US 12,231,427 B2
Mutual authentication system
Johannes Arnoldus Cornelis Bernsen, Eindhoven (NL); Franciscus Antonius Maria Van De Laar, Eindhoven (NL); and Ronald Felix Albertus Linders, Eindhoven (NL)
Assigned to Koninklijke Philips N.V., Eindhoven (NL)
Filed by KONINKLIJKE PHILIPS N.V., Eindhoven (NL)
Filed on Aug. 4, 2023, as Appl. No. 18/230,197.
Application 18/230,197 is a continuation of application No. 17/536,149, filed on Nov. 29, 2021, granted, now 11,757,874.
Application 17/536,149 is a continuation of application No. 16/494,877, granted, now 11,190,506, previously published as PCT/EP2018/056491, filed on Mar. 15, 2018.
Claims priority of application No. 17161856 (EP), filed on Mar. 20, 2017.
Prior Publication US 2023/0379327 A1, Nov. 23, 2023
This patent is subject to a terminal disclaimer.
Int. Cl. H04L 9/32 (2006.01); H04L 9/08 (2006.01); H04L 9/40 (2022.01); H04W 12/069 (2021.01); H04W 12/50 (2021.01)
CPC H04L 63/0869 (2013.01) [H04L 9/0844 (2013.01); H04L 9/3234 (2013.01); H04L 9/3273 (2013.01); H04W 12/069 (2021.01); H04W 12/50 (2021.01); H04L 2209/80 (2013.01)] 13 Claims
OG exemplary drawing
 
1. An initiator device arranged for wireless communication with a responder device according to a communication protocol comprising:
an initiator transceiver, wherein the initiator transceiver is arranged to wirelessly communicate according to the communication protocol; and
an initiator processor, wherein the initiator processor is arranged to process the communication protocol, the initiator processor comprising:
an initiator message unit,
wherein the initiator message unit is arranged to compose messages to be sent to the responder device,
wherein the initiator message unit is arranged to decompose messages received from the responder device according to an authentication protocol; and
an initiator state machine, wherein the initiation state machine provides initiator states according to the authentication protocol in dependence on user interaction and messages received from the responder device, the initiator states comprising:
an initial state (IST) for bootstrapping by acquiring a responder public key from the responder device via an initiator out-of-band action;
a bootstrapped state (BST) indicating that the bootstrapping has been successfully performed by acquiring the responder public key; and
an authenticated state (ATD) indicating that the authentication has been successfully performed;
wherein the initiator message unit is arranged to compose an authentication request (ARQ),
wherein the initiator message is sent in the bootstrapped state,
wherein the initiator message comprises:
an initiator verifier (H(BI)) for verifying an initiator public key; and
a responder verifier (H(BR)) for verifying the responder public key;
wherein the initiator message unit is arranged to decompose an authentication response (ARP1),
wherein authentication response (ARP1) comprises responder one-sided authentication data ({R-auth1}k1) based on a responder private key (bR) corresponding to the responder public key (BR) and a mutual progress status (MPS) indicative of the mutual authentication which is in progress for enabling the responder device to acquire the initiator public key from the initiator device via a responder out-of-band action; and
wherein the initiator message unit is arranged to decompose a mutual authentication response (ARP2), wherein the mutual authentication response (ARP2) comprises mutual responder authentication data ({R-auth2}k2) based on the initiator public key (BI) and the responder private key (bR).