In authentication using a plurality of cipher keys, the authentication time is shortened. In the case that an encipher key to encipher key are required to take an access to each area out of the area to area in a memory of an IC card, a plurality of areas to have an access is informed to the IC card from a reader writer, a plurality of cipher keys corresponding to these areas (for example, cipher key 1, cipher key 2, and cipher key 4) is read out, and reduction processing section generates one reduction key from these cipher keys. A random number which is generated from a random number generation section of the reader writer is transferred to the IC card, and an encipherment section enciphers the random number using the reduction key. The reader writer receives the enciphered random number from the IC card, and deciphers it using the reduction key, and judges the IC card to be proper if the deciphered random number is equal to the generated random number.
|
0. 42. An authentication device for performing authentication processing with another device, comprising:
a memory means for storing a first plurality of prescribed data including a first plurality of keys, each of which indicates access to a corresponding area;
a generating means for generating a first single authentication key from at least two of said first plurality of keys based on information notified from said another device; and
an encipherment means for enciphering a message to said another device using said first single authentication key.
0. 59. A method for generating an authentication key for authenticating a plurality of data areas stored in a device, wherein each of the data areas is accessible by a cipher key, the method comprising the steps of:
providing common data;
generating a first reduction key by combining said common data with a first cipher key for access to a first data area;
generating a second reduction key by combining said first reduction key with a second cipher key for access to a second data area; and
generating an authentication key by combining said second reduction key with a key assigned to an authentication device that authenticates said first and second data areas in said device.
0. 55. A method for performing authentication processing via an authentication device, said processing being performed with another device, the method comprising the steps of:
storing a first plurality of prescribed data in a memory means of said authentication device, said first plurality of prescribed data including a first plurality of keys, each of which indicates access to a corresponding area;
generating a first single authentication key, via a generation means of said authentication device, from at least two of said first plurality of keys based on information notified from another device; and
enciphering a message to said another device, via a encipherment means of said authentication device, using said first single authentication key.
8. An authentication device for performing authentication processing with another device, said authentication device comprising:
communication means for communicating a single authentication key with said another device;
memory means for storing a plurality of data areas and a plurality of keys, wherein each of said plurality of keys indicates access to a corresponding one of said plurality of data areas;
generation means for generating said single authentication key from two or more of the plurality of keys stored in said memory means based on information notified by said another device, wherein said single authentication key indicates access to two or more corresponding of said plurality of data areas; and
an encipherment means for enciphering the information notified by said another device using said single authentication key.
9. An authentication method for performing authentication processing between an authentication device and another device, comprising:
a communication step of communicating a single authentication key with said another device;
a memory step of storing a first plurality of data areas and a plurality of keys, wherein each of said plurality of keys indicates access to a corresponding one of said plurality of data areas;
a generation step of generating said single authentication key from two or more of the plurality of keys stored in said memory step based on information notified by said another device, wherein said single authentication key indicates access to two or more corresponding of said plurality of data areas; and
an encipherment step of enciphering the information notified by said another device using said single authentication key.
22. An authentication method for performing authentication processing with a second device, the method comprising:
a memory step of storing a plurality of data areas, a plurality of keys and common data, wherein each of said plurality of keys indicates access to a corresponding one of said plurality of data areas;
a generation step of generating a first single authentication key from two or more of the plurality of keys and said common data, in accordance with information received from said second device, wherein said first single authentication key indicates access to two or more corresponding of said plurality of data areas;
a communication step of communicating said first single authentication key with said second device; and
a decipherment step of deciphering data using said first single authentication key, wherein said data was enciphered by said second device.
15. An authentication device for performing authentication processing with a second device comprising:
memory means for storing a first authentication key, a first common data and a first plurality of keys, wherein each of said first plurality of keys corresponds to said first common data combined with a respective one of a second plurality of keys;
generation means for generating a first single authentication key from said first authentication key and a corresponding one of said first plurality of keys;
notification means for notifying information required for said second device to generate a second single authentication key corresponding to said first single authentication key;
communication means for communicating said first single authentication key with said second device; and
encipherment means for enciphering data using said first single authentication key.
5. An authentication device for performing authentication processing with another device, said authentication device comprising:
communication means for communicating a first single authentication key with said another device;
memory means for storing a first plurality of keys;
generation means for generating said first single authentication key from two or more of said first plurality of keys stored in said memory means;
notification means for notifying, to said another device, information required to generate a second single authentication key from two or more of a second plurality of keys stored in said another device and data to be enciphered using said second single authentication key, wherein said second plurality of keys is equivalent to said first plurality of keys; and
decipherment means for decoding the enciphered data using said first single authentication key.
7. An authentication method for performing authentication processing between an authentication device and another device, comprising:
a communication step of communicating a first single authentication key with said another device;
a memory step of storing a first plurality of keys;
a generation step of generating said first single authentication key from two or more of said first plurality of keys stored in said memory step;
a notification step of notifying, to said another device, information required to generate a second single authentication key from two or more of a second plurality of keys stored in said another device and data to be enciphered using second single authentication key, wherein said second plurality of keys is equivalent to said first plurality of keys; and
a decipherment step of deciphering the enciphered data using said first single authentication key.
18. An authentication method for performing authentication processing with a second device, the method comprising:
a memory step of storing a first authentication key, a first common data and a first plurality of keys, wherein each of said first plurality of keys corresponds to said first common data combined with a respective one of a second plurality of keys;
a generation step of generating a first single authentication key from said first authentication key and a corresponding one of said first plurality of keys;
a notification step of notifying information required for said second device to generate a second single authentication key corresponding to said first single authentication key;
a communication step of communicating said first single authentication key with said second device; and
an encipherment step of enciphering data using said first single authentication key.
19. An authentication device for performing authentication processing with a second device, said authentication device comprising:
memory means for storing a plurality of data areas, a plurality of keys and common data, wherein each of said plurality of keys indicates access to a corresponding one of said plurality of data areas;
generation means for generating a first single authentication key from two or more of the plurality of keys and said common data, in accordance with information received from said second device, wherein said first single authentication key indicates access to two or more corresponding of said plurality of data areas;
communication means for communicating said first single authentication key with said second device; and
decipherment means for deciphering data using said first single authentication key, wherein said data was enciphered by said second device.
0. 60. A method for replacing a first key of a plurality of keys stored in a memory of a multi-application device for providing a plurality of services with a second key, wherein each of the services is provided by using at least one data area of the multi-application device, and said data area is accessible by a corresponding one of the plurality of keys, the method comprising the steps of:
receiving first and second data with an identification number which indicates a first key to be replaced, said first data being generated by enciphering a second key using said first key, and said second data being generated by enciphering a third key which has a relationship to the second key using said first key;
deciphering said first and second data using said first key;
determining whether said deciphered second data has the relationship to said third key; and
replacing said first key with said second key in accordance with the result of the determining step.
0. 33. An authentication device for performing authentication processing with another device, said authentication device comprising:
a memory means for storing a first plurality of prescribed data, each of said first plurality of prescribed data being a first cipher key which indicates access to a corresponding data area in said another device;
a generation means for generating a first random number;
a generation means for generating a first single authentication key from at least two of said first plurality of prescribed data;
an encipherment means for enciphering said first random number using said first single authentication key and for deciphering enciphered data sent from said another device using said first single authentication key, said enciphered data being enciphered using a second single authentication key transmitted from said authentication device to generate said second single authentication key from at least two of a second plurality of prescribed data stored in said another device; and
a communication means for communicating with said another device.
0. 46. A method for performing authentication processing via an authentication device, said processing occurring with another device, the method comprising the steps of:
storing a first plurality of prescribed data in a memory means of the authentication device each of said first plurality of prescribed data being a first cipher key which indicates access to a corresponding data area in said another device;
generating a first random number via a generation means of said authentication device;
generating a first single authentication key from at least two of said first plurality of prescribed data via a further generation means of the authentication device;
enciphering said first random number, via an encipherment means of said authentication device, using said first single authentication key, and deciphering an enciphered data sent from said another device using said first single authentication key, said enciphered data being enciphered using a second single authentication key transmitted from said authentication device to generate said second single authentication key from at least two of a second plurality of prescribed data stored in said another device; and
communicating with said another device via a communication means.
0. 28. An authentication method for performing authentication processing between a first device storing a first plurality of keys and a second device storing a second plurality of keys equivalent to the first plurality of keys and a plurality of data areas, wherein each of said data areas is accessible by a corresponding one of the first plurality of keys, the method comprising the steps of:
generating a first single authentication key from at least two of the first plurality of keys stored in a first memory of said first device;
sending a command to said second device, said command including a first random number and information;
receiving said command from said first device;
generating a second single authentication key from at least two of the second plurality of keys stored in a second memory of said second device based on said information;
enciphering said first random number using said second single authentication key in said second device to generate a second random number;
generating a third random number in said second device;
sending said enciphered second random number and said third random number to said first device;
deciphering said enciphered second random number using said first single authentication key; and
comparing said deciphered second random number and said first random number.
0. 31. An authentication method for performing processing between a first device storing a first plurality of keys and a second device storing a second plurality of keys equivalent to the first plurality of keys and a plurality of data areas, wherein each of said data areas is accessible by a corresponding one of the first plurality of keys, the method comprising the steps of:
generating a first single authentication key from at least two of a first plurality of keys stored in a first memory of said first device;
generating a first random number in said first device;
enciphering said first random number by using said first single authentication key;
sending a first command to said second device, said first command including said enciphered first random number and information;
generating a second single authentication key from at least two of a second plurality of keys stored in a second memory of said second device based on said information;
deciphering said enciphered first random number by using said second single authentication key;
enciphering said deciphered first random number by using said second single authentication key in said second device to generate a first response to said first command;
receiving a first response from said second device;
deciphering said first response by using said first single authentication key in said first device; and
comparing said deciphered first response and said first random number.
0. 23. An authentication system for performing authentication processing between a first device and a second device,
said first device comprising:
a first memory means for storing a plurality of data areas and a first plurality of keys, each of said data areas being accessible by a corresponding one of said first plurality of keys;
a first generation means for generating a first single authentication key from at least two of the first plurality of keys stored in said first memory means; and
a first communication means for communicating with said second device by notifying a first message generated via said first single authentication key; and
said second device comprising:
a second memory means for storing a second plurality of keys equivalent to said first plurality of keys;
a second generation means for generating a second single authentication key from at least two of the second plurality of keys stored in said second memory means; and
a second communication means for communicating with said first device by notifying a second message generated via said second single authentication key;
wherein one of said first and second devices further comprises an encipherment means for enciphering data using a corresponding one of said first single authentication key and said second single authentication key, and the other of said first and second devices further comprises a decipherment means for deciphering said data enciphered by said encipherment means using the other corresponding one of said first single authentication key and said second single authentication key.
1. An authentication system for performing authentication processing between a first device and a second device, said first device comprising:
first memory means for storing a plurality of data areas and a first plurality of keys, wherein each of said first plurality of keys indicates access to a corresponding one of said plurality of data areas;
first generation means for generating a first single authentication key from two or more of the first plurality of keys stored in said first memory means, wherein said first single authentication key indicates access to two or more corresponding of said plurality of data areas; and
first communication means for communicating said first single authentication key with said second device, and
said second device comprising:
second memory means for storing a second plurality of keys equivalent to said first plurality of keys;
second generation means for generating a second single authentication key from two or more of the second plurality of keys stored in said second memory means; and
second communication means for communicating said second single authentication key with said first device,
wherein one of said first device and said second device further comprises encipherment means for enciphering information using a corresponding one of said first single authentication key and said second single authentication key, and
wherein another of said first device and said second device further comprises decipherment means for deciphering said information enciphered by said encipherment means using another corresponding one of said first single authentication key and said second single authentication key.
4. An authentication method for performing authentication processing between a first device and a second device, the method in said first device comprising:
a first memory step of storing a plurality of data areas and a first plurality of keys, wherein each of said first plurality of keys indicates access to a corresponding one of said plurality of data areas;
a first generation step of generating a first single authentication key from two or more of the first plurality of keys stored in said first memory means, wherein said first single authentication key indicates access to two or more corresponding of said plurality of data areas; and
a first communication step of communicating said first single authentication key with said second device, and
the method in said second device comprising:
a second memory step of storing a second plurality of keys equivalent to said first plurality of keys;
second generation step of generating a second single authentication key from two or more of the second plurality of keys stored in said second memory step; and
a second communication step of communicating said second single authentication key with said first device,
wherein one of said first device and said second device further performs processing in an encipherment step of enciphering information using a corresponding one of said first single authentication key and said second single authentication key, and
wherein another of said first device and said second device further performs processing in a decipherment step of deciphering said information enciphered in said encipherment step using another corresponding one of said first single authentication key and said second single authentication key.
10. An authentication system for performing authentication processing between a first device and a second device, said first device comprising:
first memory means for storing a first authentication key, a first common data and a first plurality of keys, wherein each of said first plurality of keys corresponds to said first common data combined with a respective one of a second plurality of keys;
first generation means for generating a first single authentication key from said first authentication key and a corresponding one of said first plurality of keys;
first notification means for notifying information required for said second device to generate a second single authentication key corresponding to said first single authentication key; and
first communication means for communicating said first single authentication key with said second device, and
said second device comprising:
second memory means for storing a plurality of data areas, said second plurality of keys and a second common data equivalent to said first common data, wherein each of said second plurality of keys indicates access to a corresponding one of said plurality of data areas;
second generation means for generating said second single authentication key from the notified information, two or more of said second plurality of keys, and said common data; and
second communication means for communicating said second single authentication key with said first device; and
wherein one of said first device and said second device further comprises encipherment means for enciphering data using a corresponding one of said first single authentication key and said second single authentication key, and
wherein another of said first device and said second device further comprises decipherment means for deciphering the data enciphered by said encipherment means using another corresponding one of said first single authentication key and said second single authentication key.
14. An authentication method for performing authentication processing between a first device and a second device, the method in said first device comprising:
a first memory step of storing a first authentication key, a first common data and a first plurality of keys, wherein each of said first plurality of keys corresponds to said first common data combined with a respective one of a second plurality of keys;
a first generation step generating a first single authentication key from said first authentication key and a corresponding one of said first plurality of keys;
a first information step of notifying information required for said second device to generate a second single authentication key corresponding to said first single authentication key; and
a first communication step of communicating said first single authentication key with said second device; and
the method in said second device comprising:
a second memory step of storing a plurality of data areas, said second plurality of keys and a second common data equivalent to said first common data, wherein each of said second plurality of keys indicates access to a corresponding one of said plurality of data areas;
a second generation step of generating said second single authentication key from the notified information, two or more of said second plurality of keys, and said common data; and
a second communication step of communicating said second single authentication key with said first device, and
wherein one of said first device and said second device further performs an encipherment step of enciphering data using a corresponding one of said first single authentication key and said second single authentication key, and
wherein another of said first device and said second device further performs a decipherment step of deciphering the data enciphered in said encipherment step using another corresponding one of said first single authentication key and said second single authentication key.
2. An authentication system according to
said one of said first device and said second device further comprises notification means for notifying, to said another of said first device and said second device, information required to generate said corresponding one of said first single authentication key and said second single authentication key, and
said another of said first device and said second device generates said another corresponding one of said first single authentication key and said second single authentication key corresponding to the information notified by said notification means.
3. An authentication system according to
at least one of said first device and said second device further comprises a random number generation means for generating a random number,
said encipherment means enciphers said random number generated by said random number generation means, and
said decipherment means deciphers said random number enciphered by said encipherment means.
6. An authentication device according to
11. An authentication system according to
said another of said first device and said second device further comprises second encipherment means for enciphering second data using said another corresponding one of said first single authentication key and said second single authentication key;
said one of said first device and said second device further comprises second decipherment means for deciphering the enciphered second data using said corresponding one of said first single authentication key and said second single authentication key;
said first device further comprises random number generation means for generating a random number;
said encipherment means enciphers said random number using said corresponding one of said first single authentication key and said second single authentication key;
said decipherment means deciphers the enciphered random number using said another corresponding one of said first single authentication key and said second single authentication key;
said second encipherment means enciphers the deciphered random number using said another corresponding one of said first single authentication key and said second single authentication key; and
said second decipherment means deciphers the enciphered deciphered random number using said corresponding one of said first single authentication key and said second single authentication key.
12. An authentication system according to
the one of said first device and said second device receives from the another device of said first device and said second device a device identification number specific to the another device of said first device and said second device,
the another of said first device and said second device stores said device identification number in a corresponding one of said first memory means and said second memory means, and
said first generation means and said second generation means use said device identification number for generating a respective one of said first single authentication key and said second single authentication key.
13. An authentication system according to
said first memory means further stores a first verification value;
said second memory means further stores a second verification value having a value equivalent to said first verification value;
said first generation means further generates a replacement key and a verification key, wherein said replacement key corresponds to one of said first plurality of keys that is to be replaced, and wherein said replacement key, said verification key and said first verification value are related;
said first device further comprises said encipherment means, wherein said encipherment means further enciphers first data and second data using said one of said first plurality of keys that is to be replaced, wherein said first data corresponds to said replacement key and said second data corresponds to said verification key;
said first communication means further communicates the enciphered first data and the enciphered second data with said second device;
said second device further comprises said decipherment means, wherein said decipherment means further deciphers the enciphered first data and the enciphered second data using a corresponding one of said second plurality of keys and in accordance therewith generates a deciphered replacement key and a deciphered verification key; and
said second device further comprises control means for verifying that said deciphered replacement key, said deciphered verification key, and said second verification value are related, and in accordance therewith replacing said corresponding one of said second plurality of keys with said deciphered replacement key.
16. An authentication device according to
17. An authentication device according to
said memory means further stores a first verification value;
said generation means further generates a replacement key and a verification key, wherein said replacement key corresponds to one of said first plurality of keys that is to be replaced, and wherein said replacement key, said verification key and said first verification value are related;
said encipherment means further enciphers first data and second data using said one of said first plurality of keys that is to be replaced, wherein said first data corresponds to said replacement key and said second data corresponds to said verification key; and
said communication means further communicates the enciphered first data and the enciphered second data with said second device.
20. An authentication device according to
21. An authentication device according to
said memory means further stores a verification value;
said decipherment means further deciphers an enciphered first data and an enciphered second data received from said second device using a corresponding one of said plurality of keys and said common data, and in accordance therewith generates a deciphered replacement key and a deciphered verification key; and
said authentication device further comprises control means for verifying that said deciphered replacement key, said deciphered verification key, and said verification value are related, and in accordance therewith replacing said corresponding one of said plurality of keys with said deciphered replacement key.
0. 24. An authentication system according to
0. 25. An authentication system according to
0. 26. An authentication system according to
0. 27. An authentication system according to
0. 29. An authentication method according to
enciphering said third random number using said first single authentication key in said first device to generate a fourth random number;
sending a command to said second device, said command including said fourth random number and information;
deciphering said fourth random number using said second single authentication key in said second device; and
comparing said deciphered fourth random number and said third random number.
0. 30. An authentication method according to
0. 32. An authentication method according to
generating a second random number in said second device;
enciphering said second random number to generate a second response in said second device;
receiving said second response from said second device;
deciphering said second response by using said first single authentication key;
enciphering said deciphered second response by using said first single authentication key to generate a second command in said first device;
sending said second command to said second device;
deciphering said second command in said second device; and
comparing said deciphered second command and said second random number.
0. 34. An authentication device according to
0. 35. An authentication device according to
0. 36. An authentication device according to
0. 37. An authentication device according to
0. 38. An authentication device according to
0. 39. An authentication device according to
0. 40. An authentication device according to
0. 41. An authentication device according to
0. 43. An authentication device according to
0. 44. An authentication device according to
0. 45. An authentication device according to
0. 47. A method for performing authentication processing according to
0. 48. A method for performing authentication processing according to
0. 49. A method for performing authentication processing according to
0. 50. A method for performing authentication processing according to
0. 51. A method for performing authentication processing according to
0. 52. A method for performing authentication processing according to
0. 53. A method for performing authentication processing according to
0. 54. A method for performing authentication processing according to
0. 56. A method for performing authentication processing according to
0. 57. A method for performing authentication processing according to
0. 58. A method for performing authentication processing according to
|
This invention relates to a system and method for authentication and device and method for authentication, and particularly relates to a system and method for authentication and device and method for authentication which are capable of authenticating rapidly.
When the reader writer 101 records a data in, for example, area 1 of the IC card, or reads a data stored therein, first mutual authentication processing is performed. The reader writer 101 previously stores the same cipher key 1 to cipher key 5 as the cipher key 1 to cipher key 5 stored in the IC card 102. When the reader writer 101 takes an access to area 1 of the IC card 102, the reader writer 101 reads the cipher key 1 corresponding to the area 1 and performs an authentication processing using this key.
For example, the reader writer 101 generates a prescribed random number, and informs the random number and the number of 1 of the area to be addressed to the IC card 102. The IC card 102 reads the cipher key 1 corresponding to the informed number of 1, enciphers the random number using the cipher key 1. The enciphered random number is informed to the reader writer 101. The reader writer 101 deciphers the ciphered random number using the cipher key. If the random number informed to the IC card 102 coincides with the deciphered random number, the IC card 102 is judged to be proper.
Similarly, the IC card 102 generates a prescribed random number, and outputs it to the reader writer 101. The reader writer 101 enciphers the random number using the cipher key 1, and informs the enciphered random number to the IC card 102. The IC card 102 deciphers the enciphered random number using the cipher key 1. If the deciphered random number is coincident with the random number posted to the reader writer 101, the reader writer 101 is determined to be a proper reader writer.
The processing described above is performed on respective areas.
In the conventional system, it has been difficult to take an access to areas rapidly because mutual authentication processing is performed individually for each area. As the result, it has been difficult that a reader writer 101 makes an access to a prescribed area of the IC card 102 and then writes and reads information in a short time, for example, when a commuter passes a gate installed at a ticket gate.
The present invention was accomplished in view of such a problem, and it is the object of the present invention to shorten the time for authentication.
Embodiments of the present invention are described hereinafter. In the description, features of the present invention are described with a corresponding embodiment (one example) in parentheses after each means in order for clear understanding of mutual correspondence between respective means described in claims and embodiments described hereinafter. However, these descriptions by no means limits respective means to those described hereinafter.
An authentication system described in one embodiment comprises the first device and second device. The first device has first memory means (for example, a memory 11 shown in
In the above-mentioned authentication system, one authentication key is generated from a plurality of keys. Data are enciphered and deciphered using the one authentication key.
In the authentication system described in another embodiment, the one device out of the first device and second device additionally has notification means (for example, the step S6 shown in
In the authentication system described in yet another embodiment, at least any one device of the first device and second device is provided with a random number generation means (for example, random number generation sections 23 and 35 in
An authentication device described in still another embodiment has communication means (for example, a communication section 21 shown in
In the above-mentioned authentication device, information required to generate one authentication key is informed to other device. Data enciphered using an authentication key generated by other device are deciphered using the authentication key.
An authentication device described in another embodiment has communication means (for example, the communication section 33 shown in
In the above-mentioned authentication device, one authentication key is generated from a plurality of keys based on the information informed from the other device.
In an authentication system described in still another embodiment, the first device stores a key assigned to this device and has first memory means (for example, a memory 11 shown in
In the above-mentioned authentication system, a key assigned to this device and individual data are stored in the first device, and an authentication key is generated correspondingly to these key and data. In the second device, an authentication key is generated from the information received from the first device and common data.
In the authentication system described in yet another embodiment, an authentication key comprises a first authentication key and second authentication key. The first generation means generates the first authentication key from the key stored in the first memory means assigned thereto and the individual data, and generates the second authentication key using the key assigned thereto and the first authentication key. The second generation means generates the first authentication key from a key corresponding to the of information from the notification means of the first device out of the plurality of the keys stored in the second memory means and the common data, and generates the second authentication key using the first authentication key and a key corresponding to the information from the notification means of the first device. Both the first device and second device are provided with the encipherment means and decipherment means respectively, the one device out of the first device and second device is provided additionally with a random number generation means (for example, the random number generation section 23 shown in
In the authentication system described in another embodiment, the second device is provided additionally with the second decipherment means (for example, an encipherment section 34 shown in
An authentication device described in yet another embodiment provided with a memory means (for example, the memory 11 shown in
An authentication device described in still another embodiment is provided with a memory means (for example, the memory 31 shown in
In the above-mentioned authentication device, an authentication key is generated from a key corresponding to the information from the other device and common data.
The authentication device described in another embodiment, the second decipherment means and changing means are additionally provided, when the first enciphered data which is generated by enciphering the second key using the first key and the second enciphered data which is generated by enciphering the third key having a prescribed relation to the second key using the first key are transmitted, together with the key identification number of the key to be changed, from the other device in order to change the first key out of the plurality of the keys stored in the memory means, the second decipherment means (for example, the encipherment section 34 shown in
The controller 1 is provided with a memory 11, which stores cipher keys for access to areas of a memory 31 of the IC card 3, and corresponding provider numbers. A communication section 12 communicates between a communication section 21 of the reader writer 2 by wire or radio transmission. A reduction processing section 13 reads a cipher key of a prescribed number out of a plurality of cipher keys stored in the memory 11, and generates one reduction key. A controller 14 controls operations of components in the controller 1, and performs authentication processing.
The communication section 21 of the reader writer 2 communicates between the communication section 12 of the controller 1 or a communication section 33 of the IC card 3. An encipherment section 22 enciphers a random number generated from a random number generation section 23, and deciphers an enciphered random number transmitted from the IC card 3. A control section 24 controls operations of components of the reader writer 2, and performs authentication processing.
The IC card 3 is provided with the memory 31. The memory 31 is divided into a plurality of areas (for example 5 areas in FIG. 1). Each provider (for example, Railway Company) takes an access to the corresponding area, and writes and reads data as desired. Each area corresponds to a specific cipher key, and a corresponding cipher key i is required to take an access to a specified area i.
A reduction processing section 32 reduces a plurality of cipher keys, and generates one reduction key. An encipherment section 34 enciphers a random number generated by random number generation section 35, and deciphers the enciphered data supplied from the reader writer 2. A controller 36 controls operations of components of the IC card 3, and performs authentication processing.
In an area 53, information required to manage the area 51 and area 52 is recorded. The information comprises provider numbers assigned to respective providers, block assignment information for indicating the area which is assigned to the provider, permission information such as that only reading is possible, only writing is possible, or both reading and writing are possible, cipher key, and version of the cipher key.
For example, the provider number 00 is common to respective providers, and as the block assignment information, an address of the area 51, which is the common area, is written. As the permission information, information which is possible to take an access to the area 51, which is the common area, is specified. Further, as the version information of the cipher key, the cipher key required to take an access to the area 51, which is the common area, and the version thereof are applied.
An area 54 is assigned as a system ID block, and an ID of a system to which this IC card 3 is applied is written.
The provider number, permission information, cipher key version, and cipher key shown in
In the reduction processing section 13 or 32, in the case that n cipher keys are provided in the IC card 3, (n−1) circuits of two-input reduction circuits 81-1 to 81-(n−1) are provided, two data are inputted to each reduction circuit, and one data is outputted. In the two-input reduction circuit 81-1, a cipher key of the provider 1 (rail way company 1) and a cipher key of the provider 2 (rail way company 2) are inputted. The two-input reduction circuit 81-1 generates one reduction key from the two cipher keys, and supplies it to the subsequent two-input reduction circuit 81-2. The two-input reduction circuit 81-2 reduces the reduction key inputted from the two-input reduction circuit 81-1 and a cipher key of the provider 3 (rail way company 3), and outputs it to the subsequent two-input reduction circuit 81-3 (not shown in the drawing). The same processing is performed in each two-input reduction circuit 81-i, and the reduction key generated from the final two-input reduction circuit 81-(n−1) is regarded as one final reduction key.
If n=1 (one cipher key is involved), the input cipher key is outputted, as it is, as a reduction key.
An encipherment circuit 81-i shown in
For example, DES (Data Encryption Standard) and FEAL (Fast Data Encipherment Algorithm) are used as an encipherment method shown in
In
In
Next, operations are described with reference to a timing chart shown in
The controller section 14 of the controller 1 controls the communication section 12, and indicates polling with a sufficiently short period (period sufficient for detecting passage of users who pass through a ticket gate of a rail way station having an IC card) for the reader writer 2 (step S1). Upon receiving the indication through the communication section 21, the control section 24 of the reader writer 2 controls the communication section 21 to perform polling to the IC card 3 (step S2). Upon receiving indication of polling from the communication section 21 of the reader writer 2 through the communication section 33, the control section 36 of the IC card 3 informs the existence of this control section 36 (step S3). Upon receiving this information from the IC card 3 through the communication section 21, the control section 24 of the reader writer 2 informs the existence of the IC card 3 to the controller 1 (step S4).
Upon receiving this information through the communication section 12, the control section 14 of the controller 1 controls the reduction processing section 13 (step S5). The reduction processing section 13 reads out the cipher key of an area to be addressed from the memory 11. In the example shown in
When one reduction key is generated as described herein above, the control section 14 informs it to reader writer 2 together with provider numbers (key number), number of providers (number of keys), and order of reduction processing (step S6). Upon receiving this information from the communication section 12 of the controller 1 through the communication section 21, the control section 24 of the reader writer 2 instructs the random number generation section 23 to generate a random number r1 (step S7). The controller 24 instructs the communication section 21 to inform the random number r1 to the IC card 3 (step S8). Then, the control section 24 informs also the number of providers and provider numbers supplied from the controller 1 to the IC card 3.
Upon receiving this information, the controller 36 of the IC card 3 performs first reduction key generation processing (step S9). In detail, the control section 36 reads the cipher key corresponding to the provider number (key number) transmitted from the reader writer 2 from the memory 31, and supplies it to the reduction processing section 32 to perform reduction processing. In the case shown in
Next, the control section 36 outputs the random number r1 informed from the reader writer 2 and the reduction key generated from the reduction processing section 32 to the encipherment section 34, and the encipherment section 34 enciphers the random number r1 using the reduction key (step S10) to generates an enciphered random number R1.
The control section 36 generates a prescribed random number r2 in the random number generation section 35 (step S11). The control section 36 controls the communication section 33 to transfer the enciphered random number R1 and random number r2 generated in the step S11 to the reader writer 2 (step S12).
Upon receiving supply of the random number r2 and enciphered random number R1, the control section 24 of the reader writer 2 controls the encipherment section 22 to decipher the enciphered random number R1 using the reduction key received from the controller 1 (step S13). The controller 24 checks whether the random number obtained by deciphering is equal to the random number r1 generated in the step S7, and if the result is NO, then the IC card 3 is judged to be an improper IC card, and the control section 24 informs the judgement to the controller 1 in the step S14. Then, the controller 1 performs error processing (for example, prevent the user from passing the ticket gate).
On the other hand, if the deciphered random number is equal to the random number r1 in the step S13, then the control section 24 control the encipherment section 22 to encipher the random number r2 supplied from the IC card 3 using the reduction key supplied from the controller 1, and an enciphered random number R2 is generated (step S15). Further, the control section 24 transfers the enciphered random number R2 generated as described herein above to the IC card 3 (step S16).
Upon receiving supply of the enciphered random number R2 as described herein above, the control section 36 of the IC card 3 controls the encipherment section 34 to decipher the enciphered random number R2 using the reduction key generated in the step S9 (step S17). Whether the deciphered random number is equal to the random number r2 generated in the step S11 is judged. The judgement result is transferred to the reader writer 2 through the communication section 33 (step S18).
Upon receiving information of authentication result from the IC card 3, the control section 24 of the reader writer 2 informs this result to the controller 1 from the communication section 21 (step S19).
Upon receiving this information through the communication section 12, the controller 14 of the controller 1 performs error processing if the information indicates NG. On the other hand, if the information indicates OK (the IC card is judged to be a proper IC card), the control section 14 of the controller 1 outputs a necessary command such as read out or write to the reader writer 2 (step S20). Upon receiving transfer of the command, the reader writer 2 outputs a read or write command to the IC card 3 (step 21). In this case, read or write of the area 1, area 2, and area 4 of the IC card 3 is instructed as described herein above.
As the result, if write in the area 1, area 2, or area 4 is instructed, then the control section 36 of the IC card 3 performs write processing. If read is instructed, the control section 36 of the IC card 3 performs read processing. The read data is transferred from the IC card 3 to the reader writer 2 (step S22), and transferred from the reader writer 2 to the controller 1 (step S23).
As described herein above, when a plurality of areas receives the access, cipher keys required individually are not authenticated individually. (For example, in the case of the example shown in
The number of bytes (length) of a reduction key is equal to that of a cipher key in this example; however, it is possible to use different number of bytes. Because a reduction key is used only for authentication, it is not necessary to restore a reduction key to a plurality of original cipher keys.
C2=E(e2, K1)
Herein, E(A, B) means encipherment of the data A using the key B. A method of encipherment such as DES or FEAL may be used.
e2 is a value which satisfies the following equation:
e1+e2=F
The value F is a predetermined value, which other provider 2 and provider 4 know the value as a value which is to be used when they change their cipher keys, and is previously stored in the memory 31 of the IC card 3.
When the provider 1 generates the data C1 and C2 as described above, the provider 1 informs this value to other providers together with the key number (in this case, the key number 1) assigned to the cipher key K1 of the provider 1. Each respective provider changes, using these data, the key K1 in the memory 31 of the IC card 3 which uses its reader writer 2 by the way as described below. This change processing is described below with an example for the provider 4.
In detail, the reader writer 2 of the provider 4 transmits the data C1 and C2 to the IC card 3. The encipherment section 34 of the IC card 3 calculates e1 and e2 by performing mathematical operation of the following equations:
e1=D(C1, K1)
e2=D(C2, K1)
Herein, D(A, B) means encipherment of the data A using the key B.
Accordingly, the IC card 3 can obtain the data e1 and e2 by deciphering the data C1 and C2 using the key K1 stored in the memory 31.
The control section 36 adds e1 and e2 obtained as described above, and judges whether the addition result is equal to the prescribed value F stored previously in the memory 31. If the result is YES, then the data e1 obtained by deciphering the data C1 is registered as a new key K1′ which will be used instead of the key K1.
On the other hand, if the sum of e1 and e2 is not equal to F, change processing is not performed because the change request is regarded improper.
For example, if a malicious provider wants to alter the cipher key K1 of the provider 1, it and mathematically operates the following equation to obtain e1′ and e2′:
e1′=D(C1′, K1)
e2′=D(C2′, K1)
C1′ and C2′ are values which the malicious provider sets fittingly.
However, if e1′ and e2′ generated as described herein above are added, the addition result is generally not equal to the value F. It takes a long time to find a combination of e1′ and e2′ which results in the value equal to F, and it is substantially very difficult. Therefore the alteration of a cipher key by a third party is prevented.
The provider 2 also performs the same processing to change the cipher key K1 in the memory 31 of the IC card which uses the reader writer 2 of the provider 2.
When the cipher key K1 of the provider 1 is changed as described herein above, the provider 1, provider 2, and provider 4 perform again the same processing as described with reference to
In this example, the control section 24 generates a reduction key Ks using the cipher key K4 and data D012 stored in the memory 11. The control section 24, for example, synthesizes an even number bit and odd number bit of the cipher key K4 to generate the first reduction key K4s1, and synthesizes an odd number bit and even number bit of the cipher key K4 to generate the second reduction key K4s2.
The first reduction key K4s1 is inputted to the encipherment section 22A of the encipherment section 22, and is used to encipher a random number generated by the random number generation section 23. The enciphered random number is transmitted to the IC card 3. When, as in the case described herein above, information required to generate a reduction key is transmitted simultaneously to the IC card 3.
The IC card 3 reads out the data D0 from the memory 31 using this information, and generates a reduction key Ks by applying cipher keys K1, K2, and K4 successively. The reduction key Ks has the same value as the reduction key Ks generated by the reader writer 2.
The control section 36 generates the first reduction key K4s1 and second reduction key K4s2 by performing the same processing as the reader writer 2.
The decipherment section 34B of the encipherment section 34 deciphers the enciphered random number transmitted from the reader writer 2, and transmits the deciphered random number to the encipherment section 34A. The encipherment section 34A enciphers it using the second reduction key K4s2 and transmits it to the reader writer 2.
The decipherment section 22B of the encipherment section 22 in the reader writer 2 deciphers the enciphered random number transmitted from the IC card 3. The deciphered result is transmitted to the control section 24.
The random number deciphered as described above is equal to the same random number as generated by the random number generation section 23 if the IC card is proper. Accordingly, by judging whether the received random number is equal to the generated random number, authentication processing is performed.
Ishibashi, Yoshihito, Kusakabe, Susumu, Takada, Masayuki
Patent | Priority | Assignee | Title |
7559090, | Jul 16 2003 | Panasonic Corporation | Memory, information apparatus for access to the memory, and method for the information apparatus |
7716477, | Sep 19 2002 | Sony Corporation | Data processing method, program of the same, and device of the same |
8458473, | Oct 14 2008 | Sony Corporation | Information processing apparatus, method for switching cipher and program |
8762719, | May 09 2006 | AVAGO TECHNOLOGIES INTERNATIONAL SALES PTE LIMITED | Method and system for command authentication to achieve a secure interface |
9258283, | Jan 25 2012 | Sovereign Peak Ventures, LLC | Key management system, key management method, and communication device |
Patent | Priority | Assignee | Title |
4803725, | Mar 11 1985 | GENERAL INSTRUMENT CORPORATION GIC-4 | Cryptographic system using interchangeable key blocks and selectable key fragments |
4887296, | Oct 26 1984 | GENERAL INSTRUMENT CORPORATION GIC-4 | Cryptographic system for direct broadcast satellite system |
5293029, | Jan 17 1989 | Kabushiki Kaisha Toshiba | System for mutually certifying an IC card and an IC card terminal |
5371794, | Nov 02 1993 | Sun Microsystems, Inc. | Method and apparatus for privacy and authentication in wireless networks |
5381481, | Aug 04 1993 | Cisco Technology, Inc | Method and apparatus for uniquely encrypting a plurality of services at a transmission site |
5455862, | Dec 02 1993 | CRESTECH, LLC | Apparatus and method for encrypting communications without exchanging an encryption key |
5506904, | Aug 04 1993 | Cisco Technology, Inc | System and method for transmitting and receiving variable length authorization control for digital services |
5613214, | Oct 18 1993 | NEC Corporation | Mobile communication terminal authenticating system |
5784464, | May 02 1995 | Fujitsu Limited | System for and method of authenticating a client |
5812666, | Mar 31 1995 | Pitney Bowes Inc. | Cryptographic key management and validation system |
5933501, | Aug 01 1996 | Harris Corporation | `Virtual` encryption scheme combining different encryption operators into compound-encryption mechanism |
6377691, | Dec 09 1996 | Microsoft Technology Licensing, LLC | Challenge-response authentication and key exchange for a connectionless security protocol |
EP422230, | |||
EP427465, | |||
EP447063, | |||
EP552392, | |||
EP604911, | |||
EP739109, | |||
JP7123086, | |||
JP8305662, | |||
JP9501288, | |||
WO9501684, |
Executed on | Assignor | Assignee | Conveyance | Frame | Reel | Doc |
May 02 2002 | Sony Corporation | (assignment on the face of the patent) | / |
Date | Maintenance Fee Events |
Sep 28 2007 | M1552: Payment of Maintenance Fee, 8th Year, Large Entity. |
Sep 21 2011 | M1553: Payment of Maintenance Fee, 12th Year, Large Entity. |
Date | Maintenance Schedule |
May 08 2010 | 4 years fee payment window open |
Nov 08 2010 | 6 months grace period start (w surcharge) |
May 08 2011 | patent expiry (for year 4) |
May 08 2013 | 2 years to revive unintentionally abandoned end. (for year 4) |
May 08 2014 | 8 years fee payment window open |
Nov 08 2014 | 6 months grace period start (w surcharge) |
May 08 2015 | patent expiry (for year 8) |
May 08 2017 | 2 years to revive unintentionally abandoned end. (for year 8) |
May 08 2018 | 12 years fee payment window open |
Nov 08 2018 | 6 months grace period start (w surcharge) |
May 08 2019 | patent expiry (for year 12) |
May 08 2021 | 2 years to revive unintentionally abandoned end. (for year 12) |