WO2012023153A1 - A mobile phone operable electro-mechanical lock and a method thereof - Google Patents

A mobile phone operable electro-mechanical lock and a method thereof Download PDF

Info

Publication number
WO2012023153A1
WO2012023153A1 PCT/IN2011/000563 IN2011000563W WO2012023153A1 WO 2012023153 A1 WO2012023153 A1 WO 2012023153A1 IN 2011000563 W IN2011000563 W IN 2011000563W WO 2012023153 A1 WO2012023153 A1 WO 2012023153A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
electro
lock
mechanical lock
mobile phone
Prior art date
Application number
PCT/IN2011/000563
Other languages
French (fr)
Inventor
Eknath Ramkrishnamurti Puliadi
Prakash Krishna Ratnaparkhi
Original Assignee
Eknath Ramkrishnamurti Puliadi
Prakash Krishna Ratnaparkhi
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Eknath Ramkrishnamurti Puliadi, Prakash Krishna Ratnaparkhi filed Critical Eknath Ramkrishnamurti Puliadi
Publication of WO2012023153A1 publication Critical patent/WO2012023153A1/en

Links

Classifications

    • GPHYSICS
    • G08SIGNALLING
    • G08CTRANSMISSION SYSTEMS FOR MEASURED VALUES, CONTROL OR SIMILAR SIGNALS
    • G08C17/00Arrangements for transmitting signals characterised by the use of a wireless electrical link
    • G08C17/02Arrangements for transmitting signals characterised by the use of a wireless electrical link using a radio link
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72403User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
    • H04M1/72409User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories
    • H04M1/72415User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories for remote control of appliances
    • EFIXED CONSTRUCTIONS
    • E05LOCKS; KEYS; WINDOW OR DOOR FITTINGS; SAFES
    • E05BLOCKS; ACCESSORIES THEREFOR; HANDCUFFS
    • E05B47/00Operating or controlling locks or other fastening devices by electric or magnetic means
    • E05B2047/0094Mechanical aspects of remotely controlled locks
    • E05B2047/0095Mechanical aspects of locks controlled by telephone signals, e.g. by mobile phones
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • G07C2009/00793Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means by Hertzian waves
    • GPHYSICS
    • G08SIGNALLING
    • G08CTRANSMISSION SYSTEMS FOR MEASURED VALUES, CONTROL OR SIMILAR SIGNALS
    • G08C2201/00Transmission systems of control signals via wireless link
    • G08C2201/20Binding and programming of remote control devices
    • GPHYSICS
    • G08SIGNALLING
    • G08CTRANSMISSION SYSTEMS FOR MEASURED VALUES, CONTROL OR SIMILAR SIGNALS
    • G08C2201/00Transmission systems of control signals via wireless link
    • G08C2201/90Additional features
    • G08C2201/93Remote control using other portable devices, e.g. mobile phone, PDA, laptop
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72403User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
    • H04M1/72409User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories
    • H04M1/72412User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories using two-way short-range wireless interfaces

Definitions

  • the present invention relates to a field of electro-mechanical locks.
  • the invention relates to operating an electro-mechanical lock with a mobile phone as a secure key to prevent any unauthorized operation of the lock.
  • 'Bluetooth' used in this specification relates to a wireless communication standard for exchanging data between electronically enabled devices, the data is exchanged over short distances.
  • Bluetooth Media Access Control used in this specification relates to a Bluetooth Media Access Control (MAC) sub-layer configured as a data communication protocol sub-layer, to provide addressing and channel access control mechanisms making it possible for several terminals or network nodes to communicate within a multi-point network.
  • MAC Bluetooth Media Access Control
  • the term 'mobile phone' used in this specification relates to hand-held voice and data communications device configured as either a cell phone or a personal digital assistant (PDA).
  • PDA personal digital assistant
  • microcontroller' used in this specification relates to a miniature computing system designed for specific embedded engineering control applications.
  • Non-volatile memory used in this specification relates to an electronic non-volatile storage device that can retain stored information even when not powered.
  • Non-volatile memory in this specification can include Electrically Erasable Programmable Read Only Memory (EEPROM), Mask-programmed ROM, Programmable ROM, Erasable PROM (EPROM), UV-erase EPROM, one-time programmable EPROM, and Flash Memory.
  • EEPROM Electrically Erasable Programmable Read Only Memory
  • EPROM Erasable PROM
  • UV-erase EPROM one-time programmable EPROM
  • Flash Memory Flash Memory
  • Industrial locking systems are typically electrically and/or mechanically operated, where in case of electrically operable locks solenoid can be used as a knob control, whereby, knobs in the locking system can be electrically locked and unlocked simultaneously.
  • the electrical solenoid system is not operable with secure codes and can be easily tampered and manipulated with physical/ manual force.
  • Cabinet and drawer electro-mechanical lock system include electronic locking, audio-visual alarm systems, battery-enabled transmitted and receivers to allow an in charge to unlock the cabinet/drawer from any location proximate to the cabinet/drawer.
  • the system further includes a programmable timer to activate a visual/audio alarm if cabinet/drawer remains open for a long time.
  • the transmitter and receiver circuits of the system are operable on radio frequency (RF) configurations that further control the locking, unlocking and alarm subsystems.
  • RF radio frequency
  • electro-mechanical locks Another significant application of electro-mechanical locks is in the automobile industry where these locks are operated by individual RF keys allowing users and operators to swiftly operate locks.
  • RF based keys are expensive, sensitive and very difficult to configure.
  • the RF based keys are not electronically compatible with every portable device in the market. More over, one has to carry multiple keys if he has more than one lock.
  • Another object of the present invention is to ensure that the electro-mechanical locking system has a built in mechanism that ensures against eaves-dropping.
  • Still another object of the present invention is to prevent lock security hacking attacks including cloning attack, man-in-the-middle type attacks, replay attacks, thus making the system highly secure.
  • Yet another object of the invention is to configure a secure master key and a secure user key to operate an electro-mechanical lock.
  • It is further an object of the present invention is to create multiple users for the same lock like having many keys for one lock.
  • Still another object of the present invention is that addition/deletion and managing of the lock is done by the owner of the lock.
  • Yet another object of the present invention is to have the same mobile operating multiple locks thus avoiding the need for carrying multiple keys.
  • a mobile phone operable electromechanical locking system said system including a mobile phone further comprising a shared key and an application code; and an electro-mechanical lock further comprising an initial paring key including a Bluetooth pairing code and an initial password, said mobile phone and said electro-mechanical lock co-operate for initial registration, opening, and closing of said electro-mechanical lock.
  • said electro-mechanical lock includes a microcontroller further comprising an embedded control program, a Bluetooth interface coupled to said microcontroller, an electrically programmable non-volatile memory coupled to said microcontroller, an electromechanical lock configured to get activated and deactivated by said microcontroller, and a power subsystem further comprising a rechargeable battery that is adaptably charged through a charging circuitry.
  • both said Bluetooth paring code and said initial password are stored in distinct databases.
  • said electro-mechanical lock comprises a memory configured as an electrically erasable programmable read only memory (EEPROM) further comprising in a database: an Administrator password linked to a user password; a Bluetooth paring code; a Bluetooth MAC identification; a shared secret key for an nth user, where n is maximum number of users permissible to operate said electro-mechanical locking system.
  • EEPROM electrically erasable programmable read only memory
  • said charging circuitry is power charged via an external utility supply.
  • said electro-mechanical lock is operable by Mobile phones ranging from low-end telecommunication devices to high-end telecommunication devices.
  • said electro-mechanical lock comprises a microcontroller adapted to: generate random numbers while still retaining each set of generated random numbers in its memory; combine locally stored locking and unlocking session secret with a user password as stored in a database; encrypts combined data with selected symmetric key algorithm; and compares resulting value with a predetermined received value to ascertain a genuine user and the mobile phone.
  • a method for locking and un-locking an electromechanical lock including steps of a user, establishing a communication with said electro-mechanical lock via a Bluetooth paring mechanism; said user, sending a paring code which is 16 Alpha numeric characters long, responsive to a request from said electro-mechanical lock; validating said paring code against a predetermined paring entry in a database; generating a random number upon successful validation; transmitting said random number to a shared key held by said user to establish a shared secret between said user and said electro-mechanical lock; said user, providing an administrator password of his choice; said user, providing a user password of his choice that is stored by said electro-mechanical lock while allowing the said user password of choice to be changed by the said user.
  • the step of a user, establishing a communication with said electro-mechanical lock via a Bluetooth paring mechanism further comprises step of said electro-mechanical lock demanding a Bluetooth paring code.
  • the step of validating said paring code against a predetermined paring entry in a database comprises the step of said electro-mechanical lock, storing an acquired Bluetooth MAC identification in a database.
  • said user is a mobile phone owner.
  • the step of generating a random number upon successful validation comprises a microcontroller, remembering said random number as a session secret till session is terminated; said microcontroller, sending out, said session secret to said mobile phone ; combining said session secret with user entered password; encrypting combined data with shared secret key for sending to said electro-mechanical lock; and comparing resulting value with a received value to ascertain a genuine user and said mobile phone.
  • the step of generating random number comprises step of encrypting combined data with shared secret key for sending to said electro-mechanical lock, further comprising step of encrypting by executing a symmetric key module.
  • said user communicates with said mobile phone through steps of : said user invoking the application program on the mobile and said electro-mechanical lock trying to establish communication with registered users in a database; said electro-mechanical lock connecting to a registered user when said user is in vicinity of said electro-mechanical lock; said lock sending out session secret; said user responding with the password combined with shared secret and encrypting with the session secret; said electro-mechanical lock validating the user and the said mobile with the received information; and said electro-mechanical lock carrying out the said users commands, which are encrypted with the session key.
  • Figure 1 illustrates generally an overall system of the lock operated by a mobile phone in accordance with this invention
  • FIG. 2 illustrates the details of the lock having a central micro-controller with embedded control program in accordance with this invention
  • FIG. 3 illustrates the scheme of the Registration Procedure to register the administrator user and the first user of the mobile phone in accordance with this invention
  • Figure 4 illustrates the scheme of the details of the Database stored in the EEPROM in accordance with one embodiment of this invention
  • FIG. 5 illustrates the details of the Communication protocol between the Mobile Phone and the Lock during the normal operation of the key and lock of this invention
  • Figure 6 shows a scheme which illustrates the normal user registration process for this invention
  • Figure 7 shows a first flow chart for registering the administrator of electro-mechanical lock in accordance with this invention
  • Figure 8 shows a second flow chart enabling a new user of electro-mechanical lock to be added in accordance with this invention
  • Figure 9 shows a third flow chart depicting a new user added to the electro-mechanical lock in accordance with this invention.
  • Figure 10 shows a fourth flow chart depicting normal usage of the electro-mechanical lock in accordance with this invention.
  • a mobile phone operable electro-mechanical locking system includes a mobile phone further comprising a shared key and an application code; and an electro-mechanical lock further comprising an initial paring key and a lock identification (id) including a Bluetooth pairing code, said mobile phone and said electro-mechanical lock co-operate for initial registration, opening, and closing of said electro-mechanical lock.
  • said electro-mechanical lock comprises a microcontroller further comprising an embedded control program; a Bluetooth interface coupled to said microcontroller; an electrically programmable non-volatile memory coupled to said microcontroller; an electro-mechanical lock configured to get activated and deactivated by said microcontroller; and a power subsystem further comprising a rechargeable battery that is charged through a charging circuitry.
  • the electromechanical lock includes comprises a memory configured as an electrically erasable programmable read only memory (EEPROM) further comprising a database: a user name, user password a Bluetooth MAC identification; a shared secret key for an nth user, where, n is maximum number of users permissible to operate said electro-mechanical locking system.
  • EEPROM electrically erasable programmable read only memory
  • both said Bluetooth paring code, said Lock Id of the lock and said administrator name and said administrator password are stored in distinct databases.
  • said charging circuitry is power charged via an external utility supply.
  • the electro-mechanical lock is operable on any version, make and configuration of cell phone/ mobile phone.
  • said electro-mechanical lock comprises a microcontroller adapted to: generate random numbers while still retaining each set of generated random numbers in its memory; combine locally stored locking and unlocking session secret with a user password as stored in a database; encrypts combined data with selected symmetric key algorithm; and compares resulting value with a predetermined received value to ascertain a genuine user and the said mobile phone.
  • a method for locking and un-locking an electro-mechanical lock including a user, establishing a communication with said electro-mechanical lock via a Bluetooth paring mechanism; said user, sending a paring code responsive to a request from said electro-mechanical lock; validating said paring code against a predetermined paring entry in a database; generating a random number upon successful validation; transmitting said random number to a shared key held by said user to establish a shared secret between said user and said electro-mechanical lock; said user, providing a Administrator password of his choice; said user, providing a user password of his choice that is stored by said electro-mechanical lock and said user becomes the owner of the phone.
  • the step of a user, establishing a communication with said electro-mechanical lock via a Bluetooth paring mechanism further comprises step of said electro-mechanical lock demanding a Bluetooth paring code.
  • the step of validating said paring code against a predetermined paring entry in a database comprises the step of said electro-mechanical lock, storing an acquired Bluetooth MAC identification in a database.
  • said user is a mobile phone owner.
  • the step of generating a random number upon successful validation includes a microcontroller, remembering said random number as a session secret till session is terminated; said microcontroller, sending out, said session secret to said mobile phone; combining said session secret with user entered password; encrypting combined data with shared secret key for sending to said electro-mechanical lock; and comparing resulting value with a received value to ascertain a genuine user and said mobile phone.
  • the step of generating random number comprises step of encrypting combined data with shared secret key for sending to said electro-mechanical lock, further comprising step of encrypting by executing a symmetric key module.
  • said user communicates with said mobile phone through steps of: said user invoking the application program on the mobile and said electromechanical lock trying to establish communication with registered users in a database; said electro-mechanical lock connecting to a registered user when said user is in vicinity of said electro-mechanical lock; said lock sending out session secret; said user responding with the password combined with shared secret and encrypting with the session secret; said electromechanical lock validating the user and the said mobile with the received information; and said electro-mechanical lock carrying out the said users commands, which are encrypted with the session key.
  • the user/ owner of the electromechanical lock searches for the lock before the user/owner is actually registered, whereas, the electro-mechanical lock searches for the user/owner after registration.
  • the lock searching the user is enabled, which further minimizes the chance of a third party establishing communication with lock and increasing the hindrance of a hacker.
  • the electro-mechanical lock can be deployed in an office, whereby, confidential documents can be securely locked by means of Bluetooth MAC id and session passwords.
  • a master mobile phone can be allotted to an office manager/office administrator that can simultaneously open a locker having confidential documents, like the locker being unlocked by the master mobile phone and a slave mobile phone.
  • cabinets/ drawers in secretarial offices can be locked by means of the electro-mechanical lock of the present invention, whereby, multiple mobile phone can be used to open and close the electro-mechanical lock in a sequential manner, while a master key mobile phone is used to trigger and enable rest of the phones for opening cabinets/ drawers containing classified information/ documents.
  • Figure 1 illustrates the overall system indicating electro-mechanical lock 100 operated by a mobile phone 300 with an application code 301 installed, whereby, the system also indicates a shared key 302 stored securely in the mobile phone 300.
  • a label 200 is also shown, which is printed with the lock id 201 and paring code 202 associated with that particular lock used in the registration procedure of the electro-mechanical lock.
  • the paring code 202 will be 16 characters alpha numeric value.
  • FIG. 2 illustrates the details of the lock 100 which, shows a central micro-controller with embedded control program 112, a Bluetooth interface 111, an electrically programmable nonvolatile memory 114 to store the database required for the secure operation, an electromechanical lock 113 that is controlled by the micro-controller through a lock activate signal 115 and a lock deactivate signal 116.
  • lock 100 also includes the power subsystem 120 further including a rechargeable battery 122 with a charging circuitry 121 that can be charged with power from an external utility supply.
  • the mobile phone 300 is loaded with an application code 301 using the standard mechanism as used for loading any other application.
  • the lock 100 before the registration of a user, has the Lock Id 114.a and Paring Code 114.b stored in EEPROM Database 114, and the same is printed in a human readable form 201 and 202 on the Label 200.
  • FIG. 3 of the drawings illustrates the details of the registration procedure to register the first user, wherein, the first user functions as administrator who can create and manage the other users of the lock 100. The figure is detailed later in the specification.
  • Figure 4 of the drawings illustrates the details of the database stored in the EEPROM 114 where the Lock Id 114.a, same as the Lock Id 201, and Paring Code 114.b, same as Paring Code 202 printed on the label 200 are stored.
  • Administrator Name 1 14,c Administrator password 114.d as given by the administrator along with a set of details of 'n' users who can operate the Lock.
  • the details of users which includes, User Name 114.n.l, User Password 114.n.2, Bluetooth MAC id 1 14.n.3 of the user's mobile, and a Shared secret 114.n.4 for the nth user, where n is the maximum number of users supported in that particular version of the embodiment of this invention.
  • a first step the user tries to establish a communication with the lock using the software application code 301, which prompts for Lock Id.
  • the user enters the Lock Id 201 given on the Label 200.
  • a demand for pairing code is made, for which the user responds with the paring code 202 printed on the label 200 and sends the paring code 202 back to the lock 100 (as indicated in step 401) and upon the validation of this against the entries 114.a and 114.b in the database in 114, the Lock 100 acknowledges a success indication (as indicated in step 402).
  • the Lock 100 stores the Bluetooth MAC id of the user's mobile phone 300, which is automatically learned, and written in the 114.1.3 database.
  • the Lock 100 gets disconnected and the user has to repeat the process.
  • the Application code 301 collects the Administrator name, password, and sends to the Lock 100 (as indicated in step 403), which stores them in databases 114.c, 114.d, respectively.
  • the lock generates a random number, stores it in 114.1.4 database and sends the random number (as indicated in step 404) to the user mobile phone 300, which is stored by it securely in 302, thus establishing a shared secret between the Lock 100 and the User's Mobile Phone 300.
  • the user provides the user name of his choice which is sent to the Lock 100 (as indicated in step 405) which stores in 114.1.1.
  • a user selected password is sent to the Lock 100 (as indicated in step 406) which is stored in the database 114.1.2. This Initial User Registration Procedure is entered into only once during the life time of the system.
  • the normal communication between the user and the mobile phone is depicted as follows:
  • the Lock 100 tries to periodically establish a connection with all the registered mobile users that is executing the Application Code 301 when they are in the vicinity.
  • the lock 100 initiates the communication and it does not entertain a communication from any external device, except during the registration procedure, and is not visible to other devices standard search process, that enhances level of security of the lock 100.
  • the lock 100 immediately after registration of the first user, the lock 100 will try to connect only with this administrator mobile. Subsequently, as the additional users are added, the lock 100 will try to establish communication with all the successfully registered users.
  • Figure 5 of the drawings illustrates the details of the Communication protocol between the Mobile Phone and the Lock during the normal operation.
  • the micro-controller 112 After connecting to the user, the micro-controller 112 generates a random number and remembers locally in its memory as session secret, till the session is terminated, and further sends out (as indicated by step 501) this session secret to the mobile phone.
  • the application code 301 combines the session secret received with the password entered by the user and encrypts using the selected symmetric key algorithm, this combined data, with the Shared Secret Key 302, sent to the Lock 100 (as indicated by step 502).
  • the micro-controller 112 also combines the locally stored session secret with the user password in the Database 114.n.3 and encrypts this combined data with the selected symmetric key algorithm using the Shared Secret 114.n.2 and compares the resulting value with the received value to ascertain a genuine user behind the registered mobile phone 300.
  • the application code 301 and the Lock 100 uses the shared secret 302, user password, and the session secret through the cryptographic function calculate the session key. Further, since both the have same information and the same cryptographic function, the resulting session key will also be same.
  • this session key is used to encrypt all further communication using the selected symmetric encryption algorithm.
  • the micro-controller 112 waits for one of the following command from the user: activate lock; deactivate lock; change_password; switch to administrator; and log-out, for example.
  • a sixth step the user sends one of the above command (as indicated by step 503) using the Application Code 301 and depending on the functional state, the micro-controller 112 takes the corresponding action as follows: assert the activate lock signal 115; assert the deactivate lock signal 116; replace the user password 114.n.3 with new password received; go to the administrator mode; and terminate the session and wait for next user. For security reason the micro-controller will terminate the session after a timeout automatically if no request are made by the user.
  • administrator mode of lock 100 operation is described: In a first step, if the user has selected the switch to administrator command, then the application code 301 collects the administrator name and password and sends to the lock 100. In a second step, the lock 100 validates this information against the administrator name 114.c and the administrator password 114.d in its database. In a third step, if the lock 100 fails to generate a validation signal, the session is terminated. In a fourth step, upon validation the lock 100 waits for one of the following administrator commands: change password; add a new user; delete a user; and log-out.
  • the micro-controller 112 upon receiving one of the above commands takes the following actions: replace the administrator password 114.d entry; if the number of already register users is less than the maximum allowed 'n' in a particular embodiment then the lock 100 enters the user registration mode. In a sixth step, if the number of registered users is not less than the maximum allowed users 'n', then the command is rejected. In a seventh step, if password is accepted successfully, the lock 100 enters additional user creation mode, wherein, all the entries 114.n.l to 114. n.4 are deleted for the selected nth user; and the session is terminated.
  • additional user registration procedure is as follows:
  • the administrator conveys the lock id 201 and pairing code 202 to the new additional user.
  • Figure 6 of the drawings illustrates the normal user registration process in accordance with this invention.
  • a first step when the user tries to establish a communication with the lock 100 using application code 301, a demand is generated for a paring key.
  • the user responds (as indicated in step 601) with the paring key conveyed to him by the administrator user and then the paring key is validated against the entries 114.a and 114.b.
  • micro-controller 112 stores the user's Bluetooth MAC id learned in the 114.n.3 database.
  • the lock 100 acknowledges success (as indicated in step 602).
  • the application code 301 collects the user name and sends to the lock 100 (as indicated in step 603), whereby, the micro-controller 112 stores the user name in 1 14.n. l.
  • the micro-controller 112 generates a random number, stores this as shared secret in the 114.n.4 database and then sends (as indicated in step 604) it to the user mobile phone 300 that is further stored in 302.
  • a shared secret is established between the lock 100 and the user's mobile phone 300.
  • the additional user sets the password of his choice and sends (as indicated in step 605) the password for storage in the database 114.n.2.
  • Figure 7 of the drawings illustrates first flow chart 700 depicting method to register an administrator of the electro-mechanical lock.
  • the user establishes connection with the lock using lock identification.
  • the user sends a paring code responsive to a request from said electro-mechanical lock.
  • the paring code is validated against a predetermined entry in a database.
  • a random number is generated upon successful validation.
  • the random number is transmitted to a shared key held by said user to establish a shared secret between said user and said electro-mechanical lock.
  • the user provides root password of his choice.
  • a seventh step 714 the user provides a user password of his choice that is stored by said electro-mechanical lock while replacing an earlier password.
  • password is stored in a database.
  • the administrator creates his user name and password.
  • user name, password, shared secret and mobile Bluetooth MAC id are stored in a database.
  • Figure 8 of the drawings illustrates second flow chart 800 depicting method to add a new user of the electro-mechanical lock.
  • the administrator logs in as a user.
  • lock enables an open state after checking for authentication of the mobile and the user.
  • a user logs in as an administrator.
  • lock admits the user after checking for the password.
  • user selects and adds a new user command.
  • administrator passes on the lock id (201 and 202 as in Figure 1) to the new user/ owner of the mobile phone.
  • Figure 9 of the drawings illustrates a third flow chart 900 depicting method to add a new user of electro-mechanical lock.
  • a user establishes connection with the lock using a lock identification number (id).
  • the user sends a paring code responsive to a request from said electro-mechanical lock.
  • the paring code is validated against a predetermined entry in a database.
  • a random number is generated upon successful validation.
  • said random number is transmitted to a shared key held by said user to establish a shared secret between said user and said electro-mechanical lock.
  • user creates his user name and password.
  • the user name, password, shared secret, and mobile Bluetooth MAC id are stored in the database of the lock.
  • Figure 10 of the drawings illustrates a fourth flow chart 1000 depicting normal usage of the electro-mechanical lock.
  • the lock tries to establish connection with known mobile codes that are stored in the database.
  • the electromechanical lock generates a session secret and sends the session secret to the mobile phone.
  • the user is prompted for a password and the user responds by entering one.
  • the electro-mechanical lock confirms the mobile and the user identity and credibility.
  • the electro-mechanical lock waits for the user command like open, close, login prompt, wherein, the commands are encrypted using the session key.
  • the technical advancements of the present inventions include providing a highly secure highly secure mobile phone operable electro-mechanical lock system.
  • a practical application of the lock system could be in the automotive field to operate the car door.
  • Possible applications of the electro-mechanical lock of the present invention include a bank safe lock, and a door lock.
  • the logic in the microcontroller can be enhanced easily to have a master user (a master key) and normal user (a user key) concept where the enabling by a master user is mandatory before a normal user can activate the electro-mechanical lock.
  • the logic enhancements in the electro-mechanical lock can address, for example, the requirements of a bank locker facility.
  • Another enhancement in the electro-mechanical lock is where more than one user is required to operate a lock that can be used in locks for protecting the assets where joint ownership exists.
  • the embodiments of the present invention describe a highly secure mechanism for an electro-mechanical lock.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Human Computer Interaction (AREA)
  • Signal Processing (AREA)
  • Lock And Its Accessories (AREA)
  • Telephone Function (AREA)

Abstract

A mobile phone operable electro-mechanical locking system and method are disclosed. The system includes a mobile phone further including a shared key and an application code and an electro-mechanical lock further comprising an initial paring key including a Bluetooth pairing code and lock identification of said mobile phone and the user and said electro-mechanical lock co-operate for initial registration, opening, and closing of said electro-mechanical lock.

Description

A MOBILE PHONE OPERABLE ELECTRO-MECHANICAL LOCK AND A METHOD THEREOF
FIELD OF THE INVENTION
The present invention relates to a field of electro-mechanical locks.
Particularly, the invention relates to operating an electro-mechanical lock with a mobile phone as a secure key to prevent any unauthorized operation of the lock.
DEFINITION OF TERMS USED ΓΝ THIS SPECTFICATION
The term 'Bluetooth' used in this specification relates to a wireless communication standard for exchanging data between electronically enabled devices, the data is exchanged over short distances.
The term 'Bluetooth MAC used in this specification relates to a Bluetooth Media Access Control (MAC) sub-layer configured as a data communication protocol sub-layer, to provide addressing and channel access control mechanisms making it possible for several terminals or network nodes to communicate within a multi-point network.
The term 'mobile phone' used in this specification relates to hand-held voice and data communications device configured as either a cell phone or a personal digital assistant (PDA).
The term 'microcontroller' used in this specification relates to a miniature computing system designed for specific embedded engineering control applications.
The term 'non-volatile memory' used in this specification relates to an electronic non-volatile storage device that can retain stored information even when not powered. Non-volatile memory in this specification can include Electrically Erasable Programmable Read Only Memory (EEPROM), Mask-programmed ROM, Programmable ROM, Erasable PROM (EPROM), UV-erase EPROM, one-time programmable EPROM, and Flash Memory. BACKGROUND OF THE INVENTION
Industrial locking systems are typically electrically and/or mechanically operated, where in case of electrically operable locks solenoid can be used as a knob control, whereby, knobs in the locking system can be electrically locked and unlocked simultaneously. However, the electrical solenoid system is not operable with secure codes and can be easily tampered and manipulated with physical/ manual force.
Cabinet and drawer electro-mechanical lock system include electronic locking, audio-visual alarm systems, battery-enabled transmitted and receivers to allow an in charge to unlock the cabinet/drawer from any location proximate to the cabinet/drawer. The system further includes a programmable timer to activate a visual/audio alarm if cabinet/drawer remains open for a long time. The transmitter and receiver circuits of the system are operable on radio frequency (RF) configurations that further control the locking, unlocking and alarm subsystems. Thus, a remote RF key can be enabled in the system to maneuver the electromechanical lock.
Another significant application of electro-mechanical locks is in the automobile industry where these locks are operated by individual RF keys allowing users and operators to swiftly operate locks. However, RF based keys are expensive, sensitive and very difficult to configure. Further, the RF based keys are not electronically compatible with every portable device in the market. More over, one has to carry multiple keys if he has more than one lock.
Further, for safe like locks, specifically in banks, there are locks that can be operated by the use of a password entered through a special keyboard that is mostly affixed to the safe/locker/ bank vault. However, a person getting access to the password code can also operate the lock. Still further locks are available which can be operated with the help of bio-metric sensors. These locks can be used for entry restriction to sensitive areas and they are expensive too.
Thus, there is a need for a system that:
configures a highly secure electro-mechanical locking system that is operable for locking and unlocking using remote controlled keys; configures a mobile phone for maneuvering an electro-mechanical lock; makes a registration procedure compulsory for operating the electro-mechanical lock;
and establishes a highly secure communications protocol between the mobile phone and the lock during normal operation of lock and key.
OBJECTS OF THE INVENTION
It is object of the present invention to configure a mobile phone to securely operate an electro-mechanical lock.
Another object of the present invention is to ensure that the electro-mechanical locking system has a built in mechanism that ensures against eaves-dropping.
Still another object of the present invention is to prevent lock security hacking attacks including cloning attack, man-in-the-middle type attacks, replay attacks, thus making the system highly secure.
Yet another object of the invention is to configure a secure master key and a secure user key to operate an electro-mechanical lock.
It is further an object of the present invention is to create multiple users for the same lock like having many keys for one lock.
Still another object of the present invention is that addition/deletion and managing of the lock is done by the owner of the lock.
Yet another object of the present invention is to have the same mobile operating multiple locks thus avoiding the need for carrying multiple keys.
SUMMARY OF THE INVENTION
In accordance with the present invention, there is provided a mobile phone operable electromechanical locking system, said system including a mobile phone further comprising a shared key and an application code; and an electro-mechanical lock further comprising an initial paring key including a Bluetooth pairing code and an initial password, said mobile phone and said electro-mechanical lock co-operate for initial registration, opening, and closing of said electro-mechanical lock.
Typically, said electro-mechanical lock includes a microcontroller further comprising an embedded control program, a Bluetooth interface coupled to said microcontroller, an electrically programmable non-volatile memory coupled to said microcontroller, an electromechanical lock configured to get activated and deactivated by said microcontroller, and a power subsystem further comprising a rechargeable battery that is adaptably charged through a charging circuitry.
Typically, both said Bluetooth paring code and said initial password are stored in distinct databases.
Typically, said electro-mechanical lock comprises a memory configured as an electrically erasable programmable read only memory (EEPROM) further comprising in a database: an Administrator password linked to a user password; a Bluetooth paring code; a Bluetooth MAC identification; a shared secret key for an nth user, where n is maximum number of users permissible to operate said electro-mechanical locking system.
Typically, said charging circuitry is power charged via an external utility supply.
Typically, said electro-mechanical lock is operable by Mobile phones ranging from low-end telecommunication devices to high-end telecommunication devices.
Typically, said electro-mechanical lock comprises a microcontroller adapted to: generate random numbers while still retaining each set of generated random numbers in its memory; combine locally stored locking and unlocking session secret with a user password as stored in a database; encrypts combined data with selected symmetric key algorithm; and compares resulting value with a predetermined received value to ascertain a genuine user and the mobile phone.
In accordance with the present invention, a method for locking and un-locking an electromechanical lock is disclosed, said method including steps of a user, establishing a communication with said electro-mechanical lock via a Bluetooth paring mechanism; said user, sending a paring code which is 16 Alpha numeric characters long, responsive to a request from said electro-mechanical lock; validating said paring code against a predetermined paring entry in a database; generating a random number upon successful validation; transmitting said random number to a shared key held by said user to establish a shared secret between said user and said electro-mechanical lock; said user, providing an administrator password of his choice; said user, providing a user password of his choice that is stored by said electro-mechanical lock while allowing the said user password of choice to be changed by the said user.
Typically, the step of a user, establishing a communication with said electro-mechanical lock via a Bluetooth paring mechanism further comprises step of said electro-mechanical lock demanding a Bluetooth paring code.
Typically, the step of validating said paring code against a predetermined paring entry in a database comprises the step of said electro-mechanical lock, storing an acquired Bluetooth MAC identification in a database.
Typically, said user is a mobile phone owner.
Typically, the step of generating a random number upon successful validation comprises a microcontroller, remembering said random number as a session secret till session is terminated; said microcontroller, sending out, said session secret to said mobile phone ; combining said session secret with user entered password; encrypting combined data with shared secret key for sending to said electro-mechanical lock; and comparing resulting value with a received value to ascertain a genuine user and said mobile phone.
Typically, the step of generating random number comprises step of encrypting combined data with shared secret key for sending to said electro-mechanical lock, further comprising step of encrypting by executing a symmetric key module.
Typically, said user communicates with said mobile phone through steps of : said user invoking the application program on the mobile and said electro-mechanical lock trying to establish communication with registered users in a database; said electro-mechanical lock connecting to a registered user when said user is in vicinity of said electro-mechanical lock; said lock sending out session secret; said user responding with the password combined with shared secret and encrypting with the session secret; said electro-mechanical lock validating the user and the said mobile with the received information; and said electro-mechanical lock carrying out the said users commands, which are encrypted with the session key. BRIEF DESCRIPTION OF ACCOMPANYING DRAWING
The invention will now be described with reference to the accompanying drawings, in which,
Figure 1 illustrates generally an overall system of the lock operated by a mobile phone in accordance with this invention;
Figure 2 illustrates the details of the lock having a central micro-controller with embedded control program in accordance with this invention;
Figure 3 illustrates the scheme of the Registration Procedure to register the administrator user and the first user of the mobile phone in accordance with this invention;
Figure 4 illustrates the scheme of the details of the Database stored in the EEPROM in accordance with one embodiment of this invention;
Figure 5 illustrates the details of the Communication protocol between the Mobile Phone and the Lock during the normal operation of the key and lock of this invention;
Figure 6 shows a scheme which illustrates the normal user registration process for this invention;
Figure 7 shows a first flow chart for registering the administrator of electro-mechanical lock in accordance with this invention;
Figure 8 shows a second flow chart enabling a new user of electro-mechanical lock to be added in accordance with this invention;
Figure 9 shows a third flow chart depicting a new user added to the electro-mechanical lock in accordance with this invention; and
Figure 10 shows a fourth flow chart depicting normal usage of the electro-mechanical lock in accordance with this invention.
DETAILED DESCRIPTION OF THE ACCOMPANYING DRAWING
The invention for a highly secure mobile phone operable electro-mechanical lock will now be described with reference to the accompanying drawings which do not limit the scope and ambit of the invention. The description provided is purely by way of example and illustration of mobile phone operable electro-mechanical lock systems.
Conventionally, a significant application of electro-mechanical locks is in the automobile industry where these locks are operated by individual RF keys allowing users and operators to swiftly operate locks. However, RF based keys are expensive, sensitive and very difficult to configure. Further, the user can not make a duplicate key, in case the key is lost.
Further, for safe like locks, specifically in banks, there are locks that can be operated by the use of a password entered through a special keyboard that is mostly affixed to the safe/locker/bank vault. However, anyone getting access to the password code will be able to operate the electro-mechanical lock. Still further locks are available which can be operated with the help of bio-metric sensors. These locks can be used for entry restriction to sensitive areas and these locks are expensive too.
In an embodiment of the invention, according to a first aspect a mobile phone operable electro-mechanical locking system is disclosed. The system includes a mobile phone further comprising a shared key and an application code; and an electro-mechanical lock further comprising an initial paring key and a lock identification (id) including a Bluetooth pairing code, said mobile phone and said electro-mechanical lock co-operate for initial registration, opening, and closing of said electro-mechanical lock.
Still, according to the first aspect, said electro-mechanical lock comprises a microcontroller further comprising an embedded control program; a Bluetooth interface coupled to said microcontroller; an electrically programmable non-volatile memory coupled to said microcontroller; an electro-mechanical lock configured to get activated and deactivated by said microcontroller; and a power subsystem further comprising a rechargeable battery that is charged through a charging circuitry. Yet, according to the first aspect, the electromechanical lock includes comprises a memory configured as an electrically erasable programmable read only memory (EEPROM) further comprising a database: a user name, user password a Bluetooth MAC identification; a shared secret key for an nth user, where, n is maximum number of users permissible to operate said electro-mechanical locking system.
Yet, according to the first aspect, both said Bluetooth paring code, said Lock Id of the lock and said administrator name and said administrator password are stored in distinct databases. Further, said charging circuitry is power charged via an external utility supply. Further, the electro-mechanical lock is operable on any version, make and configuration of cell phone/ mobile phone.
Further, said electro-mechanical lock comprises a microcontroller adapted to: generate random numbers while still retaining each set of generated random numbers in its memory; combine locally stored locking and unlocking session secret with a user password as stored in a database; encrypts combined data with selected symmetric key algorithm; and compares resulting value with a predetermined received value to ascertain a genuine user and the said mobile phone.
In accordance with a second aspect of the invention, a method for locking and un-locking an electro-mechanical lock is disclosed, said method including a user, establishing a communication with said electro-mechanical lock via a Bluetooth paring mechanism; said user, sending a paring code responsive to a request from said electro-mechanical lock; validating said paring code against a predetermined paring entry in a database; generating a random number upon successful validation; transmitting said random number to a shared key held by said user to establish a shared secret between said user and said electro-mechanical lock; said user, providing a Administrator password of his choice; said user, providing a user password of his choice that is stored by said electro-mechanical lock and said user becomes the owner of the phone.
Still, according to the second aspect, the step of a user, establishing a communication with said electro-mechanical lock via a Bluetooth paring mechanism further comprises step of said electro-mechanical lock demanding a Bluetooth paring code. Again, according to the second aspect, the step of validating said paring code against a predetermined paring entry in a database comprises the step of said electro-mechanical lock, storing an acquired Bluetooth MAC identification in a database. Further, said user is a mobile phone owner.
Again, according to the second aspect, the step of generating a random number upon successful validation includes a microcontroller, remembering said random number as a session secret till session is terminated; said microcontroller, sending out, said session secret to said mobile phone; combining said session secret with user entered password; encrypting combined data with shared secret key for sending to said electro-mechanical lock; and comparing resulting value with a received value to ascertain a genuine user and said mobile phone.
Further, according to the second aspect, the step of generating random number comprises step of encrypting combined data with shared secret key for sending to said electro-mechanical lock, further comprising step of encrypting by executing a symmetric key module.
Still, according to the second aspect, said user communicates with said mobile phone through steps of: said user invoking the application program on the mobile and said electromechanical lock trying to establish communication with registered users in a database; said electro-mechanical lock connecting to a registered user when said user is in vicinity of said electro-mechanical lock; said lock sending out session secret; said user responding with the password combined with shared secret and encrypting with the session secret; said electromechanical lock validating the user and the said mobile with the received information; and said electro-mechanical lock carrying out the said users commands, which are encrypted with the session key.
Further, in accordance with an embodiment of the invention, the user/ owner of the electromechanical lock searches for the lock before the user/owner is actually registered, whereas, the electro-mechanical lock searches for the user/owner after registration. Thus, operating security of the electro-mechanical lock is enhanced, the lock searching the user is enabled, which further minimizes the chance of a third party establishing communication with lock and increasing the hindrance of a hacker.
In a further embodiment of the invention, the electro-mechanical lock can be deployed in an office, whereby, confidential documents can be securely locked by means of Bluetooth MAC id and session passwords. Thus, a master mobile phone can be allotted to an office manager/office administrator that can simultaneously open a locker having confidential documents, like the locker being unlocked by the master mobile phone and a slave mobile phone.
In yet another embodiment of the invention, cabinets/ drawers in secretarial offices can be locked by means of the electro-mechanical lock of the present invention, whereby, multiple mobile phone can be used to open and close the electro-mechanical lock in a sequential manner, while a master key mobile phone is used to trigger and enable rest of the phones for opening cabinets/ drawers containing classified information/ documents.
Aspects of the invention will now be described with reference to the accompanying drawings, in which, Figure 1 illustrates the overall system indicating electro-mechanical lock 100 operated by a mobile phone 300 with an application code 301 installed, whereby, the system also indicates a shared key 302 stored securely in the mobile phone 300. A label 200 is also shown, which is printed with the lock id 201 and paring code 202 associated with that particular lock used in the registration procedure of the electro-mechanical lock. The paring code 202 will be 16 characters alpha numeric value.
Figure 2 illustrates the details of the lock 100 which, shows a central micro-controller with embedded control program 112, a Bluetooth interface 111, an electrically programmable nonvolatile memory 114 to store the database required for the secure operation, an electromechanical lock 113 that is controlled by the micro-controller through a lock activate signal 115 and a lock deactivate signal 116. Further, lock 100 also includes the power subsystem 120 further including a rechargeable battery 122 with a charging circuitry 121 that can be charged with power from an external utility supply.
Further, an initial registration procedure of a user of the electro-mechanical lock is described as follows:
The mobile phone 300 is loaded with an application code 301 using the standard mechanism as used for loading any other application. The lock 100, before the registration of a user, has the Lock Id 114.a and Paring Code 114.b stored in EEPROM Database 114, and the same is printed in a human readable form 201 and 202 on the Label 200.
Figure 3 of the drawings illustrates the details of the registration procedure to register the first user, wherein, the first user functions as administrator who can create and manage the other users of the lock 100. The figure is detailed later in the specification.
Figure 4 of the drawings illustrates the details of the database stored in the EEPROM 114 where the Lock Id 114.a, same as the Lock Id 201, and Paring Code 114.b, same as Paring Code 202 printed on the label 200 are stored. Administrator Name 1 14,c, Administrator password 114.d as given by the administrator along with a set of details of 'n' users who can operate the Lock. The details of users, which includes, User Name 114.n.l, User Password 114.n.2, Bluetooth MAC id 1 14.n.3 of the user's mobile, and a Shared secret 114.n.4 for the nth user, where n is the maximum number of users supported in that particular version of the embodiment of this invention.
Referring to Figure 3 and Figure 4, in a first step, the user tries to establish a communication with the lock using the software application code 301, which prompts for Lock Id. In a second step, the user enters the Lock Id 201 given on the Label 200. In a third step, a demand for pairing code is made, for which the user responds with the paring code 202 printed on the label 200 and sends the paring code 202 back to the lock 100 (as indicated in step 401) and upon the validation of this against the entries 114.a and 114.b in the database in 114, the Lock 100 acknowledges a success indication (as indicated in step 402). Further, in a fourth step, the Lock 100 stores the Bluetooth MAC id of the user's mobile phone 300, which is automatically learned, and written in the 114.1.3 database. In a fifth step, in case of failure to validate, the Lock 100 gets disconnected and the user has to repeat the process. Further, the Application code 301 collects the Administrator name, password, and sends to the Lock 100 (as indicated in step 403), which stores them in databases 114.c, 114.d, respectively. Further, in a sixth step, the lock generates a random number, stores it in 114.1.4 database and sends the random number (as indicated in step 404) to the user mobile phone 300, which is stored by it securely in 302, thus establishing a shared secret between the Lock 100 and the User's Mobile Phone 300. In a seventh step again, the user provides the user name of his choice which is sent to the Lock 100 (as indicated in step 405) which stores in 114.1.1. In an eighth step, a user selected password is sent to the Lock 100 (as indicated in step 406) which is stored in the database 114.1.2. This Initial User Registration Procedure is entered into only once during the life time of the system.
In an embodiment of the invention, the normal communication between the user and the mobile phone is depicted as follows:
In a first step, the Lock 100 tries to periodically establish a connection with all the registered mobile users that is executing the Application Code 301 when they are in the vicinity. In a second step, the lock 100 initiates the communication and it does not entertain a communication from any external device, except during the registration procedure, and is not visible to other devices standard search process, that enhances level of security of the lock 100. In a third step, immediately after registration of the first user, the lock 100 will try to connect only with this administrator mobile. Subsequently, as the additional users are added, the lock 100 will try to establish communication with all the successfully registered users.
Figure 5 of the drawings illustrates the details of the Communication protocol between the Mobile Phone and the Lock during the normal operation. Referring to Figure 5 of the drawings, after connecting to the user, the micro-controller 112 generates a random number and remembers locally in its memory as session secret, till the session is terminated, and further sends out (as indicated by step 501) this session secret to the mobile phone. In a first step, the application code 301 combines the session secret received with the password entered by the user and encrypts using the selected symmetric key algorithm, this combined data, with the Shared Secret Key 302, sent to the Lock 100 (as indicated by step 502). In a second step, the micro-controller 112 also combines the locally stored session secret with the user password in the Database 114.n.3 and encrypts this combined data with the selected symmetric key algorithm using the Shared Secret 114.n.2 and compares the resulting value with the received value to ascertain a genuine user behind the registered mobile phone 300. In a third step, the application code 301 and the Lock 100 uses the shared secret 302, user password, and the session secret through the cryptographic function calculate the session key. Further, since both the have same information and the same cryptographic function, the resulting session key will also be same. In a fourth step, this session key is used to encrypt all further communication using the selected symmetric encryption algorithm. In a fifth step, once the user is successfully authenticated, the micro-controller 112 waits for one of the following command from the user: activate lock; deactivate lock; change_password; switch to administrator; and log-out, for example.
In a sixth step, the user sends one of the above command (as indicated by step 503) using the Application Code 301 and depending on the functional state, the micro-controller 112 takes the corresponding action as follows: assert the activate lock signal 115; assert the deactivate lock signal 116; replace the user password 114.n.3 with new password received; go to the administrator mode; and terminate the session and wait for next user. For security reason the micro-controller will terminate the session after a timeout automatically if no request are made by the user.
In an embodiment of the invention, administrator mode of lock 100 operation is described: In a first step, if the user has selected the switch to administrator command, then the application code 301 collects the administrator name and password and sends to the lock 100. In a second step, the lock 100 validates this information against the administrator name 114.c and the administrator password 114.d in its database. In a third step, if the lock 100 fails to generate a validation signal, the session is terminated. In a fourth step, upon validation the lock 100 waits for one of the following administrator commands: change password; add a new user; delete a user; and log-out. In a fifth step, the micro-controller 112 upon receiving one of the above commands takes the following actions: replace the administrator password 114.d entry; if the number of already register users is less than the maximum allowed 'n' in a particular embodiment then the lock 100 enters the user registration mode. In a sixth step, if the number of registered users is not less than the maximum allowed users 'n', then the command is rejected. In a seventh step, if password is accepted successfully, the lock 100 enters additional user creation mode, wherein, all the entries 114.n.l to 114. n.4 are deleted for the selected nth user; and the session is terminated.
In an embodiment of the invention, additional user registration procedure is as follows: The administrator conveys the lock id 201 and pairing code 202 to the new additional user. Figure 6 of the drawings illustrates the normal user registration process in accordance with this invention. In a first step, when the user tries to establish a communication with the lock 100 using application code 301, a demand is generated for a paring key. In a second step, the user responds (as indicated in step 601) with the paring key conveyed to him by the administrator user and then the paring key is validated against the entries 114.a and 114.b. In a third step, micro-controller 112 stores the user's Bluetooth MAC id learned in the 114.n.3 database. In a fourth step, the lock 100 acknowledges success (as indicated in step 602). In a fifth step, the application code 301 collects the user name and sends to the lock 100 (as indicated in step 603), whereby, the micro-controller 112 stores the user name in 1 14.n. l. In a sixth step, the micro-controller 112 generates a random number, stores this as shared secret in the 114.n.4 database and then sends (as indicated in step 604) it to the user mobile phone 300 that is further stored in 302. In a seventh step, a shared secret is established between the lock 100 and the user's mobile phone 300. In an eighth step, the additional user then sets the password of his choice and sends (as indicated in step 605) the password for storage in the database 114.n.2.
Figure 7 of the drawings illustrates first flow chart 700 depicting method to register an administrator of the electro-mechanical lock. In a first step 702, the user establishes connection with the lock using lock identification. In a second step 704, the user, sends a paring code responsive to a request from said electro-mechanical lock. In a third step 706, the paring code is validated against a predetermined entry in a database. In a fourth step 708, a random number is generated upon successful validation. In a fifth step 710, the random number is transmitted to a shared key held by said user to establish a shared secret between said user and said electro-mechanical lock. In a sixth step 712, the user provides root password of his choice. In a seventh step 714, the user provides a user password of his choice that is stored by said electro-mechanical lock while replacing an earlier password. In an eighth step 716, password is stored in a database. In a ninth step 718, the administrator creates his user name and password. In a tenth step 720, user name, password, shared secret and mobile Bluetooth MAC id are stored in a database.
Figure 8 of the drawings illustrates second flow chart 800 depicting method to add a new user of the electro-mechanical lock. In a first step 802, the administrator logs in as a user. In a second step 804, lock enables an open state after checking for authentication of the mobile and the user. In a third step 806, a user logs in as an administrator. In a fourth step 808, lock admits the user after checking for the password. In a fifth step 810, user selects and adds a new user command. In a sixth step 812, administrator passes on the lock id (201 and 202 as in Figure 1) to the new user/ owner of the mobile phone.
Figure 9 of the drawings illustrates a third flow chart 900 depicting method to add a new user of electro-mechanical lock. In a first step 902, a user establishes connection with the lock using a lock identification number (id). In a second step 904, the user, sends a paring code responsive to a request from said electro-mechanical lock. In a third step 906, the paring code is validated against a predetermined entry in a database. In a fourth step 908, a random number is generated upon successful validation. In a fifth step 910, said random number is transmitted to a shared key held by said user to establish a shared secret between said user and said electro-mechanical lock. In a sixth step 912, user creates his user name and password. In a seventh step 914, the user name, password, shared secret, and mobile Bluetooth MAC id are stored in the database of the lock.
Figure 10 of the drawings illustrates a fourth flow chart 1000 depicting normal usage of the electro-mechanical lock. In a first step 1002, the lock tries to establish connection with known mobile codes that are stored in the database. In a second step 1004, the electromechanical lock generates a session secret and sends the session secret to the mobile phone. In a third step 1006, the user is prompted for a password and the user responds by entering one. In a fourth step 1008, the electro-mechanical lock confirms the mobile and the user identity and credibility. In a fifth step 1010, the electro-mechanical lock waits for the user command like open, close, login prompt, wherein, the commands are encrypted using the session key.
TECHNICAL ADVANCEMENTS AND ECONOMIC SIGNIFICANCE
The technical advancements of the present inventions include providing a highly secure highly secure mobile phone operable electro-mechanical lock system. A practical application of the lock system could be in the automotive field to operate the car door. Possible applications of the electro-mechanical lock of the present invention include a bank safe lock, and a door lock. Further, there can be various extra features added to the basic version described above. The logic in the microcontroller can be enhanced easily to have a master user (a master key) and normal user (a user key) concept where the enabling by a master user is mandatory before a normal user can activate the electro-mechanical lock. The logic enhancements in the electro-mechanical lock can address, for example, the requirements of a bank locker facility.
Another enhancement in the electro-mechanical lock is where more than one user is required to operate a lock that can be used in locks for protecting the assets where joint ownership exists. Thus, the embodiments of the present invention describe a highly secure mechanism for an electro-mechanical lock.
While considerable emphasis has been placed herein on the particular features of this invention, it will be appreciated that various modifications can be made, and that many changes can be made in the preferred embodiment without departing from the principles of the invention. These and other modifications in the nature of the invention or the preferred embodiments will be apparent to those skilled in the art from the disclosure herein, whereby it is to be distinctly understood that the foregoing descriptive matter is to be interpreted merely as illustrative of the invention and not as a limitation.

Claims

Claims:
1. A mobile phone operable electro-mechanical locking system, said system comprising:
a mobile phone further comprising a shared key and an application code; and an electro-mechanical lock further comprising a paring key and a lock identification, said mobile phone and said electro-mechanical lock co-operate for initial registration, opening, and closing of said electro-mechanical lock.
2. A system as claimed in claim 1, wherein said electro-mechanical lock comprises:
a microcontroller further comprising an embedded control program;
a Bluetooth interface coupled to said microcontroller;
an electrically programmable non-volatile memory coupled to said microcontroller;
an electro-mechanical lock configured to get activated and deactivated by said microcontroller; and
a power subsystem further comprising a rechargeable battery that is charged through a charging circuitry.
3. A system as claimed in claim 1, wherein both said paring code and lock identification along with the administrator name and linked administrator password are stored in distinct databases.
4. A system as claimed in claim 1, wherein said electro-mechanical lock comprises a memory configured as an electrically erasable programmable read only memory (EEPROM) further comprising in a database: a user name linked to a user password; a ; a Bluetooth MAC identification; a shared secret key for an nth user, where n is maximum number of users permissible to operate said electro-mechanical locking system.
5. A system as claimed in claim 1, wherein said charging circuitry is power charged via an external utility supply.
6. A system as claimed in claim 1, wherein said electro-mechanical lock comprises a microcontroller adapted to: generate random numbers while still retaining each set of generated random numbers in its memory; combine locally stored locking and unlocking session secret with a user password as stored in a database; encrypts combined data with selected symmetric key algorithm; and compares resulting value with a predetermined received value to ascertain a genuine user of said mobile phone.
7. A method for registering an administrator with the said electro-mechanical lock, said method comprising:
a user, establishing a communication with said electro-mechanical lock via a Bluetooth paring mechanism;
said user, sending a paring code responsive to a request from said electromechanical lock;
validating said paring code against a predetermined paring entry in a database; generating a random number upon successful validation;
transmitting said random number to a shared key held by said user to establish a shared secret between said user and said electro-mechanical lock; said user, providing an administrator password of his choice; and
said user, providing a user password of his choice that is stored by said electro-mechanical lock.
8. A method as claimed in claim 7, wherein the step of a user, establishing a communication with said electro-mechanical lock via a Bluetooth paring mechanism further comprises step of said electro-mechanical lock demanding a Bluetooth paring code.
9. A method as claimed in claim 7, wherein the step of validating said paring code against a predetermined paring entry in a database comprises the step of said electromechanical lock, storing an acquired Bluetooth MAC identification in a database.
10. A method as claimed in claim 7, wherein said user is a mobile phone owner.
11. A method as claimed in claim 7, wherein the step of generating a random number upon successful validation comprises:
a microcontroller, remembering said random number as a session secret till session is terminated;
said microcontroller, sending out, said session secret to said mobile phone;
combining said session secret with user entered password; encrypting combined data with shared secret key for sending to said electromechanical lock; and
comparing resulting value with a received value to ascertain a genuine user and said mobile phone.
12. A method as claimed in claim 7, wherein the step of generating random number comprises step of encrypting combined data with shared secret key for sending to said electro-mechanical lock, further comprising step of encrypting by executing a symmetric key module.
13. A method as claimed in claim 7, wherein said user communicates with said mobile phone through steps of:
said electro-mechanical lock trying to establish communication with registered users in a database;
said electro-mechanical lock connecting to a registered user when said use is in vicinity of said lock;
said lock sending out a session secret;
said user responding with password combined with a shared secret and encrypting with said session secret;
said electro-mechanical lock validating said user and the said mobile with received information; and
said electro-mechanical lock carrying out the said users commands, encrypted with said session key.
PCT/IN2011/000563 2010-08-20 2011-08-23 A mobile phone operable electro-mechanical lock and a method thereof WO2012023153A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN2343/MUM/2010 2010-08-20
IN2343MU2010 2010-08-20

Publications (1)

Publication Number Publication Date
WO2012023153A1 true WO2012023153A1 (en) 2012-02-23

Family

ID=45604831

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2011/000563 WO2012023153A1 (en) 2010-08-20 2011-08-23 A mobile phone operable electro-mechanical lock and a method thereof

Country Status (1)

Country Link
WO (1) WO2012023153A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018109785A1 (en) * 2016-12-13 2018-06-21 Sai Lakshmi Industries Pvt. Ltd A portable safety apparatus
CN109923592A (en) * 2016-09-06 2019-06-21 拉奇埃布尔股份有限公司 For access control and the method and system for perceiving management
CN109979070A (en) * 2019-04-29 2019-07-05 广东科徕尼智能科技有限公司 A kind of intelligent door lock system
US10909792B2 (en) 2017-05-17 2021-02-02 Latchable, Inc. Scalable systems and methods for monitoring and concierge service
US11151816B2 (en) 2014-01-04 2021-10-19 Latch, Inc. Methods and systems for access control and awareness management
US11282314B2 (en) 2015-11-04 2022-03-22 Latch Systems, Inc. Systems and methods for controlling access to physical space

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1804349A (en) * 2005-01-14 2006-07-19 乐金电子(中国)研究开发中心有限公司 Mobile phone electronic key for automobile and unlocking method thereof, electronic key for automobile
CN101763670A (en) * 2009-12-07 2010-06-30 中兴通讯股份有限公司 Method and system for unlocking mobile phone key
CN101793115A (en) * 2009-12-20 2010-08-04 姜君凯 Electronic lock and key and workflow control

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1804349A (en) * 2005-01-14 2006-07-19 乐金电子(中国)研究开发中心有限公司 Mobile phone electronic key for automobile and unlocking method thereof, electronic key for automobile
CN101763670A (en) * 2009-12-07 2010-06-30 中兴通讯股份有限公司 Method and system for unlocking mobile phone key
CN101793115A (en) * 2009-12-20 2010-08-04 姜君凯 Electronic lock and key and workflow control

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11151816B2 (en) 2014-01-04 2021-10-19 Latch, Inc. Methods and systems for access control and awareness management
US11282314B2 (en) 2015-11-04 2022-03-22 Latch Systems, Inc. Systems and methods for controlling access to physical space
CN109923592A (en) * 2016-09-06 2019-06-21 拉奇埃布尔股份有限公司 For access control and the method and system for perceiving management
EP3510566A4 (en) * 2016-09-06 2020-04-29 Latchable, Inc. Methods and systems for access control and awareness management
CN109923592B (en) * 2016-09-06 2021-11-05 拉奇股份有限公司 Method and system for access control and awareness management
WO2018109785A1 (en) * 2016-12-13 2018-06-21 Sai Lakshmi Industries Pvt. Ltd A portable safety apparatus
GB2572905A (en) * 2016-12-13 2019-10-16 Sai Lakshmi Ind Pvt Ltd A portable safety apparatus
US10909792B2 (en) 2017-05-17 2021-02-02 Latchable, Inc. Scalable systems and methods for monitoring and concierge service
CN109979070A (en) * 2019-04-29 2019-07-05 广东科徕尼智能科技有限公司 A kind of intelligent door lock system
CN109979070B (en) * 2019-04-29 2024-05-28 广东好太太智能家居有限公司 Intelligent door lock system

Similar Documents

Publication Publication Date Title
CN109790727B (en) Padlock device, system including the same, and method of operating the same
US11275820B2 (en) Locking device biometric access
US11893850B2 (en) Wireless tag-based lock actuation systems and methods
US11657128B2 (en) Temporary password usage control method and system
CN102262793B (en) Entrance guard control method and entrance guard control system
US10171444B1 (en) Securitization of temporal digital communications via authentication and validation for wireless user and access devices
US20210070252A1 (en) Method and device for authenticating a user to a transportation vehicle
US20030048174A1 (en) Electronic device capable of wirelessly transmitting a password that can be used to unlock/lock a password protected electronic device
EP2320388A1 (en) Security system
WO2012023153A1 (en) A mobile phone operable electro-mechanical lock and a method thereof
CN104574616B (en) Intelligent electronic door lock control method and control device
CN104820805A (en) Method and device for burglary prevention of user identity identification card information
JP6916101B2 (en) Sharing system
US20210216619A1 (en) Method and apparatus for authenticating a user of a compartment installation
CN104574615A (en) Electronic door lock control method and control device
JP4189340B2 (en) Delivery box system and delivery box program
CN105393254B (en) Allowing access to data
JP2013209821A (en) Electric lock system
KR101255733B1 (en) Method of generating cyber key and system for the same
JP4435062B2 (en) Key opening / closing system
CN217061056U (en) Intelligent door lock
CN114333115A (en) Unlocking method and device based on dynamic password, electronic lock device and control system
CN113593088A (en) Intelligent unlocking method, intelligent lock, mobile terminal and server
US20190199701A1 (en) Securitization of Temporal Digital Communications Via Authentication and Validation for Wireless User and Access Devices
KR102442149B1 (en) Electronic key based on user authentication using external device and operating method therof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11817873

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11817873

Country of ref document: EP

Kind code of ref document: A1