CN105359451A - Equipment authentication system, manufacturer key generation device, equipment key generation device, production equipment, cooperative authentication device, equipment playback key generation device, equipment authentication method, and equipment authentication program - Google Patents

Equipment authentication system, manufacturer key generation device, equipment key generation device, production equipment, cooperative authentication device, equipment playback key generation device, equipment authentication method, and equipment authentication program Download PDF

Info

Publication number
CN105359451A
CN105359451A CN201380077937.2A CN201380077937A CN105359451A CN 105359451 A CN105359451 A CN 105359451A CN 201380077937 A CN201380077937 A CN 201380077937A CN 105359451 A CN105359451 A CN 105359451A
Authority
CN
China
Prior art keywords
key
identifier
equipment
manufacturer
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201380077937.2A
Other languages
Chinese (zh)
Other versions
CN105359451B (en
Inventor
小林信博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mitsubishi Electric Corp
Original Assignee
Mitsubishi Electric Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mitsubishi Electric Corp filed Critical Mitsubishi Electric Corp
Publication of CN105359451A publication Critical patent/CN105359451A/en
Application granted granted Critical
Publication of CN105359451B publication Critical patent/CN105359451B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Abstract

A key management server (200) uses a manufacturer ID and generates a manufacturer key. An equipment management device (300) stores the manufacturer key, and using the manufacturer key and an equipment ID, generates an equipment authentication key. Production equipment (110) stores the manufacturer ID, the equipment ID, and the equipment authentication key. A communication terminal (400) acquires the manufacturer ID, the equipment ID, and authentication data from the production equipment (110). The communication terminal (400) transmits the manufacturer ID and the equipment ID to the key management server (200); the key management server (200), using the manufacturer ID and the equipment ID, generates an equipment authentication key; and the communication terminal (400) acquires the equipment authentication key from the key management server (200). The communication terminal (400) then uses the equipment authentication key to verify the authentication data.

Description

Device authentication system, manufacturer's key generating device, device keys generating apparatus, manufacturing equipment, cooperation authenticate device, equipment regenerative key generating apparatus, equipment authentication method and device authentication program
Technical field
The present invention such as relates to device authentication system, manufacturer's key generating device, device keys generating apparatus, manufacturing equipment, cooperation authenticate device, equipment regenerative key generating apparatus, equipment authentication method and device authentication program.
Background technology
Patent documentation 1 discloses following prior art: be reduced in wireless multi-hop network from the harmful effect that the grouping of illegal wireless terminal transmission causes radiolink or legal wireless terminal.
Device authentication mode in conventional art is formed in such a way.
Authenticating station is to each equipment distribution public key certificate.The private cipher key that each equipment use is corresponding with public key certificate and generate signature, is sent to the equipment of the other side by signature and public key certificate.The equipment use public key certificate of the other side carrys out certifying signature thus the equipment of authentication communication the other side.
Owing to distributing independent private cipher key to each equipment, therefore, even if private cipher key leaks, the public key certificate corresponding by the private cipher key made with leak lost efficacy, and also infringement can be suppressed in Min..
Further, because multiple authenticating station (comprising device manufacturers) is layered structure, therefore, by each device manufacturers distribution public key certificate, can be decentralized by device fabrication.Further, the Limitation on Liability that can be clearly safe when the leakage accident etc. of private cipher key.
Such device authentication mode generally uses as the frame work being referred to as PKI (PublicKeyInfrastructure).
But because such device authentication mode uses public key cryptography algorithm, process needs more resource.Therefore, the treating capacity of equipment is more, and the cost of equipment can be caused to increase.
When the public key cryptography algorithm using treating capacity fewer than public key cryptography algorithm, each equipment needs to have the key public with communication counterpart.
In this case, in order to infringement when making key exposure minimizes, need to distribute independent public keys to each equipment.Further, each equipment needs according to each communication counterpart management of public keys.Therefore, key management becomes trouble.
In addition, as countermeasure during key exposure, the mechanism that public keys was lost efficacy is necessary.Need following mechanism: the harmful effect of key exposure can not have influence on each equipment, device manufacturers and entire system.The mechanism made clear for the decentralized and safe Limitation on Liability of device fabrication is necessary.
As mentioned above, replace public key cryptography algorithm and use the device authentication mode of public key cryptography algorithm to there is more problem.Further, the frame work replacing the public key cryptography algorithm of PKI does not exist.
Prior art document
Patent documentation
Patent documentation 1: Japanese Unexamined Patent Publication 2003-69581 publication
Summary of the invention
The problem that invention will solve
The object of the invention is to, such as, can use public keys and carry out device authentication easily.
For solving the means of problem
Device authentication system of the present invention has manufacturer's key generating device, device keys generating apparatus, manufacturing equipment, cooperation authenticate device and equipment regenerative key generating apparatus.
Described manufacturer key generating device has: manufacturer's key generation section, it uses for generating the master key of public keys and the manufacturer identifier for identifying the equipment manufacturers manufacturing described manufacturing equipment, generates the public keys of manufacturer's key as described device fabrication commercialization.
Described device keys generating apparatus has: key storage portion of manufacturer, and it stores the described manufacturer key generated by described manufacturer key generation section; And device keys generating unit, its use is stored in the described manufacturer key in key storage portion of described manufacturer and the device identifier for identifying described manufacturing equipment, generates the public keys of device keys as described manufacturing equipment.
Described manufacturing equipment has: device storage portion, its described device keys storing described manufacturer identifier, described device identifier and generated by described device keys generating unit; And verify data generating unit, it uses and is stored in the described device identifier in described device storage portion and is stored in the described device keys in described device storage portion, is created on the verify data used in the authentication processing for described manufacturing equipment.
Described cooperation authenticate device has: identifier data obtaining section, and it obtains described manufacturer identifier and described device identifier from described manufacturing equipment; Verify data obtaining section, it obtains the described verify data generated by described verify data generating unit from described manufacturing equipment; And identifier data sending part, the described manufacturer identifier obtained by described identifier data obtaining section and the described device identifier that obtained by described identifier data obtaining section are sent to described equipment regenerative key generating apparatus by it.
Described equipment regenerative key generating apparatus has: identifier data acceptance division, and it receives described manufacturer identifier and described device identifier from described cooperation authenticate device; And equipment regenerative key generating unit, it uses the described manufacturer identifier received by described identifier data acceptance division and the described device identifier received by described identifier data acceptance division, generates the public keys of equipment regenerative key as described manufacturing equipment.
Invention effect
According to the present invention, such as, can use public keys and carry out device authentication easily.
Accompanying drawing explanation
Fig. 1 is the structure chart of the device authentication system 100 of execution mode 1.
Fig. 2 is the functional structure chart of the Key Management server 200 of execution mode 1.
Fig. 3 is the functional structure chart of the equipment management device 300 of execution mode 1.
Fig. 4 is the functional structure chart of the manufacturing equipment 110 of execution mode 1.
Fig. 5 is the functional structure chart of the communication terminal 400 of execution mode 1.
Fig. 6 is the flow chart of the equipment authentication method of the device authentication system 100 that execution mode 1 is shown.
Fig. 7 is the flow chart of manufacturer's secret generating process (S200) of execution mode 1.
Fig. 8 is the flow chart of the equipment control process (S300) of execution mode 1.
Fig. 9 is the flow chart of the cooperation authentication processing (S400) of execution mode 1.
Figure 10 is the flow chart of the cooperation authentication processing (S400) of execution mode 1.
Figure 11 is the figure of an example of the hardware configuration of the communication terminal 400 that execution mode 1 is shown.
Figure 12 is the functional structure chart of the communication terminal 400 of execution mode 2.
Figure 13 is the functional structure chart of the Key Management server 200 of execution mode 2.
Figure 14 is the flow chart of the cooperation authentication processing (S400) of execution mode 2.
Figure 15 is the functional structure chart of the Key Management server 200 of execution mode 3.
Figure 16 is the functional structure chart of the communication terminal 400 of execution mode 3.
Figure 17 is the flow chart of manufacturer's secret generating process (S200) of execution mode 3.
Figure 18 is the flow chart of the cooperation authentication processing (S400) of execution mode 3.
Figure 19 is the flow chart of the cooperation authentication processing (S400) of execution mode 3.
Figure 20 is the figure of the example of the form of effective list 295 that execution mode 3 is shown.
Figure 21 is the figure of the example of the form of the invalidated list 296/491 that execution mode 3 is shown.
Figure 22 is the flow chart of the cooperation authentication processing (S400) of execution mode 4.
Figure 23 is the flow chart of the cooperation authentication processing (S400) of execution mode 4.
Embodiment
Execution mode 1.
The mode using public keys to carry out device authentication is easily described.
Fig. 1 is the structure chart of the device authentication system 100 of execution mode 1.
About the structure of the device authentication system 100 of execution mode 1, be described according to Fig. 1.
Device authentication system 100 is the systems for carrying out certification to manufacturing equipment 110.
Device authentication system 100 have the Key Management server 200 (example of manufacturer's key generating device, equipment regenerative key generating apparatus) of operator 120, equipment manufacturers 130 equipment management device 300 (example of device keys generating apparatus), the communication terminal 400 (example of cooperation authenticate device) of house 140 is set.
Key Management server 200, equipment management device 300 and communication terminal 400 communicate via network 101.
Operator 120 carries out the business using manufacturing equipment 110, and Utilities Electric Co. is an example of operator 120.Operator 120 has Key Management server 200.
Equipment manufacturers 130 manufacture manufacturing equipment 110.Equipment manufacturers 130 have equipment management device 300.
Arranging house 140 is the families being provided with manufacturing equipment 110.Further, arrange in house 140 and be provided with communication terminal 400, communication terminal 400 managing system manufacturing apparatus 110.Intelligent electric meter (smartmeter) is an example of manufacturing equipment 110.
Fig. 2 is the functional structure chart of the Key Management server 200 of execution mode 1.
About the functional structure of the Key Management server 200 of execution mode 1, be described according to Fig. 2.
Key Management server 200 is the devices of the public keys generating equipment manufacturers 130 according to each equipment manufacturers.Below, the public keys of equipment manufacturers 130 is called " manufacturer's key 292 ".
Key Management server 200 has master key generating unit 210 and manufacturer's key generation section 220.
Master key generating unit 210 uses the carrier ID 121 for identifying operator 120, generates the master key 291 for generating manufacturer's key 292.In addition, manager carries out strict management, and master key 291 can not externally be leaked.
Manufacturer's key generation section 220 uses master key 291, manufacturer ID131 and generation number 132 to generate manufacturer's key 292.
Manufacturer ID131 is the identifier for identification equipment manufacturer 130.
Generation number 132 is the identifiers of the generation for identifying manufacturer's key 292.
The alternation of generations of manufacturer's key 292 be when the leakage of manufacturer's key 292 or the renewal of manufacturer's key 292 time carry out.When the alternation of generations of manufacturer's key 292, manufacturer's key generation section 220 upgrades generation number 132, uses the generation number 132 after upgrading to generate new manufacturer's key 292.
Carrier ID 121, manufacturer ID131, generation number 132 and manufacturer's key 292 are distributed to equipment manufacturers 130 according to the method for safety, are stored in equipment management device 300.
These data can be stored in equipment management device 300 by the communication between Key Management server 200 and equipment management device 300, and storage medium also can be used manually to be stored in equipment management device 300.
Key Management server 200 has device authentication key providing unit 230 (example of identifier data acceptance division, equipment regenerative key sending part) and device authentication key reproducing unit 240 (example of equipment regenerative key generating unit).
Device authentication key providing unit 230 receives the ID data 391 of manufacturing equipment 110 from communication terminal 400, sends the device authentication key 293 generated by device authentication key reproducing unit 240 to communication terminal 400.
Device authentication key reproducing unit 240 uses manufacturer's key 292 and ID data 391 to generate apparatus-form key 294, uses apparatus-form key 294 and ID data 391 to generate device authentication key 293.
Device authentication key reproducing unit 240 has the apparatus-form key reproducing unit 241 generating apparatus-form key 294.
Apparatus-form key 294 is each group the public keys of the manufacturing equipment 110 that apparatus-form (and Mission Number) is identical.
Device authentication key 293 is public keys of each manufacturing equipment 110.
About ID data 391, be described later.
Key Management server 200 has key management storage part 290.
The data that key management storage part 290 storage key management server 200 uses.
Such as, key management storage part 290 stores data as follows.
Key management storage part 290 stores carrier ID 121 and master key 291 accordingly.
Key management storage part 290 stores manufacturer ID131 (example of manufacturer identifier), generation number 132 (from generation to generation an example of identifier), manufacturer's key 292 accordingly.
Key management storage part 290 stores ID data 391, apparatus-form key 294, device authentication key 293 (example of equipment regenerative key) accordingly.
Fig. 3 is the functional structure chart of the equipment management device 300 of execution mode 1.
About the functional structure of the equipment management device 300 of execution mode 1, be described according to Fig. 3.
Equipment management device 300 has ID data generating section 310, device authentication key generation section 320 (example of device keys generating unit), device authentication key write section 340 and equipment control storage part 390 (example in key storage portion of manufacturer).
ID data generating section 310 generates ID data 391.
ID data 391 have carrier ID 121, manufacturer ID131, generation number 132, apparatus-form ID133, Mission Number 134 and device id 135.
Apparatus-form ID133 is the identifier of the form for identifying manufacturing equipment 110.
Mission Number 134 be for identify manufacturing equipment 110 batch identifier.
Device id 135 is the identifiers for identifying manufacturing equipment 110.
Device authentication key generation section 320 uses manufacturer's key 292, apparatus-form ID133 and Mission Number 134 to generate apparatus-form key 294, uses apparatus-form key 294 and device id 135 to generate device authentication key 293.
Device authentication key generation section 320 has the apparatus-form key generation section 330 generating apparatus-form key 294.
ID data 391 and device authentication key 392 are write manufacturing equipment 110 by device authentication key write section 340.
Further, manufacturing equipment 110 is arranged at and arranges house 140.
The data that equipment control storage part 390 storage device management device 300 uses.
Such as, equipment control storage part 390 stores manufacturer's key 292, ID data 391, apparatus-form key 393 and device authentication key 392.
Fig. 4 is the functional structure chart of the manufacturing equipment 110 of execution mode 1.
About the functional structure of the manufacturing equipment 110 of execution mode 1, be described according to Fig. 4.
Manufacturing equipment 110 has verify data generating unit 111 and device storage portion 119.
Verify data generating unit 111 receives inquiry data 421 from communication terminal 400, uses inquiry data 421, ID data 391 and device authentication key 392 to generate verify data 112, verify data 112 is sent to communication terminal 400.
Inquiry data 421 are the data for generating verify data 112.
Verify data 112 is the data for the authentication processing for manufacturing equipment 110.
Device storage portion 119 stores the data that manufacturing equipment 110 uses.
Such as, device storage portion 119 stores ID data 391 and device authentication key 392.ID data 391 and device authentication key 392 are by equipment management device 300 write device storage part 119.
Fig. 5 is the functional structure chart of the communication terminal 400 of execution mode 1.
About the functional structure of the communication terminal 400 of execution mode 1, be described according to Fig. 5.
Communication terminal 400 has ID data acquisition 410 (example of identifier data obtaining section), verify data obtaining section 420, device authentication key obtaining section 430 (example of identifier data sending part, equipment regenerative key acceptance division), verify data proof department 440 (example in authentication processing portion).
Communication terminal 400 has equipment control portion 480 and terminal storage portion 490.
ID data acquisition 410 obtains ID data 391 from manufacturing equipment 110.
Verify data obtaining section 420 uses ID data 391 to generate inquiry data 421, and inquiry data 421 are sent to manufacturing equipment 110, the verify data 112 generated from manufacturing equipment 110 reception use inquiry data 421.
ID data 391 are sent to Key Management server 200 by device authentication key obtaining section 430, receive the device authentication key 293 using ID data 391 and generation from Key Management server 200.
Verify data proof department 440 uses ID data 391 and device authentication key 293 pairs of verify datas 112 to verify.
When verify data 112 is correct data, manufacturing equipment 110 is certified.
When verify data 112 is data of mistake, manufacturing equipment 110 is not certified.
Equipment control portion 480 with the manufacturing equipment 110 of certification communicate, managing system manufacturing apparatus 110.
The data that terminal storage portion 490 storing communication terminal 400 uses.
Such as, terminal storage portion 490 stores ID data 391, verify data 112, device authentication key 293.
Fig. 6 is the flow chart of the equipment authentication method of the device authentication system 100 that execution mode 1 is shown.
About the equipment authentication method of the device authentication system 100 of execution mode 1, be described according to Fig. 6.
In s 200, Key Management server 200 uses carrier ID 121 to generate master key 291, uses master key 291, manufacturer ID131 and generation number 132 to generate manufacturer's key 292.
The manufacturer's key 292 generated by Key Management server 200 is stored in equipment management device 300.
After S200, process enters S300.
In S300, equipment management device 300 generates device authentication key 293 and ID data 391, and device authentication key 293 and ID data 391 are write manufacturing equipment 110.
Then, manufacturing equipment 110 is arranged at house 140 is set.
But device authentication key 392 and ID data 391 also can manually be set in manufacturing equipment 110.
After S300, process enters S400.
In S400, the communication terminal 400 arranging house 140 carries out certification to manufacturing equipment 110 collaboratively with Key Management server 200.
After S400, the process of equipment authentication method terminates.
Fig. 7 is the flow chart of manufacturer's secret generating process (S200) of execution mode 1.
About manufacturer's secret generating process (S200) of execution mode 1, be described according to Fig. 7.
In S210, the master key generating unit 210 of Key Management server 200 uses carrier ID 121 to perform the master key generating algorithm (deriving algorithm also referred to as key) of public-key encryption mode, thus, generates master key 291.
After S210, process enters S220.
In S220, manufacturer's key generation section 220 of Key Management server 200 uses master key 291, manufacturer ID131 and generation number 132 to perform the public keys generating algorithm (deriving algorithm also referred to as key) of public-key encryption mode, thus, the public keys (manufacturer's key 292) of equipment manufacturers 130 is generated.
After S220, manufacturer's secret generating process (S200) terminates.
Fig. 8 is the flow chart of the equipment control process (S300) of execution mode 1.
About the equipment control process (S300) of execution mode 1, be described according to Fig. 8.
In S310, the ID data generating section 310 of equipment management device 300 generates ID data 391.
ID data 391 are the data comprising carrier ID 121, manufacturer ID131, generation number 132, apparatus-form ID133, Mission Number 134 and device id 135.
After S310, process enters S320.
In S320, the apparatus-form key generation section 330 of equipment management device 300 uses apparatus-form ID133, Mission Number 134 and manufacturer's key 292 to perform the public keys generating algorithm (deriving algorithm also referred to as key) of public-key encryption mode, thus, the public keys (apparatus-form key 393) of the group of manufacturing equipment 110 is generated.
After S320, process enters S330.
In S330, the device authentication key generation section 320 of equipment management device 300 uses device id 135 and apparatus-form key 393 to perform the public keys generating algorithm (deriving algorithm also referred to as key) of public-key encryption mode, thus, the public keys (device authentication key 392) of manufacturing equipment 110 is generated.
After S330, process enters S340.
In S340, device authentication key 392 and ID data 391 are write manufacturing equipment 110 by the device authentication key write section 340 of equipment management device 300.
After S340, equipment control process (S300) terminates.
Fig. 9 and Figure 10 is the flow chart of the cooperation authentication processing (S400) of execution mode 1.
About the cooperation authentication processing (S400) of execution mode 1, be described according to Fig. 9 and Figure 10.
In S410 (with reference to Fig. 9), the ID data acquisition 410 of communication terminal 400 communicates with manufacturing equipment 110, obtains ID data 391 from manufacturing equipment 110.
After S410, process enters S421.
In S421, the verify data obtaining section 420 of communication terminal 400 generates inquiry data 421.Inquiry data 421 are arbitrary data (such as random numbers).
After S421, process enters S422.
In S422, inquiry data 421 are sent to manufacturing equipment 110 by the verify data obtaining section 420 of communication terminal 400.
After S422, process enters S423.
In S423, the verify data generating unit 111 of manufacturing equipment 110 receives inquiry data 421 from communication terminal 400.
Verify data generating unit 111 uses inquiry data 421 and ID data 391 (or part of ID data 391), inquiring/and response authentication mode generates verify data 112 (response).
Then, verify data 112 is sent to communication terminal 400 by verify data generating unit 111.
Such as, inquiry data 421 and ID data 391 are input to the hash function that response generates by verify data generating unit 111, perform hash function.The output valve of hash function is verify data 112.
After S423, process enters S424.
In the s 424, the verify data obtaining section 420 of communication terminal 400 receives verify data 112 from manufacturing equipment 110.
After S424, process enters S431 (with reference to Figure 10).
In S431 (with reference to Figure 10), the ID data 391 of manufacturing equipment 110 are sent to Key Management server 200 by the device authentication key obtaining section 430 of communication terminal 400.
After S431, process enters S432.
In S432, the device authentication key providing unit 230 of Key Management server 200 receives ID data 391 from communication terminal 400.
After S432, process enters S433.
In S433, the device authentication key reproducing unit 240 of Key Management server 200 obtains manufacturer ID131 and generation number 132 from ID data 391, obtains the manufacturer key 292 corresponding with manufacturer ID131 and generation number 132 from equipment control storage part 390.
Device authentication key reproducing unit 240 obtains apparatus-form ID133 and Mission Number 134 from ID data 391.
Then, device authentication key reproducing unit 240 uses apparatus-form ID133, Mission Number 134 to generate apparatus-form key 294 (identical with the S320 of Fig. 8) with manufacturer key 292.
After S433, process enters S434.
In S434, the device authentication key reproducing unit 240 of Key Management server 200 obtains device id 135 from ID data 391.
Then, device authentication key reproducing unit 240 uses device id 135 and apparatus-form key 294 to generate device authentication key 293 (identical with the S330 of Fig. 8).
After S434, process enters S435.
In S435, device authentication key 293 is sent to communication terminal 400 by the device authentication key providing unit 230 of Key Management server 200.
After S435, process enters S436.
In S436, the device authentication key obtaining section 430 of communication terminal 400 is from Key Management server 200 receiving equipment authenticate key 293.
After S436, process enters S440.
In S440, the verify data proof department 440 of communication terminal 400 use device authentication key 293 and ID data 391 (or part of ID data 391) inquiring/response authentication mode verifies verify data 112.
Such as, verify data generating unit 111 is verified verify data 112 in such a way.
Verify data generating unit 111 uses inquiry data 421 (in S422, sending to the data of manufacturing equipment 110) and ID data 391, generates verify data with the method identical with manufacturing equipment 110.Below, the verify data generated by verify data generating unit 111 is called " comparing data ".
Verify data generating unit 111 pairs of comparing datas and verify data 112 (in the s 424 from the data that manufacturing equipment 110 receives) compare.
When comparing data is consistent with verify data 112, verify data 112 is correct data, and manufacturing equipment 110 is authenticated to be legal equipment.
When comparing data and verify data 112 inconsistent, verify data 112 be mistake data, manufacturing equipment 110 is not authenticated to be legal equipment.
After S440, cooperation authentication processing (S400) terminates.
Figure 11 is the figure of an example of the hardware configuration of the communication terminal 400 that execution mode 1 is shown.
About an example of the hardware configuration of the communication terminal 400 of execution mode 1, be described according to Figure 11.
In addition, Key Management server 200 also has the hardware configuration identical with communication terminal 400 with equipment management device 300.
Communication terminal 400 has: the arithmetic unit 901 be connected with bus 909, auxilary unit 902, main storage means 903, communicator 904 and input/output unit 905.
Arithmetic unit 901 is CPU (CentralProcessingUnit: CPU) of executive program.
Auxilary unit 902 is such as ROM (ReadOnlyMemory: read-only memory), flash memory or hard disk unit.
Main storage means 903 is such as RAM (RandomAccessMemory: random access storage device).
Communicator 904 communicates via the Internet, LAN (local area network (LAN)), telephone wire road network or other network with wired or wireless form.
Input/output unit 905 is such as mouse, keyboard, display unit.
Program is stored in auxilary unit 902 usually, to be loaded in main storage means 903 and to be read into arithmetic unit 901, being performed by arithmetic unit 901.
Such as, operating system (OS) is stored in auxilary unit 902.Further, the program (example of device authentication program) realizing the function be described as " ~ portion " is stored in auxilary unit 902.Further, the program of the function that OS and realization are described as " ~ portion " is loaded in main storage means 903, is performed by arithmetic unit 901.
Represent that the information of the result of the process such as " ~ judgement ", " ~ judgement ", " ~ extraction ", " ~ detection ", " ~ setting ", " ~ registration ", " ~ selection ", " ~ generation ", " ~ input ", " ~ output ", data, signal value or variate-value are stored as a file in main storage means 903 or auxilary unit 902.Further, other data that communication terminal 400 uses are stored in main storage means 903 or auxilary unit 902.
Further, Figure 11 illustrates an example of the hardware configuration of the communication terminal 400 of execution mode 1, and the hardware configuration of communication terminal 400 also can be the structure different from the structure shown in Figure 11.
In addition, the method (example of cooperation authentication method) of execution mode 1 can be realized by the step or step different from its part using the explanations such as flow chart.
Execution mode 1 also can adopt mode as follows.
Manufacturer's key generation section 220 also can not use generation number 132 to generate manufacturer's key 292.
Apparatus-form key generation section 330 also can use any one party in apparatus-form ID133 and Mission Number 134 to generate apparatus-form key 294.
Device authentication key generation section 320 also can replace apparatus-form key 294 and use manufacturer's key 292 to generate device authentication key 293.
Key Management server 200 also can be made up of the device (example of manufacturer's key generating device) with master key generating unit 210 and the respective function of manufacturer's key generation section 220 and device (example of equipment regenerative key generating apparatus) these two devices with device authentication key providing unit 230 and the respective function of device authentication key reproducing unit 240.
House 140 is set and also can replaces the moving bodys such as adult, animal, vehicle, railway, aircraft or robot.
Below, the process about execution mode 1 remarks additionally.
The verification process (S440) of the inquiry generating process (S421) of data 421, the generating process (S423) of verify data 112 and verify data 112 can be used as the authentication mechanism 9798-2 of international standard technical or other authentication protocol according to ISO/IEC and perform.
Key derives the algorithm that algorithm is the key derivation functions such as the hash function (HMAC) using pseudo random number generating function (PRF), message authentication code generating function (MAC function) or be with key.
Such effect is such as realized by execution mode 1.
The public key cryptography algorithm that processing load can be used less than public key cryptography algorithm.
Due to each manufacturing equipment distributing equipment authenticate key as independent public keys, therefore, though when device authentication key leaks from arbitrary manufacturing equipment also can will infringement suppress in Min..That is, the harmful effect that the leakage because of device authentication key can be made to cause can not feed through to other manufacturing equipment, equipment manufacturers and entire system.
Independent ID data can be used key management to be simplified.
The decentralized of device fabrication can be realized.Further, can by the Clear definition of scope of responsibilities of safety.
The processing load of manufacturing equipment is less, can manufacturing equipment be made to carry out action with less resource.
Execution mode 2.
Illustrate Key Management server 200 to replace communication terminal 400 and carry out the mode of the checking of verify data 112.
Below, the item that main explanation is different from execution mode 1.About the item omitted the description, identical with execution mode 1.
Figure 12 is the functional structure chart of the communication terminal 400 of execution mode 2.
About the functional structure of the communication terminal 400 of execution mode 2, be described according to Figure 12.
Communication terminal 400 has checking request unit 431 (example of identifier data sending part, verify data sending part), is substituted in the device authentication key obtaining section 430 illustrated in execution mode 1 (with reference to Fig. 5).
About the action of checking request unit 431, be described later.
Figure 13 is the functional structure chart of the Key Management server 200 of execution mode 2.
About the functional structure of the Key Management server 200 of execution mode 2, be described according to Figure 13.
Key Management server 200 has checking request receiving unit 231 (example of identifier data acceptance division, verify data acceptance division) and verify data proof department 232 (example in authentication processing portion), is substituted in the device authentication key providing unit 230 illustrated in execution mode 1 (with reference to Fig. 2).
Ask the action of receiving unit 231 and verify data proof department 232 about checking, be described later.
Figure 14 is the flow chart of the cooperation authentication processing (S400) of execution mode 2.
About the cooperation authentication processing (S400) of execution mode 2, be described according to Figure 14.
Cooperation authentication processing (S400) replaces the S431 to S440 illustrated in execution mode 1 (with reference to Fig. 9, Figure 10), and performs S431B to S440B (wherein, except S433 and S434).
In S410, the ID data acquisition 410 of communication terminal 400 obtains ID data 391 (identical with execution mode 1) from manufacturing equipment 110.
In S421 to S424, the verify data obtaining section 420 of communication terminal 400 obtains verify data 112 (identical with execution mode 1) from manufacturing equipment 110.
After S424, process enters S431B.
In S431B, ID data 391, verify data 112 and inquiry data 421 are sent to Key Management server 200 by the checking request unit 431 of communication terminal 400.
After S431B, process enters S432B.
In S432B, the checking request receiving unit 231 of Key Management server 200 receives ID data 391, verify data 112 and inquiry data 421 from communication terminal 400.
After S432B, process enters S433.
In S433 and S434, the device authentication key reproducing unit 240 of Key Management server 200 generates device authentication key 293 (identical with execution mode 1).
After S434, process enters S435B.
In S435B, the verify data proof department 232 of Key Management server 200 uses device authentication key 293, ID data 391 and inquiry data 421 to verify verify data 112.
Verification method is identical with execution mode 1 (S440 of Figure 10).
After S435B, process enters S436B.
In S436B, the result of verify data 112 is sent to communication terminal 400 by the checking request receiving unit 231 of Key Management server 200.
After S436B, process enters S440B.
In S440B, the checking request unit 431 of communication terminal 400 receives the result of verify data 112 from Key Management server 200.
After S440B, cooperation authentication processing (S400) terminates.
According to execution mode 2, Key Management server 200 can replace the checking that communication terminal 400 carries out verify data 112.
Even execution mode 2, also the effect identical with execution mode 1 can be realized.
Execution mode 3.
The mode using the list relevant to legal manufacturing equipment 110 or illegal manufacturing equipment 110 is described.
Below, mainly the item different from execution mode 1 is described.About the item omitted the description, identical with execution mode 1.
Figure 15 is the functional structure chart of the Key Management server 200 of execution mode 3.
About the functional structure of the Key Management server 200 of execution mode 3, be described according to Figure 15.
Key Management server 200 has the list reference portion 250 with reference to effective list 295 and invalidated list 296.
The key management storage part 290 of Key Management server 200 stores effective list 295 and invalidated list 296.But Key Management server 200 also only can store any one party in effective list 295 and invalidated list 296.
Effective list 295 is lists relevant to legal manufacturing equipment 110.Effective list 295 is generated by manufacturer's key generation section 220.But effective list 295 also can be generated by manager.
The list that the manufacturing equipment 110 of invalidated list 296 right and wrong method is relevant.Invalidated list 296 is generated by manager.
Effective list 295 and invalidated list 296 represent the combination of at least any one and manufacturer ID in manufacturer ID or generation number, apparatus-form ID, Mission Number, device id.
About the using method of effective list 295 and invalidated list 296, be described later.
Figure 16 is the functional structure chart of the communication terminal 400 of execution mode 3.
About the functional structure of the communication terminal 400 of execution mode 3, be described according to Figure 16.
The terminal storage portion 490 (example of invalidated list storage part) of communication terminal 400 stores invalidated list 491.
The list that the manufacturing equipment 110 of invalidated list 491 right and wrong method is relevant.Invalidated list 491 is generated by device authentication key obtaining section 430.But invalidated list 491 also can be generated by manager.
Invalidated list 491 represents the combination of any one and manufacturer ID in manufacturer ID or generation number, apparatus-form ID, Mission Number, device id.
About the using method of invalidated list 491, be described later.
Figure 17 is the flow chart of manufacturer's secret generating process (S200) of execution mode 3.
About manufacturer's secret generating process (S200) of execution mode 3, be described according to Figure 17.
Manufacturer's secret generating process (S200) also comprises S221 except the process illustrated in execution mode 1 (with reference to Fig. 7).
In S221, manufacturer ID131 and generation number 132 are set in effective list 295 by manufacturer's key generation section 220 accordingly.
After S221, manufacturer's secret generating process (S200) terminates.
Figure 18 and Figure 19 is the flow chart of the cooperation authentication processing (S400) of execution mode 3.
About the cooperation authentication processing (S400) of execution mode 3, be described according to Figure 18 and Figure 19.
Cooperation authentication processing (S400), except the process illustrated in execution mode 1 (Fig. 9, Figure 10), also comprises S420, S432-1 and S432-2.
In S420 (with reference to Figure 18), verify data obtaining section 420 pairs of ID data 391 of communication terminal 400 and invalidated list 491 compare, and judge whether the information (device id 135 etc.) be included in ID data 391 is set in invalidated list 491.
The (YES) when the information setting of ID data 391 is in invalidated list 491, manufacturing equipment 110 is illegal equipment, and cooperation authentication processing (S400) terminates.That is, manufacturing equipment 110 is not certified.
When the information of ID data 391 is not set in invalidated list 491 (no), process enters S421.
In S432-1 (with reference to Figure 19), ID data 391 and effective list 295 and invalidated list 296 compare by the device authentication key providing unit 230 of Key Management server 200, judge whether the information (device id 135 etc.) be included in ID data 391 is set in effective list 295 or invalidated list 296.But ID data 391 and any one party in effective list 295 and invalidated list 296 also can compare by device authentication key providing unit 230.
The (YES) when the information of ID data 391 is only set in invalidated list 296, manufacturing equipment 110 is illegal equipment, and process enters S432-2.
When the information of ID data 391 is only set in effective list 295 (no), process enters S433.
When the information setting of ID data 391 in effective list 295 and invalidated list 296 both sides (YES), manufacturing equipment 110 is illegal equipment, and process enters S432-2.But when not being judged as that manufacturing equipment 110 is illegal equipment, process also can enter S433.
In S432-2, the device authentication key providing unit 230 of Key Management server 200 will represent that ID data 391 are that the invalid message of invalid data is sent to communication terminal 400.The device authentication key obtaining section 430 of communication terminal 400 receives invalid message.
Then, the device authentication key obtaining section 430 of communication terminal 400 upgrades invalidated list 491 by adding the information of ID data 391 to invalidated list 491.
After S432-2, manufacturing equipment 110 is not certified, and cooperation authentication processing (S400) terminates.
Figure 20 is the figure of the example of the form of the effective list 295 representing execution mode 3.
Figure 21 is the figure of the example of the form of the invalidated list 296/491 representing execution mode 3.
About the example of effective list 295 of execution mode 3 and the form of invalidated list 296/491, be described according to Figure 20 and Figure 21.
The information being set in effective list 295 (with reference to Figure 20) comprises manufacturer ID and generation number accordingly.But effective list 295 can be also other form as invalidated list 296/491 (with reference to Figure 21).
The information being set in invalidated list 296/491 (with reference to Figure 21) represents manufacturer ID as shown in (5).
But the information being set in invalidated list 296/491 also can be the combination of at least one and manufacturer ID in generation number, apparatus-form ID, Mission Number, device id as shown in (1) to (4).
In execution mode 3, determine whether that the mode to manufacturing equipment 110 carries out certification is illustrated about the effective list of use or invalidated list.
According to execution mode 3, the burden of the authentication processing that cooperates (S400) for the illegal manufacturing equipment 110 (or with effective list not corresponding illegal manufacturing equipment 110) corresponding to invalidated list can be alleviated.
As countermeasure during key exposure, can provide and use invalidated list and make the mechanism of key expires.
Execution mode 4.
The mode re-using apparatus-form the key 294 and device authentication key 293 generated in the past is described.
Below, the item that main explanation is different from execution mode 1.About the item omitted the description, identical with execution mode 1.
Figure 22 and Figure 23 is the flow chart of the cooperation authentication processing (S400) of execution mode 4.
About the cooperation authentication processing (S400) of execution mode 4, be described according to Figure 22 and Figure 23.
Cooperation authentication processing (S400) also comprises S430 and S432-1 except the process illustrated in execution mode 1 (with reference to Fig. 9, Figure 10).
Further, cooperation authentication processing (S400) is substituted in S433 and S436 illustrated in execution mode 1, comprises S433C and S436C.
In S410 to S424 (with reference to Figure 22), the ID data acquisition 410 of communication terminal 400 obtains ID data 391, and the verify data obtaining section 420 of communication terminal 400 obtains verify data 112 (identical with execution mode 1).
After S424, process enters S430.
In S430, whether the device authentication key 293 that the device authentication key obtaining section 430 of communication terminal 400 judges to correspond to the ID data identical with ID data 391 (or part of ID data 391) is stored in terminal storage portion 490 (example of equipment regenerative key storage part).
The (YES) when corresponding device authentication key 293 is stored in terminal storage portion 490, device authentication key obtaining section 430 obtains corresponding device authentication key 293 from terminal storage portion 490, and process enters S440 (with reference to Figure 23).
When corresponding device authentication key 293 is not stored in terminal storage portion 490 (no), process enters S431.
In S431 and S432, ID data 391 are sent to Key Management server 200 by the device authentication key obtaining section 430 of communication terminal 400, and the device authentication key providing unit 230 of Key Management server 200 receives ID data 391 (identical with execution mode 1).
After S432, process enters S432-1.
In S432-1, whether the apparatus-form key 294 that the device authentication key reproducing unit 240 of Key Management server 200 judges to correspond to the ID data identical with ID data 391 (wherein, except device id 135) is stored in key management storage part 290 (example in apparatus-form key storage portion).
The (YES) when corresponding apparatus-form key 294 is stored in key management storage part 290, device authentication key reproducing unit 240 obtains corresponding apparatus-form key 294 from key management storage part 290, and process enters S434.
When corresponding apparatus-form key 294 is not stored in key management storage part 290 (no), process enters S433C.
In S433C, device authentication key reproducing unit 240 uses ID data 391 to generate apparatus-form key 294 (identical with execution mode 1) with manufacturer key 292.
Then, ID data 391 (wherein, except device id 135) and apparatus-form key 294 are stored in key management storage part 290 by device authentication key reproducing unit 240 accordingly.Thereby, it is possible to re-use apparatus-form key 294.
After S433C, process enters S434.
In S434 and S435, the device authentication key reproducing unit 240 of Key Management server 200 generates device authentication key 293, the device authentication key providing unit 230 transmitting apparatus authenticate key 293 of Key Management server 200.
After S435, process enters S436C.
In S436C, device authentication key obtaining section 430 receiving equipment authenticate key 293 (identical with execution mode 1) of communication terminal 400.
Then, device authentication key 293 is stored in key management storage part 290 with the ID data 391 sent in S431 by device authentication key obtaining section 430 accordingly.Thereby, it is possible to re-use device authentication key 293.
After S436C, process enters S440.
In S440, the verify data proof department 440 of communication terminal 400 uses device authentication key 293 to verify (identical with execution mode 1) verify data 112 with ID data 391.
After S440, cooperation authentication processing (S400) terminates.
In execution mode 4, be illustrated about the mode re-using apparatus-form the key 294 and device authentication key 293 generated in the past.
According to execution mode 4, the burden of cooperation authentication processing (S400) can be alleviated.
Each execution mode is an example of the mode of device authentication system 100.
That is, device authentication system 100 also can not have a part for function or the structure illustrated in each execution mode.
Further, device authentication system 100 also can have unaccounted function or structure in each execution mode.
In addition, each execution mode also can combine part or all in the scope not producing contradiction.
Label declaration
100: device authentication system; 101: network; 110: manufacturing equipment; 111: verify data generating unit; 112: verify data; 119: device storage portion; 120: operator; 121: carrier ID; 130: equipment manufacturers; 131: manufacturer ID; 132: generation number; 133: apparatus-form ID; 134: Mission Number; 135: device id; 140: house is set; 200: Key Management server; 210: master key generating unit; 220: manufacturer's key generation section; 230: device authentication key providing unit; 231: checking request receiving unit; 232: verify data proof department; 240: device authentication key reproducing unit; 241: apparatus-form key reproducing unit; 250: list reference portion; 290: key management storage part; 291: master key; 292: manufacturer's key; 293: device authentication key; 294: apparatus-form key; 295: effectively list; 296: invalidated list; 300: equipment management device; 310:ID data generating section; 320: device authentication key generation section; 330: apparatus-form key generation section; 340: device authentication key write section; 390: equipment control storage part; 391:ID data; 392: device authentication key; 393: apparatus-form key; 400: communication terminal; 410:ID data acquisition; 420: verify data obtaining section; 421: inquiry data; 430: device authentication key obtaining section; 431: checking request unit; 440: verify data proof department; 480: equipment control portion; 490: terminal storage portion; 491: invalidated list; 901: arithmetic unit; 902: auxilary unit; 903: main storage means; 904: communicator; 905: input/output unit; 909: bus.

Claims (18)

1. a device authentication system, it has manufacturer's key generating device, device keys generating apparatus, manufacturing equipment, cooperation authenticate device and equipment regenerative key generating apparatus, it is characterized in that,
Described manufacturer key generating device has:
Manufacturer's key generation section, it uses for generating the master key of public keys and the manufacturer identifier for identifying the equipment manufacturers manufacturing described manufacturing equipment, generates the public keys of manufacturer's key as described device fabrication commercialization,
Described device keys generating apparatus has:
Key storage portion of manufacturer, it stores the described manufacturer key generated by described manufacturer key generation section; And
Device keys generating unit, its use is stored in the described manufacturer key in key storage portion of described manufacturer and the device identifier for identifying described manufacturing equipment, generates the public keys of device keys as described manufacturing equipment,
Described manufacturing equipment has:
Device storage portion, its described device keys storing described manufacturer identifier, described device identifier and generated by described device keys generating unit; And
Verify data generating unit, it uses and is stored in the described device identifier in described device storage portion and is stored in the described device keys in described device storage portion, is created on the verify data used in the authentication processing for described manufacturing equipment,
Described cooperation authenticate device has:
Identifier data obtaining section, it obtains described manufacturer identifier and described device identifier from described manufacturing equipment;
Verify data obtaining section, it obtains the described verify data generated by described verify data generating unit from described manufacturing equipment; And
Identifier data sending part, the described manufacturer identifier obtained by described identifier data obtaining section and the described device identifier that obtained by described identifier data obtaining section are sent to described equipment regenerative key generating apparatus by it,
Described equipment regenerative key generating apparatus has:
Identifier data acceptance division, it receives described manufacturer identifier and described device identifier from described cooperation authenticate device; And
Equipment regenerative key generating unit, it uses the described manufacturer identifier received by described identifier data acceptance division and the described device identifier received by described identifier data acceptance division, generates the public keys of equipment regenerative key as described manufacturing equipment.
2. device authentication system according to claim 1, is characterized in that,
Described equipment regenerative key generating apparatus has equipment regenerative key sending part, and the described equipment regenerative key generated by described equipment regenerative key generating unit is sent to described cooperation authenticate device by this equipment regenerative key sending part,
Described cooperation authenticate device has:
Equipment regenerative key acceptance division, it receives described equipment regenerative key from described equipment regenerative key generating apparatus; And
Authentication processing portion, it uses the described equipment regenerative key, the described device identifier obtained by described identifier data obtaining section and the described verify data obtained by described verify data obtaining section that are received by described equipment regenerative key acceptance division, carries out the described authentication processing for described manufacturing equipment.
3. device authentication system according to claim 2, is characterized in that,
Described cooperation authenticate device has invalidated list storage part, and this invalidated list storage part storage comprises the invalidated list of the identifier for identification equipment manufacturer,
When not comprising the identifier identical with the described manufacturer identifier obtained by described identifier data obtaining section in described invalidated list, described verify data obtaining section obtains described verify data.
4. device authentication system according to claim 3, is characterized in that,
The described manufacturer identifier sent by described identifier data sending part, when receiving described equipment regenerative key, is added in described invalidated list by described equipment regenerative key acceptance division.
5. the device authentication system according to any one in claim 2 to 4, is characterized in that,
Described cooperation authenticate device has equipment regenerative key storage part, the described equipment regenerative key that this equipment regenerative key storage part stores the described manufacturer identifier sent by described identifier data sending part, the described device identifier sent by described identifier data sending part accordingly and received by described equipment regenerative key acceptance division
When storing the manufacturer identifier identical with the new manufacturer identifier acquired by described identifier data obtaining section and the corresponding equipment regenerative key of the device identifier identical with the new device identifier acquired by described identifier data obtaining section in described equipment regenerative key storage part, described authentication processing portion uses the described equipment regenerative key be stored in described equipment regenerative key storage part, carries out the described authentication processing for described manufacturing equipment.
6. the device authentication system according to any one in claim 2 to 5, is characterized in that,
The form identifier being used for the form identifying described manufacturing equipment, except described manufacturer identifier and described device identifier, is also sent to described equipment regenerative key generating apparatus by described identifier data sending part,
Described identifier data acceptance division receives described manufacturer identifier, described device identifier and described form identifier,
Described equipment regenerative key generating unit uses described manufacturer identifier and described form identifier to generate apparatus-form key,
Described equipment regenerative key generating unit uses described apparatus-form key and described device identifier to generate described equipment regenerative key.
7. device authentication system according to claim 6, is characterized in that,
Described equipment regenerative key generating apparatus has apparatus-form key storage portion, this apparatus-form key storage portion stores the described manufacturer identifier received by described identifier data acceptance division and the described apparatus-form key generated by described equipment regenerative key generating unit accordingly
When storing apparatus-form key corresponding to the manufacturer identifier identical with the new manufacturer identifier that described identifier data acceptance division receives in described apparatus-form key storage portion, the new device identifier that described equipment regenerative key generating unit uses the described apparatus-form key that is stored in described apparatus-form key storage portion and described identifier data acceptance division to receive generates described equipment regenerative key.
8. device authentication system according to claim 1, is characterized in that,
Described cooperation authenticate device has verify data sending part, and the described verify data obtained by described verify data obtaining section is sent to described equipment regenerative key generating apparatus by this verify data sending part,
Described equipment regenerative key generating apparatus has:
Verify data acceptance division, it receives described verify data from described cooperation authenticate device; And
Authentication processing portion, its described equipment regenerative key using the described verify data received by described verify data acceptance division, the described device identifier received by described identifier data acceptance division and generated by described equipment regenerative key generating unit, carries out the described authentication processing for described manufacturing equipment.
9. the device authentication system according to any one in claim 1 to 8, is characterized in that,
Described manufacturer key generation section, except described master key and described manufacturer identifier, also uses the generation identifier of the generation of the public keys representing described device fabrication commercialization to generate described manufacturer key.
10. the device authentication system according to any one in claim 1 to 9, is characterized in that,
Described device keys generating unit is except described manufacturer key and described device identifier, also use the form identifier of the form for identifying described manufacturing equipment and for identify described manufacturing equipment batch batch identifier at least any one, generate described device keys.
11. device authentication systems according to any one in claim 1 to 10, is characterized in that,
Described equipment regenerative key generating apparatus has the effective list storage portion storing effective list, and this effective list comprises the combination of the generation identifier of the generation of the public keys of manufacturer identifier and indication equipment manufacturer,
Described identifier data acceptance division, except described manufacturer identifier and described device identifier, also receives identifier from generation to generation,
When comprising the combination identical with the combination after the described generation identifier combination that the described manufacturer identifier received by described identifier data acceptance division and described identifier data acceptance division receive in described effective list, described equipment regenerative key generating unit generates described equipment regenerative key.
12. 1 kinds of manufacturer's key generating devices, it forms the device authentication system described in any one in claim 1 to claim 11.
13. 1 kinds of device keys generating apparatus, it forms the device authentication system described in any one in claim 1 to claim 11.
14. 1 kinds of manufacturing equipments, it forms the device authentication system described in any one in claim 1 to claim 11.
15. 1 kinds of cooperation authenticate devices, it forms the device authentication system described in any one in claim 1 to claim 11.
16. 1 kinds of equipment regenerative key generating apparatus, it forms the device authentication system described in any one in claim 1 to claim 11.
17. 1 kinds of equipment authentication methods using device authentication system, this device authentication system has manufacturer's key generating device, device keys generating apparatus, manufacturing equipment, cooperation authenticate device and equipment regenerative key generating apparatus, the feature of this equipment authentication method is
In described manufacturer key generating device,
Manufacturer's key generation section uses for generating the master key of public keys and the manufacturer identifier for identifying the equipment manufacturers manufacturing described manufacturing equipment, generates the public keys of manufacturer's key as described device fabrication commercialization,
In described device keys generating apparatus,
Key storage portion of manufacturer stores the described manufacturer key generated by described manufacturer key generation section,
Device keys generating unit uses the described manufacturer key that is stored in key storage portion of described manufacturer and the device identifier for identifying described manufacturing equipment, generates the public keys of device keys as described manufacturing equipment,
In described manufacturing equipment,
The described device keys that device storage portion stores described manufacturer identifier, described device identifier and generated by described device keys generating unit,
Verify data generating unit uses the described device identifier be stored in described device storage portion and the described device keys be stored in described device storage portion, is created on the verify data used in the authentication processing for described manufacturing equipment,
In described cooperation authenticate device,
Identifier data obtaining section obtains described manufacturer identifier and described device identifier from described manufacturing equipment,
Verify data obtaining section obtains the described verify data generated by described verify data generating unit from described manufacturing equipment,
The described manufacturer identifier obtained by described identifier data obtaining section and the described device identifier that obtained by described identifier data obtaining section are sent to described equipment regenerative key generating apparatus by identifier data sending part,
In described equipment regenerative key generating apparatus,
Identifier data acceptance division receives described manufacturer identifier and described device identifier from described cooperation authenticate device,
Equipment regenerative key generating unit uses the described manufacturer identifier received by described identifier data acceptance division and the described device identifier received by described identifier data acceptance division, generates the public keys of equipment regenerative key as described manufacturing equipment.
18. 1 kinds of device authentication programs, it is for making the equipment authentication method recorded in computer enforcement of rights request 17.
CN201380077937.2A 2013-07-01 2013-07-01 Device authentication system and equipment authentication method Active CN105359451B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2013/068000 WO2015001600A1 (en) 2013-07-01 2013-07-01 Equipment authentication system, manufacturer key generation device, equipment key generation device, production equipment, cooperative authentication device, equipment playback key generation device, equipment authentication method, and equipment authentication program

Publications (2)

Publication Number Publication Date
CN105359451A true CN105359451A (en) 2016-02-24
CN105359451B CN105359451B (en) 2018-09-18

Family

ID=52143223

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201380077937.2A Active CN105359451B (en) 2013-07-01 2013-07-01 Device authentication system and equipment authentication method

Country Status (3)

Country Link
JP (1) JP5992104B2 (en)
CN (1) CN105359451B (en)
WO (1) WO2015001600A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107948183A (en) * 2017-12-06 2018-04-20 深圳数字电视国家工程实验室股份有限公司 A kind of method for distributing key and system suitable for Internet of Things
CN110495135A (en) * 2017-04-14 2019-11-22 三菱电机株式会社 Key management system, communication equipment and key sharing method

Families Citing this family (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6751513B2 (en) * 2016-12-28 2020-09-09 東京電力ホールディングス株式会社 Authentication system, authentication method, and location code generator
JP6836145B2 (en) * 2016-12-28 2021-02-24 東京電力ホールディングス株式会社 Authentication system, authentication method, and location code generator
JP6821141B2 (en) * 2016-12-28 2021-01-27 東京電力ホールディングス株式会社 Authentication system and authentication method
JP6877686B2 (en) * 2016-12-28 2021-05-26 東京電力ホールディングス株式会社 Authentication system and authentication method
JP6824512B2 (en) * 2016-12-28 2021-02-03 東京電力ホールディングス株式会社 Authentication system and authentication method
JP6890768B2 (en) * 2016-12-28 2021-06-18 東京電力ホールディングス株式会社 Authentication system and authentication method
JP6843369B2 (en) * 2016-12-28 2021-03-17 東京電力ホールディングス株式会社 Authentication system and authentication method
JP7004953B2 (en) * 2016-12-28 2022-01-21 東京電力ホールディングス株式会社 Authentication system and authentication method
US20200220724A1 (en) * 2017-08-21 2020-07-09 Mitsubishi Electric Corporation Key management device, and communication apparatus
CN110035033B (en) * 2018-01-11 2022-11-25 华为技术有限公司 Key distribution method, device and system
US11218330B2 (en) * 2019-03-25 2022-01-04 Micron Technology, Inc. Generating an identity for a computing device using a physical unclonable function
US11233650B2 (en) 2019-03-25 2022-01-25 Micron Technology, Inc. Verifying identity of a vehicle entering a trust zone

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060188099A1 (en) * 2005-02-21 2006-08-24 Kabushiki Kaisha Toshiba Key management system and method for the same
CN1886928A (en) * 2003-12-26 2006-12-27 三菱电机株式会社 Authenticatee device, authenticator device, and authentication method
CN101272251A (en) * 2007-03-22 2008-09-24 华为技术有限公司 Authentication and cryptographic key negotiation method, authentication method, system and equipment
CN101370248A (en) * 2007-08-15 2009-02-18 中国移动通信集团公司 Cryptographic key updating method, third party server and system for activating third party application
CN101542968A (en) * 2007-08-28 2009-09-23 松下电器产业株式会社 Key terminal apparatus, lsi for encryption process, unique key producing method, and content system

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009100394A (en) * 2007-10-19 2009-05-07 Sony Corp Information processing apparatus and method, recording medium, program, and information processing system
US8566590B2 (en) * 2009-11-26 2013-10-22 Kabushiki Kaisha Toshiba Encryption information transmitting terminal
JP5590953B2 (en) * 2010-04-15 2014-09-17 三菱電機株式会社 KEY GENERATION DEVICE, DATA PROVIDING DEVICE, TERMINAL DEVICE, AND PROGRAM

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1886928A (en) * 2003-12-26 2006-12-27 三菱电机株式会社 Authenticatee device, authenticator device, and authentication method
US20060188099A1 (en) * 2005-02-21 2006-08-24 Kabushiki Kaisha Toshiba Key management system and method for the same
CN101272251A (en) * 2007-03-22 2008-09-24 华为技术有限公司 Authentication and cryptographic key negotiation method, authentication method, system and equipment
CN101370248A (en) * 2007-08-15 2009-02-18 中国移动通信集团公司 Cryptographic key updating method, third party server and system for activating third party application
CN101542968A (en) * 2007-08-28 2009-09-23 松下电器产业株式会社 Key terminal apparatus, lsi for encryption process, unique key producing method, and content system

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110495135A (en) * 2017-04-14 2019-11-22 三菱电机株式会社 Key management system, communication equipment and key sharing method
CN110495135B (en) * 2017-04-14 2022-06-28 三菱电机株式会社 Key management system, communication device, and key sharing method
CN107948183A (en) * 2017-12-06 2018-04-20 深圳数字电视国家工程实验室股份有限公司 A kind of method for distributing key and system suitable for Internet of Things
CN107948183B (en) * 2017-12-06 2021-02-02 深圳数字电视国家工程实验室股份有限公司 Key distribution method and system suitable for Internet of things

Also Published As

Publication number Publication date
JP5992104B2 (en) 2016-09-14
WO2015001600A1 (en) 2015-01-08
CN105359451B (en) 2018-09-18
JPWO2015001600A1 (en) 2017-02-23

Similar Documents

Publication Publication Date Title
CN105359451A (en) Equipment authentication system, manufacturer key generation device, equipment key generation device, production equipment, cooperative authentication device, equipment playback key generation device, equipment authentication method, and equipment authentication program
US11606213B2 (en) On-vehicle authentication system, communication device, on-vehicle authentication device, communication device authentication method and communication device manufacturing method
US9544300B2 (en) Method and system for providing device-specific operator data for an automation device in an automation installation
CN101194229B (en) Updating of data instructions
CN102246455B (en) Self-authentication communication equipment and equipment authentication system
CN102855446B (en) Resource management system and corresponding method
US11856106B2 (en) Secure configuration of a device
US11334345B2 (en) Differential firmware update generation
CN111263352A (en) OTA (over the air) upgrading method and system of vehicle-mounted equipment, storage medium and vehicle-mounted equipment
CA3116067A1 (en) Techniques for improving security of encrypted vehicle software updates
CN110381075B (en) Block chain-based equipment identity authentication method and device
CN112840683B (en) Vehicle key management method, device and system
JP4833745B2 (en) Data protection method for sensor node, computer system for distributing sensor node, and sensor node
CN106973046B (en) Inter-gateway data transmission method, source gateway and destination gateway
CN114760056B (en) Secure communication method and device for dynamically updating key
CN110855616A (en) Digital key generation system
Fuchs et al. TrustEV: trustworthy electric vehicle charging and billing
US20160277182A1 (en) Communication system and master apparatus
CN110120866A (en) The user management method of field device
CN110830243B (en) Symmetric key distribution method, device, vehicle and storage medium
KR20190108888A (en) Electronic device and certification method in electronic device
JP2019149707A (en) Verification device and verification system
JP6074125B2 (en) Network lock method and system for wireless terminal
KR102145529B1 (en) Payment method using mobile application and device for the same
CN114267100B (en) Unlocking authentication method and device, security chip and electronic key management system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant