WO2018143939A1 - Temporal light pattern encoding passkey - Google Patents

Temporal light pattern encoding passkey Download PDF

Info

Publication number
WO2018143939A1
WO2018143939A1 PCT/US2017/015822 US2017015822W WO2018143939A1 WO 2018143939 A1 WO2018143939 A1 WO 2018143939A1 US 2017015822 W US2017015822 W US 2017015822W WO 2018143939 A1 WO2018143939 A1 WO 2018143939A1
Authority
WO
WIPO (PCT)
Prior art keywords
target device
computing device
passkey
light pattern
temporal light
Prior art date
Application number
PCT/US2017/015822
Other languages
French (fr)
Inventor
Shawn Piper
Michael W. Hu
JR. Fernando Luis CAPRIO DA COSTA
Original Assignee
Hewlett-Packard Development Company, L.P.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hewlett-Packard Development Company, L.P. filed Critical Hewlett-Packard Development Company, L.P.
Priority to PCT/US2017/015822 priority Critical patent/WO2018143939A1/en
Publication of WO2018143939A1 publication Critical patent/WO2018143939A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3215Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a plurality of channels
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C5/00Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/50Secure pairing of devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/65Environment-dependent, e.g. using captured environmental data

Definitions

  • Smartphones and other types of mobile devices commonly wirelessly communicate with auxiliary devices to improve the smartphones' usefulness and extend their capabilities.
  • watch-type devices such as smart watches and fitness and health trackers that have wrist-wrappable bands, can track different vital statistics of their wearers, as well as their wearers' physical activities, and report this information to smartphones to which they are connected.
  • Such devices can also display limited amounts of information so that their wearers can simply turn their wrists to view the information instead of having to retrieve their smartphones, which may be tucked away in a pocket or a handbag.
  • the devices can permit their wearers to perform functionality associated with their wirelessly connected smartphones, including answering and dismissing phone calls, and displaying and sending short messages like text messages.
  • FIG. 1 is a flowchart of an example method for establishing a wireless communication channel between a host computing device and a target device.
  • FIG. 2 is a diagram of an example target device positioned against an example host computing device.
  • FIG. 3 is a diagram of a graph depicting an example manner by which the brightness of a displayed color can be temporally modulated to yield a temporal light pattern that encodes a passkey.
  • FIG. 4 is a flowchart of an example method of use for a user to establish a wireless communication channel between a host computing device and a target device.
  • the pairing process generally begins by placing the target device in a pairing mode, in which the target device broadcasts its availability to establish a wireless communication channel with a host device like a smartphone or other mobile device.
  • the mobile device is placed in a discovery mode, in which it actively looks for target devices that are broadcasting such availability.
  • the smartphone or other mobile device may display a list of target devices that it has discovered, from which the user of the smartphone can select the desired target device with which to establish a wireless communication channel.
  • the mobile device may display a passkey, such as a four or five digit code, on its display, and request that the user enter this passkey on the target device.
  • a passkey such as a four or five digit code
  • many types of target devices including many types of smart watches and health and fitness trackers, lack the capability for users to easily enter passkeys.
  • the pairing process may simply involve sending the passkey to the target device and the target device correspondingly displaying the passkey as well. The user is requested to confirm that the same passkey is displayed on both the mobile device (i.e., a
  • target devices like headphones and microphones
  • some types of target devices do not even have displays. Therefore, even this reduced security pairing process, in which the user provides visual confirmation of the same passkey being displayed on both the smartphone and the target device, is unworkable. In such instances, there may be no security at all in the pairing process.
  • the user may place the target device in a pairing mode in which it broadcasts its availability, and correspondingly place the smartphone or other host device in a discovery mode in which it looks for devices broadcasting their availability.
  • a wireless communication channel is established after a user simply selects a target device listed by the smartphone, which increases the susceptibility of the user incorrectly establishing a wireless communication channel with an imposter device or a "spoofing" device.
  • the smartphone displays, via its display hardware, a temporal light pattern encoding a passkey.
  • the temporal light pattern may be the increasing and decreasing of the brightness of a particular color in modulation with the bits of the passkey over a short period of time.
  • the target device is placed against the display hardware of the smartphone so that a photosensor, like a photodiode, of the target device is adjacent to the display hardware.
  • the target device's photosensor detects the temporal light pattern, and the target device
  • the target device wirelessly transmits the decoded passkey back to the smartphone, via a wireless radio such as in accordance with the Bluetooth protocol.
  • the smartphone Upon receipt of the passkey from the target device, and upon confirming that the passkey matches the passkey that the smartphone encoded in the displayed temporal light pattern, the smartphone establishes a wireless communication channel with the target device, such as a Bluetooth wireless communication channel.
  • pulse oximeters noninvasively measure the oxygen saturation in their wearers' blood, by using a light source like a light-emitting diode (LED) to output light against and through the users (such as fingers thereof), and correspondingly measuring via photosensors the amount of certain wavelengths of light that are transmitted. Based on the oxygen saturation of the blood in a user's blood vessels, the amount of green light that the blood absorbs changes, for instance.
  • the photosensor of an oximeter can be used to precisely detect such changes, and correlate them with the volumetric oxygen saturation of the user's bloodstream.
  • photosensor of an oximeter of a target device for an entirely different and non- obvious usage, to authenticate the target device to a smartphone or other mobile or host device during the pairing process that is performed to establish a wireless communication channel between the two devices.
  • Improved security in the pairing process is achieved without having to add any other hardware to a target device.
  • existing target devices that have pulse oximeters can be reprogrammed to use the more secure pairing process.
  • Target devices that normally do not have user input hardware or display hardware, such as headphones and microphones can be designed to include low-cost and physically small photosensors to provide for heightened security in wireless communication channel establishment.
  • FIG. 1 shows an example method 100 for establishing a wireless communication channel between a host computing device and a target device.
  • the host device can be a computing device like a smartphone or other type of mobile computing device.
  • the host device includes at least display hardware, such as a liquid crystal display (LCD), and a wireless radio, such as a wireless radio that can transmit and receive data over a wireless frequency associated with the Bluetooth protocol.
  • the host device may further include a user input device, such as a touch sensor like a touchscreen.
  • the target device can be a wearable device, such as a watch-type device like a smart watch or a fitness or health tracker that has a wrist-wrappable band.
  • the target device can be another type of wearable device, such as a fitness or health tracker that is worn around a user's neck like a necklace, placed around a user's finger like a ring, or clipped to clothing or a belt of the user.
  • the target device can be an input or output device, such as wireless headphones and/or a microphone.
  • the target device includes at least a photosensor, which may be part of a pulse oximeter of the target device, and a wireless radio that can transmit and receive data over the same wireless frequency as the wireless radio of the host device, such as that associated with the Bluetooth protocol.
  • a photosensor which may be part of a pulse oximeter of the target device
  • a wireless radio that can transmit and receive data over the same wireless frequency as the wireless radio of the host device, such as that associated with the Bluetooth protocol.
  • Parts of the method 100 in the left column of FIG. 1 are performed by the host device.
  • a non-transitory computer-readable data storage medium of the host device may store computer-executable code that a processor of the host device executes to perform these parts of the method 100.
  • Parts of the method 100 in the right column of FIG. 1 are performed by the target device.
  • a non-transitory computer-readable data storage medium of the target device may store computer-executable code that a processor of the target device executes to perform these parts of the method 100.
  • Parts of the method 100 between the right and left columns i.e., parts 134 and 136) are performed by each of the host device and the target device.
  • the target device broadcasts its availability to establish a wireless communication channel (102), via the wireless radio of the target device. For example, a user may operate the target device to place it in a mode in which it performs this availability broadcast. In the context of the Bluetooth protocol, the target device may be placed in a pairing mode.
  • the host device via the wireless radio of the host device, detects the target device's broadcast of the availability of the target device to establish a wireless communication channel (104). For example, a user may operate the host device to discover any devices, including the target device, within radio range of the host device's wireless radio that are broadcasting availability to establish wireless communication channels. In the context of the Bluetooth protocol, the target may be placed in a discovery mode. [0018] The host device learns a communication address of the target device from the detected broadcast, and transmits a request via the wireless radio of the host device to establish the communication channel (106). In the context of the Bluetooth protocol, this process can be referred to as the host device subscribing to the target device. The target device responsively receives the request via the target device's wireless radio (108).
  • the host device generates a passkey (1 10).
  • the passkey may be a random series of bits of data of a prespecified length, such 32 bits, 64 bits, 128 bits, and so on.
  • the host device generates a temporal light pattern that encodes the passkey (1 12).
  • An example technique to encode (and correspondingly decode) the passkey is described later in the detailed description.
  • the temporal light pattern is a light pattern that can be displayed by the display hardware of the host device.
  • the light pattern is a temporal light pattern in that transmission thereof occurs over a period of time in which the light changes in accordance with the passkey.
  • the light pattern may not be a static image that is displayed, but rather light that changes according to a pattern encoding the passkey, such as by changing the brightness of a color corresponding to the photosensor (i.e., changing the brightness of a color of light that the photosensor is able to detect, such as green).
  • the host device can display via the display hardware an instruction to the user to place the target device against this display hardware such that the photosensor is adjacent to the display hardware (1 14).
  • the host device can determine that the target device has been placed against its display hardware (1 16). For instance, the host device may receive confirmation from the user via the input hardware of the host device that the target device has been placed against the display hardware.
  • the host device may have instructed the user to press a particular displayed user interface element once the target device has been placed against the display hardware.
  • the host device may have sensor hardware, such as the touchscreen of the host device, which can detect that the target device has been placed against the host device.
  • the host device may have information regarding the approximate size, shape, and/or weight of the target device, and may utilize this information to conclude that input detected by the sensor hardware corresponds to the target device having been placed against the display hardware of the host device.
  • the host device displays via its display hardware the temporal light pattern that encodes the passkey (1 18).
  • the host device may repeat display of the temporal light pattern a number of times to provide the target device adequate opportunity to correct detect the light pattern.
  • the host device therefore displays the temporal light pattern while the photosensor of the target device is adjacent to the display hardware of the host device, which permits the target device, via the photosensor, to detect the displayed temporal light pattern (120).
  • the target device may turn on its photosensor to determine if a temporal light pattern is being detected after it has received the host device's request in part 108. As another example, the target device may begin this detection process upon a user providing corresponding input to the target device.
  • the target device decodes the passkey encoded within the temporal light pattern from the detected light pattern (122), and transmits via its wireless radio the decoded passkey to the host device (124).
  • the host device receives the decoded passkey via the wireless radio of the host device (126).
  • the host device determines that the decoded passkey received from the target device matches the displayed passkey that the host device previously displayed via its display hardware (128).
  • the host device sends a confirmation, via the wireless radio of the host device, to the target device that the decoded passkey the target device sent to the host device is correct (130), and the target device receives this confirmation via its wireless radio (132).
  • the host device and the target device can thus establish a wireless communication channel with one another, via their corresponding wireless radios, and such as in accordance with the Bluetooth protocol (134).
  • the host device in particular has authenticated the target device, in that the host device can be certain that the target device with which it is establishing the wireless
  • the authentication further does not require a user to manually input the passkey, which can be difficult if not impossible to achieve with some types of target devices.
  • the authentication is more secure than requesting that the user visually confirm that a displayed passkey on the host device is the same displayed passkey on the target device, because such a visual confirmation can require trusting the user that the confirmation has been correctly performed, which cannot be otherwise verified by the host device. Rather, the host device has knowledge that the passkey it displayed is the passkey decoded by the target device, because the target device has communicate the passkey back to the host device. Once the wireless communication channel has been
  • the host device and the target device can communicate with one another over the channel (136), with the target device sending data over the channel that the host device receives, and vice-versa.
  • FIG. 2 shows how an example target device 202 is placed against an example host computing device 204 so that a photosensor 206 of the target device 202 is adjacent to and against display hardware 208 of the host device 204.
  • the target device 202 includes a pulse oximeter 210 having light-emitting diodes (LEDs) 212 as well as the photosensor 206, which may be a photodiode.
  • the photosensor 206 in this case is used for a purpose in the method 100 that has been described other than that its intended purpose.
  • Both the target device 202 and the host computing device 204 include wireless radios 214 and 216, respectively, by which they can transmit and receive RF signals over a frequency, such as in accordance with a standard protocol like the Bluetooth protocol.
  • the target device 202 and the host device 204 both can include logic 218 and 220, respectively, which may each be implemented as a processor and a memory or other non-transitory computer- readable data storage medium storing computer-executable code that the processor executes.
  • the logic 218 of the target device 202 can perform the parts of the method 100 ascribed to the target device 202, whereas the logic 220 of the host device 204 can perform the parts of the method 100 ascribed to the host device 204.
  • Each of the target device 202 and the host device 204 can include additional hardware components, such as input hardware, sensor hardware, and so on.
  • the host computing device 204 generally can display a color on the display hardware 208 that the photosensor 206 of the target device 202 can detect.
  • the host device 204 temporally can modulate the brightness of the display color according to the passkey, such as in accordance with bits of the passkey, as the temporal light pattern.
  • the logic 218 of the target device 202 decodes the passkey from the detected temporal light pattern by associating brightness changes with bits of the passkey, for instance.
  • FIG. 3 shows a graph 300 depicting an example manner by which the brightness of the displayed color can be temporally modulated to yield the temporal light pattern that is detected for decoding of the passkey.
  • the passkey is a series of eights bits 101 10001 . More generally, though, the passkey can be any number of bits, and may be 32, 64, 128, 192, 256, or more bits in length, for instance.
  • the graph 300 includes an x- axis 302 denoting time, and a y-axis 304 denoting brightness.
  • the encoding approach used in the example of FIG. 3 is known a priori by the target device 202, so that the logic 218 of the target device 202 is able to properly decode the passkey from the detected temporal light pattern.
  • the example encoding approach of FIG. 3 can be considered a digital temporal modulation approach. A maximum brightness of 100% of the displayed color is output on the display hardware 100 to denote a 1 bit, whereas a middle
  • the brightness of 50% is output to denote a 0 bit.
  • the brightness corresponding to the currently transmitted bit is output for a length of time t.
  • the display hardware does not display the color for the length of time t; that is, the color is displayed at a brightness of 0%.
  • An initial length of time Xt where X is a relatively large multiple of the time t, such as ten, precedes the transmission of the first bit of the passkey. This ensures that the target device 202 does not mistakenly detect a subsequent bit of the passkey as the first bit, if detection by the target device 202 begins after the host computing device 204 has begun displaying the temporal light pattern.
  • the temporal light pattern may be repeated a number of times, where prior to each repetition of the initial length of time Xt in which the color in question is not displayed again occurs.
  • the target device 202 immediately begins detecting the color output by the host device 204, the target device 202 can discern that it has started detecting the temporal light pattern after the host device 204 began displaying the pattern, and thus can wait for a length of time Xt in which the color is not displayed for the next output of the temporal light pattern.
  • the host device 204 may in a given time t display the color a brightness level corresponding to one nibble (i.e., four bits) of the passkey. In both these cases, transmission of a passkey of a particular length will occur more quickly than if each given time t in which the color is output corresponds to just one bit of the passkey. In other techniques, the time between which the color in question is not output (i.e., the color is output at a brightness of 0%) may be different than the time in which the color is output at any brightness. Furthermore, modulating the brightness of the displayed color can include turning the brightness on and off, where off corresponds to a zero bit and on corresponds to a one bit.
  • FIG. 4 shows an example method 400 of use that a user can perform to establish a wireless communication channel between the host computing device 204 and the target device 202.
  • the user operates the target device 202 so that the target device 202 wirelessly broadcasts via the wireless radio 214 its availability to establish a wireless communication channel (402).
  • the user may press an associated pairing button on the target device 202.
  • the user operates the host computing device 204 to detect the wireless broadcasting by the target device 202 indicating the availability of the target device 202 to establish a wireless communication channel (404). For example, the user may causing a settings app or other computer program of the host device 204 to run, and then select a setting in which the wireless radio 216 of the host device 204 detects any such wireless availability broadcasts by devices like the target device 202. The user then places the target device 202 against the host device 204 so that the photosensor 206 is adjacent to the display hardware 208 of the host device (406).
  • the user may further operate the host device 204 to confirm or indicate that the target device 202 has been placed against the host device 204 (408). For example, the user may press a user interface control on a touchscreen of the host device 204 corresponding to this confirmation.
  • the user Upon receiving confirmation from the host device 204 and/or the target device 202 that a wireless communication channel has been established between the devices 204 and 202 - i.e., that the target device 202 has been successfully paired with the host device 204 - the user can then remove the target device 202 so that it is no longer positioned against the host device 204 (410).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephone Function (AREA)

Abstract

A temporal light pattern encoding a passkey is displayed by display hardware of a computing device. The computing device receives the passkey from a target device via a wireless radio of the computing device. Responsive to determining that the received passkey matches the passkey encoded in the display temporal light pattern, the computing device establishes a wireless communication channel with the target device.

Description

TEMPORAL LIGHT PATTERN ENCODING PASSKEY
BACKGROUND
[0001] Smartphones and other types of mobile devices commonly wirelessly communicate with auxiliary devices to improve the smartphones' usefulness and extend their capabilities. For example, watch-type devices, such as smart watches and fitness and health trackers that have wrist-wrappable bands, can track different vital statistics of their wearers, as well as their wearers' physical activities, and report this information to smartphones to which they are connected. Such devices can also display limited amounts of information so that their wearers can simply turn their wrists to view the information instead of having to retrieve their smartphones, which may be tucked away in a pocket or a handbag. The devices can permit their wearers to perform functionality associated with their wirelessly connected smartphones, including answering and dismissing phone calls, and displaying and sending short messages like text messages. Other types of devices that can wirelessly communicate with smartphones and similar mobile devices include headphones, microphones, and wearable devices such as other types of fitness and health trackers that may be worn like necklaces or clipped to belts or clothing. BRIEF DESCRIPTON OF THE DRAWINGS
[0002] FIG. 1 is a flowchart of an example method for establishing a wireless communication channel between a host computing device and a target device.
[0003] FIG. 2 is a diagram of an example target device positioned against an example host computing device.
[0004] FIG. 3 is a diagram of a graph depicting an example manner by which the brightness of a displayed color can be temporally modulated to yield a temporal light pattern that encodes a passkey.
[0005] FIG. 4 is a flowchart of an example method of use for a user to establish a wireless communication channel between a host computing device and a target device.
DETAILED DESCRIPTION
[0006] As noted in the background section, mobile devices like
smartphones commonly wirelessly communicate with auxiliary devices. Such wireless communication can be achieved in a variety of different ways, including in various versions of the Bluetooth wireless communication protocol. In the Bluetooth as well as other protocols, a wireless communication channel between a smartphone or other mobile device and an auxiliary or target device like a smart watch is established prior to information being communicated between the two devices. The establishing of a wireless communication channel is sometimes referred to as pairing a target device to a smartphone (or other device), or vice-versa. [0007] The pairing process generally begins by placing the target device in a pairing mode, in which the target device broadcasts its availability to establish a wireless communication channel with a host device like a smartphone or other mobile device. The mobile device is placed in a discovery mode, in which it actively looks for target devices that are broadcasting such availability. The smartphone or other mobile device may display a list of target devices that it has discovered, from which the user of the smartphone can select the desired target device with which to establish a wireless communication channel.
[0008] To provide for better authentication and security in the pairing process, the mobile device may display a passkey, such as a four or five digit code, on its display, and request that the user enter this passkey on the target device. However, many types of target devices, including many types of smart watches and health and fitness trackers, lack the capability for users to easily enter passkeys. To improve the user experience, then, the pairing process may simply involve sending the passkey to the target device and the target device correspondingly displaying the passkey as well. The user is requested to confirm that the same passkey is displayed on both the mobile device (i.e., a
smartphone) and the target device. However, while this is more convenient from the user's perspective, it can imperil security; for instance, a user may mistakenly confirm that the same passkey is being displayed on both devices, even if it is not.
[0009] Furthermore, some types of target devices, like headphones and microphones, do not even have displays. Therefore, even this reduced security pairing process, in which the user provides visual confirmation of the same passkey being displayed on both the smartphone and the target device, is unworkable. In such instances, there may be no security at all in the pairing process. For example, the user may place the target device in a pairing mode in which it broadcasts its availability, and correspondingly place the smartphone or other host device in a discovery mode in which it looks for devices broadcasting their availability. A wireless communication channel is established after a user simply selects a target device listed by the smartphone, which increases the susceptibility of the user incorrectly establishing a wireless communication channel with an imposter device or a "spoofing" device.
[0010] Techniques described herein ameliorate these difficulties
associated with pairing smartphones and other mobile or host devices with target devices, even if the target devices lack user input or display capabilities. The smartphone displays, via its display hardware, a temporal light pattern encoding a passkey. For example, the temporal light pattern may be the increasing and decreasing of the brightness of a particular color in modulation with the bits of the passkey over a short period of time. The target device is placed against the display hardware of the smartphone so that a photosensor, like a photodiode, of the target device is adjacent to the display hardware. The target device's photosensor detects the temporal light pattern, and the target device
responsively decodes the passkey from the detected pattern. The target device wirelessly transmits the decoded passkey back to the smartphone, via a wireless radio such as in accordance with the Bluetooth protocol. Upon receipt of the passkey from the target device, and upon confirming that the passkey matches the passkey that the smartphone encoded in the displayed temporal light pattern, the smartphone establishes a wireless communication channel with the target device, such as a Bluetooth wireless communication channel.
[0011] These techniques can leverage existing hardware of target devices that are used for purposes other than wireless communication channel establishment and authentication. For example, many smart watches and fitness and health trackers have pulse oximeters. Such pulse oximeters noninvasively measure the oxygen saturation in their wearers' blood, by using a light source like a light-emitting diode (LED) to output light against and through the users (such as fingers thereof), and correspondingly measuring via photosensors the amount of certain wavelengths of light that are transmitted. Based on the oxygen saturation of the blood in a user's blood vessels, the amount of green light that the blood absorbs changes, for instance. The photosensor of an oximeter can be used to precisely detect such changes, and correlate them with the volumetric oxygen saturation of the user's bloodstream.
[0012] The techniques described herein can thus leverage this
photosensor of an oximeter of a target device for an entirely different and non- obvious usage, to authenticate the target device to a smartphone or other mobile or host device during the pairing process that is performed to establish a wireless communication channel between the two devices. Improved security in the pairing process is achieved without having to add any other hardware to a target device. Furthermore, existing target devices that have pulse oximeters can be reprogrammed to use the more secure pairing process. Target devices that normally do not have user input hardware or display hardware, such as headphones and microphones, can be designed to include low-cost and physically small photosensors to provide for heightened security in wireless communication channel establishment.
[0013] FIG. 1 shows an example method 100 for establishing a wireless communication channel between a host computing device and a target device. The host device can be a computing device like a smartphone or other type of mobile computing device. The host device includes at least display hardware, such as a liquid crystal display (LCD), and a wireless radio, such as a wireless radio that can transmit and receive data over a wireless frequency associated with the Bluetooth protocol. The host device may further include a user input device, such as a touch sensor like a touchscreen.
[0014] The target device can be a wearable device, such as a watch-type device like a smart watch or a fitness or health tracker that has a wrist-wrappable band. The target device can be another type of wearable device, such as a fitness or health tracker that is worn around a user's neck like a necklace, placed around a user's finger like a ring, or clipped to clothing or a belt of the user. The target device can be an input or output device, such as wireless headphones and/or a microphone. The target device includes at least a photosensor, which may be part of a pulse oximeter of the target device, and a wireless radio that can transmit and receive data over the same wireless frequency as the wireless radio of the host device, such as that associated with the Bluetooth protocol. [0015] Parts of the method 100 in the left column of FIG. 1 are performed by the host device. For example, a non-transitory computer-readable data storage medium of the host device may store computer-executable code that a processor of the host device executes to perform these parts of the method 100. Parts of the method 100 in the right column of FIG. 1 are performed by the target device. Similarly, for example, a non-transitory computer-readable data storage medium of the target device may store computer-executable code that a processor of the target device executes to perform these parts of the method 100. Parts of the method 100 between the right and left columns (i.e., parts 134 and 136) are performed by each of the host device and the target device.
[0016] The target device broadcasts its availability to establish a wireless communication channel (102), via the wireless radio of the target device. For example, a user may operate the target device to place it in a mode in which it performs this availability broadcast. In the context of the Bluetooth protocol, the target device may be placed in a pairing mode.
[0017] The host device, via the wireless radio of the host device, detects the target device's broadcast of the availability of the target device to establish a wireless communication channel (104). For example, a user may operate the host device to discover any devices, including the target device, within radio range of the host device's wireless radio that are broadcasting availability to establish wireless communication channels. In the context of the Bluetooth protocol, the target may be placed in a discovery mode. [0018] The host device learns a communication address of the target device from the detected broadcast, and transmits a request via the wireless radio of the host device to establish the communication channel (106). In the context of the Bluetooth protocol, this process can be referred to as the host device subscribing to the target device. The target device responsively receives the request via the target device's wireless radio (108).
[0019] The host device generates a passkey (1 10). The passkey may be a random series of bits of data of a prespecified length, such 32 bits, 64 bits, 128 bits, and so on. The host device generates a temporal light pattern that encodes the passkey (1 12). An example technique to encode (and correspondingly decode) the passkey is described later in the detailed description. In general, however, the temporal light pattern is a light pattern that can be displayed by the display hardware of the host device. The light pattern is a temporal light pattern in that transmission thereof occurs over a period of time in which the light changes in accordance with the passkey. Stated another way, the light pattern may not be a static image that is displayed, but rather light that changes according to a pattern encoding the passkey, such as by changing the brightness of a color corresponding to the photosensor (i.e., changing the brightness of a color of light that the photosensor is able to detect, such as green).
[0020] The host device can display via the display hardware an instruction to the user to place the target device against this display hardware such that the photosensor is adjacent to the display hardware (1 14). The host device can determine that the target device has been placed against its display hardware (1 16). For instance, the host device may receive confirmation from the user via the input hardware of the host device that the target device has been placed against the display hardware. As part of the instruction display in part 1 14, the host device may have instructed the user to press a particular displayed user interface element once the target device has been placed against the display hardware. As another example, the host device may have sensor hardware, such as the touchscreen of the host device, which can detect that the target device has been placed against the host device. For instance, the host device may have information regarding the approximate size, shape, and/or weight of the target device, and may utilize this information to conclude that input detected by the sensor hardware corresponds to the target device having been placed against the display hardware of the host device.
[0021] The host device displays via its display hardware the temporal light pattern that encodes the passkey (1 18). The host device may repeat display of the temporal light pattern a number of times to provide the target device adequate opportunity to correct detect the light pattern. The host device therefore displays the temporal light pattern while the photosensor of the target device is adjacent to the display hardware of the host device, which permits the target device, via the photosensor, to detect the displayed temporal light pattern (120). The target device may turn on its photosensor to determine if a temporal light pattern is being detected after it has received the host device's request in part 108. As another example, the target device may begin this detection process upon a user providing corresponding input to the target device. [0022] The target device decodes the passkey encoded within the temporal light pattern from the detected light pattern (122), and transmits via its wireless radio the decoded passkey to the host device (124). The host device receives the decoded passkey via the wireless radio of the host device (126). The host device determines that the decoded passkey received from the target device matches the displayed passkey that the host device previously displayed via its display hardware (128). The host device sends a confirmation, via the wireless radio of the host device, to the target device that the decoded passkey the target device sent to the host device is correct (130), and the target device receives this confirmation via its wireless radio (132).
[0023] The host device and the target device can thus establish a wireless communication channel with one another, via their corresponding wireless radios, and such as in accordance with the Bluetooth protocol (134). The host device in particular has authenticated the target device, in that the host device can be certain that the target device with which it is establishing the wireless
communication is the target device that has been placed against the display hardware of the host device. This authentication is performed out-of-band from the wireless communication channel itself, since the wireless communication channel is achieved via the wireless radios of the devices, whereas the passkey is communicated as a temporal light pattern using the host device's display hardware and detected using the target device's photosensor.
[0024] The authentication further does not require a user to manually input the passkey, which can be difficult if not impossible to achieve with some types of target devices. The authentication is more secure than requesting that the user visually confirm that a displayed passkey on the host device is the same displayed passkey on the target device, because such a visual confirmation can require trusting the user that the confirmation has been correctly performed, which cannot be otherwise verified by the host device. Rather, the host device has knowledge that the passkey it displayed is the passkey decoded by the target device, because the target device has communicate the passkey back to the host device. Once the wireless communication channel has been
established, the host device and the target device can communicate with one another over the channel (136), with the target device sending data over the channel that the host device receives, and vice-versa.
[0025] FIG. 2 shows how an example target device 202 is placed against an example host computing device 204 so that a photosensor 206 of the target device 202 is adjacent to and against display hardware 208 of the host device 204. In the example of FIG. 2, the target device 202 includes a pulse oximeter 210 having light-emitting diodes (LEDs) 212 as well as the photosensor 206, which may be a photodiode. As such, the photosensor 206 in this case is used for a purpose in the method 100 that has been described other than that its intended purpose. Rather than being used to detect the light output by the LEDs 212 as reflected by the bloodstream of a person for the pulse oximeter 210 to determine the person's oxygen saturation, the photosensor 206 is used to detect a temporal light pattern encoding a passkey that the host computing device 204 displays on its display hardware 208. [0026] Both the target device 202 and the host computing device 204 include wireless radios 214 and 216, respectively, by which they can transmit and receive RF signals over a frequency, such as in accordance with a standard protocol like the Bluetooth protocol. The target device 202 and the host device 204 both can include logic 218 and 220, respectively, which may each be implemented as a processor and a memory or other non-transitory computer- readable data storage medium storing computer-executable code that the processor executes. The logic 218 of the target device 202 can perform the parts of the method 100 ascribed to the target device 202, whereas the logic 220 of the host device 204 can perform the parts of the method 100 ascribed to the host device 204. Each of the target device 202 and the host device 204 can include additional hardware components, such as input hardware, sensor hardware, and so on.
[0027] The host computing device 204 generally can display a color on the display hardware 208 that the photosensor 206 of the target device 202 can detect. The host device 204 temporally can modulate the brightness of the display color according to the passkey, such as in accordance with bits of the passkey, as the temporal light pattern. The logic 218 of the target device 202 decodes the passkey from the detected temporal light pattern by associating brightness changes with bits of the passkey, for instance.
[0028] FIG. 3 shows a graph 300 depicting an example manner by which the brightness of the displayed color can be temporally modulated to yield the temporal light pattern that is detected for decoding of the passkey. In the example of the graph 300, the passkey is a series of eights bits 101 10001 . More generally, though, the passkey can be any number of bits, and may be 32, 64, 128, 192, 256, or more bits in length, for instance. The graph 300 includes an x- axis 302 denoting time, and a y-axis 304 denoting brightness.
[0029] The encoding approach used in the example of FIG. 3 is known a priori by the target device 202, so that the logic 218 of the target device 202 is able to properly decode the passkey from the detected temporal light pattern. The example encoding approach of FIG. 3 can be considered a digital temporal modulation approach. A maximum brightness of 100% of the displayed color is output on the display hardware 100 to denote a 1 bit, whereas a middle
brightness of 50% is output to denote a 0 bit. The brightness corresponding to the currently transmitted bit is output for a length of time t. Between adjacent bits, the display hardware does not display the color for the length of time t; that is, the color is displayed at a brightness of 0%.
[0030] An initial length of time Xt, where X is a relatively large multiple of the time t, such as ten, precedes the transmission of the first bit of the passkey. This ensures that the target device 202 does not mistakenly detect a subsequent bit of the passkey as the first bit, if detection by the target device 202 begins after the host computing device 204 has begun displaying the temporal light pattern. The temporal light pattern may be repeated a number of times, where prior to each repetition of the initial length of time Xt in which the color in question is not displayed again occurs. Therefore, if the target device 202 immediately begins detecting the color output by the host device 204, the target device 202 can discern that it has started detecting the temporal light pattern after the host device 204 began displaying the pattern, and thus can wait for a length of time Xt in which the color is not displayed for the next output of the temporal light pattern.
[0031] Other techniques can be employed to temporally modulate a displayed color of light in accordance with a passkey to encode the passkey within a temporal light pattern. For example, in an analog modulation approach, the brightness of the displayed color may be modulated at levels corresponding to bytes or half-bytes (i.e., nibbles). If the displayed color can be displayed by the displayed hardware 208 at 256 different brightness levels, and if the photosensor 206 can discern each of the 256 brightness levels, then the host device 204 may in a given time t display the color at a brightness level
corresponding to one byte (i.e., eight bits) of the passkey.
[0032] By comparison, if the displayed color can be displayed at just sixteen different brightness levels, or if the photosensor 206 can discern each of just sixteen different brightness levels, then the host device 204 may in a given time t display the color a brightness level corresponding to one nibble (i.e., four bits) of the passkey. In both these cases, transmission of a passkey of a particular length will occur more quickly than if each given time t in which the color is output corresponds to just one bit of the passkey. In other techniques, the time between which the color in question is not output (i.e., the color is output at a brightness of 0%) may be different than the time in which the color is output at any brightness. Furthermore, modulating the brightness of the displayed color can include turning the brightness on and off, where off corresponds to a zero bit and on corresponds to a one bit.
[0033] FIG. 4 shows an example method 400 of use that a user can perform to establish a wireless communication channel between the host computing device 204 and the target device 202. The user operates the target device 202 so that the target device 202 wirelessly broadcasts via the wireless radio 214 its availability to establish a wireless communication channel (402). For example, the user may press an associated pairing button on the target device 202.
[0034] The user operates the host computing device 204 to detect the wireless broadcasting by the target device 202 indicating the availability of the target device 202 to establish a wireless communication channel (404). For example, the user may causing a settings app or other computer program of the host device 204 to run, and then select a setting in which the wireless radio 216 of the host device 204 detects any such wireless availability broadcasts by devices like the target device 202. The user then places the target device 202 against the host device 204 so that the photosensor 206 is adjacent to the display hardware 208 of the host device (406).
[0035] If the host computing device 204 cannot itself detect placement of the target device 202 against the host device 204, the user may further operate the host device 204 to confirm or indicate that the target device 202 has been placed against the host device 204 (408). For example, the user may press a user interface control on a touchscreen of the host device 204 corresponding to this confirmation. Upon receiving confirmation from the host device 204 and/or the target device 202 that a wireless communication channel has been established between the devices 204 and 202 - i.e., that the target device 202 has been successfully paired with the host device 204 - the user can then remove the target device 202 so that it is no longer positioned against the host device 204 (410).

Claims

We claim:
1 . A non-transitory computer-readable data storage medium storing computer-executable code that a computing device executes:
display via display hardware of the computing device a temporal light pattern encoding a passkey;
receive via a wireless radio of the computing device the passkey from a target device; and
responsive to determining that the received passkey matches the passkey encoded in the display temporal light pattern, establish a wireless communication channel with the target device.
2. The non-transitory computer-readable data storage medium of claim 1 , wherein the computing device executes the computer-execute code to further: communicate via the wireless radio with the target device over the established wireless communication channel.
3. The non-transitory computer-readable data storage medium of claim 1 , wherein the computing device executes the computer-executable code to display the temporal light pattern by:
displaying a color corresponding to a photosensor of the target device; and
temporally modulating a brightness of the displayed color in accordance with the passkey.
4. The non-transitory computer-readable data storage medium of claim 1 , wherein the computing device executes the computer-execute code to further: display via the display hardware an instruction to a user to place the target device against the display hardware,
and wherein the temporal light pattern is displayed after the target device has been placed against the display hardware.
5. The non-transitory computer-readable data storage medium of claim 4, wherein the computing device executes the computer-execute code to further: detect via sensor hardware of the computing device that the target device has been placed against the display hardware,
and wherein the temporal light pattern is displayed responsive to detecting that the target device has been placed against the display hardware.
6. The non-transitory computer-readable data storage medium of claim 4, wherein the computing device executes the computer-execute code to further: receive user confirmation via input hardware of the computing device that the target device has been placed against the display hardware,
and wherein the temporal light pattern is displayed responsive to receiving the user confirmation that the target device has been placed against the display hardware.
7. The non-transitory computer-readable data storage medium of claim 1 , wherein the computing device executes the computer-execute code to further, before displaying the temporal light pattern:
detect via the wireless radio a broadcast by the target device advertising availability of the target device to establish the wireless communication channel.
8. The non-transitory computer-readable data storage medium of claim 7, wherein the computing device executes the computer-execute code to further: responsive to detecting the broadcast by the target device, transmit via the wireless radio a request to the target device to establish the wireless
communication channel with the target device, before displaying the temporal light pattern.
9. An apparatus comprising:
a photosensor to detect a temporal light pattern;
a wireless radio to communicate with a computing device; and
logic to:
decode a passkey from the temporal light pattern;
transmit via the wireless radio the decoded passkey to the computing device;
receive via the wireless radio confirmation from the computing device that the decoded passkey is correct; and
responsive to receiving the confirmation, establish a wireless communication channel with the computing device.
10. The apparatus of claim 9, further comprising:
a pulse oximeter of which the photosensor is a part, the oximeter including a light-emitting diode (LED).
1 1 . The apparatus of claim 9, wherein the logic is further to:
communicate via the wireless radio with the computing device over the established wireless communication channel.
12. The apparatus of claim 9, wherein the temporal light pattern comprises a temporal series of brightness changes,
and wherein the logic is to decode the passkey by associating brightness changes with bits of the passkey.
13. The apparatus of claim 9, wherein the logic is further to, before the photosensor detects the temporal light pattern:
broadcast via the wireless radio availability of the apparatus to establish the wireless communication channel.
14. The apparatus of claim 13, wherein the logic is further to, before the photosensor detects the temporal light pattern:
receive via the wireless radio a request from the computing device to establish the wireless communication channel, responsive to the broadcasted availability.
15. A method for establishing a wireless communication channel between a computing device and a target device comprising:
operating a target device to wirelessly broadcast availability of the target device;
operating a computing device to detect the availability of the target device; and
placing the target device against the computing device so that a
photosensor of the target device is adjacent to a display of the computing device.
PCT/US2017/015822 2017-01-31 2017-01-31 Temporal light pattern encoding passkey WO2018143939A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/US2017/015822 WO2018143939A1 (en) 2017-01-31 2017-01-31 Temporal light pattern encoding passkey

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2017/015822 WO2018143939A1 (en) 2017-01-31 2017-01-31 Temporal light pattern encoding passkey

Publications (1)

Publication Number Publication Date
WO2018143939A1 true WO2018143939A1 (en) 2018-08-09

Family

ID=63041013

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2017/015822 WO2018143939A1 (en) 2017-01-31 2017-01-31 Temporal light pattern encoding passkey

Country Status (1)

Country Link
WO (1) WO2018143939A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021161004A1 (en) * 2020-02-10 2021-08-19 Mighton Products Limited Pairing of wireless security devices

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070219440A1 (en) * 2002-10-18 2007-09-20 Nellcor Puritan Bennett Llc Non-adhesive oximeter sensor for sensitive skin
US20140343371A1 (en) * 2013-05-14 2014-11-20 Ii Thomas Skerik Sowers Wearable sensor device for health monitoring and methods of use
US20150244919A1 (en) * 2012-12-27 2015-08-27 Panasonic Intellectual Property Corporation Of America Information communication method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070219440A1 (en) * 2002-10-18 2007-09-20 Nellcor Puritan Bennett Llc Non-adhesive oximeter sensor for sensitive skin
US20150244919A1 (en) * 2012-12-27 2015-08-27 Panasonic Intellectual Property Corporation Of America Information communication method
US20140343371A1 (en) * 2013-05-14 2014-11-20 Ii Thomas Skerik Sowers Wearable sensor device for health monitoring and methods of use

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021161004A1 (en) * 2020-02-10 2021-08-19 Mighton Products Limited Pairing of wireless security devices
GB2593666A (en) * 2020-02-10 2021-10-06 Mighton Products Ltd Pairing of wireless security devices

Similar Documents

Publication Publication Date Title
CN109417758B (en) Bluetooth connection method and terminal
US9591682B2 (en) Automatic password handling
US9747433B2 (en) Wearable electronic device and method for securing same
CN105391682B (en) Authentication method and apparatus using biometric information and background information
US20180173484A1 (en) Method and system for displaying wearable device display information
ES2905111T3 (en) Synchronization of configuration setting values between two electronic devices
US10225878B2 (en) Method and system for displaying wearable device display information
US9015806B2 (en) Sending digital data visually using mobile display and camera sensor
US20130178160A1 (en) Systems for facilitating wireless communication and related methods
US20170279612A1 (en) Secure system for coupling wearable devices to computerized devices with displays
CA3053514C (en) Call hang time indicator for an electronic communications device
KR102209068B1 (en) Method for reconnecting master device and slave device
CN109286968B (en) Blind detection parameter acquisition method, related equipment and system
JP2019519169A (en) Method for wireless data communication between a sensor system and a receiving device, system for wireless data communication and computer program product
EP3254387B1 (en) Communication optimization using body-coupled communication
WO2016000471A1 (en) Method for mobile terminal to transmit authentication password and method for acquiring authentication password
KR102497447B1 (en) Random access method, terminal equipment and network equipment
Hu et al. High speed led-to-camera communication using color shift keying with flicker mitigation
Liang et al. LightTouch: Securely connecting wearables to ambient displays with user intent
JP2014090413A (en) Method and apparatus for connecting to wireless local area network
US10635133B2 (en) Methods and systems for generating one or more service set identifier (SSID) communication signals
WO2018143939A1 (en) Temporal light pattern encoding passkey
US10149162B2 (en) Encryption method based on mobile terminal for Bluetooth watch and the Bluetooth watch thereof
Liang et al. Securely connecting wearables to ambient displays with user intent
US10313003B2 (en) Systems and methods for wirelessly pairing a fitness machine to an accessory

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17895343

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17895343

Country of ref document: EP

Kind code of ref document: A1