1. Field of the Invention
The present invention relates generally to a system, method and apparatus for establishing a secure wireless communications link between two devices that minimizes the risk of third party interception of sensitive information, such as may be exchanged during communication initialization.
2. Background and Objects of the Present Invention
The evolution of wireless communication over the past century, since Guglielmo Marconi's 1897 demonstration of radio's ability to provide continuous contact with ships sailing the English Channel, has been remarkable. Since Marconi's discovery, new wireline and wireless communication methods, services and standards have been adopted by people throughout the world. This evolution has been accelerating, particularly over the least ten years, during which the mobile radio communications industry has grown by orders of magnitude, fueled by numerous technological advances that have made portable radio equipment smaller, cheaper and more reliable. The exponential growth of mobile telephony will continue to rise in the coming decades as well, as this wireless network interacts with and eventually overtakes the existing wireline networks.
Cordless telephony has also been a part of the exponential rise in wireless telephony. Cordless telephones were originally aimed at providing economical, tetherless voice communications inside residences, i.e., using a short wireless link to replace the cord between a telephone base unit and its handset. Although early cordless phones were of marginal quality, with the introduction of improved cordless phones in the 1980s sales dramatically increased. More recent advances, particularly in Europe, have extended the use domain of cordless phones outside of residences.
Another European revolution of cordless telephones is the digital enhanced cordless communications (DECT) standard, which was optimized for use inside buildings. DECT controllers may hand off active calls from one base unit to another as the users move, and can page or ring handsets as a user walks through areas covered by different base units. As is understood in the art, however, the range of cordless telephones is greatly limited compared to the more versatile cellular telephones, i.e., 0.3-30 or more kilometer range for cellular and less than 100 meters in cordless systems, and usually only up to tens of meters.
More recently, the worlds of cellular and cordless telephony have begun to converge with the introduction of cordless standards compatible with that of its cellular cousin. Accordingly, a mobile cellular user may utilize their cellular telephones within a cordless telephony system, thereby avoiding the need to purchase proprietary and typically non-compatible cordless telephones. Shown in FIG. 1 is a private telephone system, generally referred to by the numeral 10, having at least one private base station 12 and a multiplicity of cellular phones 14 in communication therewith. When in a cordless mode a cellular user, e.g., at phone 14A, may communicate with another user within the private telephone system 10, e.g., another cordless-mode cellular phone 14B or a cordless phone 16, via the private base station 12 which serves as a relay.
One problem with the use of the cellular phones 14 within the private telephone system 10 is security. As discussed, original cordless telephones, e.g., phones 16 in FIG. 1 were stand-alone consumer products that did not require any interoperability specifications. In other words, each cordless phone came with its own base station and needed to be compatible only with that base station. Billing, security and privacy concerns within such systems were addressed by both preventing that cordless phone from operating with any other base station and limiting the transmission range of the cordless phones. With the convergence of cordless and cellular technologies and the use of interoperability specifications, however, the inherent physical limitations of the cordless systems no longer serve a security function. With cellular phones 14 being capable of transmitting their signals over many kilometers, the use of such phones within private telephone systems 10 raise genuine security considerations.
As is understood in the art, cellular phone 14A may communicate through the private base station 12 by use of encryption keys or other such security protocol, whereby the messages are encrypted and more difficult to decipher. Accordingly, even though the communications from a cellular user communicating within the private telephone system 10 may extend well outside the outer reaches of the system 10, the conversation or data exchanged is kept relatively confidential. Another problem, however, arises during communication initialization over the radio interface which must occur without encryption since no encryption keys have been exchanged between the cellular user, e.g., of cellular terminal 14A. The information is therefore being broadcast across a wide range, including the keys, until encryption protocols are established. Accordingly, third parties may listen in on such pre-encryption transmissions and acquire sensitive information.
Various techniques may be employed to thwart such eavesdropping. A first approach is to use a wireline connection for the initial information exchange, whereby the cellular phone 14A must be electrically connected to the private base station to start the private communication. This approach would, accordingly, require the definition of an electrical interface between the two components and limit the manufacturer's freedom to design attractive terminals since a standardized connector may increase the size and weight of the terminal. Further, such a definition may also restrict further improvements of such phones 14, e.g., moving to lower voltage technologies for energy conservation and size deduction.
An alternative approach would be using Subscriber Identity Modules (SIMs) in both the private base station 10 and the respective cellular terminal 14, whereby the requisite identification information is readily established and the proper keys applied without transmitting them. In addition to the added component costs, the use of two SIMs in this manner also adds to the administrative costs of mobile network operators who must allocate unique SIM pairings between the private base stations 20 and respective cellular terminals 14. Furthermore, there is a risk that a SIM meant for the cellular terminal 14 may instead be inserted into the private base station 12, further complicating this approach.
A third approach is to utilize the advantages of the radio interface, e.g., standardization. As discussed, however, because radio waves propagate through walls and over large distances, this also poses a security risk which must be overcome.
In view of the disadvantages of each of the aforementioned approaches, it is clear that there is a need for a simple and secure system and method for establishing a communications link between a first device, such as a cellular phone, and another device, such as a private base station.
It is, accordingly, an object of the present invention to provide a system, method and apparatus for establishing such a simple and secure communications link, whereby at least a portion of a transmission, particularly one containing sensitive information, may be transmitted clearly for proper reception while simultaneously minimizing the risk of interception.
It is a further object of the present invention to provide additional systems, methods and apparatuses that securely transmit confidential or sensitive information for establishing a connection between a first and a second device that communicate via radio links, e.g., a lap-top computer and a peripheral device such as a printer.
It is another object of the present invention to provide a secure wireless transmission link between any two devices, whether in the work-place or at home, e.g., a computer which receives an Internet command to turn on the heat in an apartment. After the establishment of the secure link, using the systems, methods and apparatuses of the present invention, the two devices may then communicate via short- or long-range wireless radio links without the need for proprietary cables or other physical interconnection.