As regards the security of a radio link, Bluetooth in particular, for instance a user wishing to set up a Bluetooth link between a portable personal computer PC and a cellular mobile terminal will acquire a PIN identification code as the secret key to the computer's and the mobile terminal's keyboards. The computer and the mobile terminal each set up a link key depending on the random numbers being exchanged between them, on the secret key, and on the Bluetooth addresses of the computer and the mobile terminal. Illustratively if the personal computer is the link authenticator, then it will generate a random number (challenge) which it transmits through the Bluetooth radio interface to the mobile terminal. This terminal calculates a response depending on the received random number, on the link key and on the Bluetooth address of the mobile terminal in order that the computer can compare the reply of the terminal with the reply that the computer calculates, whereby, if the compared replies are identical, there is an identity.
The pairing of the computer and the terminal requires a secret key (PIN code) to share the secret link. The secret key must be sufficiently long and not appear in dictionaries to prevent the key from being attacked, in an attempt to discover the key and other coding key(s). Such attacks cast doubt on authentication and on the integrity of the exchanged data.
The secret key must be sufficiently long to preclude such attacks, and consequently a laborious acquisition subject to errors must be carried out, in particular in the mobile terminal having a man-machine interface of limited size.
An object of the present invention is to provide a new and improved method of and apparatus for making a secure connection between a mobile cellular terminal and an access point of a short-range wireless network without having to acquire a secret key (PIN code) while using such a key, which may include many bits.