Classifications

• • G—PHYSICS
  • G08—SIGNALLING
  • G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
  • G08B13/00—Burglar, theft or intruder alarms
  • G08B13/02—Mechanical actuation
  • G08B13/14—Mechanical actuation by lifting or attempted removal of hand-portable articles
  • G08B13/1409—Mechanical actuation by lifting or attempted removal of hand-portable articles for removal detection of electrical appliances by detecting their physical disconnection from an electrical system, e.g. using a switch incorporated in the plug connector
  • G08B13/1418—Removal detected by failure in electrical connection between the appliance and a control centre, home control panel or a power supply
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
  • G06F21/88—Detecting or preventing theft or loss
• • G—PHYSICS
  • G08—SIGNALLING
  • G08B—SIGNALLING OR CALLING SYSTEMS; ORDER TELEGRAPHS; ALARM SYSTEMS
  • G08B13/00—Burglar, theft or intruder alarms
  • G08B13/02—Mechanical actuation
  • G08B13/14—Mechanical actuation by lifting or attempted removal of hand-portable articles
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L12/00—Data switching networks
  • H04L12/02—Details
  • H04L12/22—Arrangements for preventing the taking of data from a data transmission channel without authorisation
• • Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
  • Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
  • Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
  • Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
  • Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Definitions

• Theft-proof electrical appliance. anti-theft system comprising such a device and method of pairing electrical devices
• the present invention relates to an electrical device intended to be connected to a network comprising at least one guard device. It also relates to an anti-theft system comprising a network to which a security device is connected. Finally, it relates to a method of pairing a first and a second device, the first device being called a guard device.
• an electrical appliance provided with a protection device can operate only if it is connected to a guard appliance authorizing its operation.
• the guardian device manages, in an associated database, a list of electrical devices identified by a unique identification code and includes means for authorizing the operation of the devices registered on the list.
• the guardian device is fixed, hidden, even distant, so that possible thieves can steal only the electrical devices connected to this guardian device. Consequently, thieves do not have the guardian device authorizing the operation of these stolen devices and cannot use or resell these devices.
• the disadvantage of such a system is that the authorization to operate the electrical device is managed by the guardian device.
• the guardian device also manages the authorization to operate all the other devices on the list. This management can become cumbersome and difficult in the case where many electrical devices are connected to the guardian device.
• the invention aims to remedy this drawback by providing an electrical device which can be protected against theft without requiring the management of a list of electrical devices by the guardian device with which it is associated.
• the invention relates to an electrical device intended to be connected to a network comprising at least one guardian device.
• the device electric includes storage means; configuration means for authorizing its operation in the presence of the guardian device, means for identifying at least one guardian device when the electrical device is connected to any network comprising such a guardian device, and means for inhibition of the electrical device if the identified guard device does not correspond to the guard device for which it has been configured or if said any network does not include a guard device.
• the means for configuring the electrical device are suitable for recording a public identifier of the guardian device for which the electrical device is configured, in the storage means of the latter.
• the means of identification include means for interrogating any guardian device in order to know its public identifier; the identification means include means for authenticating the guardian device for which it has been configured;
• the authentication means implement a challenge process with zero knowledge transfer
• the electrical appliance is in a state chosen from one of the elements of the assembly consisting of a blank state, a state configured to operate in the presence of at least one guardian appliance and a blocked state, the configured state being obtained after activation of the configuration means and the blocked state being obtained after activation of the inhibition means;
• the electrical appliance works only when it is in the configured state.
• the invention also relates to an anti-theft system comprising at least one network and at least one guard device connected to the network and comprising a public identifier, characterized in that it comprises at least one electrical device as described above.
• An anti-theft system according to the invention may also include one or more of the following characteristics:
• the guardian device includes secure means for storing a secret identifier from which the public identifier is generated;
• the network is chosen from one of the elements of the set consisting of an electrical network, a digital transmission network and a telecommunications network.
• the invention finally relates to a method of pairing a first and a second device, the second device being intended to be connected to a network to which the first device called "guardian device" is connected.
• the method includes a step of configuring the second device to authorize its operation only in the presence of the guardian device.
• This step of configuring the second device comprises recording, in storage means of the second device, a public identifier of the guardian device.
• the second device is in a state chosen from one of the elements of the set consisting of a blank state, a state configured to operate in the presence of at least one guardian device and a blocked state, and in that the configuration step comprises a change of state of the second device, from the blank state to the configured state;
• the method includes a step of inhibiting the second device when the latter is connected to a guardian device for which it has not been configured, this inhibiting step comprising a change of state of the second device, of the configured state in blocked state;
• the method includes a step of identifying a guardian device connected to a network, when the second device is connected to this network;
• the identification step is triggered by one of the triggering events of the set of events consisting of a connection of the second device to the network, a start-up of the second device and a regular or random identification program ;
• the identification step includes the authentication of the guardian apparatus;
• the guardian device comprising secure means for storing a secret identifier from which a public identifier is generated, the identification comprises a step of interrogating the guardian device to know its public identifier and the authentication comprises a sequence of steps during which the guardian device proves to the electrical device that it knows the secret identifier using the challenge process with zero knowledge transfer;
• the identification step concludes that the guardian device for which the second device has been configured is present on the network while the second device is in the blocked state, it is followed by a change of state of the second device from the blocked state to the configured state.
• FIG. 1 schematically shows an anti-theft system according to the invention
• FIG. 2 shows the functional diagram of a process for changing states of an electrical device according to the invention.
• FIG. 3 shows the functional diagram of a method of matching an electrical appliance to a guard appliance according to the invention.
• FIG. 1 shows a local area network 10 such as an electrical energy distribution network, a digital transmission network or even a telecommunications network. It can be a wired or wireless network. To this local network 10 are connected a guard device 12 and electrical devices 14.
• a guard device 12 To this local network 10 are connected a guard device 12 and electrical devices 14.
• the guardian 12 can be hidden or attached to a support so that it can hardly be stolen. It includes calculation means 16 such as a secure processor and a network interface 18.
• the guardian device 12 stores in memory (not shown in the figure) a very large secret number S and a number V, hereinafter called identifier audience of the guardian apparatus 12.
• S and V verify the following equation: where n is an integer whose factorization is secret, for example by being the product of two very large prime numbers kept secret.
• the guardian apparatus 12 also stores a signature SigV of the public identifier V calculated by a control authority, using a public key K.
• V and n are public values, that is to say known to the guardian device 12, but which can also be communicated to the electrical devices 14. While the value n is stored in the electrical devices 14 during construction, the value V is transmitted to the electrical devices 14 during their configuration.
• the electrical devices 14 are for example household appliances, audiovisual, computer or any other device which it is desired to protect against theft and suitable for being connected to the network 10.
• Each electrical device 14 includes storage means 20, such as a non-volatile memory, calculation means 22 such as a processor and a network interface 24 similar to the network interface 18 of the guardian device 12.
• the calculation means 22 include means 26 for configuring each electrical device 14, means 28 for identifying guardian devices and means 30 for inhibiting each electrical device 14. These means 26, 28 and 30 are advantageously software means conventionally programmed in the processor 22 of each electrical appliance 14.
• Each electrical device 14 stores in its memory 20 the number n and the public key K from the control authority having calculated the signature SigV. This key is used to verify the Sig V signature based on the value of V.
• the invention aims to restrict the use of each device 14 to the local network 10, that is to say that each electrical device 14 can only operate if it is connected to the guard device.
• the memory 20 of each device 14 stores only the public identifier V of the guardian device 12, in addition to n and K.
• each electrical device 14 can be restricted to several local networks each comprising a guard device.
• Each electrical device 14 can therefore be associated with several guardian devices.
• the memory 20 of each device can be restricted to several local networks each comprising a guard device.
• the electrical device 14 can be in three fundamental states, represented in FIG. 2: a blank state 32, a configured state 34 and a blocked state 36.
• the blank state 32 corresponds to a state in which the memory 20 of the electrical appliance 14 does not store any public identifier of the guardian appliance.
• the configured state 34 corresponds to a state in which the electrical device 14 stores in its memory 20 the public identifier V of the guardian device 12. The electrical device 14 can then operate only in the presence of the guardian device 12 , that is to say when the device 14 is connected to a network to which the guard device 12 is also connected.
• the configured state corresponds to a state in which the memory 20 of each device 14 stores public identifiers V of several predetermined guard devices.
• Blocked state 36 corresponds to a state in which the electrical appliance, although having been configured, cannot operate because it is connected to a guardian appliance for which it has not been configured, that is to say of which he does not know the public identifier V, or else he is not connected to any guardian device.
• the state of the electrical device 14 will be defined by a variable e, stored in its memory 20, to which the value 0 is given if the electrical device 14 is in the blank state 32, the value 1 if it is in the configured state 34 and the value 2 if it is in the blocked state 36.
• the configuration step 38 is automatic, for example when the electrical device 14 is connected to the network 10, or when the electrical device 14 is switched on, for the first time .
• the configuration step 38 can be triggered manually by the user, for example by entering a secret code, using a physical or electronic key, or by authenticating the user. by means of biometrics such as fingerprint or voice recognition.
• the unlocking step 42 can be triggered manually, for example when entering a password, when using a physical or electronic key or when authenticating the user by means of biometrics.
• This pairing method comprises a first initialization step 48 consisting of a triggering event such as the switching on of the electrical device 14, its connection to a network, or a periodic clock signal. In all cases, it is assumed that the electrical appliance is connected to a network to which the guard appliance 46 is also connected.
• the electrical device 14 sends a command requesting the guard device 46 present on the network to identify itself.
• the guardian appliance 46 transmits to the electrical appliance 14 its public identifier V as well as its signature SigV.
• a test 54 is performed by the electrical device 14. This test consists in verifying the signature SigV using the public identifier V sent by the guardian device 46 and the public key K stored in the electrical appliance 14.
• test 54 If the result of the test 54 is negative, that is to say if the signature SigV does not correspond to the transmitted identifier V, the method is carried over to the initialization step 48. If the result of the test 54 is positive, a test 56 is performed on the variable e stored in the memory 20 of the electrical device 14.
• step 58 is followed by the configuration step 38 described above. During this step, the variable e takes the value 1 and the electrical appliance 14 is then in the configured state 34. The method is then carried over to the initialization step 48. If in step 56 the variable e is equal to 1 or 2, we pass to a test step 60 during which the electrical appliance 14 compares the public identifier V sent by the guard appliance 46 to the public identifier Vo stored in its memory 20. If the result of test 60 is negative, the electrical device 14 performs a test 61 on the variable e.
• step 62 during which the guard apparatus 46 triggers a challenge process with transfer of zero knowledge, by first generating a random number r.
• This method is the subject of steps 62 to 86.
• step 64 during which the guard apparatus 46 chooses a pledge G which is a number taken randomly from the two numbers r 2 and rS where S is the secret number of the guardian appliance 46. It transmits this pledge G to the electric appliance 14 without informing it of its choice.
• step 66 the electrical device 14 randomly assigns a value A or B to a challenge C. It then sends this challenge C to the guardian device 46.
• the guardian apparatus 46 performs a test 68 on the challenge C. If the test 68 reveals that the challenge C is worth A, we go to a step
• the electrical device 14 performs a test 72 for verifying the value of the pledge G. It is known that, following the step 64, the pledge G is equal to r 2 or rS.
• step 76 for monitoring triggering events.
• a triggering event forming part of a set of predetermined triggering events.
• test 72 If the test 72 is negative, that is to say if G ⁇ A and G 2 ⁇ AVmo ⁇ , we pass to a step 78 during which we give the value 2 to e, that is to say that the electrical appliance is put in blocked state 36.
• step 78 we go to step 76 for monitoring triggering events.
• test 68 reveals that the challenge C is worth B, we pass to a step 80 during which the guardian apparatus 46 assigns to B the value r.S and sends B to the electrical apparatus 14.
• the electrical device 14 performs a test 82 for verifying the value of the pledge G.
• the pledge G is equal to r 2 or rS.
• step 84 we go to step 76 for monitoring triggering events. If the test 82 is negative, that is to say if G ⁇ B and B 2 ⁇ G.Vmodn, we pass to a step 86 during which we give the value 2 to e, that is to say that the apparatus electric is put in the blocked state 36.
• step 78 we go to step 76 for monitoring triggering events.
• the invention allows each electrical appliance to operate only in the presence of the appliance guard for which it has been configured, without the guard having to manage a list of authorized devices.

Landscapes

• Engineering & Computer Science (AREA)
• Physics & Mathematics (AREA)
• Computer Security & Cryptography (AREA)
• General Physics & Mathematics (AREA)
• Theoretical Computer Science (AREA)
• Computer Hardware Design (AREA)
• Signal Processing (AREA)
• Software Systems (AREA)
• General Engineering & Computer Science (AREA)
• Computer Networks & Wireless Communication (AREA)
• Alarm Systems (AREA)
• Mobile Radio Communication Systems (AREA)
• Small-Scale Networks (AREA)
• Telephonic Communication Services (AREA)

Applications Claiming Priority (3)

Publications (1)

Family

ID=31198236

Family Applications (1)

Country Status (9)

Families Citing this family (21)

Family Cites Families (15)

• 2002
  • 2002-08-21 FR FR0210430A patent/FR2843819B1/fr not_active Expired - Fee Related
• 2003
  • 2003-08-21 AU AU2003268947A patent/AU2003268947A1/en not_active Abandoned
  • 2003-08-21 EP EP03750724A patent/EP1530785A1/fr not_active Ceased
  • 2003-08-21 CN CNB03818723XA patent/CN100350437C/zh not_active Expired - Fee Related
  • 2003-08-21 WO PCT/EP2003/050386 patent/WO2004019296A1/fr active Application Filing
  • 2003-08-21 MX MXPA05002038A patent/MXPA05002038A/es active IP Right Grant
  • 2003-08-21 US US10/524,654 patent/US7832002B2/en not_active Expired - Fee Related
  • 2003-08-21 KR KR1020057002837A patent/KR101070978B1/ko active IP Right Grant
  • 2003-08-21 JP JP2004530275A patent/JP4035538B2/ja not_active Expired - Fee Related

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events