WO2011117664A1 - Method and apparatus for establishing an electrical connection and establishing a fiber optic connection - Google Patents

Method and apparatus for establishing an electrical connection and establishing a fiber optic connection Download PDF

Info

Publication number
WO2011117664A1
WO2011117664A1 PCT/IB2010/000662 IB2010000662W WO2011117664A1 WO 2011117664 A1 WO2011117664 A1 WO 2011117664A1 IB 2010000662 W IB2010000662 W IB 2010000662W WO 2011117664 A1 WO2011117664 A1 WO 2011117664A1
Authority
WO
WIPO (PCT)
Prior art keywords
cryptographic key
fiber optic
battery
sending
receiving
Prior art date
Application number
PCT/IB2010/000662
Other languages
French (fr)
Inventor
Antti Niskanen
Jani Kivioja
Original Assignee
Nokia Corporation
Nokia, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Corporation, Nokia, Inc. filed Critical Nokia Corporation
Priority to EP10848287.8A priority Critical patent/EP2556623A4/en
Priority to CN201080065683.9A priority patent/CN102812664B/en
Priority to PCT/IB2010/000662 priority patent/WO2011117664A1/en
Publication of WO2011117664A1 publication Critical patent/WO2011117664A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C1/00Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • Embodiments of the present invention relate generally to sending and/or receiving a cryptographic key through a fiber optic connection and, more particularly, relate to an apparatus and method configured to establish an electrical connection and establish a fiber optic connection.
  • mobile terminals Due to the expanding capabilities of mobile terminals, mobile terminals are now being used for many functions for which they had not previously been used. Some of these uses involve the communication of data which is sensitive in nature. For example, online banking, email, corporate communication, health applications, official government communications, etcetera may all involve transmitting and receiving sensitive data.
  • RSA Rivest, Shamir and Adleman
  • One-time pad encryption involves encrypting and decrypting data using a secret random key. For the highest possible amount of security, for each bit of data there must be a corresponding bit of encryption key, though some repetition of the key may still retain sufficient protection for some applications. Accordingly, transmitting the cryptographic key may involve large sums of data. Further, the cryptographic key should be securely transferred. Accordingly, fiber optics represents one potential solution to transporting the cryptographic key. However, transporting data over fiber optics may present impracticalities for mobile terminals.
  • Methods and apparatuses are therefore provided that may allow a cryptographic key to be sent or received though a fiber optic connection.
  • a battery may be charged at the same time the cryptographic key is sent or received or transmitted.
  • an improved apparatus comprises an interface.
  • the interface is configured to establish an electrical connection, establish a fiber optic connection, and send or receive a cryptographic key through the fiber optic connection and concurrently charge a battery with the electrical connection.
  • the apparatus is further configured to send or receive the cryptographic key via quantum cryptography distribution.
  • the cryptographic key may be a one-time pad cryptographic key.
  • the apparatus may additionally be configured to control or detect a quantum mechanical photon property.
  • the cryptographic key is configured to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery is drained. Also, the apparatus may be further configured to direct storage of the cryptographic key to a memory device.
  • an improved apparatus also comprises an interface.
  • the apparatus is configured to establish an electrical connection, establish a fiber optic connection, send or receive a cryptographic key through the fiber optic connection, and provide for output of power configured to charge a battery through the electrical connection and concurrently provide for transmission of the cryptographic key.
  • the apparatus is further configured to send or receive the cryptographic key via quantum cryptography distribution.
  • the cryptographic key may be a one-time pad cryptographic key.
  • the apparatus may additionally be configured to control or detect a quantum mechanical photon property.
  • the cryptographic key is configured to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery is drained. Also, the apparatus may be further configured to direct storage of the cryptographic key to a memory device.
  • a method comprises establishing an electrical connection, establishing a fiber optic connection, and sending or receiving a cryptographic key through the fiber optic connection and concurrently charging a battery with the electrical connection.
  • sending or receiving the cryptographic key comprises sending or receiving the cryptographic key via quantum cryptography distribution.
  • the cryptographic key may be a one-time pad cryptographic key.
  • sending or receiving the cryptographic key via quantum cryptography distribution may comprise controlling or detecting a quantum mechanical photon property.
  • the method may also include configuring the cryptographic key to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery runs out. Also, the method may further comprise directing storage of the cryptographic key to a memory device.
  • a method comprises establishing an electrical connection, establishing a fiber optic connection, sending or receiving a cryptographic key through the fiber optic connection, and providing for output of power configured to charge a battery through the electrical connection and concurrently providing for transmission of the cryptographic key.
  • sending or receiving the cryptographic key comprises sending or receiving the cryptographic key via quantum cryptography distribution.
  • the cryptographic key may be a one-time pad cryptographic key.
  • sending or receiving the cryptographic key via quantum cryptography distribution may comprise controlling or detecting a quantum mechanical photon property.
  • the method may also include configuring the cryptographic key to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery runs out. Also, the method may further comprise directing storage of the cryptographic key to a memory device.
  • embodiments of the present invention may provide for receipt of a cryptographic key through a fiber optic connection.
  • FIG. 1 illustrates a schematic block diagram of a system according to an example embodiment of the present invention
  • FIG. 2 illustrates a schematic block diagram of an apparatus for sending or receiving a cryptographic key through a fiber optic connection when the apparatus is embodied within a user terminal according to an example embodiment of the present invention
  • FIG. 3 illustrates a schematic block diagram of an apparatus for sending or receiving a cryptographic key through a fiber optic connection when the apparatus is embodied within a charger according to an example embodiment of the present invention
  • FIG. 4 illustrates a flowchart according to example methods for sending or receiving a cryptographic key in accordance with example embodiments of the present invention.
  • circuitry refers to (a) hardware-only circuit
  • implementations for example, implementations in analog circuitry and/or digital circuitry
  • circuits such as, for example, a microprocessor(s) or a portion of a microprocessor(s), that require software or firmware for operation even if the software or firmware is not physically present.
  • This definition of 'circuitry' applies to all uses of this term herein, including in any claims.
  • the term 'circuitry' also includes an implementation comprising one or more processors and/or portion(s) thereof and accompanying software and/or firmware.
  • the term 'circuitry' as used herein also includes, for example, a baseband integrated circuit or applications processor integrated circuit for a mobile phone or a similar integrated circuit in a server, a cellular network device, other network device, and/or other computing device.
  • FIG. 1 illustrates a block diagram of a system that may benefit from embodiments of the present invention. It should be understood, however, that the system as illustrated and hereinafter described is merely illustrative of one system that may benefit from embodiments of the present invention and, therefore, should not be taken to limit the scope of embodiments of the present invention.
  • an embodiment of a system in accordance with an example embodiment of the present invention may include a user terminal 10.
  • the user terminal 10 may be any of multiple types of fixed or mobile communication and/or computing devices such as, for example, portable digital assistants (PDAs), pagers, mobile televisions, mobile telephones, gaming devices, laptop computers, personal computers (PCs), cameras, camera phones, video recorders, audio/video players, radios, global positioning system (GPS) devices, or any combination of the aforementioned, and other types of voice and text communications systems, which employ embodiments of the present invention.
  • PDAs portable digital assistants
  • PCs personal computers
  • GPS global positioning system
  • the user terminal 10 may be configured to communicate with one or more devices.
  • the user terminal 10 may be capable of communicating with a sensitive data communicator 20.
  • the sensitive data communicator 20 may comprise a device which is configured to receive and/or transmit sensitive data with the user terminal 10.
  • Sensitive data refers to any and all data for which it may not be desirable that the data become available to unintended recipients. For instance, banking data, user names, passwords, health care information, emails, corporate communications, government communications, etcetera may comprise sensitive data in some circumstances. Further, other communications may comprise sensitive data in some circumstances simply due to privacy concerns.
  • the sensitive data communicator 20 may comprise a user terminal, a server, a workstation, other computing device.
  • Communication between the user terminal 10 and sensitive data communicator 20 may in some embodiments occur, either directly, or via a network 30.
  • the network 30 may include a collection of various different nodes, devices or functions that may be in communication with each other via corresponding wired and/or wireless interfaces.
  • the illustration of FIG. 1 should be understood to be an example of a broad view of certain elements of the system and not an all inclusive or detailed view of the system or the network 30.
  • the network 30 may be capable of supporting communication in accordance with any one or more of a number of first-generation (1G), second-generation (2G), 2.5G, third-generation (3G), 3.5G, 3.9G, fourth-generation (4G) mobile communication protocols, Long Term Evolution (LTE), and/or the like.
  • the network 30 may be a cellular network, a mobile network and/or a data network, such as a local area network (LAN), a metropolitan area network (MAN), and/or a wide area network (WAN), for example, the Internet.
  • processing elements for example, personal computers, server computers or the like
  • processing elements for example, personal computers, server computers or the like
  • the user terminal 10 and/or the other devices may be enabled to communicate with each other, for example, according to numerous communication protocols including Hypertext Transfer Protocol (HTTP) and/or the like, to thereby carry out various communication or other functions of the mobile terminal 10 and the other devices, respectively.
  • HTTP Hypertext Transfer Protocol
  • the user terminal 10 and the other devices may be enabled to communicate with the network 30 and/or each other by any of numerous different access mechanisms. For example, mobile access
  • W-CDMA wideband code division multiple access
  • CDMA2000 global system for mobile communications
  • GSM global system for mobile communications
  • GPRS general packet radio service
  • wireless access mechanisms such as wireless LAN (WLAN), Worldwide Interoperability for Microwave Access (WiMAX), WiFi, ultra-wide band (UWB), Wibree techniques and/or the like and fixed access mechanisms such as digital subscriber line (DSL), cable modems, Ethernet and/or the like.
  • WiMAX Worldwide Interoperability for Microwave Access
  • WiFi WiFi
  • UWB ultra-wide band
  • Wibree techniques fixed access mechanisms
  • DSL digital subscriber line
  • Ethernet Ethernet and/or the like.
  • the network 30 may be a home network or other network providing local connectivity.
  • the system may further comprise a cryptographic key sharer 40 which may be in communication with the user terminal 0 and the sensitive data communicator 20.
  • the cryptographic key sharer 40 is configured to share a cryptographic key which may be used to encrypt sensitive data.
  • the cryptographic key sharer 40 may employ one-time pad encryption to generate a one-time pad cryptographic key.
  • the cryptographic key sharer 40 may create a cryptographic key which is random.
  • the cryptographic key sharer may comprise a quantum mechanical random number generator.
  • the cryptographic key sharer 40 may receive the cryptographic key and then share it with another device.
  • the system may employ fiber optics to transmit the cryptographic key.
  • Fiber optics may provide a secure method of transmitting the key in some embodiments.
  • the cryptographic key may be transmitted via quantum cryptographic distribution, also known as quantum key distribution, or other types of quantum cryptography.
  • protocols such as BB84 (Bennett Brassard) and E91 (Ekert) or other variants may be employed.
  • a unique property of quantum cryptographic distribution is that the two communicating devices may be able to detect the presence of a third party attempting to gain access to the cryptographic key.
  • Detecting access may be possible because the process of measuring a quantum system, which may be necessary to access the cryptographic key, in general disturbs the system.
  • a communication system may be implemented which may detect eavesdropping, and aborts transmission of the cryptographic key in instances in which eavesdropping is detected.
  • fiber optic connections may be established with the cryptographic key sharer 40 and the devices between which secure sensitive data transmission is desired.
  • a first fiber optic cable 42 may establish a fiber optic connection between the cryptographic key sharer 40 and the sensitive data communicator 20.
  • a second fiber optic cable 44 may establish a fiber optic connection from the cryptographic key sharer 40 toward the user terminal 10.
  • the second fiber optic cable 44 may not extend directly to the user terminal 10.
  • the user terminal 10 may connect to the cryptographic key sharer 40 via a charger 12.
  • the charger 2 is configured to provide power to the user terminal 10, and may charge a battery of the user terminal 10.
  • the charger 12 may thereby be connected to a power source 14, which may be a commercial power source, such as a power plant.
  • the charger may connect to the power source 14 though power lines and ultimately a wall outlet. Power may thereafter be supplied to the user terminal 0 through a power cable 16.
  • the charger 12 is further connected to the user terminal 10 through a data cable 18.
  • the data cable 18 may comprise a fiber optic cable, but in other embodiments the data cable may comprise a USB cable, or other type of cable capable of transmitting electronic data. Further, although the power cable 16 and the data cable 18 are generally shown and described as two separate cables, in some embodiments the power cable 16 and the data cable 18 may comprise portions of an integral cable.
  • apparatuses 50a, 50b are provided that may be employed by devices performing example embodiments of the present invention.
  • the apparatuses 50 may be embodied, for example, as any device hosting, including, controlling or otherwise comprising the user terminal 0 or the charger 12.
  • embodiments may also be embodied on a plurality of other devices such as for example where instances of the apparatuses 50 may be embodied on the network 30.
  • the apparatuses 50 of FIGS. 2 and 3 are merely examples and may include more, or in some cases less, than the components shown in FIGS. 2 and 3.
  • the apparatuses 50 are configured to send and/or receive a cryptographic key through a fiber optic connection.
  • the apparatus 50a as shown in FIG. 2 is an embodiment in which the apparatus may be a device hosting, including, controlling or otherwise comprising the user terminal 10.
  • the apparatus 50a may include or otherwise be in communication with a processor 70, a user interface 72, a communication interface 74 and a memory device 76.
  • the memory device 76 may include, for example, volatile and/or non-volatile memory.
  • the memory device 76 may comprise a solid state memory device.
  • the memory device 76 may be configured to store information, data, files, applications, instructions or the like.
  • the memory device 76 could be configured to buffer input data for processing by the processor 70. Additionally or alternatively, the memory device 76 could be configured to store instructions for execution by the processor 70. As yet another alternative, the memory device 76 may be one of a plurality of databases or storage locations that store information and/or media content.
  • the processor 70 may be embodied in a number of different ways.
  • the processor 70 may be embodied as one or more of various processing means such as a coprocessor, a microprocessor, a controller, a digital signal processor (DSP), processing circuitry with or without an accompanying DSP, or various other processing devices including integrated circuits such as, for example, an ASIC (application specific integrated circuit), an FPGA (field programmable gate array), a hardware accelerator, a special-purpose computer chip, or the like.
  • the processor 70 may be configured to execute instructions stored in the memory device 76 or otherwise accessible to the processor 70.
  • the processor 70 may be configured to execute hard coded functionality.
  • the processor 70 may represent an entity (for example, physically embodied in circuitry) capable of performing operations according to embodiments of the present invention while configured accordingly.
  • the processor 70 when the processor 70 is embodied as an ASIC, FPGA or the like, the processor 70 may be specifically configured hardware for conducting the operations described herein.
  • the processor 70 when the processor 70 is embodied as an executor of software instructions, the instructions may specifically configure the processor 70 to perform the algorithms and/or operations described herein when the instructions are executed.
  • the processor 70 may be a processor of a specific device (for example, a mobile terminal or network device such as a server) adapted for employing embodiments of the present invention by further configuration of the processor 70 by instructions for performing the algorithms and/or operations described herein.
  • the processor 70 may include, among other things, a clock, an arithmetic logic unit (ALU) and logic gates configured to support operation of the processor 70.
  • ALU arithmetic logic unit
  • the communication interface 74 may be any means such as a device or circuitry embodied in either hardware, software, or a combination of hardware and software that is configured to receive and/or transmit data from/to a network and/or any other device or module in communication with the apparatus 50a.
  • the communication interface 74 may include, for example, an antenna (or multiple antennas) and supporting hardware and/or software for enabling communications with a wireless communication network (for example, network 30).
  • a wireless communication network for example, network 30.
  • the communication interface 74 may alternatively or also support wired communication.
  • the communication interface 74 may include a communication modem and/or other hardware/software for supporting communication via cable, digital subscriber line (DSL), universal serial bus (USB), Ethernet, High-Definition Multimedia Interface (HDMI) or other mechanisms.
  • the communication interface 74 may include hardware and/or software for supporting communication mechanisms such as BLUETOOTH®, Infrared, UWB, WiFi, and/or the like, which are being increasingly employed in connection with providing home connectivity solutions.
  • the user interface 72 may be in communication with the processor 70 to receive an indication of a user input at the user interface and/or to provide an audible, visual, mechanical or other output to the user.
  • the user interface 72 may include, for example, a keyboard, a mouse, a joystick, a display, a touch screen, a microphone, a speaker, or other input/output mechanisms.
  • the apparatus 50a may further include a battery 78.
  • the apparatus 50a may charge the battery 78 using the power cable 16 from the charger 12.
  • the charger 12 may connect to the apparatus 50a through the data cable 18.
  • the data cable 18 may comprise a fiber optic cable, and hence the charger 12 may comprise a fiber optic connector 12a, which may, for example, act to connect the data cable 18 to the second fiber optic cable 44 from FIG. 1.
  • the apparatus 50a may include a fiber optic module 80, which may in some embodiments comprise a portion of the communication interface 74.
  • the fiber optic module 80 may comprise emitters, detectors, optical equipment, and associated electrical equipment configured to send and/or receive signals via the fiber optic connection and convert the signals to and from electronic data.
  • the fiber optic module 80 may comprise an emitter for single photos or other weak optical signals.
  • the fiber optic module 80 when the fiber optic module 80 is configured to receive data, it may comprise a single photon detector, an avalanche photo diode, and other photonic components.
  • the fiber optic module 80 sends and receives cryptographic keys, it may comprise some or all of these components.
  • the fiber optic module 80 may be configured to emit or detect photons and control or detect their polarization, and enable sending or receipt of cryptographic keys via quantum cryptography distribution.
  • the fiber optic module 80 may be configured to control a quantum mechanical photon property such as photon polarization or phase.
  • a quantum mechanical photon property such as photon polarization or phase.
  • optical or near-optical single photons or other electromagnetic weak signals in optical fiber may be used.
  • the wavelength may be close to that of visible light, and in some embodiments the wavelength may be in the infrared spectrum.
  • the cryptographic keys may be received, for example, from the cryptographic key sharer 40. Once a cryptographic key is received through the fiber optic connection using the fiber optic module 80, the cryptographic key may be stored in the memory device 76.
  • the cryptographic key may thereby be used to encrypt and decrypt
  • the cryptography module 82 may be embodied by the processor 70, or other computing device. Additionally or alternatively, the cryptographic key generating module 84 may generate a cryptographic key and send the cryptographic key, for example, to the cryptographic key sharer 40 for distribution to other devices such as the sensitive data communicator 20.
  • the cryptographic key generator module 84 may be embodied by the processor 70, or other computing device. Thereby, communications with the sensitive data communicator 20, for example, may occur in a secure manner using the communication interface 74 even when the communications do not occur via a fiber optic connection. For example, the secure communication between the apparatus 50a and the sensitive data communicator 20 may occur via the network 30, and in some embodiments at least a portion of the
  • communication may occur wirelessly. However, due to the use of the cryptographic key as described above, the communications may still remain secure.
  • the apparatus 50b may be a device hosting, including, controlling or otherwise comprising the charger 12.
  • the apparatus 50b may include or otherwise be in communication with some or all of the components of the apparatus 50a from FIG. 2, including the processor 70, the communication interface 74 and the memory device 76.
  • the apparatus 50b may further include a power inverter 86 which connects to the power source 14 and thereby may be used to charge the battery 78, which is in the user terminal 10, through the power cable 16. However, in some embodiments charging of the battery 78 may occur wirelessly.
  • the apparatus 50b may include the fiber optic module 80.
  • the emitters, detectors, optical equipment, and associated electrical equipment configured to send and/or receive data via the fiber optic connection may comprise a portion of the charger 12 in this embodiment, in addition to or instead of a portion of the user terminal 10.
  • the apparatus 50b may also include the cryptographic key generator module 84 in embodiments in which the apparatus creates the cryptographic key. Accordingly, the cryptographic key in this embodiment may be sent to or received from the cryptographic key sharer 40 through the second fiber optic cable 44, and converted from/into electronic data using the fiber optic module 80. In some cases the cryptographic key may be directly transmitted to the user terminal 10 after the
  • the apparatus 50b may be configured to receive the cryptographic key through the fiber optic connection, and then store the cryptographic key prior to transferring the
  • the apparatus 50b may generate the cryptographic key using the cryptographic key generator module 84 and then store the cryptographic key prior to transferring the cryptographic key to the user terminal 10.
  • the apparatus 50b may store the cryptographic key in the memory device 76.
  • the apparatus 50b may store the cryptographic key prior to connecting with the user terminal 10.
  • the apparatus may receive or generate the cryptographic key and store the cryptographic key in the memory device 76.
  • the apparatus may thereby charge the battery 78 of the user terminal and transmit the cryptographic key to the user terminal concurrently. This may be used, for example, in instances in which the time it takes to charge the battery 78 is less than the time it takes to receive the cryptographic key from the cryptographic key sharer 40.
  • the apparatus 50b With regard to the transfer of the cryptographic key from the apparatus 50b to the user terminal 10, this may occur through the data cable 18. While the data cable 18 is generally described herein as being used to transfer the cryptographic key from the apparatus 50b to the user terminal 10, this may not necessarily be the case in all embodiments in which the apparatus is embodied in the charger 2. For example, because the fiber optic module 80 converts the cryptographic key to electronic data in the apparatus 50b, and the cryptographic key generator module 84 may generate the key in electronic data form, the apparatus may thereby transmit the data using other known methods of transferring the data, such as wirelessly transferring the cryptographic key data to the user terminal 10 through the communication interface 74. However, wirelessly transferring the data may in some cases reduce the security of the transfer of the cryptographic key from the apparatus 50b to the user terminal 0.
  • the user terminal may thereby use the cryptography module 82, which is in this embodiment embodied in the user terminal, to securely communicate with other devices such as the sensitive data communicator 20.
  • FIG. 4 is a flowchart of a system, method and program product according to example embodiments of the invention. It will be understood that each block of the flowchart, and combinations of blocks in the flowchart, may be implemented by various means, such as hardware, firmware, processor, circuitry and/or other device associated with execution of software including one or more computer program instructions. For example, one or more of the procedures described above may be embodied by a computer program product including computer program instructions. In this regard, the computer program instructions which embody the procedures described above may be stored by a memory device and executed by a processor of an apparatus.
  • any such computer program instructions may be loaded onto a computer or other programmable apparatus (for example, hardware) to produce a machine, such that the resulting computer or other programmable apparatus embody means for implementing the functions specified in the flowchart block(s).
  • These computer program instructions may also be stored in a computer-readable memory that may direct a computer or other programmable apparatus to function in a particular manner, such that the instructions stored in the computer- readable memory produce an article of manufacture the execution of which implements the function specified in the flowchart block(s).
  • the computer program instructions may also be loaded onto a computer or other programmable apparatus to cause a series of operations to be performed on the computer or other programmable apparatus to produce a computer-implemented process such that the instructions which execute on the computer or other programmable apparatus implement the functions specified in the flowchart block(s).
  • blocks of the flowchart support combinations of means for performing the specified functions and program instruction means for performing the specified functions. It will also be understood that one or more blocks of the flowchart, and combinations of blocks in the flowcharts, can be implemented by special purpose hardware-based computer systems which perform the specified functions, or
  • one embodiment of a method comprises establishing an electrical connection at operation 100 and establishing a fiber optic connection at operation 02.
  • the method further comprises sending or receiving a cryptographic key through the fiber optic connection at operation 104.
  • the operation 104 of sending or receiving the cryptographic key may be conducted currently with charging a battery with the electrical connection at operation 110, for example when the method is being conducted by the user terminal 10.
  • Concurrently, as used herein, refers to instances in which two or more operations occur such that they overlap in time. However, in some embodiments the operation 104 of sending or receiving the cryptographic key may begin at substantially the same time as the operation 110 of charging the battery. Further, in alternate
  • providing for output of power configured to charge a battery at operation 104 may be conducted concurrently with providing for transmission of the cryptographic key at operation 116, for example when the method is being conducted by the charger 12.
  • the operation 104 of sending or receiving the cryptographic key may comprise sending or receiving the cryptographic key via quantum cryptography distribution at operation 106.
  • quantum cryptography distribution may be used to detect eavesdropping over the fiber optic connection.
  • Sending or receiving the cryptographic key via quantum cryptography distribution at operation 106 may comprise controlling or detecting a quantum mechanical photon property in some embodiments, as illustrated at operation 108.
  • the cryptographic key may be a one-time pad key.
  • the method may further comprise configuring the cryptographic key to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery is drained at operation 112.
  • the cryptographic key bit length may be configured to be long enough to encrypt all of the sensitive data which is expected to be transferred by the user terminal 10 between each charge of the battery 78, which may in some embodiments be determined empirically.
  • the method may further comprise directing storage of the cryptographic key to a memory device at operation 114.
  • an apparatus for performing the method of FIG. 4 and other methods described above may comprise a processor (for example, the processor 70) configured to perform some or each of the operations (100-116) described above.
  • the processor may, for example, be configured to perform the operations (100-116) by performing hardware implemented logical functions, executing stored instructions, or executing algorithms for performing each of the operations.
  • the apparatus may comprise means for performing each of the operations described above.
  • examples of means for performing operations 00-1 6 may comprise, for example, the processor 70, the user interface 72, the communication interface 74, the memory device 76, the battery 78, the fiber optic module 80, the cryptographic key generator module 84, and the power inverter 86, and/or an algorithm executed by the processor for processing information as described above.
  • the above-described portions of the apparatuses 50 as they relate to the operations of the method illustrated in FIG. 4 are merely examples, and it should be understood that various other embodiments may be possible.
  • the particular means for conducting the operations may vary depending on the particular embodiments employed, such as whether the apparatus 50a from FIG. 2 is employed, or the apparatus 50b from FIG. 3.
  • the operation 100 of establishing an electrical connection may be performed by means such as the power cable 16, which may connect the user terminal 10 to the charger 12.
  • this may be conducted by means such as the second fiber optic cable 44, such as when the apparatus 50b is embodied in the charger 12.
  • the means for establishing the fiber optic connection at operation 102 may comprise the data cable 18, because in embodiments in which the apparatus is embodied in the user terminal, the data cable may comprise a fiber optic cable as described above.
  • the operation 104 of sending or receiving a cryptographic key may be conducted by means such as the fiber optic module 80 and further by the communication interface 74 in some embodiments.
  • the operations 106, 108 of sending or receiving the cryptographic key via quantum cryptography distribution and controlling or detecting photon the quantum mechanical property may additionally be conducted by means such as the fiber optic module 80 and further by the communication interface 74 in some embodiments and additionally or alternatively conducted by means such as the processor 70.
  • the operation 110 of charging a battery through the electrical connection may be conducted by means such as the battery.78 and/or the power cable 6.
  • the power cable 16 and the power inverter 86 may be used.
  • the processor 70 may employ logic configured to charge the battery 78.
  • the operation 112 of configuring the cryptographic key to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery runs out may be conducted by means such as the processor 70, and/or the cryptographic key generator module 84.
  • the operation 114 of directing storage of the cryptographic key to a memory device may be conducted by means such as the memory device 76. Additionally, providing for transmission of the cryptographic key at operation 116 may be conducted by the communication interface 74 when the apparatus 50b is embodied in the charger 12 and additionally or alternatively conducted by means such as the processor 70. For example, the charger 12 may transmit the cryptographic key to the user terminal 10.

Abstract

An apparatus for sending or receiving a cryptographic key through a fiber optic connection may include a fiber optic module (80) for sending or receiving the cryptographic key and converting the cryptographic key from or to electronic data. The cryptographic key may be stored in a memory device (76). A cryptography module (82) may allow the apparatus to securely transmit sensitive data. The apparatus may send or receive the cryptographic key through a fiber optic connection (18) which may include a data cable. The apparatus may include a battery (78) which is charged through an electrical connection (16) such as through a power cable. The apparatus may in some embodiments be embodied in a charger (12) for a user terminal (50a), or in the user terminal (50a) itself.

Description

METHOD AND APPARATUS FOR ESTABLISHING AN ELECTRICAL CONNECTION AND ESTABLISHING A FIBER OPTIC CONNECTION
TECHNOLOGICAL FIELD
Embodiments of the present invention relate generally to sending and/or receiving a cryptographic key through a fiber optic connection and, more particularly, relate to an apparatus and method configured to establish an electrical connection and establish a fiber optic connection.
BACKGROUND
In order to provide easier or faster information transfer and convenience, telecommunication industry service providers are continually developing improvements to existing communication networks. As a result, wireless communication has become increasingly more reliable in recent years. Along with the expansion and improvement of wireless communication networks, mobile terminals used for wireless communication have also been continually improving. In this regard, due at least in part to reductions in size and cost, along with improvements in battery life and computing capacity, mobile terminals have become more capable, easier to use, and cheaper to obtain. Due to the now ubiquitous nature of mobile terminals, people of all ages and education levels are utilizing mobile terminals to communicate with other individuals or contacts, receive services and/or share information, media and other content.
Due to the expanding capabilities of mobile terminals, mobile terminals are now being used for many functions for which they had not previously been used. Some of these uses involve the communication of data which is sensitive in nature. For example, online banking, email, corporate communication, health applications, official government communications, etcetera may all involve transmitting and receiving sensitive data.
Accordingly, cryptographic solutions have been developed to protect sensitive data. Some of the implemented solutions rely on discrete mathematics and schemes such as the Rivest, Shamir and Adleman (RSA) algorithm of encryption. While such algorithms may be considered to be sufficient for the time being, they may not be considered future proof, meaning that they may not remain secure in the future. For example, a future threat to RSA encryption is that of the potential advent of quantum computers and the possibility that classical cracks could also be developed, though none are currently believed to be known.
The only encryption method which is believed to be provably secure is that of onetime pad encryption. One-time pad encryption involves encrypting and decrypting data using a secret random key. For the highest possible amount of security, for each bit of data there must be a corresponding bit of encryption key, though some repetition of the key may still retain sufficient protection for some applications. Accordingly, transmitting the cryptographic key may involve large sums of data. Further, the cryptographic key should be securely transferred. Accordingly, fiber optics represents one potential solution to transporting the cryptographic key. However, transporting data over fiber optics may present impracticalities for mobile terminals.
BRIEF SUMMARY
Methods and apparatuses are therefore provided that may allow a cryptographic key to be sent or received though a fiber optic connection. In some embodiments a battery may be charged at the same time the cryptographic key is sent or received or transmitted.
In an example embodiment, an improved apparatus comprises an interface. The interface is configured to establish an electrical connection, establish a fiber optic connection, and send or receive a cryptographic key through the fiber optic connection and concurrently charge a battery with the electrical connection.
In some embodiments the apparatus is further configured to send or receive the cryptographic key via quantum cryptography distribution. Further, the cryptographic key may be a one-time pad cryptographic key. The apparatus may additionally be configured to control or detect a quantum mechanical photon property. In some embodiments the cryptographic key is configured to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery is drained. Also, the apparatus may be further configured to direct storage of the cryptographic key to a memory device.
In a further example embodiment, an improved apparatus also comprises an interface. The apparatus is configured to establish an electrical connection, establish a fiber optic connection, send or receive a cryptographic key through the fiber optic connection, and provide for output of power configured to charge a battery through the electrical connection and concurrently provide for transmission of the cryptographic key.
In some embodiments the apparatus is further configured to send or receive the cryptographic key via quantum cryptography distribution. Further, the cryptographic key may be a one-time pad cryptographic key. The apparatus may additionally be configured to control or detect a quantum mechanical photon property. In some embodiments the cryptographic key is configured to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery is drained. Also, the apparatus may be further configured to direct storage of the cryptographic key to a memory device.
In an additional example embodiment a method comprises establishing an electrical connection, establishing a fiber optic connection, and sending or receiving a cryptographic key through the fiber optic connection and concurrently charging a battery with the electrical connection.
In some embodiments sending or receiving the cryptographic key comprises sending or receiving the cryptographic key via quantum cryptography distribution. Also, the cryptographic key may be a one-time pad cryptographic key. Further, sending or receiving the cryptographic key via quantum cryptography distribution may comprise controlling or detecting a quantum mechanical photon property. The method may also include configuring the cryptographic key to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery runs out. Also, the method may further comprise directing storage of the cryptographic key to a memory device.
In a further example embodiment a method comprises establishing an electrical connection, establishing a fiber optic connection, sending or receiving a cryptographic key through the fiber optic connection, and providing for output of power configured to charge a battery through the electrical connection and concurrently providing for transmission of the cryptographic key.
In some embodiments sending or receiving the cryptographic key comprises sending or receiving the cryptographic key via quantum cryptography distribution. Also, the cryptographic key may be a one-time pad cryptographic key. Further, sending or receiving the cryptographic key via quantum cryptography distribution may comprise controlling or detecting a quantum mechanical photon property. The method may also include configuring the cryptographic key to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery runs out. Also, the method may further comprise directing storage of the cryptographic key to a memory device.
Accordingly, embodiments of the present invention may provide for receipt of a cryptographic key through a fiber optic connection. BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWING(S) Having thus described embodiments of the present disclosure in general terms, reference will now be made to the accompanying drawings, which are not necessarily drawn to scale, and wherein:
FIG. 1 illustrates a schematic block diagram of a system according to an example embodiment of the present invention;
FIG. 2 illustrates a schematic block diagram of an apparatus for sending or receiving a cryptographic key through a fiber optic connection when the apparatus is embodied within a user terminal according to an example embodiment of the present invention;
FIG. 3 illustrates a schematic block diagram of an apparatus for sending or receiving a cryptographic key through a fiber optic connection when the apparatus is embodied within a charger according to an example embodiment of the present invention; and
FIG. 4 illustrates a flowchart according to example methods for sending or receiving a cryptographic key in accordance with example embodiments of the present invention.
DETAILED DESCRIPTION
Some embodiments of the present invention will now be described more fully hereinafter with reference to the accompanying drawings, in which some, but not all embodiments of the invention are shown. Indeed, various embodiments of the invention may be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Like reference numerals refer to like elements throughout. As used herein, the terms "data," "content," "information" and similar terms may be used interchangeably to refer to data capable of being transmitted, received and/or stored in accordance with embodiments of the present invention. Moreover, the term "exemplary", as used herein, is not provided to convey any qualitative assessment, but instead merely to convey an illustration of an example. Thus, use of any such terms should not be taken to limit the spirit and scope of embodiments of the present invention.
As used herein, the term 'circuitry' refers to (a) hardware-only circuit
implementations (for example, implementations in analog circuitry and/or digital circuitry);
(b) combinations of circuits and computer program product(s) comprising software and/or firmware instructions stored on one or more computer readable memories that work together to cause an apparatus to perform one or more functions described herein; and
(c) circuits, such as, for example, a microprocessor(s) or a portion of a microprocessor(s), that require software or firmware for operation even if the software or firmware is not physically present. This definition of 'circuitry' applies to all uses of this term herein, including in any claims. As a further example, as used herein, the term 'circuitry' also includes an implementation comprising one or more processors and/or portion(s) thereof and accompanying software and/or firmware. As another example, the term 'circuitry' as used herein also includes, for example, a baseband integrated circuit or applications processor integrated circuit for a mobile phone or a similar integrated circuit in a server, a cellular network device, other network device, and/or other computing device.
As indicated above, embodiments of the present invention may be employed in methods and apparatuses configured to send and/or receive a cryptographic key through a fiber optic connection. In this regard, for example, FIG. 1 illustrates a block diagram of a system that may benefit from embodiments of the present invention. It should be understood, however, that the system as illustrated and hereinafter described is merely illustrative of one system that may benefit from embodiments of the present invention and, therefore, should not be taken to limit the scope of embodiments of the present invention.
As shown in FIG. , an embodiment of a system in accordance with an example embodiment of the present invention may include a user terminal 10. The user terminal 10 may be any of multiple types of fixed or mobile communication and/or computing devices such as, for example, portable digital assistants (PDAs), pagers, mobile televisions, mobile telephones, gaming devices, laptop computers, personal computers (PCs), cameras, camera phones, video recorders, audio/video players, radios, global positioning system (GPS) devices, or any combination of the aforementioned, and other types of voice and text communications systems, which employ embodiments of the present invention.
The user terminal 10 may be configured to communicate with one or more devices. In some embodiments the user terminal 10 may be capable of communicating with a sensitive data communicator 20. The sensitive data communicator 20 may comprise a device which is configured to receive and/or transmit sensitive data with the user terminal 10. Sensitive data, as used herein, refers to any and all data for which it may not be desirable that the data become available to unintended recipients. For instance, banking data, user names, passwords, health care information, emails, corporate communications, government communications, etcetera may comprise sensitive data in some circumstances. Further, other communications may comprise sensitive data in some circumstances simply due to privacy concerns. Thus, in some circumstances the sensitive data communicator 20 may comprise a user terminal, a server, a workstation, other computing device. Communication between the user terminal 10 and sensitive data communicator 20 may in some embodiments occur, either directly, or via a network 30. The network 30 may include a collection of various different nodes, devices or functions that may be in communication with each other via corresponding wired and/or wireless interfaces. As such, the illustration of FIG. 1 should be understood to be an example of a broad view of certain elements of the system and not an all inclusive or detailed view of the system or the network 30. Although not necessary, in some embodiments, the network 30 may be capable of supporting communication in accordance with any one or more of a number of first-generation (1G), second-generation (2G), 2.5G, third-generation (3G), 3.5G, 3.9G, fourth-generation (4G) mobile communication protocols, Long Term Evolution (LTE), and/or the like. Thus, the network 30 may be a cellular network, a mobile network and/or a data network, such as a local area network (LAN), a metropolitan area network (MAN), and/or a wide area network (WAN), for example, the Internet. In turn, other devices such as processing elements (for example, personal computers, server computers or the like) may be included in or coupled to the network 30. By directly or indirectly connecting the user terminal 10 and the other devices to the network 30, the user terminal 10 and/or the other devices may be enabled to communicate with each other, for example, according to numerous communication protocols including Hypertext Transfer Protocol (HTTP) and/or the like, to thereby carry out various communication or other functions of the mobile terminal 10 and the other devices, respectively. As such, the user terminal 10 and the other devices may be enabled to communicate with the network 30 and/or each other by any of numerous different access mechanisms. For example, mobile access
mechanisms such as wideband code division multiple access (W-CDMA), CDMA2000, global system for mobile communications (GSM), general packet radio service (GPRS) and/or the like may be supported as well as wireless access mechanisms such as wireless LAN (WLAN), Worldwide Interoperability for Microwave Access (WiMAX), WiFi, ultra-wide band (UWB), Wibree techniques and/or the like and fixed access mechanisms such as digital subscriber line (DSL), cable modems, Ethernet and/or the like. Thus, for example, the network 30 may be a home network or other network providing local connectivity.
The system may further comprise a cryptographic key sharer 40 which may be in communication with the user terminal 0 and the sensitive data communicator 20. The cryptographic key sharer 40 is configured to share a cryptographic key which may be used to encrypt sensitive data. In one embodiment the cryptographic key sharer 40 may employ one-time pad encryption to generate a one-time pad cryptographic key.
Accordingly, the cryptographic key sharer 40 may create a cryptographic key which is random. In one embodiment the cryptographic key sharer may comprise a quantum mechanical random number generator. In other embodiments the cryptographic key sharer 40 may receive the cryptographic key and then share it with another device.
However, a cryptographic key must be securely provided to the devices which are communicating in order to securely encrypt the communications. Accordingly, the system may employ fiber optics to transmit the cryptographic key. Fiber optics may provide a secure method of transmitting the key in some embodiments. For example, the cryptographic key may be transmitted via quantum cryptographic distribution, also known as quantum key distribution, or other types of quantum cryptography. By way of further example, protocols such as BB84 (Bennett Brassard) and E91 (Ekert) or other variants may be employed. A unique property of quantum cryptographic distribution is that the two communicating devices may be able to detect the presence of a third party attempting to gain access to the cryptographic key. Detecting access may be possible because the process of measuring a quantum system, which may be necessary to access the cryptographic key, in general disturbs the system. Thus, by using quantum superposition or quantum entanglement and transmitting information in quantum states, a communication system may be implemented which may detect eavesdropping, and aborts transmission of the cryptographic key in instances in which eavesdropping is detected.
Accordingly, fiber optic connections may be established with the cryptographic key sharer 40 and the devices between which secure sensitive data transmission is desired. In this regard, a first fiber optic cable 42 may establish a fiber optic connection between the cryptographic key sharer 40 and the sensitive data communicator 20. Further, a second fiber optic cable 44 may establish a fiber optic connection from the cryptographic key sharer 40 toward the user terminal 10.
However, as illustrated, the second fiber optic cable 44 may not extend directly to the user terminal 10. Rather, as illustrated, the user terminal 10 may connect to the cryptographic key sharer 40 via a charger 12. The charger 2 is configured to provide power to the user terminal 10, and may charge a battery of the user terminal 10. The charger 12 may thereby be connected to a power source 14, which may be a commercial power source, such as a power plant. Thus, the charger may connect to the power source 14 though power lines and ultimately a wall outlet. Power may thereafter be supplied to the user terminal 0 through a power cable 16. The charger 12 is further connected to the user terminal 10 through a data cable 18. In some embodiments the data cable 18 may comprise a fiber optic cable, but in other embodiments the data cable may comprise a USB cable, or other type of cable capable of transmitting electronic data. Further, although the power cable 16 and the data cable 18 are generally shown and described as two separate cables, in some embodiments the power cable 16 and the data cable 18 may comprise portions of an integral cable.
Thus, using the above-described system, a secure connection may be established between the user terminal 10 and the sensitive data communicator 20 by encrypting and decrypting communications therebetween using the cryptographic key. In example embodiments, apparatuses 50a, 50b (collectively, 50) are provided that may be employed by devices performing example embodiments of the present invention. The apparatuses 50 may be embodied, for example, as any device hosting, including, controlling or otherwise comprising the user terminal 0 or the charger 12. However, embodiments may also be embodied on a plurality of other devices such as for example where instances of the apparatuses 50 may be embodied on the network 30. As such, the apparatuses 50 of FIGS. 2 and 3 are merely examples and may include more, or in some cases less, than the components shown in FIGS. 2 and 3.
With further regard to FIGS. 2 and 3, the apparatuses 50 are configured to send and/or receive a cryptographic key through a fiber optic connection. The apparatus 50a as shown in FIG. 2 is an embodiment in which the apparatus may be a device hosting, including, controlling or otherwise comprising the user terminal 10. Thus, the apparatus 50a may include or otherwise be in communication with a processor 70, a user interface 72, a communication interface 74 and a memory device 76. The memory device 76 may include, for example, volatile and/or non-volatile memory. In some embodiments the memory device 76 may comprise a solid state memory device. The memory device 76 may be configured to store information, data, files, applications, instructions or the like. For example, the memory device 76 could be configured to buffer input data for processing by the processor 70. Additionally or alternatively, the memory device 76 could be configured to store instructions for execution by the processor 70. As yet another alternative, the memory device 76 may be one of a plurality of databases or storage locations that store information and/or media content.
The processor 70 may be embodied in a number of different ways. For example, the processor 70 may be embodied as one or more of various processing means such as a coprocessor, a microprocessor, a controller, a digital signal processor (DSP), processing circuitry with or without an accompanying DSP, or various other processing devices including integrated circuits such as, for example, an ASIC (application specific integrated circuit), an FPGA (field programmable gate array), a hardware accelerator, a special-purpose computer chip, or the like. In an example embodiment, the processor 70 may be configured to execute instructions stored in the memory device 76 or otherwise accessible to the processor 70. Alternatively or additionally, the processor 70 may be configured to execute hard coded functionality. As such, whether configured by hardware or software methods, or by a combination thereof, the processor 70 may represent an entity (for example, physically embodied in circuitry) capable of performing operations according to embodiments of the present invention while configured accordingly. Thus, for example, when the processor 70 is embodied as an ASIC, FPGA or the like, the processor 70 may be specifically configured hardware for conducting the operations described herein. Alternatively, as another example, when the processor 70 is embodied as an executor of software instructions, the instructions may specifically configure the processor 70 to perform the algorithms and/or operations described herein when the instructions are executed. However, in some cases, the processor 70 may be a processor of a specific device (for example, a mobile terminal or network device such as a server) adapted for employing embodiments of the present invention by further configuration of the processor 70 by instructions for performing the algorithms and/or operations described herein. The processor 70 may include, among other things, a clock, an arithmetic logic unit (ALU) and logic gates configured to support operation of the processor 70.
Meanwhile, the communication interface 74 may be any means such as a device or circuitry embodied in either hardware, software, or a combination of hardware and software that is configured to receive and/or transmit data from/to a network and/or any other device or module in communication with the apparatus 50a. In this regard, the communication interface 74 may include, for example, an antenna (or multiple antennas) and supporting hardware and/or software for enabling communications with a wireless communication network (for example, network 30). In fixed environments, the
communication interface 74 may alternatively or also support wired communication. As such, the communication interface 74 may include a communication modem and/or other hardware/software for supporting communication via cable, digital subscriber line (DSL), universal serial bus (USB), Ethernet, High-Definition Multimedia Interface (HDMI) or other mechanisms. Furthermore, the communication interface 74 may include hardware and/or software for supporting communication mechanisms such as BLUETOOTH®, Infrared, UWB, WiFi, and/or the like, which are being increasingly employed in connection with providing home connectivity solutions.
The user interface 72 may be in communication with the processor 70 to receive an indication of a user input at the user interface and/or to provide an audible, visual, mechanical or other output to the user. As such, the user interface 72 may include, for example, a keyboard, a mouse, a joystick, a display, a touch screen, a microphone, a speaker, or other input/output mechanisms.
In some embodiments the apparatus 50a may further include a battery 78. Thus, for example, the apparatus 50a may charge the battery 78 using the power cable 16 from the charger 12. Further, the charger 12 may connect to the apparatus 50a through the data cable 18. In some embodiments the data cable 18 may comprise a fiber optic cable, and hence the charger 12 may comprise a fiber optic connector 12a, which may, for example, act to connect the data cable 18 to the second fiber optic cable 44 from FIG. 1. Accordingly, the apparatus 50a may include a fiber optic module 80, which may in some embodiments comprise a portion of the communication interface 74. The fiber optic module 80 may comprise emitters, detectors, optical equipment, and associated electrical equipment configured to send and/or receive signals via the fiber optic connection and convert the signals to and from electronic data. For example, in embodiments in which the fiber optic module 80 sends data, the fiber optic module may comprise an emitter for single photos or other weak optical signals. By way of further example, when the fiber optic module 80 is configured to receive data, it may comprise a single photon detector, an avalanche photo diode, and other photonic components. When the fiber optic module 80 sends and receives cryptographic keys, it may comprise some or all of these components. Thus, for example, in some embodiments the fiber optic module 80 may be configured to emit or detect photons and control or detect their polarization, and enable sending or receipt of cryptographic keys via quantum cryptography distribution. However, in addition to controlling or detecting photon polarization, manipulation of other degrees of freedom may be used, such as phase, that allow for exploiting conjugate quantum variables, as would be understood by one skilled in the art. Thus, in some embodiments the fiber optic module 80 may be configured to control a quantum mechanical photon property such as photon polarization or phase. Note that in some embodiments optical or near-optical single photons or other electromagnetic weak signals in optical fiber may be used. Further, in some embodiments the wavelength may be close to that of visible light, and in some embodiments the wavelength may be in the infrared spectrum.
When the apparatus 50a is configured to receive cryptographic keys, the cryptographic keys may be received, for example, from the cryptographic key sharer 40. Once a cryptographic key is received through the fiber optic connection using the fiber optic module 80, the cryptographic key may be stored in the memory device 76.
Thereafter, the cryptographic key may thereby be used to encrypt and decrypt
communications using a cryptography module 82. The cryptography module 82 may be embodied by the processor 70, or other computing device. Additionally or alternatively, the cryptographic key generating module 84 may generate a cryptographic key and send the cryptographic key, for example, to the cryptographic key sharer 40 for distribution to other devices such as the sensitive data communicator 20. The cryptographic key generator module 84 may be embodied by the processor 70, or other computing device. Thereby, communications with the sensitive data communicator 20, for example, may occur in a secure manner using the communication interface 74 even when the communications do not occur via a fiber optic connection. For example, the secure communication between the apparatus 50a and the sensitive data communicator 20 may occur via the network 30, and in some embodiments at least a portion of the
communication may occur wirelessly. However, due to the use of the cryptographic key as described above, the communications may still remain secure.
In alternate embodiments, as shown in FIG. 3, the apparatus 50b may be a device hosting, including, controlling or otherwise comprising the charger 12. The apparatus 50b may include or otherwise be in communication with some or all of the components of the apparatus 50a from FIG. 2, including the processor 70, the communication interface 74 and the memory device 76. The apparatus 50b may further include a power inverter 86 which connects to the power source 14 and thereby may be used to charge the battery 78, which is in the user terminal 10, through the power cable 16. However, in some embodiments charging of the battery 78 may occur wirelessly.
In this embodiment, the apparatus 50b may include the fiber optic module 80.
Thus, the emitters, detectors, optical equipment, and associated electrical equipment configured to send and/or receive data via the fiber optic connection may comprise a portion of the charger 12 in this embodiment, in addition to or instead of a portion of the user terminal 10. Further, the apparatus 50b may also include the cryptographic key generator module 84 in embodiments in which the apparatus creates the cryptographic key. Accordingly, the cryptographic key in this embodiment may be sent to or received from the cryptographic key sharer 40 through the second fiber optic cable 44, and converted from/into electronic data using the fiber optic module 80. In some cases the cryptographic key may be directly transmitted to the user terminal 10 after the
cryptographic key is received and converted to electronic data. However, in other cases the apparatus 50b may be configured to receive the cryptographic key through the fiber optic connection, and then store the cryptographic key prior to transferring the
cryptographic key to the user terminal 10. Alternatively, the apparatus 50b may generate the cryptographic key using the cryptographic key generator module 84 and then store the cryptographic key prior to transferring the cryptographic key to the user terminal 10. For example, the apparatus 50b may store the cryptographic key in the memory device 76. Thus, in some embodiments the apparatus 50b may store the cryptographic key prior to connecting with the user terminal 10. For example, when the user is away from the apparatus 50b, the apparatus may receive or generate the cryptographic key and store the cryptographic key in the memory device 76. Thereafter, when the user connects the user terminal 10 to the charger 12 (when it embodies the apparatus 50b), the apparatus may thereby charge the battery 78 of the user terminal and transmit the cryptographic key to the user terminal concurrently. This may be used, for example, in instances in which the time it takes to charge the battery 78 is less than the time it takes to receive the cryptographic key from the cryptographic key sharer 40.
With regard to the transfer of the cryptographic key from the apparatus 50b to the user terminal 10, this may occur through the data cable 18. While the data cable 18 is generally described herein as being used to transfer the cryptographic key from the apparatus 50b to the user terminal 10, this may not necessarily be the case in all embodiments in which the apparatus is embodied in the charger 2. For example, because the fiber optic module 80 converts the cryptographic key to electronic data in the apparatus 50b, and the cryptographic key generator module 84 may generate the key in electronic data form, the apparatus may thereby transmit the data using other known methods of transferring the data, such as wirelessly transferring the cryptographic key data to the user terminal 10 through the communication interface 74. However, wirelessly transferring the data may in some cases reduce the security of the transfer of the cryptographic key from the apparatus 50b to the user terminal 0. Once the
cryptographic key is received by the user terminal 10 from the apparatus 50b, the user terminal may thereby use the cryptography module 82, which is in this embodiment embodied in the user terminal, to securely communicate with other devices such as the sensitive data communicator 20.
In terms of methods associated with embodiments of the present invention, the above-described embodiments of the apparatuses 50 or other embodiments of apparatuses may be employed. In this regard, FIG. 4 is a flowchart of a system, method and program product according to example embodiments of the invention. It will be understood that each block of the flowchart, and combinations of blocks in the flowchart, may be implemented by various means, such as hardware, firmware, processor, circuitry and/or other device associated with execution of software including one or more computer program instructions. For example, one or more of the procedures described above may be embodied by a computer program product including computer program instructions. In this regard, the computer program instructions which embody the procedures described above may be stored by a memory device and executed by a processor of an apparatus. As will be appreciated, any such computer program instructions may be loaded onto a computer or other programmable apparatus (for example, hardware) to produce a machine, such that the resulting computer or other programmable apparatus embody means for implementing the functions specified in the flowchart block(s). These computer program instructions may also be stored in a computer-readable memory that may direct a computer or other programmable apparatus to function in a particular manner, such that the instructions stored in the computer- readable memory produce an article of manufacture the execution of which implements the function specified in the flowchart block(s). The computer program instructions may also be loaded onto a computer or other programmable apparatus to cause a series of operations to be performed on the computer or other programmable apparatus to produce a computer-implemented process such that the instructions which execute on the computer or other programmable apparatus implement the functions specified in the flowchart block(s).
Accordingly, blocks of the flowchart support combinations of means for performing the specified functions and program instruction means for performing the specified functions. It will also be understood that one or more blocks of the flowchart, and combinations of blocks in the flowcharts, can be implemented by special purpose hardware-based computer systems which perform the specified functions, or
combinations of special purpose hardware and computer instructions.
In this regard, one embodiment of a method comprises establishing an electrical connection at operation 100 and establishing a fiber optic connection at operation 02. The method further comprises sending or receiving a cryptographic key through the fiber optic connection at operation 104. The operation 104 of sending or receiving the cryptographic key may be conducted currently with charging a battery with the electrical connection at operation 110, for example when the method is being conducted by the user terminal 10. Concurrently, as used herein, refers to instances in which two or more operations occur such that they overlap in time. However, in some embodiments the operation 104 of sending or receiving the cryptographic key may begin at substantially the same time as the operation 110 of charging the battery. Further, in alternate
embodiments, providing for output of power configured to charge a battery at operation 104 may be conducted concurrently with providing for transmission of the cryptographic key at operation 116, for example when the method is being conducted by the charger 12.
In some embodiments the operation 104 of sending or receiving the cryptographic key may comprise sending or receiving the cryptographic key via quantum cryptography distribution at operation 106. As described above, quantum cryptography distribution may be used to detect eavesdropping over the fiber optic connection. Sending or receiving the cryptographic key via quantum cryptography distribution at operation 106 may comprise controlling or detecting a quantum mechanical photon property in some embodiments, as illustrated at operation 108. Additionally or alternatively in some embodiments the cryptographic key may be a one-time pad key.
In some embodiments the method may further comprise configuring the cryptographic key to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery is drained at operation 112. By making the cryptographic key bit length at least as long as the bit length of the data being transferred, the data transfer may be more secure, as described above. Thus, for example, the cryptographic key may be configured to be long enough to encrypt all of the sensitive data which is expected to be transferred by the user terminal 10 between each charge of the battery 78, which may in some embodiments be determined empirically. In some embodiments the method may further comprise directing storage of the cryptographic key to a memory device at operation 114.
In an example embodiment, an apparatus for performing the method of FIG. 4 and other methods described above may comprise a processor (for example, the processor 70) configured to perform some or each of the operations (100-116) described above. The processor may, for example, be configured to perform the operations (100-116) by performing hardware implemented logical functions, executing stored instructions, or executing algorithms for performing each of the operations. Alternatively, the apparatus may comprise means for performing each of the operations described above. In this regard, according to an example embodiment, examples of means for performing operations 00-1 6 may comprise, for example, the processor 70, the user interface 72, the communication interface 74, the memory device 76, the battery 78, the fiber optic module 80, the cryptographic key generator module 84, and the power inverter 86, and/or an algorithm executed by the processor for processing information as described above. However, the above-described portions of the apparatuses 50 as they relate to the operations of the method illustrated in FIG. 4 are merely examples, and it should be understood that various other embodiments may be possible. Further, as will be described below, the particular means for conducting the operations may vary depending on the particular embodiments employed, such as whether the apparatus 50a from FIG. 2 is employed, or the apparatus 50b from FIG. 3.
In some embodiments the operation 100 of establishing an electrical connection may be performed by means such as the power cable 16, which may connect the user terminal 10 to the charger 12. With regard to the operation 102 of concurrently establishing a fiber optic connection, this may be conducted by means such as the second fiber optic cable 44, such as when the apparatus 50b is embodied in the charger 12. However, when the apparatus 50a is embodied in the user terminal 10, the means for establishing the fiber optic connection at operation 102 may comprise the data cable 18, because in embodiments in which the apparatus is embodied in the user terminal, the data cable may comprise a fiber optic cable as described above. Further, the operation 104 of sending or receiving a cryptographic key may be conducted by means such as the fiber optic module 80 and further by the communication interface 74 in some embodiments. Additionally, the operations 106, 108 of sending or receiving the cryptographic key via quantum cryptography distribution and controlling or detecting photon the quantum mechanical property may additionally be conducted by means such as the fiber optic module 80 and further by the communication interface 74 in some embodiments and additionally or alternatively conducted by means such as the processor 70.
The operation 110 of charging a battery through the electrical connection may be conducted by means such as the battery.78 and/or the power cable 6. When the charger 12 is conducting the operation 110 of providing for output configured to charge a battery, the power cable 16 and the power inverter 86 may be used. Conversely, when the user terminal 10 is conducting the operation 110 of charging a battery, the processor 70 may employ logic configured to charge the battery 78. Further, the operation 112 of configuring the cryptographic key to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery runs out may be conducted by means such as the processor 70, and/or the cryptographic key generator module 84. The operation 114 of directing storage of the cryptographic key to a memory device may be conducted by means such as the memory device 76. Additionally, providing for transmission of the cryptographic key at operation 116 may be conducted by the communication interface 74 when the apparatus 50b is embodied in the charger 12 and additionally or alternatively conducted by means such as the processor 70. For example, the charger 12 may transmit the cryptographic key to the user terminal 10.
Many modifications and other embodiments of the inventions set forth herein will come to mind to one skilled in the art to which these inventions pertain having the benefit of the teachings presented in the foregoing descriptions and the associated drawings. Therefore, it is to be understood that the inventions are not to be limited to the specific embodiments disclosed and that modifications and other embodiments are intended to be included within the scope of the appended claims. Moreover, although the foregoing descriptions and the associated drawings describe example embodiments in the context of certain example combinations of elements and/or functions, it should be appreciated that different combinations of elements and/or functions may be provided by alternative embodiments without departing from the scope of the appended claims. In this regard, for example, different combinations of elements and/or functions than those explicitly described above are also contemplated as may be set forth in some of the appended claims. Although specific terms are employed herein, they are used in a generic and descriptive sense only and not for purposes of limitation.

Claims

THAT WHICH IS CLAIMED:
1. An apparatus comprising an interface configured to:
establish an electrical connection;
5 establish a fiber optic connection; and
send or receive a cryptographic key through the fiber optic connection and concurrently charge a battery with the electrical connection.
2. The apparatus of Claim 1 , further configured to send or receive the cryptographic0 key via quantum cryptography distribution. j 3. The apparatus of Claim 2, wherein the cryptographic key is a one-time pad
cryptographic key. 5 4. The apparatus of Claim 2, further configured to control or detect a quantum
mechanical photon property.
5. The apparatus of Claim 1 , wherein the cryptographic key is configured to be of a bit length greater than or equal to an expected sensitive data bit length so as to not0 require repeating the cryptographic key before the battery is drained.
6. The apparatus of Claim 1 , further configured to direct storage of the cryptographic key to a memory device. 5 7. An apparatus comprising an interface configured to:
establish an electrical connection;
establish a fiber optic connection;
send or receive a cryptographic key through the fiber optic connection; and provide for output of power configured to charge a battery through the electrical0 connection and concurrently provide for transmission of the cryptographic key.
8. The apparatus of Claim 7, further configured to send or receive the cryptographic key via quantum cryptography distribution. 5 9. The apparatus of Claim 8, wherein the cryptographic key is a one-time pad
cryptographic key.
10. The apparatus of Claim 8, further configured to control or detect a quantum mechanical photon property. 1. The apparatus of Claim 7, wherein the cryptographic key is configured to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery is drained.
12. The apparatus of Claim 7, further configured to direct storage of the cryptographic key to a memory device.
13. A method comprising:
establishing an electrical connection;
establishing a fiber optic connection; and
sending or receiving a cryptographic key through the fiber optic connection and concurrently charging a battery with the electrical connection.
14. The method of Claim 13, wherein sending or receiving the cryptographic key comprises sending or receiving the cryptographic key via quantum cryptography distribution.
15. The method of Claim 14, wherein the cryptographic key is a one-time pad cryptographic key.
16. The method of Claim 14, wherein sending or receiving the cryptographic key via quantum cryptography distribution comprises controlling or detecting a quantum mechanical photon property.
17. The method of Claim 13, further comprising configuring the cryptographic key to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery is drained.
18. The method of Claim 13, further comprising directing storage of the cryptographic key to a memory device. 19. A method comprising:
establishing an electrical connection;
establishing a fiber optic connection; sending or receiving a cryptographic key through the fiber optic connection; and providing for output of power configured to charge a battery through the electrical connection and concurrently providing for transmission of the cryptographic key. 20. The method of Claim 19, wherein sending or receiving the cryptographic key comprises sending or receiving the cryptographic key via quantum cryptography distribution.
21. The method of Claim 20, wherein the cryptographic key is a one-time pad cryptographic key.
22. The method of Claim 20, wherein sending or receiving the cryptographic key via quantum cryptography distribution comprises controlling or detecting a quantum mechanical photon property.
23. The method of Claim 19, further comprising configuring the cryptographic key to be of a bit length greater than or equal to an expected sensitive data bit length so as to not require repeating the cryptographic key before the battery is drained. 24. The method of Claim 9, further comprising directing storage of the cryptographic key to a memory device.
PCT/IB2010/000662 2010-03-24 2010-03-24 Method and apparatus for establishing an electrical connection and establishing a fiber optic connection WO2011117664A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
EP10848287.8A EP2556623A4 (en) 2010-03-24 2010-03-24 Method and apparatus for establishing an electrical connection and establishing a fiber optic connection
CN201080065683.9A CN102812664B (en) 2010-03-24 2010-03-24 For setting up the method and apparatus being electrically connected and setting up Fiber connection
PCT/IB2010/000662 WO2011117664A1 (en) 2010-03-24 2010-03-24 Method and apparatus for establishing an electrical connection and establishing a fiber optic connection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/IB2010/000662 WO2011117664A1 (en) 2010-03-24 2010-03-24 Method and apparatus for establishing an electrical connection and establishing a fiber optic connection

Publications (1)

Publication Number Publication Date
WO2011117664A1 true WO2011117664A1 (en) 2011-09-29

Family

ID=44672488

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2010/000662 WO2011117664A1 (en) 2010-03-24 2010-03-24 Method and apparatus for establishing an electrical connection and establishing a fiber optic connection

Country Status (3)

Country Link
EP (1) EP2556623A4 (en)
CN (1) CN102812664B (en)
WO (1) WO2011117664A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103491531A (en) * 2013-08-23 2014-01-01 中国科学技术大学 Method for using quantum keys to improve safety of electric power information transmission in power system WiMAX wireless communication network
CN105162584A (en) * 2015-07-28 2015-12-16 中国科学技术大学 Quantum key distribution system and method
CN105228114A (en) * 2015-09-07 2016-01-06 山东海兴电力科技有限公司 A kind of Encrypted short message receive-transmit system based on power failure navigation system and method
CN106340222A (en) * 2016-10-18 2017-01-18 浙江神州量子网络科技有限公司 Teaching demonstration apparatus combining quantum cryptography communication with fiber eavesdropping
EP3054621A4 (en) * 2013-09-30 2017-07-19 Quantumctek Co., Ltd. Quantum key distribution terminal and system
DE102019200339A1 (en) * 2019-01-14 2020-07-16 Robert Bosch Gmbh Battery and device and method for encrypting data

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005210637A (en) * 2004-01-26 2005-08-04 Ntt Docomo Inc External device for storing update key
EP1833009A1 (en) * 2006-03-09 2007-09-12 First Data Corporation Secure transaction computer network
US20080031456A1 (en) 2005-09-29 2008-02-07 Keith Alexander Harrison Device with multiple one-time pads and method of managing such a device
US7430295B1 (en) * 2003-03-21 2008-09-30 Bbn Technologies Corp. Simple untrusted network for quantum cryptography

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100361461C (en) * 2005-01-11 2008-01-09 东南大学 Terminal to terminal running performance monitoring method based on sampling measurement

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7430295B1 (en) * 2003-03-21 2008-09-30 Bbn Technologies Corp. Simple untrusted network for quantum cryptography
JP2005210637A (en) * 2004-01-26 2005-08-04 Ntt Docomo Inc External device for storing update key
US20080031456A1 (en) 2005-09-29 2008-02-07 Keith Alexander Harrison Device with multiple one-time pads and method of managing such a device
EP1833009A1 (en) * 2006-03-09 2007-09-12 First Data Corporation Secure transaction computer network

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2556623A4

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103491531A (en) * 2013-08-23 2014-01-01 中国科学技术大学 Method for using quantum keys to improve safety of electric power information transmission in power system WiMAX wireless communication network
CN103491531B (en) * 2013-08-23 2016-07-06 中国科学技术大学 Power system WiMAX wireless communication networks uses the method that quantum key improves power information transmission security
EP3054621A4 (en) * 2013-09-30 2017-07-19 Quantumctek Co., Ltd. Quantum key distribution terminal and system
CN105162584A (en) * 2015-07-28 2015-12-16 中国科学技术大学 Quantum key distribution system and method
CN105228114A (en) * 2015-09-07 2016-01-06 山东海兴电力科技有限公司 A kind of Encrypted short message receive-transmit system based on power failure navigation system and method
CN106340222A (en) * 2016-10-18 2017-01-18 浙江神州量子网络科技有限公司 Teaching demonstration apparatus combining quantum cryptography communication with fiber eavesdropping
DE102019200339A1 (en) * 2019-01-14 2020-07-16 Robert Bosch Gmbh Battery and device and method for encrypting data

Also Published As

Publication number Publication date
EP2556623A1 (en) 2013-02-13
CN102812664B (en) 2015-11-25
CN102812664A (en) 2012-12-05
EP2556623A4 (en) 2017-03-08

Similar Documents

Publication Publication Date Title
ES2836114T3 (en) Information sending method, information reception method, device and system
KR102457809B1 (en) Method, Apparatus and System of Security of Data Communication
US10187361B2 (en) Method for secure communication using asymmetric and symmetric encryption over insecure communications
US20210042601A1 (en) Method and device for encrypting model of neural network, and storage medium
CN106712932A (en) Secret key management method, device and system
CN106850220B (en) Data encryption method, data decryption method and device
US8347094B2 (en) Securing wireless body sensor networks using physiological data
WO2016082801A1 (en) Method and device for establishing wireless connection
EP2556623A1 (en) Method and apparatus for establishing an electrical connection and establishing a fiber optic connection
US8291220B2 (en) Securing wireless body sensor networks using physiological values for nonces
US8345879B2 (en) Securing wireless body sensor networks using physiological data
CN113190871B (en) Data protection method and device, readable medium and electronic equipment
WO2017035899A1 (en) Data security processing method, apparatus and system
JP6279765B2 (en) Encryption method for communication between bank POS and mobile terminal and bank POS
CN109639702A (en) A kind of data communications method, system and electronic equipment and storage medium
US10009139B1 (en) Peer-to-peer proximity pairing of electronic devices with cameras and see-through heads-up displays
CN111327605B (en) Method, terminal, server and system for transmitting private information
CN112182624A (en) Encryption method, encryption device, storage medium and electronic equipment
US20180199191A1 (en) Method and apparatus for key management of end encrypted transmission
CN103327485A (en) Method and system for wirelessly transmitting content
CN106416120A (en) Management of cryptographic keys
CN111786955B (en) Method and apparatus for protecting a model
KR20150001681A (en) Method and apparatus for secure group connecting in a electronic device
JP2015138455A (en) Radio communication system, communication terminal, security management server, device management server, and radio communication method therein
CN113961931A (en) Adb tool using method and device and electronic equipment

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 201080065683.9

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10848287

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2010848287

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE