the first device 1, which has, as depicted in Fig. 2a, paired with the second device 2 can easily and conveniently set up a connection with the third device 3. After the pairing procedure of the first device 1 with the second device 2, which includes the steps shown in Fig.
  • the first device 1 and the second device 2 both have a link key Ka (being the combination key) available for a connection 4a, 4b between the first device 1 and the second device 2, as depicted in Fig. 2b.
  • Ka being the combination key
  • an initial linking identity is sent from the third device 3 to the first device 1.
  • This initial linking identity can for example comprise an address of the second device 2, which is sent by the third device 3 to the first device 1.
  • the first device 1 Upon receipt of the initial linking identity, comprising e.g. the address of the second device 2, the first device 1 assigns the link key Ka which is already known and assigned to the connection or any subsequent connection between the first device 1 and the second devise 2, to the connection 5a, 5b between the first device 1 and the third device 3, in response to the address of the second device 2 which has been sent by the third device 3.
  • the link key Ka which is determined in the second device 2 in the pairing procedure according to Fig.
  • the link key Ka is sent from the second device 2 to a database 6 and stored in a memory in the database 6. From the database 6, the link key Ka is sent to the third device 3.
  • both the first device 1 and the third device 3 have the link key Ka available and associated to the connection between these devices, implying that the need for a pairing procedure between the first device and the third device 3 has disappeared.
  • a linking information is established which associates the first device 1 to a group of devices comprising the second device 2 and the third device 3.
  • the linking information comprises the link key Ka and the initial linking identity.
  • the linking information can be stored in a memory in the database 6, however it is also possible that the linking information is kept available in the second device 2, making a separate database, such as the database 6 for storing linking information superfluous
  • the initial linking identity comprises a group identification.
  • the group of devices comprising the second device 2 and the third device 3 is identified by a group identification, which group identification is sent to the first device 1.
  • the first device 1 now assigns the link key Ka to the connection between the first device 1 and the third device 3.
  • the group identification can be transferred to the first device 1 during the pairing procedure between the first device 1 and the second device 2 according to Fig.
  • the first device 1 and the third device 3 both have the link key Ka assigned to the connection between these devices, an authentication procedure, similar to the authentication procedure, depicted in Fig. Id can be performed, thus performing a verification to check if the link key Ka in the two devices is identical.
  • connection 7 between the second device 2 and the third device 3, and between the devices 2, 3 forming part of the group of devices and the database 6 can be a wired connection, such as a telecommunication network or a data communication network.
  • connection between the devices 2, 3 which are comprised in the group of devices comprises a wireless network, which can comprise connections between devices in the group of devices similar or identical to the connections between the first and the second, respectively the third device, resulting in a simple implementation.
  • Sending an identity of the second device 2, comprised in the initial linking identity from the third device 3 to the first device 1 has the advantage that is does require little or no modifications in the first device 1. Also, the amount of memory required in the first device 1 for storing different link keys as well as addresses of devices belonging to the group of devices is low, as only the link key Ka and the address of the second device 2 (or any other device of the group of devices with which the first device 1 has initially performed a pairing procedure) needs to be stored in the first device 1.
  • the linking information comprises the address of the second device 2 (or any other address of the particular device with which the first device 1 has initially performed a pairing procedure) which address or other identity of that device belonging to the group of devices is stored either in one or more of the devices 2, 3 of the group of devices, and/or in the database 6.
  • the initial linking identity comprises a group identification
  • the first device 1 needs to be arranged for storing the group identification such that the group identification associated to the link key Ka is stored, for example in a table comprising link keys, group identifications and possibly identities (such as addresses) of individual devices.
  • the invention allows "network level pairing", thus allows a device to perform a pairing procedure with a device which forms part of a group (or network) of devices by means of a single pairing procedure between the device and one of the devices of the group of devices. Subsequent pairing procedures with other devices of the group of devices are not required, and thus the need for determining link keys and need for entering PIN-codes when the device establishes a first connection with any of the other devices which form part of the group of devices is not required; as the link key determined in the pairing procedure between the device and one of the group of devices is used for any other subsequent connection between the device and any device of the group of devices.
  • the devices can for example be Bluetooth devices and the connections be Bluetooth connections complying to the specification of the Bluetooth system referenced in this document.
  • a Bluetooth device obtaining access to a network or group of Bluetooth devices, only needs to perform a single pairing procedure with one of the devices of the group (or network) of devices and from that moment on the device is able to establish connections and exchange messages with all devices belonging to the group (or network) of devices making use of the link key determined in the single pairing procedure.
  • Other wireless connections making use of other RF technologies are however also possible.
  • the group of devices is a Bluetooth infrastructure, such as a public Bluetooth infrastructure, in which case a subscriber device (a device of a user) only needs to perform a single pairing procedure, comprising entering of a PIN-code in order to be able to establish connections with all devices belonging to the group of devices which form part of the Bluetooth infrastructure after having performed the pairing procedure with one of the devices which forms part of the infrastructure.
  • a user-friendly procedure has been created as repeated entering of PIN-codes is not required.
  • storing of a large number of link keys i.e. an individual link key for a connection of the device with each one of the devices of the infrastructure with which a communication has been set up, is not required.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method for establishing a connection between a first RF (Radio Frequency) device and a second RF device and a connection between the first RF device and a third RF device, the method comprising the steps of initialising the connection between the first device and the second device, paring the first device to the second device in a pairing procedure, resulting in a link key (ka) being known to the first device and to the second device. Further, establishing a subsequent connection between the first device and the third device comprises the steps of establishing a linking information comprising the link key (Ka) and an initial linking identity, initialising the connection between the first device and the third device, and assigning in the first device, based on the initial linking identity, the link key (Ka), being for exchanging messages between the first device and the third device.

Description

Method for establishing connections between RF devices and system comprising such RF devices
The invention relates to a method for establishing a connection between a first RF (Radio Frequency) device and a second RF device and a subsequent connection between the first RF device and a third RF device, the method comprising the steps of initialising the connection between the first device and the second device, pairing the first device to the second device in a pairing procedure, the pairing procedure resulting in a link key being known to the first device and to the second device, the link key being for exchanging messages between the first device and the second device. Further, the invention relates to a system comprising a first RF device and a group of RF devices.
The Specification of the Bluetooth System, Bluetooth Special Interest Group, version 1.0B, volumes 1 and 2, december 1999, describes a method for establishing a connection between devices. The specification of the Bluetooth system describes a layered structure of protocols which are involved in connections between RF devices. The layers include a baseband layer which determines an air interface, master and slave roles for devices, frequency hopping sequences and others. Further, the layers include a radio layer which includes radio- and frequency related items. Further, the layers include a linkmanager layer which includes bandwidth allocation and bandwidth reservation. Also, the link manager makes use of a challenge-response approach for authentication of devices. Further, link manager supervises pairing, being a creation of a trust relationship between two devices by generating and storing an authentication key for future device authentication. Also, the link manager supervises encryption of the data which is sent over the air interface, when needed. In the following, initializing a connection between two devices refers to all actions and protocols which are involved in setting up a connection, up to but excluding a pairing procedure. The pairing procedure is performed by a pair of devices for generating a link key in both devices, which link key can be used for a secure connection between these devices, which link key is stored in both devices and which can be recalled later when a following connection between these two devices is established. The pairing procedure comprises the steps of generating an initialization key, which initialization key is derived from the Bluetooth address, a PIN-code, the length of the PIN-code and a random number. The random number is sent from the first device to the second device, enabling generation of the initialization key in both devices. Next, an authentication is performed, in which the first device sends a random number (a challenge) , to the second device, followed by calculating a result in the first device and the second device, making use of the random number, the initialization key and the address of the second device, and sending a message from the second device to the first device, the message comprising the result. Now, in the first device a comparison is performed to verify if the result calculated in the first device is identical to the result calculated by the second device and sent to the first device. Next, a combination key is generated which will be used as the link key. As described in the specification of the Bluetooth System, generation of the combination key involves several steps to be performed in the first device and several steps to be performed in the second device, and a message sent from the first device to the second device and a message sent from the second device to the first device, the steps finally resulting in calculation of an identical combination key in the first device as well as in the second device. Finally, again an authentication procedure is performed in which the first device sends a challenge, comprising a random number, to the second device, in which both devices calculate a result making use of the random number and of the combination key, in which a response is sent from the second device to the first device comprising the result, and in which in the first device the result calculated by the first device is compared with the result calculated by the second device and sent to the first device, thus enabling a verification of the link key generated. When the link key is known to the first device and the second device, during a following connection between these devices only the last step, being the authentication procedure is performed for verification of the link key.
A problem is that the pairing procedure, which involves entering PIN-codes for both devices involved in the pairing procedure, needs to be performed for each combination of devices separately. Thus, when setting up connections from a device to a plurality of devices such as an infrastructure, a pairing procedure needs to be performed for the device with each device of the plurality of devices. Consequently, PIN-codes have to be entered during each pairing procedure. Thus, this results in a user unfriendly situation, as a user has to enter a PIN-code every time the device of the user encounters a different Bluetooth device within the same infrastructure or the plurality of devices. A second problem is that each link key needs to be stored for future use in the devices. Thus, a significant amount of storage capacity is required in the device for enabling communication with the plurality of devices or infrastructure, in particular if the infrastructure comprises a large number of devices. The invention intends to simplify the pairing procedure for a device with a plurality of devices which form part of a group of devices .
To achieve this goal, the method according to the invention is characterized in that establishing the connection between the first device and the third device comprises the steps of establishing a linking information associating the first device to a group of devices comprising the second and third devices, the linking information comprising the link key and an initial linking identity, initialising the connection between the first device and the third device, sending the initial linking identity from the third device to the first device, sending the link key to the third device, and assigning in the first device, based on the initial linking identity, the link key, being for exchanging messages between the first device and the third device. The linking information, comprising the link key and the initial linking identity enables establishing a connection between the first device and the third device in a simple manner. After pairing of the first device with the second device, a link key is available to both these devices. According to the invention, when a subsequent connection between the first device and the third device has been initialized, the initial linking identity is sent from the third device to the first device, thus enabling the first device to recognize that no new pairing procedure with the third device is required. The link key, which has been determined previously as a combination key in the pairing procedure between the first device and the second device, is sent (for example from the second device) to the third device, and in the first device the same link key which has already been determined during the pairing procedure between the first device and the second device is applied for the connection between the first device and the third device, in response to the initial linking identity sent from the third device to the first device. As a result, the link key, which has previously been determined during a pairing procedure between the first device and the second device, is now assigned for a connection between the first device and the third device, thus a pairing procedure between the first device and the third device is not required. The steps can be performed in the order shown, however it is also possible that the step of establishing a linking information is performed after the step of initializing the connection between the first device and the third device. Further, the step of sending the link key to the third device can be performed before or after any of the other steps for establishing the connection between the first device and the third device as described above. Advantageously, the method comprises the further step of performing an authentication procedure by the first device with the third device, making use of the link key, after sending the initial linking identity from the third device to the first device. In this way it is possible for the first device to perform an authentication procedure with the third device, in a manner similar or identical to the authentication procedure performed by a device when setting up a link with an other device, the devices having performed a pairing procedure and consequently a link key for the connection between the two devices being known. Thus, a verification of the link key can be performed by an authentication procedure which can be identical to a known authentication procedure.
Advantageously, the step of establishing the linking information associating the first device to the group of devices comprises the step of storing the linking information in a database which is comprised in a network interconnecting the group of devices. The group of devices, which comprises the second and third device can be mutually connected via a network, such as a wired network or a wireless network, and a database can be comprised in the network. Thus, the linking information comprising the link key and the initial linking identity can be stored in a database, allowing the devices which are comprised in the group of devices to have access to the linking information when required. Alternatively it is possible that the linking information is stored in a device of the group of devices, such as the second device, and when an other device of the group of devices requires access to the linking information or part of this information, it is sent to such other device.
Advantageously, the initial linking identity comprises an identity of the second device. Consequently, when the connection between the first device and the third device is or has been initialized, the third device sends the identity of the second device to the first device, causing the first device to make use of the link key already known as the first device has already paired with the second device. This makes it possible to simplify the first device, as in the first device only one entry is required, being an identity of the second device and the link key determined in the pairing procedure with the second device. As all other devices of the group now identify themselves towards the first device making use of the identity of the second device, no further link keys, and no further corresponding entries of identities of devices in a memory in the first device are required. Thus, the first device is able to establish connections with all devices in the group of devices while requiring storing of only a single link key for establishing connections with all devices of the group of devices. The identity of the second device can for example be an address of the second device.
Alternatively, the initial linking identity can comprise a group identification. Consequently, the third device sends a group identification to the first device. The first device, based on the group identification, assigns the link key already determined in the pairing procedure between the first device and the second device, to the connection between the first device and the third device. To accomplish this, at least the group identification and the link key are stored in or available to the first device. Thus, the first device assigns the link key previously determined in the pairing procedure between the first device and the second device to the connection with the third device as the group identification sent from the third device to the first device identifies the third device as belonging to the same group as the second device.
Advantageously, the group identification is known to the first device by, before establishing the connection between the first device and the third device, sending the group identification from the second device to the first device, and storing the group identification in the first device. Thus, the group identification is sent to the first device in connection to the pairing procedure between the first device and the second device, enabling the first device to store the group identification in association with the link key determined.
Advantageously the group identification is stored in the first device in a table, enabling storage of one or more group identifications, corresponding link keys, and possibly identities of individual devices belonging to the group in the first device in a structured manner.
Further, the invention comprises a system comprising a first RF device and a group of RF devices comprising at least a second and a third device, enabling the first device to establish connections with at least one device of the group of devices, making use of the method according to the invention.
Advantageously, the devices of the group of devices are connected via a network to each other and to a database, the database comprising a memory for storing the linking information. Thus, each device of the group of devices has access to the linking information, when required, via the network. The linking information can be stored in the memory comprised in the database, allowing the devices of the group of devices to have convenient access to the linking information. Further, remote maintenance is facilitated, as, in case that a link key of a device, such as the first device needs to be removed, this can simply be performed by updating the linking information in the database.
Advantageously, the network comprises a wired network. Alternatively, it is of course possible that the devices comprised in the group of devices exchange information and transfer messages to each other via a wireless connection. Further advantages and features of the invention will become clear from the appended drawing, showing a non-limiting embodiment, in which:
Fig. la-Id highly schematically shows a pairing procedure according to the state of the art and
Fig. 2a and 2c highly schematically illustrate the method according to the invention.
Fig. la shows a generation of an initialization key Klnit. The initialization key Kinit is generated by entering a PIN-code in the first device 1 as well as the second device 2. Further, in the first device 1 a random number IN_RANDa is generated and sent to the second device 2. Now, both devices calculate the initialization key Kini from the random number IN_RANDa, the PIN-code and an address BD_ADDRb of the second device. Next, Fig. lb shows a verification procedure in which the first device 1 sends a challenge, being a random number
AU_RANDa to the second device 2, both devices calculate a result SRES and the second device 2 sends the result SRES back to the first device 1. The first device 1 now compares the results SRES, and if these are equal, the pairing procedure proceeds from this authentication step to the next step depicted in Fig. lc. In this next step, the link key Ka is calculated in both the first device 1 and the second device 2. A number Ca is generated in the first device 1 and sent to the second device 2, and a number Cb is generated in the second device 2 and sent to the first device 1. The number Ca is generated in the first device 1 from a random number LK_RAND_a and the initialization Kinlt, and in the second device 2 the number Cb is generated from the initialization key Kinit and a random number LK_RANDb. Then, making use of the initialization key Kinit, in the first device 1 the random number LK_RANDb, which has been generated in the second device 2, and in the second device, the random number LK_RANDa which has been generated in the first device, are recovered. Now, in the first device 1 as well as in the second device 2, a combination key which will be used as the link key Ka is generated from the random number LK_RANDa and LK_RANDb, as well as from the addresses of the first device 1 and the second device 2, BD_ADDRa and BD_ADDRb. Finally an authentication procedure is performed, similar to the challenge response procedure described in Fig. lb, in which a verification is performed if the link key Ka calculated in the first device 1 and the second device 2 is identical. Then, the link key Ka is stored in the first device 1 and the second device 2 and can be recalled later for future connections between the first device 1 and the second device 2. Fig. 2a shows a first device 1, a second device 2 and a third device 3. The first device 1 initializes a connection (indicated by arrows 4a, 4b) with- and performs a pairing procedure with the second device 2. The second device 2 and the third device 3 both belong to an infrastructure, such as a public infrastructure. According to the invention, as shown in Fig. 2c a subsequent pairing procedure of the first device 1 with the third device 3 is not required. The first device 1, which has, as depicted in Fig. 2a, paired with the second device 2 can easily and conveniently set up a connection with the third device 3. After the pairing procedure of the first device 1 with the second device 2, which includes the steps shown in Fig. la- Id, the first device 1 and the second device 2 both have a link key Ka (being the combination key) available for a connection 4a, 4b between the first device 1 and the second device 2, as depicted in Fig. 2b. When the first device 1 initializes a connection 5a, 5b with the third device 3, as depicted in Fig. 2c, after having established a connection 4a, 4b with the second device 2, as depicted in Figs. 2a and 2b, pairing is not required, as the link key Ka (being the combination key) which has been determined by the first device 1 and the second device 2 in the pairing procedure according to Fig. 2a, will be used also for a subsequent connection 5a, 5b between the first device 1 and the third device 3. To accomplish this, an initial linking identity is sent from the third device 3 to the first device 1. This initial linking identity can for example comprise an address of the second device 2, which is sent by the third device 3 to the first device 1. Upon receipt of the initial linking identity, comprising e.g. the address of the second device 2, the first device 1 assigns the link key Ka which is already known and assigned to the connection or any subsequent connection between the first device 1 and the second devise 2, to the connection 5a, 5b between the first device 1 and the third device 3, in response to the address of the second device 2 which has been sent by the third device 3. The link key Ka, which is determined in the second device 2 in the pairing procedure according to Fig. 2a, can either be sent by the second device 2 to the third device 3, however it is also possible that the link key Ka is sent from the second device 2 to a database 6 and stored in a memory in the database 6. From the database 6, the link key Ka is sent to the third device 3. Now, both the first device 1 and the third device 3 have the link key Ka available and associated to the connection between these devices, implying that the need for a pairing procedure between the first device and the third device 3 has disappeared. Thus, after following a pairing procedure between the first device 1 and the second device 2 according to Fig. 2a, a linking information is established which associates the first device 1 to a group of devices comprising the second device 2 and the third device 3. The linking information comprises the link key Ka and the initial linking identity. The linking information can be stored in a memory in the database 6, however it is also possible that the linking information is kept available in the second device 2, making a separate database, such as the database 6 for storing linking information superfluous Instead of the initial linking identity comprising an address, it is also possible that the initial linking identity comprises a group identification. In this case, the group of devices comprising the second device 2 and the third device 3 is identified by a group identification, which group identification is sent to the first device 1. Based on the group identification, the first device 1 now assigns the link key Ka to the connection between the first device 1 and the third device 3. The group identification can be transferred to the first device 1 during the pairing procedure between the first device 1 and the second device 2 according to Fig. 2a, and can be stored in the first device 1 in association with the link key Ka. Thus, when the connection with an other device which belongs to the same group as device 2 is established by the first device 1, the sending of the group identification by that device which forms part of the group of devices, is recognized by the first device 1, and because of the association between the group identification and the link key Ka the link key Ka issued for the communication between the first device 1 and the device which belongs to the group of devices. When, as depicted in Fig. 2c, the first device 1 and the third device 3 both have the link key Ka assigned to the connection between these devices, an authentication procedure, similar to the authentication procedure, depicted in Fig. Id can be performed, thus performing a verification to check if the link key Ka in the two devices is identical.
The connection 7 between the second device 2 and the third device 3, and between the devices 2, 3 forming part of the group of devices and the database 6 can be a wired connection, such as a telecommunication network or a data communication network. Alternatively, it is possible that the connection between the devices 2, 3 which are comprised in the group of devices comprises a wireless network, which can comprise connections between devices in the group of devices similar or identical to the connections between the first and the second, respectively the third device, resulting in a simple implementation.
Sending an identity of the second device 2, comprised in the initial linking identity from the third device 3 to the first device 1 has the advantage that is does require little or no modifications in the first device 1. Also, the amount of memory required in the first device 1 for storing different link keys as well as addresses of devices belonging to the group of devices is low, as only the link key Ka and the address of the second device 2 (or any other device of the group of devices with which the first device 1 has initially performed a pairing procedure) needs to be stored in the first device 1. In this case, the linking information comprises the address of the second device 2 (or any other address of the particular device with which the first device 1 has initially performed a pairing procedure) which address or other identity of that device belonging to the group of devices is stored either in one or more of the devices 2, 3 of the group of devices, and/or in the database 6. If the initial linking identity comprises a group identification, then the first device 1 needs to be arranged for storing the group identification such that the group identification associated to the link key Ka is stored, for example in a table comprising link keys, group identifications and possibly identities (such as addresses) of individual devices. Consequently, the invention allows "network level pairing", thus allows a device to perform a pairing procedure with a device which forms part of a group (or network) of devices by means of a single pairing procedure between the device and one of the devices of the group of devices. Subsequent pairing procedures with other devices of the group of devices are not required, and thus the need for determining link keys and need for entering PIN-codes when the device establishes a first connection with any of the other devices which form part of the group of devices is not required; as the link key determined in the pairing procedure between the device and one of the group of devices is used for any other subsequent connection between the device and any device of the group of devices.
The devices can for example be Bluetooth devices and the connections be Bluetooth connections complying to the specification of the Bluetooth system referenced in this document. According to the invention, a Bluetooth device, obtaining access to a network or group of Bluetooth devices, only needs to perform a single pairing procedure with one of the devices of the group (or network) of devices and from that moment on the device is able to establish connections and exchange messages with all devices belonging to the group (or network) of devices making use of the link key determined in the single pairing procedure. Other wireless connections making use of other RF technologies are however also possible. Advantages of the invention will become apparent particularly in case that the group of devices is a Bluetooth infrastructure, such as a public Bluetooth infrastructure, in which case a subscriber device (a device of a user) only needs to perform a single pairing procedure, comprising entering of a PIN-code in order to be able to establish connections with all devices belonging to the group of devices which form part of the Bluetooth infrastructure after having performed the pairing procedure with one of the devices which forms part of the infrastructure. Thus, a user-friendly procedure has been created as repeated entering of PIN-codes is not required. Further, storing of a large number of link keys, i.e. an individual link key for a connection of the device with each one of the devices of the infrastructure with which a communication has been set up, is not required.

Claims

1. Method for establishing a connection between a first RF (Radio Frequency) device (1) and a second RF device (2) and a subsequent connection between the first RF device (1) and a third RF (3) device, the method comprising the steps of
- initialising the connection between the first device (1) and the second device (2) ; - pairing the first device (1) to the second device (2) in a pairing procedure, the pairing procedure resulting in a link key (Ka) being known to the first device (1) and to the second device (2), the link key (Ka) being for exchanging messages between the first device (l)and the second device (2), the method being characterised in that establishing the connection between the first device (1) and the third device (3) comprises the steps of:
- establishing a linking information associating the first device (1) to a group of devices comprising the second- (2) and third (3) devices, the linking information comprising the link key (Ka) and an initial linking identity;
- initialising the connection between the first device (l)and the third device (3) ;
- sending the initial linking identity from the third device (3) to the first device (1);
- sending the link key (Ka) to the third device (3) ; and
- assigning in the first device (1) , based on the initial linking identity, the link key (Ka) , being for exchanging messages between the first device (1) and the third device (3) .
2. The method according to claim 1, characterised by the further step of performing an authentication procedure by the first device (1) with the third device (3) , making use of the link key (Ka) , after sending the initial linking identity from the third device (3) to the first device (1) .
3. The method according to claim 1 or 2, characterised in that the step of establishing the linking information associating the first device (1) to the group of devices (2,3) comprises the step of storing the linking information in a database (6) which is comprised in a network (7) interconnecting the group of devices (2,3).
4. The method according to any of claims 1 - 3, characterised in that the initial linking identity comprises an identity of the second device (2) .
5. The method according to any of claims 1 - 3, characterised in that the initial linking identity comprises a group identification.
6. The method according to claim 5, characterised by the further steps of before establishing the connection between the first device (l)and the third device (3) :
- sending the group identification from the second device (2) to the first device (1) ; and
- storing the group identification in the first device (1) .
7. The method according to claim 6, characterised in that the step of storing the group identification in the first device (1) comprises the step of storing the group identification in the first device (1) in a table.
8. A system comprising a first RF device (1) and a group of RF devices comprising at least a second (2) and a third (3) device, enabling the first device (l)to establish connections with at least one device (3) of the group of the devices (2,3) making use of the method according to any of the preceding claims.
9. The system according to claim 8, characterised in that the devices of the group of devices (2,3) are connected via a network (7) to each other and to a database (6), the database comprising a memory for storing the linking information.
10. The system according to claim 9, characterised in that the network (7) comprises a wired network.
PCT/EP2002/000057 2002-01-03 2002-01-03 Method for establishing connections between rf devices and system comprising such rf devices WO2003056746A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU2002231740A AU2002231740A1 (en) 2002-01-03 2002-01-03 Method for establishing connections between rf devices and system comprising such rf devices
PCT/EP2002/000057 WO2003056746A1 (en) 2002-01-03 2002-01-03 Method for establishing connections between rf devices and system comprising such rf devices

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2002/000057 WO2003056746A1 (en) 2002-01-03 2002-01-03 Method for establishing connections between rf devices and system comprising such rf devices

Publications (1)

Publication Number Publication Date
WO2003056746A1 true WO2003056746A1 (en) 2003-07-10

Family

ID=8164769

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2002/000057 WO2003056746A1 (en) 2002-01-03 2002-01-03 Method for establishing connections between rf devices and system comprising such rf devices

Country Status (2)

Country Link
AU (1) AU2002231740A1 (en)
WO (1) WO2003056746A1 (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005053267A1 (en) * 2003-11-20 2005-06-09 Nokia Corporation A method and device relating to security in a radio communications network
WO2008004106A1 (en) * 2006-07-06 2008-01-10 Nokia Corporation User equipment credential system
WO2009027770A1 (en) 2007-08-31 2009-03-05 Nokia Corporation Method and apparatus for propagating encryption keys between wireless communication devices
WO2011041597A3 (en) * 2009-09-30 2011-05-26 Qualcomm Incorporated Method and device for establishing a wireless link key
FR2980072A1 (en) * 2011-09-13 2013-03-15 Myriad Group Ag Method for association of cell phone with multi-media local server for providing e.g. video access service, involves transferring authentication information and information of connection of portable device from storage unit
DE102011087382A1 (en) 2011-11-30 2013-06-06 Robert Bosch Gmbh Method for preconfiguring a device and method for putting the device into operation
WO2014033199A1 (en) * 2012-08-30 2014-03-06 Koninklijke Philips N.V. Method and devices for pairing within a group of wireless devices
WO2014094877A1 (en) * 2012-12-21 2014-06-26 Phonak Ag Pairing method for establishing a wireless audio network
WO2015132419A2 (en) 2015-06-30 2015-09-11 Sonova Ag Method of fitting a hearing assistance device
EP2958354A1 (en) * 2014-06-19 2015-12-23 Nokia Technologies OY Device pairing
CN111566993A (en) * 2018-03-22 2020-08-21 株式会社东海理化电机制作所 Authentication system

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000076120A2 (en) * 1999-06-07 2000-12-14 Nokia Mobile Phones Limited Security architecture

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000076120A2 (en) * 1999-06-07 2000-12-14 Nokia Mobile Phones Limited Security architecture

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"SPECIFICATION OF THE BLUETOOTH SYSTEM version 1.0 B", SPECIFICATION OF THE BLUETOOTH SYSTEM, 1 December 1999 (1999-12-01), XP002175286 *
ASOKAN N ET AL: "Key agreement in ad hoc networks", COMPUTER COMMUNICATIONS, ELSEVIER SCIENCE PUBLISHERS BV, AMSTERDAM, NL, vol. 23, no. 17, 1 November 2000 (2000-11-01), pages 1627 - 1637, XP004238466, ISSN: 0140-3664 *

Cited By (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7783879B2 (en) 2003-11-20 2010-08-24 Nokia Corporation Method and device relating to security in a radio communication network
WO2005053267A1 (en) * 2003-11-20 2005-06-09 Nokia Corporation A method and device relating to security in a radio communications network
WO2008004106A1 (en) * 2006-07-06 2008-01-10 Nokia Corporation User equipment credential system
US10284555B2 (en) 2006-07-06 2019-05-07 Nokia Technologies Oy User equipment credential system
US9485232B2 (en) 2006-07-06 2016-11-01 Nokia Technologies Oy User equipment credential system
US8787575B2 (en) 2007-08-31 2014-07-22 France Brevets Method and apparatus for propagating encryption keys between wireless communication devices
WO2009027770A1 (en) 2007-08-31 2009-03-05 Nokia Corporation Method and apparatus for propagating encryption keys between wireless communication devices
EP2183903A4 (en) * 2007-08-31 2012-01-25 Nokia Corp METHOD AND DEVICE FOR PROPAGING ENCRYPTION KEYS BETWEEN WIRELESS COMMUNICATION DEVICES
KR101443465B1 (en) 2009-09-30 2014-09-22 퀄컴 인코포레이티드 Method and device for establishing a wireless link key
US8555063B2 (en) 2009-09-30 2013-10-08 Qualcomm Incorporated Method for establishing a wireless link key between a remote device and a group device
WO2011041597A3 (en) * 2009-09-30 2011-05-26 Qualcomm Incorporated Method and device for establishing a wireless link key
JP2013507063A (en) * 2009-09-30 2013-02-28 クアルコム,インコーポレイテッド Method for establishing a wireless link key between a remote device and a group device
CN102550061A (en) * 2009-09-30 2012-07-04 高通股份有限公司 A method for establishing a wireless link key between a remote device and a group device
FR2980072A1 (en) * 2011-09-13 2013-03-15 Myriad Group Ag Method for association of cell phone with multi-media local server for providing e.g. video access service, involves transferring authentication information and information of connection of portable device from storage unit
US9122500B2 (en) 2011-11-30 2015-09-01 Robert Bosch Gmbh Method for preconfiguring an appliance, and method for starting up the appliance
DE102011087382A1 (en) 2011-11-30 2013-06-06 Robert Bosch Gmbh Method for preconfiguring a device and method for putting the device into operation
TWI618440B (en) * 2012-08-30 2018-03-11 皇家飛利浦有限公司 Pairing within a group of wireless devices
CN104584606A (en) * 2012-08-30 2015-04-29 皇家飞利浦有限公司 Method and devices for pairing within a group of wireless devices
WO2014033199A1 (en) * 2012-08-30 2014-03-06 Koninklijke Philips N.V. Method and devices for pairing within a group of wireless devices
CN104584606B (en) * 2012-08-30 2018-11-16 皇家飞利浦有限公司 Method and apparatus for matching in a group of wireless devices
RU2662687C2 (en) * 2012-08-30 2018-07-26 Конинклейке Филипс Н.В. Method and devices for pairing within group of wireless devices
US9445449B2 (en) 2012-08-30 2016-09-13 Koninklijke Philips N.V. Method and devices for pairing within a group of wireless devices
US9504076B2 (en) 2012-12-21 2016-11-22 Sonova Ag Pairing method for establishing a wireless audio network
WO2014094877A1 (en) * 2012-12-21 2014-06-26 Phonak Ag Pairing method for establishing a wireless audio network
CN104982052A (en) * 2012-12-21 2015-10-14 索诺瓦公司 Pairing method for establishing wireless audio network
CN105282865A (en) * 2014-06-19 2016-01-27 诺基亚技术有限公司 Device pairing
EP2958354A1 (en) * 2014-06-19 2015-12-23 Nokia Technologies OY Device pairing
WO2015132419A2 (en) 2015-06-30 2015-09-11 Sonova Ag Method of fitting a hearing assistance device
CN111566993A (en) * 2018-03-22 2020-08-21 株式会社东海理化电机制作所 Authentication system
CN111566993B (en) * 2018-03-22 2023-08-04 株式会社东海理化电机制作所 authentication system

Also Published As

Publication number Publication date
AU2002231740A1 (en) 2003-07-15

Similar Documents

Publication Publication Date Title
KR101455891B1 (en) Method and system of communication using extended sequence number
US9973925B2 (en) Method and apparatus for direct communication key establishment
US7624270B2 (en) Inter subnet roaming system and method
CN112672351B (en) Wireless local area network authentication method and device, electronic device, and storage medium
US11778458B2 (en) Network access authentication method and device
EP1869822B1 (en) Method and device for multi-session establishment
US7251729B1 (en) Authentication method for establishing connection between devices
HU224990B1 (en) A subscriber identity modul(sim) and a method for controlling a subscriber identity module (sim) in mobile radio telephone systems
CN101771992B (en) Method, equipment and system for protection of confidentiality of international mobile subscriber identifier IMSI
WO2003056746A1 (en) Method for establishing connections between rf devices and system comprising such rf devices
JP2010114912A (en) Method of user authentication in terminal unit, authentication system, terminal unit, and authentication apparatus
CN101686458A (en) Terminal configuration, management method and terminal device
RU2006126074A (en) SYSTEM, METHOD AND DEVICES FOR AUTHENTICATION IN A WIRELESS LOCAL COMPUTER NETWORK (WLAN)
CN101217364B (en) An organization structure and maintenance method of security context in media accessing control system
CN104982053A (en) Method and network node for obtaining a permanent identity of an authenticating wireless device
CN112956253A (en) Method and apparatus for attaching user equipment to network slice
CN116567633B (en) Identity authentication method, system and equipment based on ECDSA signature algorithm
US9374371B2 (en) Authentication apparatus and method thereof, and computer program
CN108900309A (en) A kind of method for authenticating and right discriminating system
CN111770496B (en) 5G-AKA authentication method, unified data management network element and user equipment
US20060236109A1 (en) System and method for multi-session establishment for a single device
JP7423856B2 (en) How to identify electric vehicle charging stations
EP3562260B1 (en) Automatically determining mesh network role of network device
CN113747433A (en) Equipment authentication method based on block side chain structure in fog network
US7502629B2 (en) Methods and devices for transferring a secret to enable authenticated wireless communication

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP