JP2010288210A - Radio communication terminal - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To simplify a device authentication method as much as possible while securing security. <P>SOLUTION: When a radio communication terminal that authenticates a device in establishing a connection receives a request for connection from an opposite device, it performs authentication at a security level required by itself if the opposite device is capable of performing an authentication procedure that satisfies a high security level required by itself, but it rejects the request for connection when the opposite device is not capable of performing the authentication procedure that satisfies the high security level required by itself and the device that has requested the connection is an unauthenticated device. <P>COPYRIGHT: (C)2011,JPO&INPIT

Description

  The present invention relates to a wireless communication terminal.

Conventionally, as an authentication procedure between Bluetooth (registered trademark) devices, for example, a common decimal four-digit PIN number is entered by a user and checked whether both numbers match (Man-In-The-The- Middle, Active Eavesdropping) is prevented, and the link key is generated from the PIN number input by the user, thereby hiding the link key and preventing eavesdropping (Passive Eavesdropping).

  However, this method has problems in terms of usability and security. Specific usability issues include the need for the user to enter a four-digit number into both devices, or when one device does not have an input device for entering numbers If numbers cannot be entered, a fixed PIN number must be entered in the manual of this device, etc., and the user must enter the PIN number obtained by checking this manual etc. into the other device. There was a problem. Further, as a security problem, there are only 9999 link key candidates, and thus there is a problem that the link key can be found by a brute force check.

Therefore, a new connection authentication procedure called Secure Simple Pairing (hereinafter referred to as SSP) is defined (see Non-Patent Document 1).

Bluetooth Specification version 2.1 + EDR

  The SSP improves usability by simplifying the authentication procedure, and improves security performance by introducing a public key encryption method for link key generation to increase resistance to listening and impersonation.

  The SSP authentication procedure includes authentication method A that can prevent both eavesdropping and spoofing, and authentication method B that can prevent eavesdropping but cannot prevent impersonation, and notifies in advance of the authentication procedure. Select the authentication method based on the input / output capability of the device to be authenticated.

As an example of the authentication method A, there is a Numeric Comparison method. The Numeric Comparison method prevents impersonation by allowing the user to confirm that the connected device is the intended device with a simple operation. Specifically, once in the middle of the authentication procedure, both devices generate a 6-digit number by a calculation determined from the public keys (Public Key A, Public Key B) of both devices. The user visually confirms that the same number is displayed on both devices and presses the Yes button to continue the procedure as a successful authentication. If the numbers displayed on both devices are different, press the No button to end the procedure as an authentication failure. In this way, the Numeric Comparison prevents impersonation by incorporating the confirmation procedure by the user into a part of the authentication procedure.

An example of authentication method B is the Just Works method. The Just Works method is basically the same as the Numeric Comparison authentication procedure, but the only difference is that there is no confirmation procedure by the user, and the number is automatically compared and authenticated at the device to be authenticated or the device to be authenticated. The procedure is to continue. Therefore, since the public key cryptosystem is applied, the resistance against standing-by is equivalent to the Numeric Comparison method, but there is no resistance against impersonation.

  In SSP, a security level can be set for each profile, and when it is necessary to increase confidentiality so as to identify and connect to the other party, authentication method A with user confirmation is used as a connection procedure without confidentiality. When it is desired to simplify the authentication method, the authentication method B without user confirmation can be selected.

However, Bluetooth may be mounted on various devices, and an authentication method that involves user confirmation may not be used. For example, a mobile phone performs a service requiring high security such as voice communication and data communication by Bluetooth, but an opposite device when using voice communication has an operation input means and a display like a car navigation system. There are devices, and there are devices such as headsets that do not have operation input means and display means such as a display. In the case of a device that does not have input display means such as a headset, an authentication method that involves user confirmation cannot be used.

  For this reason, there is a device that cannot be connected if importance is placed on security. On the other hand, if importance is attached to connectivity, there may be cases where sufficient security cannot be ensured.

  Accordingly, an object of the present invention is to provide a wireless communication terminal that can simplify authentication as much as possible while ensuring security.

  In order to achieve the above object, a wireless communication terminal according to the present invention receives a short-range wireless communication unit that performs short-range wireless communication and a connection establishment request using the short-range wireless communication unit from a counterpart device. , It is determined whether the opposite device can execute an authentication procedure that satisfies the security level required by the own terminal, and whether the opposite device has already been authenticated with the own terminal. And an authentication determination means for rejecting a connection request from the opposite device unless the authentication procedure that satisfies the security level required by the device is not possible and the other device is not already authenticated. Yes.

  According to the present invention, it is possible to provide a wireless communication terminal that can simplify authentication as much as possible while ensuring security.

1 is a block diagram showing a configuration of a mobile phone according to an embodiment of the present invention. The flowchart which shows a process when the mobile telephone which concerns on embodiment of this invention receives a connection request. The flowchart which shows a process when the mobile telephone which concerns on embodiment of this invention receives a connection request. The flowchart which shows a process in case the mobile telephone which concerns on embodiment of this invention performs a connection request. The example of the screen displayed on a display part, when the mobile telephone which concerns on embodiment of this invention makes a connection request | requirement.

  Embodiments of the present invention will be described below with reference to the drawings. Here, a wireless communication terminal will be described using a mobile phone as an example. However, the wireless communication terminal is not limited to a mobile phone, and has a short-range wireless communication function such as a car navigation system and a PC, and establishes a connection for short-range wireless communication. The present invention can be applied to any device that is premised on authentication.

  FIG. 1 is a block diagram showing a configuration of a mobile phone according to an embodiment of the present invention. The cellular phone 1 includes a control unit 51, an operation unit 52, a display unit 53, a voice input / output unit 54, a radio telephone communication unit 55, a storage unit 56, and a short-range wireless communication unit 57.

  The control unit 51 includes a CPU, a ROM, a RAM, and the like, and controls the entire mobile phone 1.

  The operation unit 52 includes operation keys, a touch pad, a touch panel, and the like, and inputs a signal corresponding to a user operation to the control unit 51.

  The display unit 53 is configured by a liquid crystal display, an organic EL display, or the like, and displays characters and images according to the control of the control unit 51.

  The audio input / output unit 54 includes a speaker and a microphone, and performs input / output of audio communicated by the wireless telephone communication unit 55 and output of audio / music of music content and moving image content.

  The radio telephone communication unit 55 performs voice communication and packet communication via the base station. For example, when voice is transmitted by voice communication, data obtained by performing signal processing such as encoding or error control on voice data obtained by collecting voice from the microphone of the voice input / output unit 54 is converted into radio waves. Convert and send to base station. The received voice receives radio waves from the base station, converts the radio waves into electrical signals, performs signal processing such as decoding and error correction, and outputs the voice from the speaker of the voice input / output unit 54.

  The storage unit 56 stores various application software, information registered by the user, and the like.

The short-range wireless communication unit 57 includes a wireless communication module using a radio wave having a lower wireless transmission power than the wireless telephone communication unit 55, such as Bluetooth, and performs wireless communication with the opposite device. In the following description, it is assumed that the short-range wireless communication unit 57 performs connection by Bluetooth.

  For the communication connection by the short-range wireless communication unit 57, the control unit 51 includes a protocol control unit 81, a profile control unit 82, an authentication control unit 83, an authentication determination unit 84, a security level determination unit 85, a device registration control unit 86, A short-range wireless communication control unit 87 is included.

The protocol control unit 81 controls a communication protocol for transmitting data by short-range wireless communication. In other words, the functions provided by the Bluetooth Stack from Baseband to RFCOMM are executed.

The profile control unit 82 executes a procedure defined for each service (profile) executed by Bluetooth. The profile includes, for example, an HFP (Hands-Free Profile) for realizing a hands-free call, an A2DP (Advanced Audio Distribution Profile) for transmitting audio, and an AVRCP (Audio / Video Remote Control Profile) for realizing a remote control function. ) Etc.

  The authentication control unit 83 performs authentication using a key calculated from a public key, a device address, time information, and the like. The authentication procedure is defined by Bluetooth Core Spec such as Bluetooth Stack and Generic Access Profile.

  The authentication determination unit 84 determines an authentication method from the security level set for each input display capability and service (profile) of the opposite device, and executes an authentication procedure by the authentication control unit 83 according to the determined authentication method.

  The security level setting unit 85 holds a security level set for each service (profile). Then, in response to an inquiry from the authentication determination unit 84, a security level to be selected for each service is returned. The security levels held by the security level setting unit 85 include security levels 2 and 3. Security level 2 is a security level that enables authentication using an authentication method without user confirmation. On the other hand, the security level 3 is a security level that requires authentication by an authentication method with user confirmation.

For example, a profile related to voice communication such as HFP requires high security, so the security level is set to “3”. On the other hand, for example, OPP (Object Push Profile) is a profile that enables transmission of telephone directory data, but does not require high security because the user confirms the destination when transmitting telephone directory data. You might also say that. Therefore, it is conceivable that the security level is set to “2” for such a profile that does not require high security.

  The device registration control unit 86 generates a link key for authenticating with the opposite device, and holds the link key in association with the device address.

  The short-range wireless communication control unit 87 controls the baseband of short-range wireless communication performed by the short-range wireless communication unit 57.

  FIG. 2 is a flowchart showing processing when the mobile phone 1 receives a connection request.

It is assumed that this connection request is a connection request for a service that requires a security level 3 authentication method. When the mobile phone 1 receives this connection request (S101), the authentication control unit 14 acquires the input / output capability of the opposite device (S102). The input / output capability of the opposite device cannot be displayed and it is impossible to input numbers, Yes / No, etc. (hereinafter referred to as I / O capability 1), and other cases (hereinafter referred to as I / O capability 2). When the opposite device has I / O capability 1, since neither display nor input is possible, the authentication method with user confirmation cannot be supported. That is, security level 3 cannot be supported.

  Therefore, the authentication determination unit 84 determines whether or not the opposing device can support the security level 3 according to the input / output capability of the opposing device obtained in step S102 (S103). If the authentication determination unit 84 determines that the opposite device can support the security level 3 (Yes in S103), the authentication determination unit 84 determines the authentication security level as “3” and sets the security level 3 to the authentication control unit. 85. Upon receiving this security level, the authentication control unit 85 generates a link key of security level 3, and performs authentication using this link key (S104).

  On the other hand, if the authentication determination unit 84 determines in step S103 that the opposite device cannot support security level 3 (No in S103), the authentication determination unit 84 determines whether or not the opposite device has already been registered. (S106). If the device has been registered, the device registration control unit 86 holds the link key in association with the device address of the opposite device. Therefore, the authentication control unit 85 performs authentication using the held link key (S107).

  As described above, the authentication determination unit 84 determines the authentication method using the information on the input display capability of the opposite device and the information on whether or not the device is an authenticated device. Then, when the opposite device cannot support the security level 3 and is not an authenticated device, security is ensured by refusing the connection with the opposite device. On the other hand, in the case of a counterpart device that can support security level 3 or an authenticated counterpart device, it is possible to connect with a counterpart device with I / O capability 1 that cannot be displayed or input by performing authentication and enabling connection. Connections can also be realized as much as possible.

  In the flowchart of FIG. 2, it is described in step S <b> 103 whether it is determined whether or not the opposite device can cope with the security level 3, and in the case where it is not possible to do so, it is determined whether or not the opposite device is authenticated in step S <b> 106. However, the order of step S103 and step S106 may be reversed.

  FIG. 3 is a flowchart showing a process when step S106 is performed before step S103. That is, in the flowchart shown in FIG. 3, when the authentication determination unit 84 performs the determination in step S106 first and the opposite device is already authenticated, the link key held by the authentication control unit 83 is used. When the opposite device is not an authenticated device, the authentication determination unit 84 determines whether or not the opposite device can support the security level 3, and the opposite device that can support the security level 3 If it is a device, the authentication control unit 83 generates a link key of security level 3 and performs authentication.

  FIG. 4 is a flowchart showing processing when the mobile phone 1 makes a connection request to an arbitrary opposite device. It is assumed that this connection request is a connection request for a service that can be authenticated by an authentication method at security level 2. If the authentication determination unit 84 determines to make a connection request with authentication at security level 2, the authentication determination unit 84 reads the authenticated device stored in the device registration control unit 86. Then, the display unit 53 displays a list of the authenticated devices (S202). A list of authenticated devices is displayed as shown in FIG. 5, for example. In the example of FIG. 5, information of three authenticated devices “printer A”, “PC A”, and “PC B” is displayed, and the user can operate the operation unit from the devices displayed in a list on the display unit 53. A device requesting connection via 52 can be selected. When the operation unit 52 accepts a user's selection operation, the authentication determination unit 84 makes a connection request to the selected opposite device (S203). And authentication for connection establishment is performed using the link key memorize | stored in the apparatus registration control part 86 (S204).

  Thus, when a connection request is made to the opposite device, if authentication is performed using an authentication method that does not involve user confirmation, only the authenticated device is the target of the connection request. If authentication is performed using an authentication method that does not involve user confirmation without receiving the selection of the connection request destination device by the user, the user's intention is not performed because the user confirmation operation is not performed during the authentication process. There is a possibility of connecting to a device that is not connected. On the other hand, in the process shown in FIG. 4, it is possible to avoid the possibility of connecting to a device that is not intended by the user by selecting the connection request destination device by the user. Furthermore, in the processing shown in FIG. 4, since the device selected is displayed on the display unit 53 as the device selection target, the user operation is performed when connecting to the opposite device by authentication with a low security level. The possibility of connecting to an incorrect device due to a mistake can also be reduced.

  By adopting the configuration of the embodiment as described above, it is possible to simplify the authentication method as much as possible while ensuring security both when a connection request is made and when a connection request is received.

  In addition, it is not limited to the said embodiment, You may change suitably in the range which does not deviate from the summary of this invention.

DESCRIPTION OF SYMBOLS 1 Mobile phone, 51 Control part, 52 Operation part, 53 Display part, 54 Voice input / output part, 55 Wireless telephone communication part, 56 Storage part, 57 Short-range wireless communication part, 81 Protocol control part, 82 Profile control part, 83 Authentication control unit, 84 Authentication determination unit, 85 Security level setting unit, 86 Device registration control unit, 87 Short-range wireless communication control unit

Claims (7)

Short-range wireless communication means for performing short-range wireless communication;
When a connection establishment request using the short-range wireless communication means is received from the opposite device, whether or not the opposite device can execute an authentication procedure that satisfies the security level required by the own terminal, It is determined whether or not it is already authenticated with its own terminal, and the opposite device cannot execute an authentication procedure that satisfies the security level required by its own terminal, and is not an already-authenticated opposite device with its own terminal And a wireless communication terminal comprising: an authentication determination unit that rejects a connection request from the opposite device. The authentication determination means determines that authentication is performed at the security level required by the own terminal if it is a counterpart device capable of executing an authentication procedure that satisfies the security level required by the own terminal, and the security level required by the own terminal. Even if the opposite device is incapable of executing the authentication procedure that satisfies the above, if the opposite device has already been authenticated with the own terminal, it is determined that authentication is performed using the link key held by the own terminal,
The wireless communication terminal according to claim 1, further comprising an authentication control unit that performs authentication when the authentication determination unit determines to perform authentication. The authentication determination means determines that authentication using the link key held by the own terminal is performed when the opposite device has already been authenticated with the own terminal, and Even if there is an opposing device that can execute an authentication procedure that satisfies the security level required by its own terminal, it is determined that authentication is performed at the security level required by its own terminal,
The wireless communication terminal according to claim 1, further comprising an authentication control unit that performs authentication when the authentication determination unit determines to perform authentication. The security level required by the terminal itself is a security level that requires authentication in an authentication method involving a user confirmation operation,
The authentication determination means requests the own terminal when the opposite apparatus that has requested connection establishment has an input means for receiving an input operation from a user and a display means for displaying information. The wireless communication terminal according to any one of claims 1 to 3, wherein it is determined that an authentication procedure at a security level can be executed. Short-range wireless communication means for performing short-range wireless communication;
When a request for establishing a connection using the short-range wireless communication means is received from a counterpart device, if the request for establishing a connection requires authentication with a user confirmation operation, the counterpart device is accompanied by a user confirmation operation. It is determined whether or not the authentication method can be opposed and whether or not the opposite device has already been authenticated with the own terminal, and the opposite device is not compatible with the authentication method involving the user's confirmation operation, If it is not a peer device that has already been authenticated with its own terminal, it rejects the connection request from the peer device, and if it is a peer device that can support an authentication method that involves a user confirmation operation, an authentication method that involves a user confirmation operation Even if it is an opposing device that is not compatible with an authentication method that requires user confirmation, if the opposing device has already been authenticated with the local terminal, Used link key And determining the authentication decision means to perform the testimony,
A wireless communication terminal comprising authentication control means for performing authentication when the authentication determination means determines to perform authentication. Storage means for storing the identification information of the authenticated device and the link key in association with each other;
Display means for displaying information of the authenticated device stored in the storage means;
An input unit that receives an operation of selecting a device that makes a connection request from information on an authenticated device displayed on the display unit;
6. The apparatus according to claim 1, further comprising a connection request unit that requires a connection request for performing authentication without a user confirmation operation on the device selected by the input unit. The wireless communication terminal according to item. Short-range wireless communication means for performing short-range wireless communication;
Storage means for storing the identification information of the authenticated device and the link key in association with each other;
Display means for displaying information of the authenticated device stored in the storage means;
An input unit that receives an operation of selecting a device that makes a connection request from information on an authenticated device displayed on the display unit;
A wireless communication terminal, comprising: a connection request unit that issues a connection request that requires authentication without a user confirmation operation to the device selected by the input unit.

Images