WO2022060156A1 - Method, apparatus, and program for updating firmware of authenticator - Google Patents
Method, apparatus, and program for updating firmware of authenticator Download PDFInfo
- Publication number
- WO2022060156A1 WO2022060156A1 PCT/KR2021/012778 KR2021012778W WO2022060156A1 WO 2022060156 A1 WO2022060156 A1 WO 2022060156A1 KR 2021012778 W KR2021012778 W KR 2021012778W WO 2022060156 A1 WO2022060156 A1 WO 2022060156A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- authentication
- authentication module
- firmware update
- firmware
- maker server
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000003860 storage Methods 0.000 claims description 3
- 238000012546 transfer Methods 0.000 claims description 2
- 230000005540 biological transmission Effects 0.000 abstract description 3
- 230000006870 function Effects 0.000 description 12
- 238000004891 communication Methods 0.000 description 10
- 230000008569 process Effects 0.000 description 8
- 238000012790 confirmation Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 238000011084 recovery Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 210000004204 blood vessel Anatomy 0.000 description 1
- 210000004556 brain Anatomy 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 210000004704 glottis Anatomy 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
- 150000003839 salts Chemical class 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
Definitions
- the present invention relates to a firmware update method, apparatus and program for an authentication module, and more particularly, for an authentication module used for biometric authentication, for reasons such as backdoor concerns and confusion due to deviation from standard specifications, etc., are prohibited in the FIDO specification. It relates to a firmware update method, an apparatus and a program for an authentication module that allow firmware updates to be performed under strict security confirmation and maintenance while maintaining FIDO core specifications as they are.
- a FIDO authentication module (Authenticator; hereinafter referred to as an 'authentication module') is known.
- This is a device used for authenticating that the current user of the authentication module is an originally registered user according to the confirmation of the biometric information without leakage of the biometric information.
- biometric information types such as fingerprints, glottis, iris, face, blood vessels, and brain waves are not discriminated against.
- the authentication module has advantages of being easy to use because phishing is impossible, it is inexpensive, it is portable, it is reliable, it does not require a battery, and it does not require typing.
- the authentication module is ready for use through the registration process, and is later used for personal authentication in the biometric authentication process as its original purpose.
- the original biometric information is stored in the memory ( 12), generate a key pair of a private key and a public key for this biometric information, store the private key inside, and the public key for the client 22 installed in the OS 21 of the information device 20
- the preparation is completed by transmitting to the authentication server 40 through the
- biometric authentication process instantaneous biometric information is input to the authentication module 10 in any biometric authentication process such as login, banking, shopping, etc., and it is compared with the stored original biometric information, and if the result matches
- the biometric matching signal based on the private key is sent to the authentication server 40 through communication means such as the browser 23, and the authentication server 40 confirms this biometric signal by the corresponding public key, the biometric authentication process It has a configuration to send an authentication confirmation signal to
- firmware update of the authentication module 10 is strictly prohibited according to the FIDO policy. Therefore, even if a maker server (not shown) exists, it is not used to update the firmware of the authentication module 10 even if it is used for updating the client 22 .
- a lock system of a device using FIDO authentication an input terminal into which a biometric FIDO authentication device registered in a relaying party on the cloud is inserted, and the biometric FIDO authentication device is connected to the input terminal
- an authentication message is received from the biometric FIDO authentication device to challenge the FIDO authentication to the re-laying party, and an authentication response is provided.
- a 'lock system using FIDO authentication comprising an agent that generates a lock release signal when received, and an operation control unit that releases the lock so that the device can be operated when the lock release signal is received.
- Patent Document 1 Patent Publication No. 10-2020-0067657
- biometric authentication FIDO authentication device authentication module
- the relaying party authentication server
- a backup authentication module since the password information stored in the authentication module cannot be leaked out of the authentication module according to the FIDO specification, a backup authentication module must be retained for account recovery. However, as the backup authentication module requires additional cost and management effort, it is necessary to enable recovery (extended Restricted Operation Environment (ROE)) of the password information stored in the authentication module without causing any security problems.
- ROE Extended Restricted Operation Environment
- biometric information-based authentication modules such as fingerprints
- the owner of the authentication module has the right to know whether biometric information has been registered or whether biometric information has been tampered with. Therefore, it is necessary to monitor the consistency of the biometric information template.
- the present invention is to solve the above problem, and when a firmware update request occurs, the firmware update patch of the maker server is applied to the authentication module by the new key of the authentication module after secure communication of the maker server's zero-knowledge initial registration method is secured and the key is exchanged.
- An object of the present invention is to provide a method, apparatus and program for updating firmware of an authentication module to be installed.
- the method of the present invention for achieving the above object is a method for updating the firmware of an authentication module used for biometric authentication.
- Firmware update request step when a firmware update is required, the authentication module and the maker server are initially authenticated, a secure connection step to establish a secure connection state; and a key delivery step in which the new key generated by the authentication module is transmitted to the maker server; and a patch delivery step in which the firmware update patch encrypted with the new key is delivered from the maker server to the authentication module; and a firmware update step of decrypting and installing the firmware update patch by the new key in the authentication module; It is characterized in that it is further included.
- the device of the present invention for achieving the above object is a device that updates the firmware of an authentication module used for biometric authentication, and allows a firmware update request to be made to a maker server together with biometric information authentication using a biosensor, , when firmware update is required, initial authentication with the maker server to establish a secure connection state, generate a new key to be transmitted to the maker server, receive a firmware update patch encrypted with the new key from the maker server, and an authentication module for decrypting and installing the firmware update patch using a new key; And, a firmware update request is received from the authentication module together with biometric information authentication, and when firmware update is required, a secure connection state is established through initial authentication with the authentication module, a new key generated by the authentication module is transmitted, and the authentication is performed.
- a maker server that delivers the firmware update patch encrypted with the new key to the module It is characterized in that it is included.
- the authentication module of the present invention for achieving the above object, as an authentication module used for biometric authentication, a memory for storing biometric information, certificate and firmware; And, as a program stored in the memory, biometric information authentication is performed using a biosensor, and a firmware update request is made to the maker server.
- the authentication module is initially authenticated to establish a secure connection state, a new key is generated and transmitted to the maker server, a firmware update patch encrypted with the new key is delivered from the maker server, and the new key Decrypt and install the firmware update patch, register biometric information inside the authentication module, and apply biometric information template to the authentication server firmware that transmits and registers the authentication module to the authentication server; It is characterized in that it is included.
- the program of the present invention for achieving the above object is a program for an information device recorded in a storage medium readable by an information device, in which a program for an information device for executing each step of the method described above in the information device is recorded. am.
- the firmware update patch of the maker server is installed in the authentication module by the new key of the authentication module after secure communication and key exchange of the zero knowledge initial registration method of the maker server.
- FIG. 1 is a block diagram of an apparatus in which a firmware update method of an authentication module according to an embodiment of the present invention is implemented.
- FIG. 4 is a block diagram of an apparatus in which a conventional method for updating firmware of an authentication module is implemented.
- the relationship in which other members are disposed or connected to the front, rear, left, right, and upper and lower sides of a member includes a case in which a separate member is inserted in the middle.
- a member is said to be 'just before,', left, and right of another member, it means that there is no separate member in the middle.
- a part 'includes' other components this means that other components may be further included, rather than excluding other components, unless otherwise stated.
- the reason that the names of the components are divided into the first, the second, etc. is to classify them in the same relationship as the components, and the order is not necessarily limited thereto.
- terms such as 'unit', 'means', 'unit', 'member', and 'module' described in the specification mean a unit of a comprehensive configuration that performs at least one function or operation.
- information processing devices such as terminals and servers described in the specification basically mean hard wiring that means hardware in which specific functions or operations are implemented, but should not be construed to be limited to specific hardware, and should not be construed as being limited to specific hardware. This does not exclude soft wiring, which consists of software running to cause a specific function or operation to be implemented. That is, the terminal or server may be any device or software installed on any device, such as an app.
- the method of the present invention is a method of updating the firmware of the authentication module 10 used for biometric authentication.
- the firmware update may be performed to improve the performance of the authentication module 10 , to solve problems found in security, to restore or change a user's account, and the like.
- Firmware update is prohibited in the FIDO specification, so no implementation can be found at this time. The reason for this ban is to prevent confusion due to backdoor concerns and deviations from standard specifications. Therefore, the present invention discloses a configuration that enables the authentication module 10 to perform firmware update in a state of checking and maintaining strict security while maintaining the FIDO core specification so as not to violate the prohibition reason.
- the firmware update technology of the authentication module 10 according to the present invention can be applied to all types of authentication modules regardless of the initial registration method for onboarding during distribution.
- the firmware update method of the present invention comprises: a firmware update request step (S30); With, secure connection step (S40); And, the key transfer step (S50); And, the patch delivery step (S60); And, the firmware update step (S70); It is characterized in that it is included.
- the firmware update request step ( S30 ) is a step in which a firmware update request is made to the maker server 30 together with biometric information authentication using the biometric sensor 11 in the authentication module 10 .
- the maker server 30 is a server operated by the manufacturer that manufactured the authentication module 10 .
- the maker server 30 is the subject of zero-knowledge initial registration (ZKIE) that verifies whether the authentication module 10 to be initially authenticated is the authentication module manufactured by it.
- ZKIE zero-knowledge initial registration
- the authentication of the biometric information in the authentication module 10 is matched by comparing the original biometric information stored inside the authentication module 10 and the instantaneous biometric information newly input at the time of authentication for this firmware update request This refers to the process of sending a biometric signal when it is determined that it is.
- the firmware update request may be directly transmitted from the authentication module 10 to the maker server 30 or may be transmitted through the client 22 .
- the client 22 is software installed in the OS 21 of the information device 20 , and serves as a user interface of the authentication module 10 and relays communication between the authentication module 10 and the maker server 30 . can play a role
- firmware that functions as the client 22 may be mounted in the authentication module 10 .
- the authentication module 10 when the authentication module 10 is connected to the information device 20, it is configured to be connected to the maker server 30 using the Internet communication function of the information device 20, such as a browser 21. can
- firmware performing the Internet communication function and the function of the browser 21 may be mounted in the authentication module 10 .
- the authentication module 10 may be configured to be directly connected to the maker server 30 using an Internet communication function. there is.
- the authentication module 10 and the maker server 30 are initially authenticated to establish a secure connection state.
- the initial authentication is a step in which the authentication module 10 is pre-authenticated with the maker server 30 without relying on a certificate.
- the initial authentication and secure connection can be made by a zero-knowledge initial registration (ZKIE) method, and the zero-knowledge initial registration method allows the authentication module 10 and the maker server 30 to authenticate each other without any prior knowledge. How to make a secure connection.
- ZKIE zero-knowledge initial registration
- SRP Secure Remote Password
- the client 22 installed in the information device 20 requests the authentication module 10 for initial registration of zero knowledge
- the authentication module 10 generates a salt, a verifier, and a new key, and transmits them to the maker server 30 .
- the maker server 30 stores the verifier, and while authenticating the authentication module 10 , a key exchange is performed between the authentication module 10 and the maker server 30 .
- the present invention is not limited thereto, and it is obvious that any ZKIE method other than SRP may be used.
- the key transmission step S50 is a step in which the new key generated by the authentication module 10 is transmitted to the maker server 30 .
- the authentication module 10 and the maker server 30 have a public key.
- the public key is a key obtained by generating a key pair of a private key and a public key in the authentication module 10 and transmitting the public key to the maker server 30 .
- the authentication module 10 further generates the new key during the secure connection step (S40) in addition to the public key.
- the new key is used to encrypt the firmware update patch in the patch delivery step (S60).
- the patch delivery step (S60) is a step in which the firmware update patch encrypted with the new key is transmitted from the maker server 30 to the authentication module 10.
- the firmware update step S70 is a step in which the firmware update patch is decrypted and installed by the new key in the authentication module 10 .
- a key pair of a public key and a private key is already stored in the authentication module 10 .
- the encryption and decryption may be performed according to known techniques. If the installation of the firmware update patch is OK, the authentication module 10 may be in a usable state after restarting.
- the present invention is based on a Zero-Trust Connection.
- the central role of the update is the maker server 30, but communication security is made based on zero knowledge initial authentication (ZKIE), and since the new key is issued by the authentication module 10, it is secured by a distributed design. The effect is greatly improved.
- ZKIE zero knowledge initial authentication
- the present invention generates the initial authentication using a zero-knowledge initial authentication (ZKIE) method. Therefore, very strong secure communication is achieved without relying on a pre-shared symmetric key such as a shared secret for authentication, and without relying on a built-in certificate that has expired or is likely to be tampered with.
- ZKIE zero-knowledge initial authentication
- the maker server 30 and the authentication server 40 may be configured in the form of a cloud. With this configuration, a strong and effective communication security state can be maintained, and the authentication module 10 can be managed to always maintain the latest updated firmware.
- the authentication server 40 is a server that allows a user to process authentication using the authentication module 10 .
- the authentication server 40 issues a certificate and embeds it in the authentication module 10, and when a user who has registered biometric information in the authentication module 10 performs biometric authentication, biometric matching received from the authentication module 10 It is a server having a function of determining that authentication is performed by a true user by a signal, and confirming and proceeding with the authentication.
- the post-authentication processing may be separately configured to be processed by a separate processing server (not shown) according to the authentication confirmation signal from the authentication server 40 .
- a firmware update check request step S10 and a check result output step S20 may be further provided before the firmware update request step S30 . Accordingly, before the firmware update request step ( S30 ), it can be checked whether the firmware update is required.
- the firmware update check request or output of the check result may be transmitted directly from the authentication module 10 to the maker server 30 or may be transmitted through the client 22 .
- the firmware update may be controlled not to proceed.
- the firmware update may not necessarily be performed immediately. need to be controlled. However, it may be configured to be automatically checked, for example, from time to time without a request for checking the firmware update from the user, and may be configured to display an alarm when it is confirmed that the firmware update is necessary as a result of the check.
- an update confirmation step in which the maker server 30 can check the installation result may be further provided. Accordingly, if the confirmation result is OK, the authentication module 10 may be in a usable state after restarting.
- the device of the present invention in which the method is implemented is a device that updates the firmware of the authentication module 10 used for biometric authentication.
- the device of the present invention the authentication module (10); and, the maker server 30; It is characterized in that it is included.
- the authentication module 10 along with biometric information authentication using the biometric sensor 11, allows a firmware update request to be made to the maker server 30, and when firmware update is required, it is initially authenticated with the maker server 30 A secure connection state is established, a new key is generated and transmitted to the maker server 30, a firmware update patch encrypted with the new key is transmitted from the maker server 30, and the firmware is updated by the new key A device that decrypts and installs patches.
- the maker server 30 receives a firmware update request from the authentication module 10 together with biometric information authentication, and when firmware update is required, it is initially authenticated with the authentication module 10 to establish a secure connection state, and the authentication A server that receives the new key generated by the module 10 and delivers the firmware update patch encrypted with the new key to the authentication module 10 .
- the authentication module of the present invention in which the method is implemented is the authentication module 10 used for biometric authentication.
- the authentication module of the present invention the memory 12; Wow, firmware; It is characterized in that it is included.
- the memory 12 is a means for storing biometric information, certificates, and firmware.
- S/N, various keys, random numbers, etc. may be stored in addition to the above.
- the firmware performs biometric information authentication using the biometric sensor 11, makes a firmware update request to the maker server 30, and when firmware update is required, zero-knowledge initial
- the maker server 30 and the authentication module 10 are initially authenticated to establish a secure connection state, a new key is generated and transmitted to the maker server 30, and the maker server 30 ) receives the firmware update patch encrypted with the new key, decrypts and installs the firmware update patch with the new key, registers biometric information in the authentication module 10, and uses the biometric information template to the authentication server at 40 It is a means having a function of transmitting and registering the authentication module 10 to the authentication server 40 .
- the program of the present invention is an information device program recorded in a storage medium readable by the information device 20, in which the information device program for executing each step of the method described above in the information device 20 is recorded. am.
- the present invention can be used in the industry of a firmware update method, apparatus, and program of an authentication module.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
Description
Claims (4)
- 생체인증에 사용되는 인증모듈의 펌웨어가 업데이트되도록 하는 방법으로서, A method for updating firmware of an authentication module used for biometric authentication, the method comprising:상기 인증모듈에서 생체센서를 이용한 생체정보 인증과 함께, 메이커서버로 펌웨어 업데이트 요청이 이루어지는 펌웨어 업데이트 요청단계;와, a firmware update request step in which a firmware update request is made to a maker server along with biometric information authentication using a biometric sensor in the authentication module; Wow,펌웨어 업데이트 필요시, 상기 인증모듈과 상기 메이커서버가 초기인증되어 보안연결 상태가 이루어지는 보안연결 단계;와, a secure connection step in which the authentication module and the maker server are initially authenticated to establish a secure connection state when firmware update is required; Wow,상기 인증모듈에서 생성된 신규키가 상기 메이커서버에 전달되는 키 전달단계;와, a key delivery step in which the new key generated by the authentication module is transmitted to the maker server; Wow,상기 메이커서버로부터 상기 인증모듈에, 상기 신규키로 암호화된 펌웨어 업데이트 패치가 전달되는 패치 전달단계;와, a patch delivery step in which the firmware update patch encrypted with the new key is delivered from the maker server to the authentication module; Wow,상기 인증모듈에서 상기 신규키에 의해 상기 펌웨어 업데이트 패치가 복호화 및 설치되는 펌웨어 업데이트 단계; a firmware update step of decrypting and installing the firmware update patch by the new key in the authentication module;가 포함되어 이루어짐을 특징으로 하는, 인증모듈의 펌웨어 업데이트 방법.A firmware update method of the authentication module, characterized in that it is included.
- 생체인증에 사용되는 인증모듈의 펌웨어가 업데이트되도록 하는 장치로서, A device for updating firmware of an authentication module used for biometric authentication, comprising:생체센서를 이용한 생체정보 인증과 함께, 메이커서버로 펌웨어 업데이트 요청이 이루어지도록 하고, 펌웨어 업데이트 필요시, 상기 메이커서버와 초기인증되어 보안연결 상태가 이루어지며, 신규키를 생성하여 상기 메이커서버에 전달되도록 하고, 상기 메이커서버로부터 상기 신규키로 암호화된 펌웨어 업데이트 패치를 전달받으며, 상기 신규키에 의해 상기 펌웨어 업데이트 패치를 복호화 및 설치하는 인증모듈;과, Along with biometric information authentication using a biometric sensor, a firmware update request is made to the maker server. an authentication module for receiving the firmware update patch encrypted with the new key from the maker server, and decrypting and installing the firmware update patch with the new key; class,생체정보 인증과 함께 상기 인증모듈로부터 펌웨어 업데이트 요청을 받고, 펌웨어 업데이트 필요시, 상기 인증모듈과 초기인증되어 보안연결 상태가 이루어지며, 상기 인증모듈에서 생성된 신규키를 전달받고, 상기 인증모듈에 상기 신규키로 암호화된 펌웨어 업데이트 패치를 전달하는 메이커서버; Receives a firmware update request from the authentication module along with biometric information authentication, and when firmware update is required, is initially authenticated with the authentication module to establish a secure connection state, receives a new key generated by the authentication module, and sends the authentication module to the authentication module. a maker server that delivers the encrypted firmware update patch with the new key;가 포함되어 이루어짐을 특징으로 하는, 인증모듈의 펌웨어 업데이트 장치.A firmware update device for the authentication module, characterized in that it is included.
- 생체인증에 사용되는 인증모듈로서, As an authentication module used for biometric authentication,생체정보, 인증서 및 펌웨어를 저장하는 메모리;와, a memory for storing biometric information, certificates, and firmware; Wow,상기 메모리에 저장되어 있는 프로그램으로서, 생체센서를 이용하여 생체정보 인증을 수행하고, 메이커서버로 펌웨어 업데이트 요청이 이루어지도록 하고, 펌웨어 업데이트 필요시, 제로지식 초기등록 방식에 의해 상기 메이커서버와 상기 인증모듈이 초기인증되어 보안연결 상태가 이루어지도록 하며, 신규키를 생성하여 상기 메이커서버에 전달되도록 하고, 상기 메이커서버로부터 상기 신규키로 암호화된 펌웨어 업데이트 패치를 전달받으며, 상기 신규키에 의해 상기 펌웨어 업데이트 패치를 복호화 및 설치하고, 상기 인증모듈 내부에 생체정보를 등록하고, 생체정보 템플릿을 인증서버에 전송하며, 상기 인증모듈을 상기 인증서버에 등록하는 기능을 가지는 펌웨어; As a program stored in the memory, biometric information authentication is performed using a biosensor, a firmware update request is made to the maker server, and when firmware update is required, the authentication with the maker server is performed by the zero-knowledge initial registration method. The module is initially authenticated to establish a secure connection state, a new key is generated and transmitted to the maker server, a firmware update patch encrypted with the new key is transmitted from the maker server, and the firmware is updated by the new key Decrypt and install the patch, register the biometric information inside the authentication module, and transfer the biometric information template to the authentication server firmware that transmits and registers the authentication module to the authentication server;가 포함되어 이루어짐을 특징으로 하는 인증모듈.Authentication module, characterized in that it is made by including.
- 정보기기에 청구항 1에 기재된 방법의 각 단계를 실행시키기 위한 정보기기용 프로그램을 기록한, 정보기기로 읽을 수 있는 저장매체에 기록된 정보기기용 프로그램.A program for an information device recorded in a storage medium readable by an information device, in which a program for an information device for causing the information device to execute each step of the method according to claim 1 is recorded.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
KR10-2020-0120460 | 2020-09-18 | ||
KR1020200120460A KR102288444B1 (en) | 2020-09-18 | 2020-09-18 | Firmware updating method, apparatus and program of authentication module |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2022060156A1 true WO2022060156A1 (en) | 2022-03-24 |
Family
ID=77313996
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/KR2021/012778 WO2022060156A1 (en) | 2020-09-18 | 2021-09-17 | Method, apparatus, and program for updating firmware of authenticator |
Country Status (2)
Country | Link |
---|---|
KR (1) | KR102288444B1 (en) |
WO (1) | WO2022060156A1 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102288444B1 (en) * | 2020-09-18 | 2021-08-11 | 스티븐 상근 오 | Firmware updating method, apparatus and program of authentication module |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20050120643A (en) * | 2003-03-20 | 2005-12-22 | 패치링크 코오포레이션 | Non-invasive automatic offsite patch fingerprinting and updating system and method |
KR101805310B1 (en) * | 2016-07-14 | 2017-12-06 | 경희대학교 산학협력단 | User apparatus based on trusted platform module and firmware updating method using the same |
KR101857902B1 (en) * | 2014-04-15 | 2018-05-14 | 란티크 베테일리궁스-게엠베하 운트 코 카게 | Root of trust |
KR101859306B1 (en) * | 2013-12-04 | 2018-06-28 | 이베이 인크. | Multi-factor authentication system and method |
KR102012262B1 (en) * | 2017-01-24 | 2019-10-22 | 한국전자통신연구원 | Key management method and fido authenticator software authenticator |
KR102288444B1 (en) * | 2020-09-18 | 2021-08-11 | 스티븐 상근 오 | Firmware updating method, apparatus and program of authentication module |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20200067657A (en) | 2018-12-04 | 2020-06-12 | (주)이더블유비엠 | Lock system using fido authentication |
-
2020
- 2020-09-18 KR KR1020200120460A patent/KR102288444B1/en active IP Right Grant
-
2021
- 2021-09-17 WO PCT/KR2021/012778 patent/WO2022060156A1/en active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20050120643A (en) * | 2003-03-20 | 2005-12-22 | 패치링크 코오포레이션 | Non-invasive automatic offsite patch fingerprinting and updating system and method |
KR101859306B1 (en) * | 2013-12-04 | 2018-06-28 | 이베이 인크. | Multi-factor authentication system and method |
KR101857902B1 (en) * | 2014-04-15 | 2018-05-14 | 란티크 베테일리궁스-게엠베하 운트 코 카게 | Root of trust |
KR101805310B1 (en) * | 2016-07-14 | 2017-12-06 | 경희대학교 산학협력단 | User apparatus based on trusted platform module and firmware updating method using the same |
KR102012262B1 (en) * | 2017-01-24 | 2019-10-22 | 한국전자통신연구원 | Key management method and fido authenticator software authenticator |
KR102288444B1 (en) * | 2020-09-18 | 2021-08-11 | 스티븐 상근 오 | Firmware updating method, apparatus and program of authentication module |
Also Published As
Publication number | Publication date |
---|---|
KR102288444B1 (en) | 2021-08-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11128477B2 (en) | Electronic certification system | |
CN111416807B (en) | Data acquisition method, device and storage medium | |
CN100563151C (en) | A kind of digital certificate updating method and system | |
EP3656107B1 (en) | Secure real-time clock update in an access control system | |
KR102202547B1 (en) | Method and system for verifying an access request | |
WO2019074326A1 (en) | Method and apparatus for secure offline payment | |
WO2020138525A1 (en) | Method for distributed authentication of device in internet-of-things blockchain environment, and system for distributed authentication of device using same | |
US11424915B2 (en) | Terminal registration system and terminal registration method with reduced number of communication operations | |
CN110401613B (en) | Authentication management method and related equipment | |
JP2017152880A (en) | Authentication system, key processing coordination method, and key processing coordination program | |
CN112738064A (en) | Method for improving security of SSH protocol based on SM2 and SM4 cryptographic algorithm | |
KR20180087543A (en) | Key management method and fido authenticator software authenticator | |
WO2015178597A1 (en) | System and method for updating secret key using puf | |
WO2022060156A1 (en) | Method, apparatus, and program for updating firmware of authenticator | |
WO2020032351A1 (en) | Method for establishing anonymous digital identity | |
WO2022055301A1 (en) | On-boarding method, apparatus, and program for group authenticator | |
WO2019017525A1 (en) | User authentication server and system | |
JP2008219689A (en) | Internet protocol adaptive private branch exchange and its maintenance system, and authenticating method and program for maintenance terminal of same system | |
CN115378740A (en) | Method for realizing bidirectional authentication login based on trusted opennsh | |
WO2022035021A1 (en) | Method, device, and program for login using biometric information | |
US11245698B2 (en) | Registration system and registration method | |
WO2012121497A2 (en) | Distinct identifier-based authentication system and method | |
WO2019164139A1 (en) | Electronic payment system and method and program using biometric authentication | |
WO2012128478A2 (en) | System and method for image-based authentication | |
CN115334505B (en) | 5 G+Beidou-oriented multimode intelligent terminal secure communication method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 21869778 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 21869778 Country of ref document: EP Kind code of ref document: A1 |
|
32PN | Ep: public notification in the ep bulletin as address of the adressee cannot be established |
Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 12/05/2023) |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 21869778 Country of ref document: EP Kind code of ref document: A1 |