主权项 |
1. A method of secure communication between a control device and a controlled device over a wireless local area network (LAN), the method comprising: pairing; activation; and secure communication, wherein
the pairing comprising:
the controlled device generating an authentication random number, storing the authentication random number into a first storage device, and displaying the authentication random number on a display device of the controlled device;the control device accepting input of a random number from an input device and transferring the inputted random number to the controlled device by encrypted communication; andthe controlled device verifying whether or not the displayed authentication random number and the random number transferred from the control device are identical, and, when the authentication random number and the inputted random number are identical, transferring a public key of the controlled device to the control device by encrypted communication, and causing the control device to store the public key into a second storage device, the activation comprising:
the controlled device generating a token to obtain a generated token, storing the generated token into the first storage device, and transferring the generated token to the control device by encrypted communication;the control device encrypting the generated token with the public key of the controlled device to create an encrypted token, and transferring the encrypted token to the controlled device; andthe controlled device decrypting the encrypted token transferred from the control device with a private key corresponding to the public key to obtain a decrypted token, verifying whether or not the decrypted token and the generated token are identical, and, when the decrypted token and the generated token are identical, generating a session key, storing the session key into the first storage device, transferring the session key to the control device by encrypted communication, and causing the control device to store the session key into the second storage device, and the secure communication comprising:
the control device controlling the controlled device by encrypted communication using the session key. |