Aspects of this description provide for a computer program product comprising computer executable instructions. In at least some examples, the instructions are executable by a controller to cause the controller to broadcast, in a data frame, a scan request to a node, the scan request including a certificate of the controller and a public authentication key of the controller, receive, in the data frame, a scan response from the node, the scan response including a certificate of the node and a public authentication key of the node, and perform pairing between the controller and the node based on the public authentication key of the node and a private authentication key of the controller.

Aspects of this description provide for a computer program product comprising computer executable instructions. In at least some examples, the instructions are executable by a controller to cause the controller to broadcast, in a data frame, a scan request to a node, the scan request including a certificate of the controller and a public authentication key of the controller, receive, in the data frame, a scan response from the node, the scan response including a certificate of the node and a public authentication key of the node, and perform pairing between the controller and the node based on the public authentication key of the node and a private authentication key of the controller.

A base station for a mobile telecommunications system, comprising circuitry configured to: obtain time-sensitive network information or enhanced positioning assistance information; encrypt the time-sensitive network information or the enhanced positioning assistance information for including the encrypted time-sensitive network information or the encrypted enhanced positioning assistance information in system information; and transmit the system information to a user equipment in a cell, wherein the encryption is performed if the cell hosts and shares functionalities of a non-public cell and a public cell.

A base station for a mobile telecommunications system, comprising circuitry configured to: obtain time-sensitive network information or enhanced positioning assistance information; encrypt the time-sensitive network information or the enhanced positioning assistance information for including the encrypted time-sensitive network information or the encrypted enhanced positioning assistance information in system information; and transmit the system information to a user equipment in a cell, wherein the encryption is performed if the cell hosts and shares functionalities of a non-public cell and a public cell.

A Bluetooth device (702) is disclosed, the Bluetooth device being provisioned with a security credential (710) that is shared with an authentication server (706). The Bluetooth device comprises processing circuitry configured to use a Bluetooth pairing mechanism to establish a pairing with a Bluetooth gateway (704a-c) by establishing a shared secret key with the Bluetooth gateway and to perform an Extensible Authentication Protocol (EAP) authentication method towards the authentication server using the security credential, wherein performing the EAP authentication method comprises using the paired Bluetooth gateway to forward messages to and from the authentication server. The processing circuitry is further configured to bind the pairing established with the paired Bluetooth gateway to the performed EAP authentication method. Also disclosed are a Bluetooth gateway and methods performed by a Bluetooth device and a Bluetooth gateway.

A Bluetooth device (702) is disclosed, the Bluetooth device being provisioned with a security credential (710) that is shared with an authentication server (706). The Bluetooth device comprises processing circuitry configured to use a Bluetooth pairing mechanism to establish a pairing with a Bluetooth gateway (704a-c) by establishing a shared secret key with the Bluetooth gateway and to perform an Extensible Authentication Protocol (EAP) authentication method towards the authentication server using the security credential, wherein performing the EAP authentication method comprises using the paired Bluetooth gateway to forward messages to and from the authentication server. The processing circuitry is further configured to bind the pairing established with the paired Bluetooth gateway to the performed EAP authentication method. Also disclosed are a Bluetooth gateway and methods performed by a Bluetooth device and a Bluetooth gateway.

Embodiments of this application disclose a pairing method applied to a short-range communication system and a wireless device in the field of wireless communication. The method includes: obtaining, by a first wireless device, a first password, where the first password is shared by the first wireless device and a second wireless device; and pairing, by the first wireless device, with the second wireless device based on a password-based authenticated key exchange (PAKE) protocol and by using the first password as an encryption password in a key exchange process.

An electronic device for receiving data packets in a Bluetooth environment is provided. The electronic device includes a wireless communication circuitry configured to support a Bluetooth protocol. The wireless communication circuitry is configured to establish a first link with a first external electronic device, synchronize a secret key generation scheme with the first external electronic device based on information obtained while establishing the first link, receive page information transmitted from a second external electronic device, based on Bluetooth address information of the first external electronic device, the Bluetooth address information being obtained while establishing the first link, generate a link key used for a second link between the first external electronic device and the second external electronic device, based on the synchronized secret key generation scheme, and receive an encrypted data packet transmitted over the second link from the second external electronic device using the generated link key.

An electronic device for receiving data packets in a Bluetooth environment is provided. The electronic device includes a wireless communication circuitry configured to support a Bluetooth protocol. The wireless communication circuitry is configured to establish a first link with a first external electronic device, synchronize a secret key generation scheme with the first external electronic device based on information obtained while establishing the first link, receive page information transmitted from a second external electronic device, based on Bluetooth address information of the first external electronic device, the Bluetooth address information being obtained while establishing the first link, generate a link key used for a second link between the first external electronic device and the second external electronic device, based on the synchronized secret key generation scheme, and receive an encrypted data packet transmitted over the second link from the second external electronic device using the generated link key.

Some embodiments of the invention provide a method for a trusted (or originator) device to modify the security state of a target device (e.g., unlocking the device) based on a securing ranging operation (e.g., determining a distance, proximity, etc.). The method of some embodiments exchanges messages as a part of a ranging operation in order to determine whether the trusted and target devices are within a specified range of each other before allowing the trusted device to modify the security state of the target device. In some embodiments, the messages are derived by both devices based on a shared secret and are used to verify the source of ranging signals used for the ranging operation. In some embodiments, the method is performed using multiple different frequency bands.