[go: up one dir, main page]

WO2018158216A1 - Establishing a communication link using an optical code - Google Patents

Establishing a communication link using an optical code Download PDF

Info

Publication number
WO2018158216A1
WO2018158216A1 PCT/EP2018/054744 EP2018054744W WO2018158216A1 WO 2018158216 A1 WO2018158216 A1 WO 2018158216A1 EP 2018054744 W EP2018054744 W EP 2018054744W WO 2018158216 A1 WO2018158216 A1 WO 2018158216A1
Authority
WO
WIPO (PCT)
Prior art keywords
generator
reader
data set
electronic message
reader device
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2018/054744
Other languages
French (fr)
Inventor
Håkan OLSSON
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Assa Abloy AB
Original Assignee
Assa Abloy AB
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Assa Abloy AB filed Critical Assa Abloy AB
Publication of WO2018158216A1 publication Critical patent/WO2018158216A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3274Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3276Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being read by the M-device
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Definitions

  • the invention relates to methods, a reader device, a generator device, computer programs and computer program products for establishing a communication link using an optical code.
  • TLS Transport Layer Security
  • CA Certificate Authority
  • a method for establishing a communication link with a generator device comprising the steps of: reading an optical code generated by the generator device, the optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; generating an electronic message comprising an identifier associated with the reader device, the code data set and a reader encryption key; encrypting the electronic message using the generator encryption key; and sending the encrypted electronic message to the generator device.
  • the method may further comprise the step of: exchanging a shared secret with the generator device.
  • the method may further comprising the step of obtaining an address of the generator device based on the optical code; in which case the step of sending the electronic message comprises sending the electronic message to the address of the generator device.
  • the optical code may further comprises a generator signature key
  • a reader device for establishing a communication link with a generator device.
  • the reader device comprises: a processor; and a memory storing instructions that, when executed by the processor, cause the reader device to: read an optical code generated by the generator device, the optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; generate an electronic message comprising an identifier associated with the reader device, the code data set and a reader encryption key; encrypt the electronic message using the generator encryption key; and send the encrypted electronic message to the generator device.
  • the reader device may further comprise instructions that, when executed by the processor, cause the reader device to: exchange a shared secret with the generator device.
  • the reader device may further comprising instructions that, when executed by the processor, cause the reader device to obtain an address of the generator device based on the optical code; in which case the instructions to send the electronic message comprise instructions that, when executed by the processor, cause the reader device to send the electronic message to the address of the generator device.
  • the optical code may further comprises a generator signature key
  • the computer program comprises computer program code which, when run on a reader device causes the reader device to: read an optical code generated by a generator device, the optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; generate an electronic message comprising an identifier associated with the reader device, the code data set and a reader encryption key; encrypt the electronic message using the generator encryption key; and send the encrypted electronic message to the generator device.
  • a computer program product comprising a computer program according to the third aspect and a computer readable means on which the computer program is stored.
  • a method for establishing a communication link with a reader device comprising the steps of: generating an optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; presenting the optical code; receiving an electronic message from the reader device; decrypting the electronic message using a key being associated with the generator encryption key; extracting, from the decrypted electronic message, an identifier associated with the reader device, a message data set and a reader encryption key; and
  • the method may further comprise the step of: exchanging a shared secret with the reader device.
  • the code data set may be derived using a low-discrepancy sequence.
  • the optical code may comprise data allowing the reader device to derive an address of the generator device.
  • the optical code may further comprises a generator signature key
  • a generator device for establishing a communication link with a reader device.
  • the generator device comprises: a processor; and a memory storing instructions that, when executed by the processor, cause the generator device to: generate an optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; present the optical code; receive an electronic message from the reader device; decrypt the electronic message using a key being associated with the generator encryption key; extract, from the decrypted electronic message, an identifier associated with the reader device, a message data set and a reader encryption key; and authorise the reader device when the message data set matches the code data set.
  • the generator device may further comprise instructions that, when executed by the processor, cause the generator device to: exchange a shared secret with the reader device.
  • the code data set may be derived using a low-discrepancy sequence.
  • the optical code may comprise data allowing the reader device to derive an address of the generator device.
  • the optical code may further comprises a generator signature key
  • a computer program for establishing a communication link with a reader device.
  • the computer program comprises computer program code which, when run on a generator device causes the generator device to: generate an optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; present the optical code; receive an electronic message from the reader device; decrypt the electronic message using a key being associated with the generator encryption key; extract, from the decrypted electronic message, an identifier associated with the reader device, a message data set and a reader encryption key; and authorise the reader device when the message data set matches the code data set.
  • a computer program product comprising a computer program according to the seventh aspect and a computer readable means on which the computer program is stored.
  • Figs lA-B is a schematic graph illustrating an environment in which embodiments presented herein can be applied;
  • Fig 2 is a sequence diagram illustrating how communication is established between the reader device and the generator device of Figs lA-B;
  • Fig 3 is a flow chart illustrating a method performed in the reader device for establishing communication with the generator device
  • Fig 4 is a flow chart illustrating a method performed in the generator device for establishing communication with the reader device
  • Fig 5 is a schematic diagram illustrating components of the reader device and the generator device, of Figs lA-B, here represented by a single device;
  • Fig 6 shows one example of a computer program product comprising computer readable means.
  • Figs lA-B is a schematic graph illustrating an environment in which embodiments presented herein can be applied.
  • parties who would like to communicate securely. Since one of these parties has a generator device 12 which will generate an optical code (as explained in more detail below), we call that party a generator party 2. The other party has a reader device 11 which will read the optical code (as explained in more detail below), whereby we call the other party a reader party 1.
  • the generator device 12 and the reader device 11 are here within line of sight and can also communicate electronically over an electronic communication channel 7, which can e.g. comprise any one or more communication links selected from the group of Bluetooth, Bluetooth Low Energy (BLE), any of the IEEE
  • 802.11X standards a mobile network (e.g. LTE (Long Term Evolution), W- CDMA (Wideband Code Division Multiple Access), Ethernet, etc.
  • LTE Long Term Evolution
  • W- CDMA Wideband Code Division Multiple Access
  • Ethernet etc.
  • communication over the communication channel 7 can be based on Internet Protocol (IP).
  • IP Internet Protocol
  • the communication channel 7 can be provided without the need for line of sight between the reader device 11 and the generator device 12.
  • the generator device 12 When communication is to be established between the reader device 11 and the generator device 12, the generator device 12 generates an optical code 15 on the display of the generator device 12.
  • the optical code 15 can be a two dimensional code (also known as matrix code) such as a QR (Quick Response) code, data matrix code, etc.
  • the optical code 15 can be a one dimensional code, i.e. barcode, such as EAN (European Article Number).
  • the reader device 11 captures an image which contains the optical code 15 and uses some of the data (e.g. a generator encryption key and code data set) of the optical code 15 to establish a secure bidirectional communication session with the generator device 12 using the communication channel 7.
  • data e.g. a generator encryption key and code data set
  • the generator device 12 is a server.
  • a client 13, e.g. a computer, is connected via the communication channel 7 to the generator device 12.
  • This connection can for instance be implemented using a web browser in the client 13 connecting to a web server on the generator device 12.
  • the reader device 11 is within line of sight of the client 13.
  • the generator device 12 can generate the optical code 15 in the form of an image which is displayed on the client 13, which is read by the reader device 11 to establish communication with the generator device 12 as described in more detail below.
  • Fig 2 is a sequence diagram illustrating how communication is established between the reader device 11 and the generator device 12 of Figs lA-B.
  • the generator device 12 generates 20 an optical code and presents the optical code visually so that it is visible for the reader device 11.
  • the optical code can be presented on a display of the generator device 12 itself, or by rendering a web page to be displayed on a client which is connected to the generator device.
  • the optical code comprises a generator encryption key and a code data set.
  • the code data set can e.g. be a (pseudo) random number.
  • the optical code further comprises a generator signature key.
  • the reader device 11 reads 21 the optical code 21, e.g. using a camera, and extracts data from the optical code. Based on the extracted data (such as a code data set in the extracted data), the reader device 11 generates 22 an electronic message comprising the code data set, a reader signature key, a reader encryption key and encrypts the message. The encryption occurs using the generator encryption key forming part of the extracted data. The reader device 11 subsequently sends 23 the encrypted message to the generator device 12.
  • the generator device 12 verifies that the message data set and the code data set match, after which the reader device 11 can establish a secure channel 25 using the reader encryption key for further communication. Since the data sets match, the generator device knows that the device sending the message (the reader device) is a device that has been within line of sight of the optical code. This implies that the generator device can trust that nobody has manipulated data sent from the device which has read the optical code. Additionally, the reader device can trust the generator device since the reader device uses the key(s) from the generator device to set up secure communication..
  • Fig 3 is a flow chart illustrating a method performed in the reader device for establishing communication with the generator device.
  • an optical code generated by the generator device is read.
  • the optical code comprises an identifier associated with the generator device, a generator encryption key and a code data set.
  • the data set can have been generated by the generator device using a low-discrepancy sequence. In other words, the data set can be a (pseudo) random number.
  • the optical code further comprises a generator signature key.
  • a generate message step 42 an electronic message is generated.
  • the electronic messages comprises an identifier associated with the reader device, the code data set and a reader encryption key.
  • the identifier of the reader device can be e.g. name, identity number, phone number, e-mail address, IP address, URI (Uniform Resource Indicator), etc.
  • the electronic message is encrypted using the generator encryption key (obtained from the optical code).
  • an address of the generator device is obtained based on the optical code.
  • the address can be (part of or the whole) identifier of the generator device, which is part of the optical code.
  • the identifier, generator encryption key or signature key can be used in a database lookup (local or remote) to obtain the address of the generator device.
  • a send message step 46 the encrypted electronic message is sent to the generator device.
  • the electronic message is sent over the electronic
  • step 45 the electronic message is sent to the address of the generator device obtained in step 45.
  • a shared secret is exchanged with the generator device.
  • the shared secret can be exchanged using asymmetrical encryption (i.e. the reader device encrypts using the generator encryption key and the generator device encrypts using the reader encryption key).
  • secure communication proceeds with asymmetrical encryption.
  • AES Advanced Encryption Standard
  • Fig 4 is a flow chart illustrating a method performed in the generator device for establishing communication with the reader device.
  • an optical code is generated.
  • the optical code comprises an identifier associated with the generator device, a generator encryption key and a code data set.
  • the code data set can be derived using a low-discrepancy sequence.
  • the code data set changes over time. For instance, the code data set can change each time the optical code is generated.
  • the identifier of the generator device can be e.g. name, identity number, phone number, e-mail address, IP address, URI (Uniform Resource Indicator), etc.
  • the optical code further comprises a signature key.
  • the optical code can comprise data which allows the reader device to derive an address of the generator device.
  • the address can be (part of or the whole) identifier of the generator device.
  • the identifier, generator encryption key or generator signature key can be used in a database lookup (local or remote) to obtain the address of the generator device.
  • the optical code is presented, e.g. on a display of the generator device.
  • the optical code can be displayed by transmitting an image containing the optical code to a client, e.g. in a web browser, which presents the image within line of sight of the reader device.
  • a receive message step 53 an electronic message is received from the reader device.
  • the message is received over the electronic communication channel (see 7 of Figs lA-B).
  • a decrypt message step 54 the electronic message is decrypted using a key being associated with the generator encryption key.
  • the generator encryption key can be a public key of a key pair and the decryption can occur using a private key of the same key pair.
  • the generator device extracts, from the decrypted electronic message, an identifier associated with the reader device, a message data set and a reader encryption key.
  • a conditional matching data sets step 57 it is determined whether the message data set matches the code data set. If this is the case, the method proceeds to an authorise step 58. Otherwise, the method ends. Optionally, there is a limited validity time applied as well. In such a case, if the validity time has expired, the match is negative even if the message data set and the code data set are identical. In the authorise step 58, the reader device is authorised (since the data sets of matched in step 57).
  • a shared secret is exchanged with the reader device.
  • the shared secret can be exchanged using
  • asymmetrical encryption i.e. the reader device encrypts using the generator encryption key and the generator device encrypts using the reader encryption key.
  • secure communication proceeds with asymmetrical encryption. After the shared secret is exchanged, further encrypted
  • AES Advanced Encryption Standard
  • the reader device can be coupled to the generation of the optical code on the client device, which can thus be trusted by the server to be the user who is logged in. This provides a very convenient way of transferring a user association from the client to the reader device.
  • Fig 5 is a schematic diagram illustrating components of the reader device 11 and the generator device 12, of Figs lA-B, here represented by a single device.
  • a processor 60 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), application specific integrated circuit etc., capable of executing software instructions 67 stored in a memory 64, which can thus be a computer program product.
  • the processor 60 can be configured to execute the method described with reference to Fig 3 or 4 above.
  • the memory 64 can be any combination of read and write memory (RAM) and read only memory (ROM).
  • the memory 64 also comprises persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, solid state memory or even remotely mounted memory.
  • a data memory 66 is also provided for reading and/or storing data during execution of software instructions in the processor 6o.
  • the data memory 66 can be any combination of read and write memory (RAM) and read only memory (ROM).
  • the reader device n and the generator device 12 further comprises an I/O interface 62 for communicating with other external entities.
  • the I/O interface 62 comprises a camera (at least for the reader device) and also includes a user interface, e.g. a one or more of a (touch sensitive) display, push buttons, microphone, speaker, etc.
  • a transceiver 61 which comprises suitable analogue and digital components to allow signal transmission and signal reception with a wireless device using one or more antennas 63.
  • Other components of the reader device 11 and the generator device 12 are omitted in order not to obscure the concepts presented herein.
  • Fig 6 shows one example of a computer program product comprising computer readable means.
  • a computer program 91 can be stored, which computer program can cause a processor to execute a method according to embodiments described herein.
  • the computer program product is an optical disc, such as a CD (compact disc) or a DVD (digital versatile disc) or a Blu-Ray disc.
  • the computer program product could also be embodied in a memory of a device, such as the computer program product 64 of Fig 5.
  • the computer program 91 is here schematically shown as a track on the depicted optical disk, the computer program can be stored in any way which is suitable for the computer program product, such as a removable solid state memory, e.g.
  • USB Universal Serial Bus

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • General Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

It is provided a method for establishing a communication link with a generator device. The method is performed in a reader device and comprises the steps of: reading an optical code generated by the generator device, the optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; generating an electronic message comprising an identifier associated with the reader device, the code data set and a reader encryption key; encrypting the electronic message using the generator encryption key; and sending the encrypted electronic message to the generator device.

Description

ESTABLISHING A COMMUNICATION LINK USING AN OPTICAL
CODE
TECHNICAL FIELD
The invention relates to methods, a reader device, a generator device, computer programs and computer program products for establishing a communication link using an optical code.
BACKGROUND
The ability to communicate securely between electronic communication devices only increase in importance. One known way to set up such
communication is to use Transport Layer Security (TLS). An issue with TLS is that it is limited to a client-server based communication. Moreover, TLS needs a certificate forming part of a chain including a Certificate Authority (CA) for full authentication. CAs are trusted parties which can issue digital certificates. However, many, or even most, communication devices do not have certificates in a certificate chain leading to a CA.
SUMMARY
It is an object to provide a way to set up secure communication which does not depend on a certificate authority and which is not dependent on a client server architecture. According to a first aspect, it is provided a method for establishing a communication link with a generator device. The method is performed in a reader device and comprises the steps of: reading an optical code generated by the generator device, the optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; generating an electronic message comprising an identifier associated with the reader device, the code data set and a reader encryption key; encrypting the electronic message using the generator encryption key; and sending the encrypted electronic message to the generator device. The method may further comprise the step of: exchanging a shared secret with the generator device.
The method may further comprising the step of obtaining an address of the generator device based on the optical code; in which case the step of sending the electronic message comprises sending the electronic message to the address of the generator device.
The optical code may further comprises a generator signature key
According to a second aspect, it is provided a reader device for establishing a communication link with a generator device. The reader device comprises: a processor; and a memory storing instructions that, when executed by the processor, cause the reader device to: read an optical code generated by the generator device, the optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; generate an electronic message comprising an identifier associated with the reader device, the code data set and a reader encryption key; encrypt the electronic message using the generator encryption key; and send the encrypted electronic message to the generator device.
The reader device may further comprise instructions that, when executed by the processor, cause the reader device to: exchange a shared secret with the generator device.
The reader device may further comprising instructions that, when executed by the processor, cause the reader device to obtain an address of the generator device based on the optical code; in which case the instructions to send the electronic message comprise instructions that, when executed by the processor, cause the reader device to send the electronic message to the address of the generator device.
The optical code may further comprises a generator signature key
According to a third aspect, it is provided a computer program for
establishing a communication link with a generator device. The computer program comprises computer program code which, when run on a reader device causes the reader device to: read an optical code generated by a generator device, the optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; generate an electronic message comprising an identifier associated with the reader device, the code data set and a reader encryption key; encrypt the electronic message using the generator encryption key; and send the encrypted electronic message to the generator device.
According to a fourth aspect, it is provided a computer program product comprising a computer program according to the third aspect and a computer readable means on which the computer program is stored.
According to a fifth aspect, it is provided a method for establishing a communication link with a reader device. The method is performed in a generator device and comprises the steps of: generating an optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; presenting the optical code; receiving an electronic message from the reader device; decrypting the electronic message using a key being associated with the generator encryption key; extracting, from the decrypted electronic message, an identifier associated with the reader device, a message data set and a reader encryption key; and
authorising the reader device when the message data set matches the code data set.
The method may further comprise the step of: exchanging a shared secret with the reader device.
The code data set may be derived using a low-discrepancy sequence.
The optical code may comprise data allowing the reader device to derive an address of the generator device.
The optical code may further comprises a generator signature key According to a sixth aspect, it is provided a generator device for establishing a communication link with a reader device. The generator device comprises: a processor; and a memory storing instructions that, when executed by the processor, cause the generator device to: generate an optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; present the optical code; receive an electronic message from the reader device; decrypt the electronic message using a key being associated with the generator encryption key; extract, from the decrypted electronic message, an identifier associated with the reader device, a message data set and a reader encryption key; and authorise the reader device when the message data set matches the code data set.
The generator device may further comprise instructions that, when executed by the processor, cause the generator device to: exchange a shared secret with the reader device. The code data set may be derived using a low-discrepancy sequence.
The optical code may comprise data allowing the reader device to derive an address of the generator device.
The optical code may further comprises a generator signature key
According to a seventh aspect, it is provided a computer program for establishing a communication link with a reader device. The computer program comprises computer program code which, when run on a generator device causes the generator device to: generate an optical code comprising an identifier associated with the generator device, a generator encryption key and a code data set; present the optical code; receive an electronic message from the reader device; decrypt the electronic message using a key being associated with the generator encryption key; extract, from the decrypted electronic message, an identifier associated with the reader device, a message data set and a reader encryption key; and authorise the reader device when the message data set matches the code data set. According to an eighth aspect, it is provided a computer program product comprising a computer program according to the seventh aspect and a computer readable means on which the computer program is stored.
Generally, all terms used in the claims are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a/an/the element, apparatus, component, means, step, etc." are to be interpreted openly as referring to at least one instance of the element, apparatus, component, means, step, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.
BRIEF DESCRIPTION OF THE DRAWINGS
The invention is now described, by way of example, with reference to the accompanying drawings, in which:
Figs lA-B is a schematic graph illustrating an environment in which embodiments presented herein can be applied;
Fig 2 is a sequence diagram illustrating how communication is established between the reader device and the generator device of Figs lA-B;
Fig 3 is a flow chart illustrating a method performed in the reader device for establishing communication with the generator device; Fig 4 is a flow chart illustrating a method performed in the generator device for establishing communication with the reader device;
Fig 5 is a schematic diagram illustrating components of the reader device and the generator device, of Figs lA-B, here represented by a single device; and
Fig 6 shows one example of a computer program product comprising computer readable means. DETAILED DESCRIPTION
The invention will now be described more fully hereinafter with reference to the accompanying drawings, in which certain embodiments of the invention are shown. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein; rather, these embodiments are provided by way of example so that this disclosure will be thorough and complete, and will fully convey the scope of the invention to those skilled in the art. Like numbers refer to like elements throughout the description. Figs lA-B is a schematic graph illustrating an environment in which embodiments presented herein can be applied. There are two parties who would like to communicate securely. Since one of these parties has a generator device 12 which will generate an optical code (as explained in more detail below), we call that party a generator party 2. The other party has a reader device 11 which will read the optical code (as explained in more detail below), whereby we call the other party a reader party 1.
First the embodiment illustrated in Fig lA will be described. The generator device 12 and the reader device 11 are here within line of sight and can also communicate electronically over an electronic communication channel 7, which can e.g. comprise any one or more communication links selected from the group of Bluetooth, Bluetooth Low Energy (BLE), any of the IEEE
802.11X standards, a mobile network (e.g. LTE (Long Term Evolution), W- CDMA (Wideband Code Division Multiple Access), Ethernet, etc. For instance, communication over the communication channel 7 can be based on Internet Protocol (IP). The communication channel 7 can be provided without the need for line of sight between the reader device 11 and the generator device 12.
When communication is to be established between the reader device 11 and the generator device 12, the generator device 12 generates an optical code 15 on the display of the generator device 12. The optical code 15 can be a two dimensional code (also known as matrix code) such as a QR (Quick Response) code, data matrix code, etc. Alternatively or additionally, the optical code 15 can be a one dimensional code, i.e. barcode, such as EAN (European Article Number).
The reader device 11 captures an image which contains the optical code 15 and uses some of the data (e.g. a generator encryption key and code data set) of the optical code 15 to establish a secure bidirectional communication session with the generator device 12 using the communication channel 7.
Looking now to Fig lB, only differences compared to the embodiment of Fig lA will be described. Here, the generator device 12 is a server. A client 13, e.g. a computer, is connected via the communication channel 7 to the generator device 12. This connection can for instance be implemented using a web browser in the client 13 connecting to a web server on the generator device 12. The reader device 11 is within line of sight of the client 13. In this way, the generator device 12 can generate the optical code 15 in the form of an image which is displayed on the client 13, which is read by the reader device 11 to establish communication with the generator device 12 as described in more detail below.
Fig 2 is a sequence diagram illustrating how communication is established between the reader device 11 and the generator device 12 of Figs lA-B. First, the generator device 12 generates 20 an optical code and presents the optical code visually so that it is visible for the reader device 11. For instance, the optical code can be presented on a display of the generator device 12 itself, or by rendering a web page to be displayed on a client which is connected to the generator device. The optical code comprises a generator encryption key and a code data set. The code data set can e.g. be a (pseudo) random number. Optionally, the optical code further comprises a generator signature key.
The reader device 11 reads 21 the optical code 21, e.g. using a camera, and extracts data from the optical code. Based on the extracted data (such as a code data set in the extracted data), the reader device 11 generates 22 an electronic message comprising the code data set, a reader signature key, a reader encryption key and encrypts the message. The encryption occurs using the generator encryption key forming part of the extracted data. The reader device 11 subsequently sends 23 the encrypted message to the generator device 12.
Once the generator device 12 has received the encrypted message, the generator device 12 verifies that the message data set and the code data set match, after which the reader device 11 can establish a secure channel 25 using the reader encryption key for further communication. Since the data sets match, the generator device knows that the device sending the message (the reader device) is a device that has been within line of sight of the optical code. This implies that the generator device can trust that nobody has manipulated data sent from the device which has read the optical code. Additionally, the reader device can trust the generator device since the reader device uses the key(s) from the generator device to set up secure communication..
Fig 3 is a flow chart illustrating a method performed in the reader device for establishing communication with the generator device.
In read optical code step 40, an optical code generated by the generator device is read. The optical code comprises an identifier associated with the generator device, a generator encryption key and a code data set. The data set can have been generated by the generator device using a low-discrepancy sequence. In other words, the data set can be a (pseudo) random number. Optionally, the optical code further comprises a generator signature key. In a generate message step 42, an electronic message is generated. The electronic messages comprises an identifier associated with the reader device, the code data set and a reader encryption key. The identifier of the reader device can be e.g. name, identity number, phone number, e-mail address, IP address, URI (Uniform Resource Indicator), etc. In an encrypt message step 44, the electronic message is encrypted using the generator encryption key (obtained from the optical code).
In an optional obtain address step 45, an address of the generator device is obtained based on the optical code. For instance, the address can be (part of or the whole) identifier of the generator device, which is part of the optical code. Alternatively, the identifier, generator encryption key or signature key can be used in a database lookup (local or remote) to obtain the address of the generator device.
In a send message step 46, the encrypted electronic message is sent to the generator device. The electronic message is sent over the electronic
communication channel (see 7 of Figs lA-B). When step 45 is performed, the electronic message is sent to the address of the generator device obtained in step 45.
In an optional exchange shared secret step 48, a shared secret is exchanged with the generator device. The shared secret can be exchanged using asymmetrical encryption (i.e. the reader device encrypts using the generator encryption key and the generator device encrypts using the reader encryption key). Alternatively, secure communication proceeds with asymmetrical encryption. After the shared secret is exchanged, further encrypted
communication can occur using a more efficient symmetric key algorithm, e.g. Advanced Encryption Standard (AES).
Fig 4 is a flow chart illustrating a method performed in the generator device for establishing communication with the reader device.
In a generate optical code step 50, an optical code is generated. The optical code comprises an identifier associated with the generator device, a generator encryption key and a code data set. The code data set can be derived using a low-discrepancy sequence. The code data set changes over time. For instance, the code data set can change each time the optical code is generated. The identifier of the generator device can be e.g. name, identity number, phone number, e-mail address, IP address, URI (Uniform Resource Indicator), etc. Optionally, the optical code further comprises a signature key.
The optical code can comprise data which allows the reader device to derive an address of the generator device. For instance, the address can be (part of or the whole) identifier of the generator device. Alternatively, the identifier, generator encryption key or generator signature key can be used in a database lookup (local or remote) to obtain the address of the generator device.
In a present optical code step 52, the optical code is presented, e.g. on a display of the generator device. Alternatively, when the generator device is a server, the optical code can be displayed by transmitting an image containing the optical code to a client, e.g. in a web browser, which presents the image within line of sight of the reader device.
In a receive message step 53, an electronic message is received from the reader device. The message is received over the electronic communication channel (see 7 of Figs lA-B).
In a decrypt message step 54, the electronic message is decrypted using a key being associated with the generator encryption key. For instance, the generator encryption key can be a public key of a key pair and the decryption can occur using a private key of the same key pair.
In an extract data step 56, the generator device extracts, from the decrypted electronic message, an identifier associated with the reader device, a message data set and a reader encryption key.
In a conditional matching data sets step 57, it is determined whether the message data set matches the code data set. If this is the case, the method proceeds to an authorise step 58. Otherwise, the method ends. Optionally, there is a limited validity time applied as well. In such a case, if the validity time has expired, the match is negative even if the message data set and the code data set are identical. In the authorise step 58, the reader device is authorised (since the data sets of matched in step 57).
In an optional exchange shared secret step 59, a shared secret is exchanged with the reader device. The shared secret can be exchanged using
asymmetrical encryption (i.e. the reader device encrypts using the generator encryption key and the generator device encrypts using the reader encryption key). Alternatively, secure communication proceeds with asymmetrical encryption. After the shared secret is exchanged, further encrypted
communication can occur using a more efficient symmetric key algorithm, e.g. Advanced Encryption Standard (AES).
When the optical code is presented using the client, there is at least a physical proximity between the client and the reader device which can be verified. Consider a scenario where a user is logged in to the server (i.e. generator device) using the client. Using the embodiments presented herein, the reader device can be coupled to the generation of the optical code on the client device, which can thus be trusted by the server to be the user who is logged in. This provides a very convenient way of transferring a user association from the client to the reader device.
Fig 5 is a schematic diagram illustrating components of the reader device 11 and the generator device 12, of Figs lA-B, here represented by a single device. A processor 60 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), application specific integrated circuit etc., capable of executing software instructions 67 stored in a memory 64, which can thus be a computer program product. The processor 60 can be configured to execute the method described with reference to Fig 3 or 4 above.
The memory 64 can be any combination of read and write memory (RAM) and read only memory (ROM). The memory 64 also comprises persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, solid state memory or even remotely mounted memory.
A data memory 66 is also provided for reading and/or storing data during execution of software instructions in the processor 6o. The data memory 66 can be any combination of read and write memory (RAM) and read only memory (ROM).
The reader device n and the generator device 12 further comprises an I/O interface 62 for communicating with other external entities. The I/O interface 62 comprises a camera (at least for the reader device) and also includes a user interface, e.g. a one or more of a (touch sensitive) display, push buttons, microphone, speaker, etc.
Optionally, a transceiver 61 is provided which comprises suitable analogue and digital components to allow signal transmission and signal reception with a wireless device using one or more antennas 63. Other components of the reader device 11 and the generator device 12 are omitted in order not to obscure the concepts presented herein.
Fig 6 shows one example of a computer program product comprising computer readable means. On this computer readable means a computer program 91 can be stored, which computer program can cause a processor to execute a method according to embodiments described herein. In this example, the computer program product is an optical disc, such as a CD (compact disc) or a DVD (digital versatile disc) or a Blu-Ray disc. As explained above, the computer program product could also be embodied in a memory of a device, such as the computer program product 64 of Fig 5. While the computer program 91 is here schematically shown as a track on the depicted optical disk, the computer program can be stored in any way which is suitable for the computer program product, such as a removable solid state memory, e.g. a Universal Serial Bus (USB) drive. The invention has mainly been described above with reference to a few embodiments. However, as is readily appreciated by a person skilled in the art, other embodiments than the ones disclosed above are equally possible within the scope of the invention, as defined by the appended patent claims

Claims

1. A method for establishing a communication link with a generator device (12), the method being performed in a reader device (11) and comprising the steps of:
reading (40) an optical code (15) generated by the generator device (12), the optical code (15) comprising an identifier associated with the generator device (12), a generator encryption key and a code data set;
generating (42) an electronic message comprising an identifier associated with the reader device (11), the code data set and a reader encryption key;
encrypting (44) the electronic message using the generator encryption key; and
sending (46) the encrypted electronic message to the generator device
(12).
2. The method according to claim 1, further comprising the step of:
exchanging (48) a shared secret with the generator device (12).
3. The method according to claim 1 or 2, further comprising the step of obtaining (45) an address of the generator device (12) based on the optical code (15); and
wherein the step of sending (46) the electronic message comprises sending the electronic message to the address of the generator device (12).
4. The method according to any one of the preceding claims, wherein the optical code (15) further comprises a generator signature key.
5. A reader device (11) for establishing a communication link with a generator device (12), the reader device (11) comprising:
a processor (60); and
a memory (64) storing instructions (67) that, when executed by the processor, cause the reader device (11) to:
read an optical code (15) generated by the generator device (12), the optical code (15) comprising an identifier associated with the generator device (121), a generator encryption key and a code data set;
generate an electronic message comprising an identifier associated with the reader device (11), the code data set and a reader encryption key;
encrypt the electronic message using the generator encryption key; and send the encrypted electronic message to the generator device (12).
6. The reader device (11) according to claim 5, further comprising instructions (67) that, when executed by the processor, cause the reader device (11) to:
exchange a shared secret with the generator device (12).
7. The reader device (11) according to claim 5 or 6, further comprising instructions (67) that, when executed by the processor, cause the reader device (11) to obtain an address of the generator device (12) based on the optical code (15); and
wherein the instructions to send the electronic message comprise instructions (67) that, when executed by the processor, cause the reader device (11) to send the electronic message to the address of the generator device (12).
8. A computer program (67, 91) for establishing a communication link with a generator device (12), the computer program comprising computer program code which, when run on a reader device (11) causes the reader device (11) to:
read an optical code (15) generated by a generator device (12), the optical code (15) comprising an identifier associated with the generator device (121), a generator encryption key and a code data set;
generate an electronic message comprising an identifier associated with the reader device (11), the code data set and a reader encryption key;
encrypt the electronic message using the generator encryption key; and send the encrypted electronic message to the generator device (12).
9. A computer program product (64, 90) comprising a computer program according to claim 8 and a computer readable means on which the computer program is stored.
10. A method for establishing a communication link with a reader device (11), the method being performed in a generator device (12) and comprising the steps of:
generating (50) an optical code (15) comprising an identifier associated with the generator device (12), a generator encryption key and a code data set;
presenting (52) the optical code (15);
receiving (53) an electronic message from the reader device (11);
decrypting (54) the electronic message using a key being associated with the generator encryption key;
extracting (56), from the decrypted electronic message, an identifier associated with the reader device (12), a message data set and a reader encryption key; and
authorising (58) the reader device (12) when the message data set matches the code data set.
11. The method according to claim 10, further comprising the step of:
exchanging (59) a shared secret with the reader device (11).
12. The method according to claim 10 or 11, wherein the code data set is derived using a low-discrepancy sequence.
13. The method according to any one of claims 10 to 12, wherein the optical code comprises data allowing the reader device (11) to derive an address of the generator device (12).
14. The method according to any one of claims 10 to 13, wherein the optical code (15) further comprises a generator signature key.
15. A generator device (12) for establishing a communication link with a reader device (11), the generator device (12) comprising: a processor (60); and
a memory (64) storing instructions (67) that, when executed by the processor, cause the generator device (12) to:
generate an optical code (15) comprising an identifier associated with the generator device (12), a generator encryption key and a code data set; present the optical code (15);
receive an electronic message from the reader device (11);
decrypt the electronic message using a key being associated with the generator encryption key;
extract, from the decrypted electronic message, an identifier associated with the reader device (12), a message data set and a reader encryption key; and
authorise the reader device (12) when the message data set matches the code data set.
16. The generator device (12) according to claim 15, further comprising instructions (67) that, when executed by the processor, cause the generator device (12) to:
exchange a shared secret with the reader device (11).
17. The generator device (12) according to claim 15 or 16, wherein the code data set is derived using a low-discrepancy sequence.
18. The generator device (12) according to any one of claims 15 to 17, wherein the optical code comprises data allowing the reader device (11) to derive an address of the generator device (12).
19. A computer program (67, 91) for establishing a communication link with a reader device (11), the computer program comprising computer program code which, when run on a generator device (12) causes the generator device (12) to:
generate an optical code (15) comprising an identifier associated with the generator device (12), a signature key, a generator encryption key and a code data set; l8 present the optical code (15);
receive an electronic message from the reader device (11);
decrypt the electronic message using a key being associated with the generator encryption key;
extract, from the decrypted electronic message, an identifier associated with the reader device (12), a message data set and a reader encryption key; and
authorise the reader device (12) when the message data set matches the code data set.
20. A computer program product (64, 90) comprising a computer program according to claim 19 and a computer readable means on which the computer program is stored.
PCT/EP2018/054744 2017-03-03 2018-02-27 Establishing a communication link using an optical code Ceased WO2018158216A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SE1750232 2017-03-03
SE1750232-9 2017-03-03

Publications (1)

Publication Number Publication Date
WO2018158216A1 true WO2018158216A1 (en) 2018-09-07

Family

ID=61386858

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2018/054744 Ceased WO2018158216A1 (en) 2017-03-03 2018-02-27 Establishing a communication link using an optical code

Country Status (1)

Country Link
WO (1) WO2018158216A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020249743A1 (en) * 2019-06-14 2020-12-17 Assa Abloy Ab Performing a cryptographic operation in a web browser

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140047524A1 (en) * 2012-08-09 2014-02-13 Desire2Learn Incorporated Code-based authorization of mobile device
US20140281522A1 (en) * 2013-03-13 2014-09-18 Xerox Corporation Method and apparatus for establishing a secure communication link between a mobile endpoint device and a networked device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140047524A1 (en) * 2012-08-09 2014-02-13 Desire2Learn Incorporated Code-based authorization of mobile device
US20140281522A1 (en) * 2013-03-13 2014-09-18 Xerox Corporation Method and apparatus for establishing a secure communication link between a mobile endpoint device and a networked device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020249743A1 (en) * 2019-06-14 2020-12-17 Assa Abloy Ab Performing a cryptographic operation in a web browser

Similar Documents

Publication Publication Date Title
US9912477B2 (en) Using everyday objects as cryptographic keys
US9485096B2 (en) Encryption / decryption of data with non-persistent, non-shared passkey
EP2639997B1 (en) Method and system for secure access of a first computer to a second computer
JP6399382B2 (en) Authentication system
KR20210134655A (en) Security systems and related methods
US9716591B2 (en) Method for setting up a secure connection between clients
JP2020530726A (en) NFC tag authentication to remote servers with applications that protect supply chain asset management
CN104378379B (en) A kind of digital content encrypted transmission method, equipment and system
CN102725995A (en) establishing at least in part a secure communication channel between the nodes to at least in part allow inspection of encrypted communications at least in part performed between the nodes
JP6930053B2 (en) Data encryption method and system using device authentication key
CN107454079A (en) Lightweight device authentication and shared key machinery of consultation based on platform of internet of things
CN105763331A (en) Data encryption method, device, data decryption method and device
CN111052673A (en) Anonymous broadcasting method, key exchange method, anonymous broadcasting system, key exchange system, communication device, and program
KR20100114321A (en) Digital content transaction-breakdown the method thereof
TWI556618B (en) Network Group Authentication System and Method
US20060129812A1 (en) Authentication for admitting parties into a network
JP6182080B2 (en) Authentication system, program
Narendrakumar et al. Token security for internet of things
KR102146757B1 (en) Method for Statement Confirmation, Enrollment of Identity Repository Module, and Entity Authentication, which Guarantees Anonymity While Preventing Sybil Attack
CN107409043A (en) Distributed treatment of the data storage based on center encryption to product
CN114900288A (en) Industrial environment authentication method based on edge service
WO2018158216A1 (en) Establishing a communication link using an optical code
KR101929355B1 (en) Encryption and decryption system using unique serial number and symmetric cryptography
JP2009065226A (en) Authenticated key exchange system, authenticated key exchange method and program
CN117376006A (en) A temporary session key secure communication method, device, electronic equipment and medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18707709

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18707709

Country of ref document: EP

Kind code of ref document: A1