People carry numerous keys, including physical keys, key cards for doors, parking and other use, garage door openers, and wireless fobs for cars, and they also use passwords or physical tokens for unlocking laptops and cell phones. It would be a great convenience to consolidate these into a single electronic key that could gain access to all of these things. This is akin to a hardware master key that can open multiple locks.
Description of Technology
This technology provides a novel user-authentication approach for pervasive computing environments. A person uses a single device, the master key, that aggregates all of his/her digital forms of access tokens for user authentication. The master key discovers and selects proper tokens for its owner. With an emphasis on usability, the master key secures authentication and protects privacy information from outsiders and insiders.
When the master key is activated it initiates an authentication process by sending a broadcast message together with a challenge, which may be a one-time code word, to the set of locks for which it has keys. If a lock receives the message and finds itself in the set, it responds with its own challenge. Then the master key device responds with a coded key to operate the lock.
Different protocols are provided to support three types of keys for different key-lock relationships. A unique key is one that may be owned by one or a few owners to open a lock. A group key is one that a lock is able to authenticate as a key, but key owners are not differentiable. An individual key is one for which a specific key owner among a group can be identified.
A focus of this invention is to maintain individual privacy by limiting the information the master key device gives out, including when attempting to use it to gain access to areas or services for which it is not authorized.
- Security: Mutual authentication is employed to identify and verify both key owners and locks.
- Privacy: Identifications are not sent as clear text. Only code words generated from a shared secret are sent.
- Efficient protocols: Only three messages are required to discover locks, identify a key owner, and finish mutual authentication.
- Convenience: Users do not have to memorize relationships between locks and keys.
- Password protection: People tradeoff convenience for security. For example, they may use the same password for multiple devices or use simple passwords. This invention provides a convenient means to have different and more-complex passwords.
- No internet connection required: This enables flexible and reliable usage, such as unlocking a car or a mobile device, even when out of range of wireless networks.
Anywhere digital credentials (electronic keys) can be used for authentication, for example: door keys (house, office, secure area within a building), car keys, garage door opener, parking card, and access control for computers, PDAs, and cell phones.
The master key can replace keys, magnetic stripe cards, smart cards, RFID tags, wireless remote access fobs, and other tokens.
A prototype system has been built.
Feng Zhu, Matt Mutka, Lionel Ni