An increasing number of devices are incorporating wireless radio communications systems, such as a short range wireless system called Bluetooth. Examples of these devices include wireless headsets, mobile phones, laptop computers, wireless mice and PDAs.
One advantage of wireless communication systems is the ability to connect a first user device to a second interdependent device, such as connecting a headset to a handset for a telecommunications system.
One drawback to interconnecting wireless devices is the risk of interception of inter-device communications or unauthorised access of one of the devices.
This drawback is alleviated by authenticating the first device with the other device.
A typical authentication method requires the user of the devices to enter a 4-digit PIN (personal identification number) stored in one device into the other device. In this method the user is notified of the PIN by the retailer of the device. To authenticate the second device for RF communications with the first device the user provides the second device with the PIN using an entry keypad. The keypad generally provides other functions for the second device and the user is generally required to search through menu options on the second device to activate the PIN entry function.
Once the second device receives the PIN it initiates a key exchange with the first device over RF communications using the PIN as an initial authenticator. The end result of the key exchange is a secure RF communications channel between the first and second device.
One difficulty with the described PIN authentication method is that the user must remember the PIN stored on the first device. If the user forgets the PIN, the user has to contact the retailer or manufacturer of the device. This is an undesirable situation for both the user and the retailer/manufacturer.
As a result of the above some devices are provided with simple PINs common to all devices of one model, such as 0000, 1234, or 6666. However, this solution results in a compromised authentication process as a nefarious party can use these known PINs to illegitimately authenticate their device with the user's device for RF-communications.
The authenticating of one device with another using Bluetooth for persistent communications is called pairing. After pairing, each device in the pair automatically accepts communication from the other device, bypassing the authentication process.
It is an object of the present invention to provide a method for authenticating devices for RF communications which is easy to use, secure, and overcomes the disadvantages of above methods, or to at least provide a useful alternative.