CN1768502A - Inter-authentication method and device - Google Patents
Inter-authentication method and device Download PDFInfo
- Publication number
- CN1768502A CN1768502A CN03814223.6A CN03814223A CN1768502A CN 1768502 A CN1768502 A CN 1768502A CN 03814223 A CN03814223 A CN 03814223A CN 1768502 A CN1768502 A CN 1768502A
- Authority
- CN
- China
- Prior art keywords
- mentioned
- disposable
- random number
- client
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
An objective of the present invention is to obtain a mutual authentication method in which mutual authentication is carried out securely and conveniently. In order to achieve the above objective, in the mutual authentication process, a private key K<SUB>0</SUB>, being an initial value, is stored in a client and a server (Pc 0 , Ps 0 ). The client generates a random number R, calculates secret data C and authentication data A, and transmits the data items to the server (Pc 1 ). The server receives the authentication data A and the secret data C from the client, and generates a random number Q, calculates secret data S, and authentication data B and returns the data items, as well as updating the private key K<SUB>0 </SUB>with a private key K<SUB>1 </SUB>(Ps 1 ). The client receives from the server the authentication data B and the secret data S, generates the random number R, calculates secret data C<SUB>2</SUB>, authentication data A<SUB>2</SUB>, and returns the data items to the server, and updates the private key K<SUB>0 </SUB>with the private key K<SUB>1</SUB>(Pc 2 ). The client and the server check whether or not validity is established (Ps<SUB>m+1</SUB>, Pc<SUB>m+1</SUB>). Further in the authentication method above, there is a method for generating a onetime ID, assuming that the onetime ID is identification information usable just one time in the authentication between a plurality of devices or application. In each of the devices or applications which carries out the authentication, a variable shared key which changes per predefined communication unit requiring the authentication is generated, a function value of one-way function is obtained in which the variable shared key is used as an argument, a onetime ID hard to tap and superior in security is generated based on the function value, and the onetime ID is utilized.
Description
Technical field
The present invention relates to the inter-authentication method of devices such as the computer system that is connected with network and generation method, authentication method, Verification System, server, client and the program of device and employed disposable ID.
Especially, the present invention relates at least the relation between the 1st authenticate device and the 2nd authenticate device be authenticated the inter-authentication method and the device of its legitimacy and is applicable to the generation method of the disposable ID of the authentication between multiple arrangement or between application program, the authentication method that has used above-mentioned disposable ID, Verification System, server, client and program.
Background technology
On network, certain user must authenticate in order to prove the status of oneself.Authentication is meant by agreement arbitrarily, and the certifier proves oneself status to the verifier, is essential technology in fields such as ecommerce.For example, when the user wished to server proof status, the user was corresponding with the certifier, and server is corresponding with the verifier.In addition, on the contrary, wish to prove that to the user under the situation of status, server is corresponding with the certifier that the user is corresponding with the verifier at server.Between man-to-man device, the situation of its position counter-rotating is arranged, therefore need authentication mutually.
Mutually authentication is not limited between user and the server, as in the method for proof status between the computer arbitrarily, is widely used.Recently, the known method of using public key cryptography, the certifier has public-key cryptography and privacy key, and the certifier represents to have the privacy key corresponding with public-key cryptography by agreement arbitrarily to the verifier, proves status.
But, in existing inter-authentication method, because the key that is used to authenticate is single, so if once known key, the situation that then has the third party to pretend to be the user to authenticate.In addition, the user must be noted that the keeping of key, can't use easily.
For example, in the such non-synchronous type network in internet, there are a plurality of computers to communicate by letter simultaneously, the situation that certifier and a plurality of verifier carry on an agreement simultaneously.In WWW (World WideWeb), in HTTP (HTML (Hypertext Markup Language): between the server agreement of using in the information exchange at file etc. such as www server and WWW visit device or Web browser), the client, require to carry out many checkings as linking objective.
In addition, in mutual authentication techniques as described above, in order to get rid of wrongful visit etc., before being provided, service etc. authenticating when communicating via network (for example between client and server) between computer now.In this authentication, the secret information that the total in advance third party of general both sides can't know (for example ID, password, random number or with these information as the functional value of parameter etc.) authenticates separately legitimacy mutually according to this secret information.
On the other hand, in the RFC (Request For Comments) that IETF (Internet Engineering Task Force) formally delivers, as the encryption of in the internet, carrying out the IP grouping and the security protocol of authentication, stipulated IPsec (Security Architecture forInternet Protocol).In this IPsec, study plot adopts the agreement (for example opening 2002-374238 communique (the 0002nd~0009 paragraph) with reference to the spy) of the such automatic cipher key change of the IKE (Internet Key Exchange) of the parameter that generates and exchange password, authentication automatically.
In recent years, the cipher key change, the authentication mode that are called as P-SIGMA below motion has gone out like this: realized importing disposable ID to this IKE mode and using the protection id information that becomes problem in the IKE mode of known total key, prevent DoS (Denial of Serviceattack) attack, remote access etc.
In this P-SIGMA, for example carry out cipher key change and authentication by step as shown in Figure 1.
At first, proposition, random number R c, the DH (Diffie-Hellman) of user end to server transmission SA (Security Association) openly are worth g
x, OID (disposable ID).In addition, in the proposition of SA, comprise with cryptographic algorithm, authentication mode, be used for the relevant propositions such as parameter of cipher key change.
Then, the OID identify customer end of server from receiving, under situation about can't discern, refusal communication.Under situation about can discern, send SA, random number R s, the DH admitted to client and openly be worth g
y, HASHs, the IDs (server ID) that encrypted with session key e.In addition, session key e is with the common key g of known total key, random number R s, random number R c and DH
XyAs adding of parameter the functional value of the hash of key (hash) function, HASHs openly is worth g with known total key, random number R s, random number R c, DH
x, g
yWith the functional value of IDs as the pseudo random number function of parameter.
Then, the HASHs that client validation receives, and confirm the legitimacy of server according to this HASHs.If HASHs is correct, the IDc (client id) that sends HASHc, encrypted with session key e to server then.At this, HASHc openly is worth g with known total key, random number R s, random number R c, DH
x, g
y, IDc is as the functional value of the pseudo random number function of parameter.
Then, the HASHc that server authentication receives is according to the legitimacy of this HASHc affirmation client.If HASHc is correct, then finish this agreement.
In this P-SIGMA, define OID (disposable ID) as follows.
OID1=prf(K,1)
OID2=prf(K,2)
……
OIDn=prf (K, n) ... formula (1)
In this definition, OIDn is the disposable ID that uses when establishing n SA, and prf is the pseudo random number function, and K is a known total key or according to the value of known total key generation.
Therefore, if according to above-mentioned P-SIGMA, then can access following effect: by importing OID, the third party can't determine sender and recipient, and if proper sender and recipient, then can grasp the OID as identifying information, when upgrading (carry out the generation of SA or) all changes OID at every turn simultaneously because when communicating between client and server at every turn, so the OID of the third party unpredictable next time.
But, in above-mentioned P-SIGMA,, then can predict all OID if once known known total key, consequently have following problem: can't guarantee OID fail safe (being PFS:Perfect Forward Security) in the future.
More than, as object lesson, the cipher key change, the authentication mode that are called as P-SIGMA have been described, but generally using disposable ID to carry out between multiple arrangement or in the authentication mode of the authentication between the application program, generate all disposable ID according to specific secret information, also have above-mentioned same problem.
Summary of the invention
The present invention considered the variety of issue of above-mentioned prior art and proposed, and its first purpose is to obtain can be safely and inter-authentication method that authenticates mutually easily and device.
Second purpose of the present invention is: provide a kind of and be difficult to eavesdrop and generation method, the authentication method that has used above-mentioned disposable ID, Verification System, server, client and the program of the superior disposable ID of fail safe.
In order to achieve the above object, the inter-authentication method of the correlation of the present invention's the 1st authenticate device that to be a kind of authentication connect via communication line and the 2nd authenticate device, it is characterized in that comprising: each when authentication of the authentication that will between above-mentioned the 1st authenticate device and the 2nd authenticate device, carry out mutually in advance use last time authentication the storage Data Update the renewal result as the resume data, above-mentioned the 1st authenticate device and the 2nd authenticate device separately in commonly storage be used for determining the storage data of above-mentioned the 1st authenticate device, be used for determining the storing step of the storage data of the 2nd authenticate device.Above-mentioned the 1st authenticate device comprises: use the newly-generated storage data of resume data of storage, and use above-mentioned resume data new storage data to be carried out the 1st forwarding step of encrypting and transmitting to the 2 authenticate devices; According to from the storage data of above-mentioned the 2nd authenticate device and the new storage data of above-mentioned transmission, upgrade the 1st step of updating of above-mentioned resume data.Above-mentioned the 2nd authenticate device comprises: use from the storage data of above-mentioned the 1st authenticate device and the newly-generated storage data of resume data of storage, and use above-mentioned resume data the new storage data that generate to be carried out the 2nd forwarding step of encrypting and transmitting to the 1 authenticate device; According to from the storage data of above-mentioned the 1st authenticate device and the new storage data of above-mentioned transmission, upgrade the 2nd step of updating of above-mentioned resume data.So, at least one side's device of above-mentioned the 1st authenticate device and the 2nd authenticate device, according to the resume data verification storage data legitimacy the time, the correlation that is verified as the 1st authenticate device and the 2nd authenticate device is proper.
The present invention also realizes being used for implementing the mutual authenticate device of above-mentioned inter-authentication method.This mutual authenticate device is made of the 1st authenticate device and the 2nd authenticate device that connect via communication line, and authenticate correlation between above-mentioned the 1st authenticate device and the 2nd authenticate device, it is characterized in that comprising: be arranged in above-mentioned the 1st authenticate device, storage is used for determining the 1st memory of the storage data of the 1st authenticate device; Be arranged in above-mentioned the 2nd authenticate device, storage is used for determining the 2nd memory of the storage data of the 2nd authenticate device; During each authentication of the authentication of carrying out mutually in advance between above-mentioned the 1st authenticate device and the 2nd authenticate device, storage is the verify data storage device of the storage data of authentication last time; The renewal result that uses above-mentioned verify data to upgrade as the resume data, commonly is stored in above-mentioned the 1st authenticate device and the 2nd authenticate device resume data storage device in separately; Be arranged in the authenticate device of authentication in above-mentioned the 1st authenticate device and the 2nd authenticate device, use the storage data generating device of the newly-generated storage data of above-mentioned resume data with the data transmitter side; Use above-mentioned resume data that the new storage data that generate are encrypted, and send to 1st dispensing device of authentication with the authenticate device of Data Receiving side; Be arranged in the authenticate device of authentication usefulness Data Receiving side, use is from the storage data of the authenticate device of above-mentioned authentication usefulness data transmitter side and the resume data of storage, the storage data generating device of newly-generated storage data; Use above-mentioned resume data that the new storage data that generate are encrypted, and be transmitted back to 2nd dispensing device of above-mentioned authentication with the authenticate device of data transmitter side; Be arranged in the authenticate device of authentication with the data transmitter sides, according to from above-mentioned authentication with the storage data of the authenticate device loopback of Data Receiving side and the above-mentioned new storage data that sent, upgrade the 1st updating device of above-mentioned resume data; Be arranged in the authenticate device of authentication with the Data Receiving side, according to the storage data of the authenticate device of using the data transmitter side from above-mentioned authentication and the new storage data of above-mentioned loopback, upgrade the 2nd updating device of above-mentioned resume data, wherein at least one side of above-mentioned the 1st authenticate device and the 2nd authenticate device, possess: according to above-mentioned resume data verification the storage data legitimacy the time, the correlation that is verified as the 1st authenticate device and the 2nd authenticate device is proper demo plant.
This mutual authenticate device also can have: calculate and to be used for the authentication data computing device that uses above-mentioned resume data that the new storage data of above-mentioned generation are encrypted.In addition, this mutual authenticate device can also have: when using data by aforementioned calculation device generation authentication, generate the random number generator of the data of encrypting usefulness.
In addition, in the present invention, as the resume data, commonly will be used for determining the 1st authenticate device the storage data, be used for determining the 2nd authenticate device the storage storage to above-mentioned the 1st authenticate device and the 2nd authenticate device separately in.Use when these resume data are each authentications of the authentication carried out mutually in advance between the 1st authenticate device and the 2nd authenticate device last time authentication the storage Data Update the renewal result.The 1st authenticate device uses the resume data of storage to generate new storage data, and uses the resume data of storage that new storage data are encrypted, and sends to the 2nd authenticate device.Receive this data by the 2nd authenticate device, the 2nd authenticate device uses the resume data from the storage data of the 1st authenticate device and storage to generate new storage data, and uses the resume data that new storage data are encrypted, and sends to the 1st authenticate device.At this moment, the 1st authenticate device upgrades the resume data according to from the storage data of the 2nd authenticate device and the new storage data that sent.In addition, the 2nd authenticate device upgrades the resume data according to from the storage data of the 1st authenticate device and the new storage data that sent.After this forwarding step, at least one side's device of the 1st authenticate device and the 2nd authenticate device, according to the resume data verification storage data legitimacy the time, the correlation that is verified as the 1st authenticate device and the 2nd authenticate device is proper.That is, in side's authenticate device of the 1st authenticate device and the 2nd authenticate device, receive the data that comprise resume, can contrast the resume data of storage from the opposing party's authenticate device.Then, when sending, send data, therefore do not carry out the transmitting-receiving of same data according to the newly-generated different resume data of the resume data of storage.Therefore, can improve confidentiality.
In more detail, it is characterized in that: with above-mentioned resume data as resume data K, as these resume data K storage be used for determine that the storage data of above-mentioned the 1st authenticate device are code data C and verify data R, be used for determining that the storage data of above-mentioned the 2nd authenticate device are code data S and verify data Q.
It is characterized in that: above-mentioned the 1st forwarding step uses code data S and the verify data R of the resume data K that is stored, newly-generated code data C, and the verify data R at the resume data K that is stored carries out newly-generated, use above-mentioned resume data K that the new verify data R of generation is encrypted and obtain verify data A, send above-mentioned verify data A and new code data C to above-mentioned the 2nd authenticate device, above-mentioned the 1st step of updating receives data from above-mentioned the 2nd authenticate device, according to the above-mentioned new code data C that has sent, the newly-generated code data S that receives, the newly-generated verify data Q that receives, the above-mentioned new verify data R that has sent, upgrade above-mentioned resume data K, above-mentioned the 2nd forwarding step receives data from above-mentioned the 1st authenticate device, the verify data Q of new code data C that use receives and the resume data K that is stored, newly-generated code data S, and the verify data Q at the resume data K that is stored carries out newly-generated, the resume data K that the new verify data Q that generates has been stored in use encrypts and obtains verify data B, send above-mentioned verify data B and new code data S to the 1st authenticate device, above-mentioned the 2nd step of updating is according to the new code data C that receives, newly-generated code data S, newly-generated verify data Q, the new verify data R that receives, upgrade above-mentioned resume data K, in at least one side's device of above-mentioned the 1st authenticate device and the 2nd authenticate device, according to resume data K and the legitimacy of secret code data when setting up, the correlation that is verified as the 1st authenticate device and the 2nd authenticate device is proper.
It is characterized in that: above-mentioned storing step is as the renewal result of the authentication in above-mentioned the 1st forwarding step of resume storage, the 1st step of updating, the 2nd forwarding step, the 2nd step of updating.
It is characterized in that: at least one side of above-mentioned verify data R and verify data Q is at least one of the random number that produces by random number generating apparatus, data capacity, time data.
It is characterized in that: in the 1st forwarding step of above-mentioned the 1st authenticate device, the value of the operation result of the function that has generated based on pre-determining of above-mentioned code data S and verify data R as code data C, in the 2nd forwarding step of above-mentioned the 2nd authenticate device, the value of the operation result of the function that has generated based on pre-determining of above-mentioned code data C and above-mentioned verify data Q as code data S.
It is characterized in that: in the 1st forwarding step of above-mentioned the 1st authenticate device, the value of the operation result of the function of having obtained based on pre-determining of above-mentioned new verify data R that has generated and above-mentioned resume data K as verify data A, in the 2nd forwarding step of above-mentioned the 2nd authenticate device, the value of the operation result of the function of having obtained based on pre-determining of above-mentioned new verify data Q that has generated and above-mentioned resume data K as verify data B.
It is characterized in that: the verification step of above-mentioned the 1st authenticate device based on the verify data Q that is stored among the above-mentioned resume data K with last time sent before the value of operation result of the function that has pre-determined of the code data C that generated when consistent with the code data S that receives, it is proper being verified as above-mentioned correlation.
It is characterized in that: the verification step of above-mentioned the 2nd authenticate device based on the code data S that is stored among the above-mentioned resume data K with pre-determining of verify data R the value of operation result of function when consistent with the code data C that receives, it is proper being verified as above-mentioned correlation.
It is characterized in that: above-mentioned storing step will be carried out the resulting data of result of a plurality of above-mentioned the 1st forwarding steps, the 2nd forwarding step, the 1st step of updating and the 2nd step of updating and store as resume data K.
As described above clear and definite, according to the present invention, when between the 1st authenticate device and the 2nd authenticate device, authenticating mutually, commonly store the resume data at the 1st authenticate device and the 2nd authenticate device in separately, upgrade the resume data simultaneously, therefore can authenticate mutually safely and easily, for example have following effect: can be from the information of between client computer and server computer, transmitting, the key ground that does not leak client computer positively authenticates.
The present invention also provides the generation method of a kind of disposable ID that uses in above-mentioned inter-authentication method and device.Be following method: will only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, generate this disposable ID, it is characterized in that: device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that all changes in necessary each the regulation communication unit of above-mentioned authentication, obtain simultaneously the functional value of this variable total key, generate above-mentioned disposable ID from this functional value as the one-way function of parameter.
At this, one-way function is meant from parameter obtains result's (functional value) simply, but from the function that the result obtains the parameter difficulty, comprises for example hash (Hash) function, pseudo random number function etc. in this one-way function.
Communication unit as regulation, for example can with in IPsec from establish SA to this SA invalid till a succession of communications setting of between client, server, carrying out be the communication unit of regulation, also can be between device or a secondary data of carrying out between the application program send and receive the communication unit that is set to stipulate.
Variable total key all changes for above-mentioned each communication unit, and if at total between the device that authenticates or between the application program and secret information that the third party can't know, then can be key arbitrarily.
Authentication is meant when side's device (or side's application program) visit the opposing party's device (or the opposing party's application program), the opposing party's device is confirmed the legitimacy of side's device, and identifying information is meant in above-mentioned authentication at least from side's device and sends and be used for the information (ID) that this opposing party's device is discerned side's device to the opposing party's device.
In addition, in above-mentioned authentication, comprise side's device and carry out the unilateral authentication of authentication of the opposing party's device and the mutual authentication that in both sides' device, authenticates mutually.As the method for in above-mentioned authentication, using disposable ID, for example can enumerate following method: in both sides' device, generate disposable ID, side's device sends disposable ID to the opposing party's device simultaneously, the opposing party's device compares, contrasts disposable ID that receives from side's device and the disposable ID that oneself generates, and discerns or authenticate side's device.
The present invention a kind ofly will only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between the application program, generate the method for this disposable ID, it is characterized in that: device that carries out above-mentioned authentication or application program separately in, the variable total key that generation all changes for necessary each the regulation communication unit of above-mentioned authentication, obtain simultaneously this variable total key and the information relevant functional value, generate above-mentioned disposable ID from this functional value as the one-way function of parameter with communication sequence or number of times.
The present invention a kind ofly will only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between the application program, generate the method for this disposable ID, it is characterized in that: device that carries out above-mentioned authentication or application program separately in, in the necessary regulation communication unit of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value, generate above-mentioned disposable ID from this functional value as the one-way function of parameter.
The present invention still will only limit nonrecoverable identifying information as disposable ID in the authentication between side's device and the opposing party's device, in both sides' device, generate this disposable ID, side's device sends disposable ID to the opposing party's device simultaneously, the opposing party's device is by comparing and contrast disposable ID that receives from side's device and the disposable ID that oneself generates, under the situation of identification or authentication the opposing party device, one side's device and the opposing party's device generate the method for disposable ID, it is characterized in that: side's device and the opposing party's device are created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously the functional value of this variable total key, and generate above-mentioned disposable ID from this functional value as the one-way function of parameter.
The present invention still will only limit nonrecoverable identifying information as disposable ID in the authentication between side's device and the opposing party's device, in both sides' device, generate this disposable ID, side's device sends disposable ID to the opposing party's device simultaneously, the opposing party's device is by comparing and contrast disposable ID that receives from side's device and the disposable ID that oneself generates, under the situation of identification or authentication the opposing party device, one side's device and the opposing party's device generate the method for disposable ID, it is characterized in that: side's device and the opposing party's device are created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously this variable total key and the information relevant functional value, and generate above-mentioned disposable ID from this functional value as the one-way function of parameter with communication sequence or number of times.
The present invention still will only limit nonrecoverable identifying information as disposable ID in the authentication between side's device and the opposing party's device, in both sides' device, generate this disposable ID, side's device sends disposable ID to the opposing party's device simultaneously, the opposing party's device is by comparing and contrast disposable ID that receives from side's device and the disposable ID that oneself generates, under the situation of identification or authentication the opposing party device, one side's device and the opposing party's device generate the method for disposable ID, it is characterized in that: side's device and the opposing party's device generate random number in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously the total key of this random number and regulation functional value, and generate above-mentioned disposable ID from this functional value as the one-way function of parameter.
The present invention still generates the variable total key that each communication unit all changes, and obtain the functional value of this variable total key as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID (SIGNALn), the 1st device that intercoms mutually and the authentication method of the authentication between the 2nd device, it is characterized in that comprising: above-mentioned the 1st device use and above-mentioned the 2nd device between the variable total key that had in advance generate above-mentioned disposable ID, be sent to the disposable ID that the major general should generate to above-mentioned the 2nd device simultaneously, the ID that has set in advance in the 1st device is as the functional value of the one-way function Fc of parameter, be stored in the step of the side that openly is worth of Diffie-Hellman in the 1st device in advance; Above-mentioned the 2nd device is obtained the functional value of above-mentioned disposable ID and above-mentioned one-way function Fc by calculating, disposable ID that receives to this result of calculation, from above-mentioned the 1st device and the functional value of one-way function Fc contrast, and judge the step of the legitimacy of above-mentioned the 1st device; Above-mentioned the 2nd device is under the proper situation judging above-mentioned the 1st device, is sent to the major general to above-mentioned the 1st device and is stored in the 2nd ID in installing in advance as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the 2nd Diffie-Hellman in installing openly is worth step in advance; Above-mentioned the 1st device is obtained the functional value of above-mentioned one-way function Fs by calculating, and the functional value of the one-way function Fs that receives to this result of calculation, from above-mentioned the 2nd device contrasts, and judges the step of the above-mentioned the 2nd legitimacy of installing.
Feature of the present invention also is: in above-mentioned authentication method, as above-mentioned one-way function Fc, the total key that use will be stipulated, the side that above-mentioned Diffie-Hellman openly is worth, set in advance the ID in above-mentioned the 1st device, above-mentioned disposable ID is as the pseudo random number function of parameter, as above-mentioned one-way function Fs, use total key simultaneously with afore mentioned rules, the side that above-mentioned Diffie-Hellman openly is worth, the opposing party that above-mentioned Diffie-Hellman openly is worth, set in advance the ID in above-mentioned the 2nd device, above-mentioned disposable ID is as the pseudo random number function of parameter.
The present invention still generates variable total key, and obtain variable total key and the information relevant functional value as the one-way function of parameter with communication sequence, generate disposable ID from this function, use this disposable ID to carry out the authentication method of the authentication between the 1st device and the 2nd device, it is characterized in that comprising: above-mentioned the 1st device is as the 1st disposable ID (SIGNAL
N, j) generate with above-mentioned the 2nd device between the 1st variable total key, the information relevant that have had in advance with the communication sequence of the 1st device as the functional value of the one-way function of parameter, use the above-mentioned the 1st variable total key simultaneously, to setting in advance ID in above-mentioned the 1st device, setting in advance the ID in above-mentioned the 2nd device, the Diffie-Hellman side and the above-mentioned the 1st disposable ID that openly are worth that is stored in the 1st device in advance and encrypt, to the step of above-mentioned the 2nd device this enciphered data of transmission and above-mentioned the 1st disposable ID; Above-mentioned the 2nd device is obtained the above-mentioned the 1st disposable ID by calculating, by this result of calculation, the above-mentioned the 1st disposable ID that receives from above-mentioned the 1st device are contrasted, discerns the above-mentioned the 1st step of installing; Above-mentioned the 2nd device is under the situation that identifies above-mentioned the 1st device, use the above-mentioned the 1st variable total key above-mentioned enciphered data of decoding, according to being included in setting in advance ID in above-mentioned the 1st device, set in advance ID and the above-mentioned the 1st disposable ID in the 2nd device in these data of having decoded, judge the step of the legitimacy of above-mentioned the 1st device; Above-mentioned the 2nd device is under the proper situation judging above-mentioned the 1st device, as the 2nd disposable ID (SIGNAL ' n, 1) generating will the above-mentioned the 1st variable total key and the information relevant with the 2nd communication sequence that the installs functional value as the one-way function of parameter, simultaneously a side who openly is worth according to the Diffie-Hellman that receives from above-mentioned the 1st device as the 2nd variable total key and be stored in the opposing party that the 2nd Diffie-Hellman installing openly is worth in advance and generate the common key of Diffie-Hellman installs transmission with the 2nd variable total key to the above-mentioned the 1st, set in advance the ID in above-mentioned the 1st device, set in advance ID in the 2nd device and the above-mentioned the 2nd disposable ID as the functional value of the one-way function h of parameter, the opposing party that above-mentioned Diffie-Hellman openly is worth, the step of above-mentioned the 2nd disposable ID; Above-mentioned the 1st device is obtained the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned the 2nd device are contrasted, discerns the above-mentioned the 2nd step of installing; Above-mentioned the 1st device is under the situation that identifies above-mentioned the 2nd device, the opposing party that the above-mentioned Diffie-Hellman that receives from above-mentioned the 2nd device as the above-mentioned the 2nd variable total key basis openly is worth, be stored in the common key of side generation Diffie-Hellman that the above-mentioned Diffie-Hellman in the 1st device openly is worth in advance, use the 2nd variable total key simultaneously, obtain the functional value of above-mentioned one-way function h by calculating, by to this result of calculation, the functional value of the one-way function h that receives from above-mentioned the 2nd device contrasts, and judges the step of the legitimacy of above-mentioned the 2nd device.
Feature of the present invention also is: in above-mentioned authentication method, as the one-way function that generates above-mentioned the 2nd disposable ID, use and the different one-way function of one-way function that generates above-mentioned the 1st disposable ID.
The present invention still generates the variable total key of stipulating between device or between application program, in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned variable total key functional value as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID, carry out the authentication method of the authentication (authentication mutually) between the 1st device and the 2nd device, it is characterized in that comprising: above-mentioned the 1st device generates the 1st random number, simultaneously as the 1st disposable ID (SIGNALc
1) obtain with and above-mentioned the 2nd device between the 1st total key that had in advance as the functional value of the one-way function of parameter, send the step of the 1st disposable ID and above-mentioned the 1st random number to above-mentioned the 2nd device; Above-mentioned the 2nd device generates the 2nd random number, simultaneously as the 2nd disposable ID (SIGNALs
1) obtain above-mentioned the 1st random number and the above-mentioned the 1st total key functional value as the one-way function of parameter, send the step of the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned the 1st device; Above-mentioned the 1st device is according to above-mentioned the 1st random number and the above-mentioned the 1st total key, obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned the 2nd device are compared, judge the step of the legitimacy of above-mentioned the 2nd device; Above-mentioned the 1st device generates the 2nd total key according to above-mentioned the 1st random number and above-mentioned the 2nd random number, simultaneously as the 3rd disposable ID (SIGNALc
2) obtain the 2nd total key, above-mentioned the 1st random number and above-mentioned the 2nd random number functional value as the one-way function of parameter, send the step of the 3rd disposable ID to above-mentioned the 2nd device; Above-mentioned the 2nd device generates the above-mentioned the 2nd total key according to above-mentioned the 1st random number and above-mentioned the 2nd random number, obtain the above-mentioned the 3rd disposable ID according to the 2nd total key, above-mentioned the 1st random number and above-mentioned the 2nd random number by calculating simultaneously, by this result of calculation, the above-mentioned the 3rd disposable ID that receives from above-mentioned the 1st device are compared, judge the step of the legitimacy of above-mentioned the 1st device.
The present invention still generates the variable total key of stipulating between device or between application program, in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned total key functional value as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID, carry out the authentication method of the authentication (authentication mutually) between the 1st device and the 2nd device, it is characterized in that comprising: above-mentioned the 1st device generates the 1st random number, simultaneously as the 1st disposable ID (SIGNALc
1) obtain with and above-mentioned the 2nd device between the total key that had in advance as the functional value of the one-way function of parameter, send the step of the 1st disposable ID and above-mentioned the 1st random number to above-mentioned the 2nd device; Above-mentioned the 2nd device generates the 2nd random number, simultaneously as the 2nd disposable ID (SIGNALs
1) obtain above-mentioned the 1st random number and the above-mentioned total key functional value as the one-way function of parameter, send the step of the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned the 1st device; Above-mentioned the 1st device is according to above-mentioned the 1st random number and above-mentioned total key, obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned the 2nd device are compared, judge the step of the legitimacy of above-mentioned the 2nd device; Above-mentioned the 1st device is as the 3rd disposable ID (SIGNALc
2) obtain above-mentioned the 1st random number, above-mentioned the 2nd random number and the above-mentioned total key functional value as the one-way function of parameter, send the step of the 3rd disposable ID to above-mentioned the 2nd device; Above-mentioned the 2nd device is obtained the above-mentioned the 3rd disposable ID according to above-mentioned the 1st random number, above-mentioned the 2nd random number and above-mentioned total key by calculating, by this result of calculation, the above-mentioned the 3rd disposable ID that receives from above-mentioned the 1st device are compared, judge the step of the legitimacy of above-mentioned the 1st device.
Feature of the present invention also is: in above-mentioned authentication method, send being used under the state that the total key that had in advance between above-mentioned the 1st device and above-mentioned the 2nd device carried out encrypting to above-mentioned the 1st random number and above-mentioned the 2nd random number.
Feature of the present invention also is: in above-mentioned authentication method, send in the step of the above-mentioned the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned the 1st device at above-mentioned the 2nd device, above-mentioned the 2nd device will and above-mentioned the 1st device between the random number that had in advance as initial random number, carry out the calculating of this initial random number and above-mentioned the 1st random number as the regulation of parameter, send this result of calculation to above-mentioned the 1st device, above-mentioned on the other hand the 1st device uses the aforementioned calculation result who receives from above-mentioned the 2nd device as the judgement material of the legitimacy of above-mentioned the 2nd device with the above-mentioned the 2nd disposable ID.
Feature of the present invention also is: in above-mentioned authentication method, send in the step of above-mentioned the 3rd disposable ID to above-mentioned the 2nd device at above-mentioned the 1st device, above-mentioned the 1st device carries out the calculating as the regulation of parameter of above-mentioned the 1st random number and above-mentioned the 2nd random number, send this result of calculation to above-mentioned the 2nd device, above-mentioned on the other hand the 2nd device uses the aforementioned calculation result who receives from above-mentioned the 1st device as the judgement material of the legitimacy of above-mentioned the 1st device with the above-mentioned the 3rd disposable ID.
The present invention still generates the variable total key of stipulating between device or between application program, in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned total key functional value as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID, carry out the authentication method of the authentication between the 1st device and the 2nd device, it is characterized in that comprising: above-mentioned the 1st device generates the 1st random number, simultaneously as the 1st disposable ID (SIGNALci) obtain with and above-mentioned the 2nd device between the total key that had in advance, the 1st storage random number and the 2nd storage random number send with above-mentioned total key setting in advance the ID in the 1st device to above-mentioned the 2nd device as the functional value of the one-way function of parameter, set in advance the 1st enciphered data that ID in above-mentioned the 2nd device and above-mentioned the 1st random number have carried out encrypting, the step of above-mentioned the 1st disposable ID; Above-mentioned the 2nd device is obtained the above-mentioned the 1st disposable ID by calculating, by this result of calculation, the above-mentioned the 1st disposable ID that receives from above-mentioned the 1st device are contrasted, discerns the above-mentioned the 1st step of installing; Above-mentioned the 2nd device is under the situation that identifies above-mentioned the 1st device, use above-mentioned total key that above-mentioned the 1st enciphered data is decrypted, according to being included in setting in advance the ID in above-mentioned the 1st device and setting in advance ID in the 2nd device in these data of having deciphered, judge the step of the legitimacy of above-mentioned the 1st device; Above-mentioned the 2nd device is under the proper situation judging above-mentioned the 1st device, generate the 2nd random number, obtain above-mentioned the 1st random number, the 2nd storage random number and above-mentioned total key functional value simultaneously as the one-way function of parameter as the 2nd disposable ID (SIGNALsi), to above-mentioned the 1st device send with above-mentioned total key to set in advance the ID in above-mentioned the 1st device, ID and above-mentioned the 2nd random number that sets in advance in the 2nd device carried out the 2nd enciphered data of encryption, the step of above-mentioned the 2nd disposable ID; Above-mentioned the 2nd device is replaced into above-mentioned the 1st random number with above-mentioned the 1st storage random number, above-mentioned the 2nd storage random number is replaced into the step of above-mentioned the 2nd random number; Above-mentioned the 1st device is obtained the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned the 2nd device are contrasted, discerns the above-mentioned the 2nd step of installing; Above-mentioned the 1st device is under the situation that identifies above-mentioned the 2nd device, use above-mentioned total key that above-mentioned the 2nd enciphered data is decrypted, according to being included in setting in advance the ID in above-mentioned the 2nd device and setting in advance ID in the 1st device in these data of having deciphered, judge the step of the legitimacy of above-mentioned the 2nd device; Above-mentioned the 1st device is replaced into above-mentioned the 1st random number with above-mentioned the 1st storage random number, above-mentioned the 2nd storage random number is replaced into the step of above-mentioned the 2nd random number.
Feature of the present invention also is: in above-mentioned authentication method, above-mentioned the 1st storage random number is being replaced into above-mentioned the 1st random number, after random number is replaced into above-mentioned the 2nd random number with above-mentioned the 2nd storage, by generating above-mentioned total key, make this total cipher key change according to these the 1st storage random numbers and the 2nd storage random number.
The present invention still is created on the variable total key that changes in each communication unit, and obtain the functional value of this variable total key as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID (SIGNALn) and client between the server that authenticates, it is characterized in that comprising: receive to the major general from above-mentioned client and set in advance client id above-mentioned client as the functional value of the one-way function Fc of parameter, be stored in the side that the Diffie-Hellman in the above-mentioned client openly is worth in advance, the receiving system of above-mentioned disposable ID; Obtain the functional value Fc and the above-mentioned disposable ID of above-mentioned one-way function by calculating, compare by the above-mentioned disposable ID that receives to this result of calculation, from above-mentioned client and the functional value of above-mentioned one-way function Fc, judge the judgment means of the legitimacy of above-mentioned client; Judging above-mentioned client in above-mentioned judgment means is under the proper situation, is sent to the major general to above-mentioned client and sets in advance server ID in this server as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the Diffie-Hellman in this server openly is worth dispensing device in advance.
The present invention still generates the variable total key that each communication unit all changes, and obtain the functional value of this variable total key as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID (SIGNALn) and server between the client that authenticates, it is characterized in that comprising: use and above-mentioned server between the variable total key that had in advance generate above-mentioned disposable ID, obtain to the major general by calculating simultaneously and set in advance client id in this client, send the functional value of these disposable ID and one-way function Fc to above-mentioned server as the functional value of the one-way function Fc of parameter, be stored in the side's that the Diffie-Hellman in this client openly is worth dispensing device in advance; Receive to the major general from above-mentioned server and set in advance server ID above-mentioned server as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the Diffie-Hellman in the above-mentioned server openly is worth receiving system in advance; Obtain the functional value of above-mentioned one-way function Fs by calculating, the functional value by the above-mentioned one-way function Fs that receives to this result of calculation, from above-mentioned server compares, and judges the judgment means of the legitimacy of above-mentioned server.
Feature of the present invention also is: as Verification System, possess above-mentioned server, above-mentioned client.
The present invention is still generating the variable total key that each communication unit all changes, and obtain the functional value of this variable total key as the one-way function of parameter, generate disposable ID from this functional value, according to this disposable ID (SIGNALn) and client between the program carried out in the server that authenticates, it is characterized in that making above-mentioned server carry out following the processing: receive to the major general from above-mentioned client and set in advance client id above-mentioned client as the functional value of the one-way function Fc of parameter, be stored in the side that the Diffie-Hellman in the above-mentioned client openly is worth in advance, the processing of above-mentioned disposable ID; Obtain the functional value Fc and the above-mentioned disposable ID of above-mentioned one-way function by calculating, compare by the above-mentioned disposable ID that receives to this result of calculation, from above-mentioned client and the functional value of above-mentioned one-way function Fc, judge the processing of the legitimacy of above-mentioned client; Judging above-mentioned client is under the proper situation, is sent to the major general to above-mentioned client and sets in advance server ID in above-mentioned server as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the Diffie-Hellman in the above-mentioned server openly is worth processing in advance.
The present invention is still generating the variable total key that each communication unit all changes, and obtain the functional value of this variable total key as the one-way function of parameter, generate disposable ID from this functional value, according to this disposable ID (SIGNALn) and server between the program carried out in the client that authenticates, it is characterized in that making that above-mentioned client executing is following handles: use and above-mentioned server between the variable total key that had in advance generate above-mentioned disposable ID, obtain to the major general by calculating simultaneously and set in advance client id in above-mentioned client, send the functional value of these disposable ID and one-way function Fc to above-mentioned server as the functional value of the one-way function Fc of parameter, be stored in the side's that the Diffie-Hellman in the above-mentioned client openly is worth processing in advance; Receive to the major general from above-mentioned server and set in advance server ID above-mentioned server as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the Diffie-Hellman in the above-mentioned server openly is worth processing in advance; Obtain the functional value of above-mentioned one-way function Fs by calculating, the functional value by the above-mentioned one-way function Fs that receives to this result of calculation, from above-mentioned server compares, and judges the processing of the legitimacy of above-mentioned server.
The present invention still generates variable total key, and obtain with variable total key with communicate by letter along relevant information functional value as the one-way function of parameter, generate disposable ID from this function, use this disposable ID and client between the server that authenticates, it is characterized in that comprising: with above-mentioned client between the 1st variable total key, the information relevant that have had in advance with the communication sequence of above-mentioned client as the functional value of the one-way function of parameter as the 1st disposable ID (SIGNAL
N, j), and from above-mentioned client receive with the above-mentioned the 1st total key to the 1st disposable ID, set in advance client id above-mentioned client, set in advance server ID in this server, be stored in the side that the Diffie-Hellman in the above-mentioned client openly is worth in advance and carried out the enciphered data of encryption, the receiving system of above-mentioned the 1st disposable ID; Obtain the above-mentioned the 1st disposable ID by calculating, by this result of calculation, the above-mentioned the 1st disposable ID that receives from above-mentioned client are contrasted, discern above-mentioned client, identifying under the situation of above-mentioned client, use the above-mentioned the 1st variable total key that above-mentioned enciphered data is decrypted, according to being included in the above-mentioned client id in this data decryption, above-mentioned server ID and the above-mentioned the 1st disposable ID, judge the judgment means of the legitimacy of above-mentioned client; Judging above-mentioned client in above-mentioned judgment means is under the proper situation, as the 2nd disposable ID (SIGNAL ' n,
1) generate the above-mentioned the 1st variable total key and the information relevant with the communication sequence of this server functional value as the one-way function of parameter, the side that while openly is worth according to the Diffie-Hellman that receives from above-mentioned client as the 2nd variable total key, be stored in the opposing party that the Diffie-Hellman in this server openly is worth in advance and generate the common key of Diffie-Hellman, send the 2nd variable total key to above-mentioned client, above-mentioned client id, above-mentioned server ID and the above-mentioned the 2nd disposable ID are as the functional value of the one-way function h of parameter, the opposing party that above-mentioned Diffie-Hellman openly is worth, the dispensing device of above-mentioned the 2nd disposable ID.
The present invention still is created on the variable total key that changes in each communication unit, and obtain the functional value of this variable total key as the one-way function of parameter, generate disposable ID from this function, use this disposable ID and server between the client that authenticates, it is characterized in that comprising: as the 1st disposable ID (SIGNALn, j) generate will and above-mentioned server between the 1st variable total key that had in advance, the information relevant with the communication sequence of this client is as the functional value of the one-way function of parameter, use the above-mentioned the 1st variable total key simultaneously, to setting in advance the client id in this client, set in advance the server ID in above-mentioned server, be stored in a side and the above-mentioned the 1st disposable ID that the Diffie-Hellman in this client openly is worth in advance and encrypt, send the dispensing device of this enciphered data and above-mentioned the 1st disposable ID to above-mentioned server; With the above-mentioned the 1st variable total key and the information relevant with the communication sequence of above-mentioned server as the functional value of the one-way function of parameter as the 2nd disposable ID (SIGNAL ' n,
1), receive the above-mentioned the 2nd disposable ID, the above-mentioned the 2nd variable total key, above-mentioned client id and above-mentioned server ID as the functional value of the one-way function h of parameter, be stored in the opposing party that the Diffie-Hellman the above-mentioned server openly is worth, the receiving system of above-mentioned the 2nd disposable ID in advance from above-mentioned server; Obtain the above-mentioned the 2nd disposable ID by calculating, by to this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server contrasts, discern above-mentioned server, identifying under the situation of above-mentioned server, the opposing party that the above-mentioned Diffie-Hellman that receives from above-mentioned server as the above-mentioned the 2nd variable total key basis openly is worth, be stored in the common key of side generation Diffie-Hellman that the above-mentioned Diffie-Hellman in this client openly is worth in advance, use the 2nd variable total key simultaneously, obtain the functional value of above-mentioned one-way function h by calculating, by to this result of calculation, the functional value of the one-way function h that receives from above-mentioned server contrasts, and judges the judgment means of the legitimacy of above-mentioned server.
Feature of the present invention also is: constitute Verification System by above-mentioned server, above-mentioned client.
The present invention still generates the variable total key of stipulating between device or between application program, in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned total key functional value as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID, and client between the server that authenticates mutually, it is characterized in that comprising: will and above-mentioned client between the 1st total key of having had in advance as the functional value of the one-way function of parameter as the 1st disposable ID (SIGNALc
1), receive the 1st disposable ID and the 1st receiving system of the 1st random number that above-mentioned client, generates from above-mentioned client; Generate the 2nd random number, simultaneously as the 2nd disposable ID (SIGNALs
1) obtain above-mentioned the 1st random number and the above-mentioned the 1st total key functional value as the one-way function of parameter, send the dispensing device of the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned client; With above-mentioned the 1st random number, above-mentioned the 2nd random number and the 2nd total key as the functional value of the one-way function of parameter as the 3rd disposable ID (SIGNALc
2), receive the 2nd receiving system of the 3rd disposable ID from above-mentioned client; Generate the above-mentioned the 2nd total key according to above-mentioned the 1st random number and above-mentioned the 2nd random number, obtain the above-mentioned the 3rd disposable ID according to the 2nd total key, above-mentioned the 1st random number and above-mentioned the 2nd random number by calculating simultaneously, by this result of calculation, the above-mentioned the 3rd disposable ID that receives from above-mentioned client are compared, judge the judgment means of the legitimacy of above-mentioned client.
The present invention still generates the variable total key of stipulating between device or between application program, in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned total key functional value as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID, and server between the client that authenticates mutually, it is characterized in that comprising: generate the 1st random number, simultaneously as the 1st disposable ID (SIGNALc
1) obtain with and above-mentioned server between the 1st total key that had in advance as the functional value of the one-way function of parameter, send the 1st dispensing device of the 1st disposable ID and above-mentioned the 1st random number to above-mentioned server; With above-mentioned the 1st random number, the above-mentioned the 1st total key as the functional value of the one-way function of parameter as the 2nd disposable ID (SIGNALs
1), from above-mentioned server receive the 2nd disposable ID, the receiving system of the 2nd random number that above-mentioned server, generates; According to above-mentioned the 1st random number and the above-mentioned the 1st total key, obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server are compared, judge the judgment means of the legitimacy of above-mentioned server; Judging above-mentioned server in above-mentioned judgment means is under the proper situation, generates the 2nd total key according to above-mentioned the 1st random number and above-mentioned the 2nd random number, simultaneously as the 3rd disposable ID (SIGNALc
2) obtain the 2nd total key, above-mentioned the 1st random number and above-mentioned the 2nd random number functional value as the one-way function of parameter, send the 2nd dispensing device of the 3rd disposable ID to above-mentioned server.
Feature of the present invention also is: have above-mentioned server, above-mentioned client as Verification System.
The present invention still is the described invention of claim 29, be to generate the variable total key of stipulating between device or between application program, in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned total key functional value as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID, and client between the server that authenticates mutually, it is characterized in that comprising: will and above-mentioned client between the total key that had in advance as the functional value of the one-way function of parameter as the 1st disposable ID (SIGNALc
1), receive the 1st disposable ID and the 1st receiving system of the 1st random number that above-mentioned client, generates from above-mentioned client; Generate the 2nd random number, simultaneously as the 2nd disposable ID (SIGNALs
1) obtain above-mentioned the 1st random number and the above-mentioned total key functional value as the one-way function of parameter, send the dispensing device of the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned client; With above-mentioned total key, above-mentioned the 1st random number and above-mentioned the 2nd random number as the functional value of the one-way function of parameter as the 3rd disposable ID (SIGNALc
2), receive the 2nd receiving system of the 3rd disposable ID from above-mentioned client; Generate the above-mentioned the 3rd disposable ID according to above-mentioned the 1st random number and above-mentioned the 2nd random number and above-mentioned total key by calculating, by this result of calculation, the above-mentioned the 3rd disposable ID that receives from above-mentioned client are compared, judge the judgment means of the legitimacy of above-mentioned client.
The present invention still generates the variable total key of stipulating between device or between application program, in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned total key functional value as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID, and server between the client that authenticates mutually, it is characterized in that comprising: generate the 1st random number, simultaneously as the 1st disposable ID (SIGNALc
1) obtain with and above-mentioned server between the total key that had in advance as the functional value of the one-way function of parameter, send the 1st dispensing device of the 1st disposable ID and above-mentioned the 1st random number to above-mentioned server; With above-mentioned the 1st random number, above-mentioned total key as the functional value of the one-way function of parameter as the 2nd disposable ID (SIGNALs
1), from above-mentioned server receive the 2nd disposable ID, the receiving system of the 2nd random number that above-mentioned server, generates; According to above-mentioned the 1st random number and above-mentioned total key, obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server are compared, judge the judgment means of the legitimacy of above-mentioned server; Judge above-mentioned server by above-mentioned judgment means is under the proper situation, as the 3rd disposable ID (SIGNALc
2) obtain above-mentioned the 1st random number, above-mentioned the 2nd random number and the above-mentioned total key functional value as the one-way function of parameter, send the 2nd dispensing device of the 3rd disposable ID to above-mentioned server.
Feature of the present invention also is: have above-mentioned server, above-mentioned client as Verification System.
The present invention still generates the variable total key of stipulating between device or between application program, in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned total key functional value as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID, and client between the server that authenticates mutually, it is characterized in that comprising: will and above-mentioned client between the total key that had in advance, the 1st storage random number and the 2nd storage random number as the functional value of the one-way function of parameter as the 1st disposable ID (SIGNALci), receive the 1st disposable ID from above-mentioned client, receive with 1st random number of above-mentioned total key from above-mentioned client simultaneously above-mentioned client, generating, set in advance the client id in above-mentioned client and set in advance the receiving system that in this server server ID has been carried out the 1st enciphered data of encrypting; Obtain the above-mentioned the 1st disposable ID by calculating, by this result of calculation, the above-mentioned the 1st disposable ID that receives from above-mentioned client are contrasted, discern above-mentioned client, identifying under the situation of above-mentioned client, use above-mentioned total key that above-mentioned the 1st enciphered data is decrypted, according to the above-mentioned client id and the above-mentioned server ID that are included in these data of having deciphered, judge the judgment means of the legitimacy of above-mentioned client; Judge above-mentioned client by above-mentioned judgment means is under the proper situation, generate the 2nd random number, obtain above-mentioned the 1st random number, above-mentioned the 2nd storage random number and above-mentioned total key functional value as the 2nd disposable ID (SIGNALsi) simultaneously, send with above-mentioned total key to above-mentioned client above-mentioned client id, above-mentioned server ID and above-mentioned the 2nd random number have been carried out the 2nd enciphered data of encrypting, the dispensing device of above-mentioned the 2nd disposable ID as the one-way function of parameter; Above-mentioned the 1st storage random number is replaced into above-mentioned the 1st random number, above-mentioned the 2nd storage random number is replaced into the displacement apparatus of above-mentioned the 2nd random number.
The present invention still generates the variable total key of stipulating between device or between application program, in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned total key functional value as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID, and server between the client that authenticates mutually, it is characterized in that comprising: generate the 1st random number, simultaneously as the 1st disposable ID (SIGNALci) obtain with and above-mentioned server between the total key that had in advance, the 1st storage random number and the 2nd storage random number send with above-mentioned total key setting in advance the client id in this client to above-mentioned server as the functional value of the one-way function of parameter, the server ID and above-mentioned the 1st random number that set in advance in above-mentioned server have been carried out the 1st enciphered data of encrypting, the dispensing device of above-mentioned the 1st disposable ID; With above-mentioned the 1st random number, above-mentioned the 2nd storage random number and above-mentioned total key as the functional value of the one-way function of parameter as the 2nd disposable ID (SIGNALsi), receive the 2nd disposable ID from above-mentioned server, receive the receiving system that the 2nd random number that generates, above-mentioned client id and above-mentioned server ID has been carried out the 2nd enciphered data of encryption above-mentioned server with above-mentioned total key from above-mentioned server simultaneously; Obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server are contrasted, discern above-mentioned server, identifying under the situation of above-mentioned server, use above-mentioned total key that above-mentioned the 2nd enciphered data is decrypted, according to the above-mentioned server ID and the above-mentioned client id that are included in these data of having deciphered, judge the judgment means of the legitimacy of above-mentioned server; Above-mentioned the 1st storage random number is replaced into above-mentioned the 1st random number, above-mentioned the 2nd storage random number is replaced into the displacement apparatus of above-mentioned the 2nd random number.
Feature of the present invention also is: have above-mentioned server, above-mentioned client as Verification System.
Feature of the present invention also is: in above-mentioned Verification System, above-mentioned server and above-mentioned client are being replaced into above-mentioned the 1st random number with above-mentioned the 1st storage random number, after random number is replaced into above-mentioned the 2nd random number with above-mentioned the 2nd storage, by generating above-mentioned total key, make this total cipher key change according to these the 1st storage random numbers and the 2nd storage random number.
According to the variable total key that changes in each communication unit that is created on of the present invention, and obtain the functional value of this variable total key as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID (SIGNALn), the authentication method that between the 1st device that communicates mutually and the 2nd device, authenticates, obtain the functional value of variable total key as the one-way function of parameter, generate one time key from this functional value, therefore, even for example variable total key leaks to the third party, but since in the communication unit of each regulation variable total cipher key change, so the disposable ID beyond the disposable ID that the variable total key that also unpredictable use has been leaked generates.That is, can generate and be difficult to eavesdrop and disposable ID that fail safe is superior, can realize disposable ID fail safe (PFS) in the future.
The variable total key of generation according to the present invention, and obtain variable total key and the information relevant functional value as the one-way function of parameter with communication sequence or number of times, generate disposable ID from this functional value, use this disposable ID, between the 1st device and the 2nd device, authenticate, even therefore for example variable total key leaks to the third party, but owing to variable total cipher key change in the communication unit of each regulation, in each communication, all change for information about simultaneously with communication sequence or number of times, so in fact to use the disposable ID beyond the disposable ID that the variable total key leaked generates be impossible in prediction, in addition, the prediction disposable ID self that uses the variable total key leaked to generate also is unusual difficulty.That is, can generate and be difficult to eavesdrop and disposable ID that fail safe is superior, can realize disposable ID fail safe (PFS) in the future.
In addition, the present invention generates the variable total key of regulation between device or between the application program, in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned total key functional value as the one-way function of parameter, generate disposable ID from this functional value, use this disposable ID, between the 1st device and the 2nd device, authenticate (authentication mutually), even therefore for example total key leaks to the third party, but the functional value of one-way function variation in the communication unit of each regulation owing to random number, so can't know the random number that in the communication unit of regulation, generates, unpredictable disposable ID.That is, can generate and be difficult to eavesdrop and disposable ID that fail safe is superior, can realize disposable ID fail safe (PFS) in the future.
Because the present invention also uses the disposable ID by the generation method generation of above-mentioned various disposable ID, carry out the authentication of (between client, the server) between device, so the third party can't determine sender, recipient, and if proper sender, recipient then can grasp disposable ID as identifying information.
So, can strengthen patience to DoS attack and personation etc., even under open network environment, also can seek the protection of id information, improve the fail safe of communication.In addition, can carry out remote access, improve convenience.
In the present invention, also as the one-way function Fc that in the legitimacy of judging the 1st device, uses, the total key that use will be stipulated, the side that Diffie-Hellman openly is worth, set in advance the ID in the 1st device, disposable ID is as the pseudo random number function of parameter, simultaneously as the one-way function Fs that in the legitimacy of judging the 2nd device, uses, the total key that use will be stipulated, the side that Diffie-Hellman openly is worth, the opposing party that Diffie-Hellman openly is worth, set in advance the ID in the 2nd device, disposable ID is as the pseudo random number function of parameter, therefore can be with in existing cipher key change, number of communications that must 3 times in the authentication mode is reduced to 2 times, can realize rapid and safe authentication and cipher key change.
The present invention also is created on the variable total key that changes in each communication unit, and obtain the functional value of this variable total key as the one-way function of parameter, generate one time key from this function, perhaps generate variable total key, and obtain variable total key and the information relevant functional value as the one-way function of parameter with communication sequence, generate disposable ID from this functional value, generate the variable total key of stipulating between device or between application program, perhaps in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned total key functional value as the one-way function of parameter, generate disposable ID from this function, use disposable ID by the generation method generation of above-mentioned various disposable ID, (client between device, between the server) authenticate, therefore can generate and be difficult to eavesdrop and disposable ID that fail safe is superior, obtain to realize the effect of disposable ID fail safe (PFS) in the future.
The present invention also generates the variable total key that each communication unit all changes, and obtain the functional value of this variable total key as the one-way function of parameter, generate disposable ID from this functional value, perhaps generate variable total key, and obtain variable total key and the information relevant functional value as the one-way function of parameter with communication sequence, generate disposable ID from this functional value, generate the variable total key of stipulating between device or between application program, perhaps in the communication unit of regulation, generate random number, and obtain this random number and above-mentioned total key functional value as the one-way function of parameter, generate disposable ID from this functional value, use disposable ID by the generation method generation of above-mentioned various disposable ID, (client between device, between the server) authenticate, therefore can access following effect: the third party can't determine the sender, the recipient, and if proper sender, the recipient then can grasp disposable ID as identifying information.
Therefore, can strengthen patience,, improve the fail safe of communication even under open network environment, also can seek the protection of id information to DoS attack and personation etc.In addition, can carry out remote access, improve convenience.
Following embodiment by the reference description of drawings can further clear and definite objects and advantages of the present invention.
Description of drawings
Fig. 1 is the figure that explanation is called as the existing authentication method of P-SIGMA.
Fig. 2 is a block diagram of showing the summary structure of the client computer of embodiments of the invention and server computer.
Fig. 3 is a flow chart of showing that the notion in the mutual authentication of embodiments of the invention is handled.
Fig. 4 is the figure that shows the detailed process in the mutual authentication of embodiments of the invention.
Fig. 5 is a summary structure chart of showing an embodiment of Verification System of the present invention.
Fig. 6 is the block diagram of summary structure of the server of exploded view 1.
Fig. 7 is the block diagram of summary structure of the client of exploded view 1.
Fig. 8 is the figure of the embodiment 1 of explanation authentication method of the present invention.
Fig. 9 is the figure of the embodiment 2 of explanation authentication method of the present invention.
Figure 10 is the figure of the embodiment 3 of explanation authentication method of the present invention.
Figure 11 is the figure of the embodiment 4 of explanation authentication method of the present invention.
Figure 12 is the figure of the embodiment 5 of explanation authentication method of the present invention.
Figure 13 is the figure of the embodiment 6 of explanation authentication method of the present invention.
Figure 14 is the figure that explanation is called as the existing authentication method of OSPA.
Figure 15 is the figure of the embodiment 7 of explanation authentication method of the present invention.
Figure 16 is the figure of the distortion example of explanation Figure 15.
Embodiment
(embodiment 1)
Below the example that embodiments of the present invention will be described in detail with reference to the accompanying drawings.Fig. 2 is a block diagram of showing the summary structure of the client computer of embodiments of the invention 1 and the summary structure of server computer and the network system that the present invention can be suitable for.Present embodiment has been suitable for the present invention under situation about authenticating mutually between server computer and the client computer in network.
In Fig. 2, network system constitutes: the one or more server computers 40 that comprise one or more client computers 10 of CPU at least, comprise CPU at least are connected with network (for example internet) 32 via modulator-demodulator, router, TA (terminal adapter) etc. respectively.These computers can be by the transmission information that intercoms mutually via network 32.
In addition, as shown in Figure 2, with describing as a computer separately of client computer 10 and server computer 40, but these client computers 10, server computer 40 also can be many.
In addition, when client computer 10 is equivalent to the 1st authenticate device of the present invention, then server computer 40 is equivalent to the 2nd authenticate device, and when server computer 40 was equivalent to the 1st authenticate device of the present invention, then client computer 10 was equivalent to the 2nd authenticate device.In addition, network 32 is equivalent to communication line of the present invention.
In the present embodiment, the situation that has been suitable for the internet as network is described.In this case, at least one computer can be used as www server performance function, and in addition, other computer can be used as WWW client performance function.
In detail, each client computer 10 has been installed the WWW browser, by starting this WWW browser, and can be via network 32 access server computer 40 at random.At this moment, access location (data that are made of the position of the position of the server computer 40 of access destination and the information in the server computer 40) is specified by URL (resource locator).
In addition, use IP (Internet Protocol) address for the identification of client computer 10.In addition, can use user's self input or predetermined user ID such as code for the user's of operated client computer 10 identification.
In order to instruct input by this computer, in the aforementioned calculation machine, be provided with input units such as various keyboards, mouse, for result of showing computer etc. is provided with display.In addition, because computer has general and general hardware configuration, so omit detailed explanation.
Communication I/F30 is connected with validator 20.This validator 20 also is connected with data calculator 18 with authentication with memory 16.In addition, validator 20 also with lower device is connected: and server computer 40 between when having carried out authentication, show that having gone out correlation by authentication determination is proper OK device 22; It is wrongful NG device 24 that demonstration has gone out correlation by authentication determination.
Communication I/F60 is connected with validator 50.This validator 50 also is connected with data calculator 48 with authentication with memory 46.In addition, validator 50 also with lower device is connected: and client computer 10 between when having carried out authentication, show that having gone out correlation by authentication determination is proper OK device 52; It is wrongful NG device 54 that demonstration has gone out correlation by authentication determination.
[notion processing]
Then, the notion of mutual authentication that the network system of present embodiment is described is handled.In the present embodiment, by the mutual authentication between the exchange object computer of numerical data.The processing procedure of in Fig. 3, having showed mutual authentication as flow chart.
In step 100, client computer 10 and server computer 40 are stored common initial value (hidden key K by the pre-arranged procedure in both sides
0).
The pre-arranged procedure is meant the step of the initial value when being arranged on the mutual authentication of carrying out 40 of client computer 10 and server computers.For example, make client computer 10 and server computer 40 preserve common data, therefore provide the initial value of determining by any one party or third party's computer of client computer 10 and server computer 40 to client computer 10 and server computer 40 both sides as initial value.By electronic datas such as Email send initial value, the printed article that maybe will print initial value sends to client computer 10 and server computer 40 both sides and import separately by client computer 10 and server computer 40, carrying out this provides.
In the present embodiment, as this initial value, in order in client computer 10 and server computer 40 both sides, to keep common state, and the resume of the data transmit-receive that will carry out between client computer 10 and server computer 40 are as initial value, upgrade initial value during the each data transmit-receive that carries out between client computer 10 afterwards and the server computer 40.
Promptly, above-mentioned initial value can be a common value in client computer 10 and server computer 40 both sides, also can be as mentioned above by value is provided arbitrarily and in both sides, preserve, but, it is desirable to the result of the data transmit-receive of 40 of the client computer 10 that obtains based on algorithm arbitrarily and server computers in order in client computer 10 and server computer 40 both sides, to keep common state.In the present embodiment, algorithm can be the step of commonly preserving transmitter side and receiver side both sides' data transmitter side and receiver side both sides arbitrarily, uses the data of the mutual authentication result that describes in detail in the back.
In addition, the form (for example form) of the data of in client computer 10 and server computer 40 both sides, storing have more than be limited to the same.That is, the data of storing in client computer 10 and server computer 40 both sides can be that the end value of its data is identical, and that data itself are not limited to is identical.For example, can store by different forms.If like this,, also can keep the opposing party's data even then under the data conditions of having leaked a side.
At first, in step 110, client computer 10 sends verify data.This verify data is the initial data that authenticate mutually to server computer 40 requests from client computer 10, use the initial value of being stored as hidden key, in the data that client computer 10 stored are generated, encrypt transmission based on hidden key simultaneously.
Then, in step 120, in server computer 40, the verify data that reception sends from client computer 10, use the initial value of being stored as hidden key, this the time be engraved in the data that server computer 40 stored are generated, send simultaneously based on hidden key and carried out the verify data of encrypting.In addition, verify data comprises a part of data that verify data comprised that receive from client computer 10.
Thus, can be used as verify data that expression sends from server computer 40 is that the data of replying of the request of sending from client computer 10 are sent.After having sent this verify data, the verify data that receives is analyzed, use in server computer 40 each data that generate to generate new hidden key simultaneously, and the hidden key of storing by new hidden key updating.
Then, at step S130, in client computer 10, the verify data that reception is sent from server computer 40, use the initial value of being stored as hidden key, this the time be engraved in the data that client computer 10 stored generate, the verify data that has sent simultaneously based on hidden secret key encryption.In addition, verify data comprises a part of data that verify data comprised that receive from server computer 40.
Thus, can be used as verify data that expression sends from client computer 10 is that the data of replying of the data that send from server computer 40 are sent.After having sent this verify data, analyze the verify data receive, use the new hidden key of each data generation that client computer 10 in, generates simultaneously, and the hidden key of storing by new hidden key updating.
Therefore, in the moment that the processing of step 130 is through with, in the both sides of client computer 10 and server computer 40, can upgrade initial value (hidden key) and keep as common value (hidden key).
In the step of following 140, judge whether client computer 10 and server computer 40 both sides' processing has finished predetermined stipulated number.This judgment standard number of times is set to number of times at least once in advance, in the present embodiment, keeps the value of common number of times in client computer 10 and server computer 40 both sides.In addition, the judgment standard number of times also can keep the value of different number of times at client computer 10 and server computer 40 in separately.In this case, client computer 10 and server computer 40 separately in the benchmark of authentication dissimilate, if but authentication is proper, then can only reach by request data transmit-receive repeatedly in the few computer-side of judgment standard number of times.By with reference to this number of times, in client computer 10, carry out the renewal of step 140 and handle, in server computer 40 till the number of times end of being preserved is handled in the renewal of step 120 negate.Under the judgment standard number of times is set to once situation, do not negate to advance to former state step 150 in step 140.
Therefore, carried out the moment of affirmative determination in step 140, in client computer 10 and server computer 40 both sides, updating value (hidden key) is kept common value (hidden key) in both sides together.That is, the hidden key of preserving in client computer 10 and server computer 40 both sides when each information transmit-receive all is updated to new, can be maintained up-to-date hidden key all the time.
In step 150, among client computer 10 and server computer 40 both sides, carry out authentication processing and finish this processing.
Above-mentioned authentication processing is used the up-to-date hidden key of being stored, and judges whether the verify data that sends is proper data.Can in client computer 10 and server computer 40 both sides, commonly carry out this authentication processing.If this authentication processing is through with, then authentication end mutually in client computer 10 and server computer 40 both sides.
[detailed process]
Then, be described in detail in the mutual authentication that above-mentioned notion has illustrated in handling.
(structure that comprises the data of hidden key)
In the present embodiment, because hidden key all is updated to up-to-date data when each information transmit-receive, so as resume data K performance function.In the following description, the data markers as these resume data K performance function is identical with hidden key K.
The hidden key K that is included in the initial value that above-mentioned notion uses as verify data in handling by the code data C and the verify data R that are used for determining client computer 10, be used for determining that the code data S and the verify data Q of server computer 40 constitute.In the following description, to the additional subscript that begins to increase from initial value " 0 " of hidden key K, code data C, verify data R, code data S and verify data Q, the expression update mode describes but deleted time aiming symbol in next use of their situation of general remark.
In the present embodiment,, be stored in the result of the data transmit-receive that in client computer 10 and server computer 40 both sides, carries out that describes in detail later, also comprised the resume data as initial value.
Hidden key K is used each function g (C, S, Q, result of calculation R) based on code data C, verify data R, code data S and verify data Q.As an example, function g is simple and or multinomial, multiplication, integration and the hash function of additional coefficient.
In addition, with the initial value C that generates client computer 10 sides
0, R
0Initial value can use the value that is provided with by the user for code data C and verify data R, also can automatically generate.It is desirable to verify data R its content when each information transmit-receive and irregularly change, therefore in the present embodiment, use the random number that produces by tandom number generator 14 as verify data R.But the present invention has more than the random number of the situation use to(for) verify data R that is limited to.For example, can use date now, time on date, the capacity when equal time data, the capacity that is stored in any file in the computer or modification time, information transmit-receive etc. constantly.
Equally, with the initial value S that generates server computer 40 sides
0, Q
0Initial value for code data S and verify data Q can use and management server computer 40 the value that is provided with of operator, also can generate automatically.With above-mentioned the same, it is desirable to verify data Q all irregularly changes of its content when each information transmit-receive, therefore in the present embodiment, use the random number that produces by tandom number generator 44 as verify data Q.But the present invention has more than the random number of the situation use to(for) verify data q that is limited to.For example, can use date now, time on date, the capacity when equal time data, the capacity that is stored in any file in the computer or modification time, information transmit-receive etc. constantly.
In addition, send the verify data R of client computer 10 sides and the verify data Q of server computer 40 sides to the opposing party, but be difficult to determine in order to make the third party, so must maintain secrecy for these transmission data.So, in the present embodiment, with hidden key K to the verify data R that sends to server computer 40 from client computer 10 with carry out hidden to the verify data Q that client computer 10 sends from server computer 40.
That is, from client computer 10 under the situation that server computer 40 sends, (R K) generates verify data A and sending by predetermined function v.As an example, function v is simple and or multinomial, multiplication, integration and the hash function of additional coefficient.Equally, from server computer 40 under the situation that client computer 10 sends, also (Q K) generates verify data B and sending by predetermined function w.As an example, function w is simple and or multinomial, multiplication, integration and the hash function of additional coefficient.Then, an example showing function v, w.
A
m=v(R,K)=R
m+K
m-1
B
m=w(R,K)=Q
m+K
m-1
Wherein, m is the natural number more than or equal to 1.
In addition, send the code data C of client computer 10 sides and the code data S of server computer 40 sides, but as described below, when each information transmit-receive, upgrade code data to the opposing party.That is, (S R) generates new code data C and also sends by predetermined function y when sending to the code data C of server computer 40 transmissions from client computer 10.As an example, function y is simple and or multinomial, multiplication, integration and the hash function of additional coefficient.Equally, from server computer 40 under the situation that client computer 10 sends, (C Q) generates code data S and sending by predetermined function z.As an example, function z is simple and or multinomial, multiplication, integration and the hash function of additional coefficient.Then, an example showing function y, z.
C
m=y(S,R)=S
m-1+R
m-1
B
m=w(C,Q)=C
m-1+Q
m-1
Wherein, m is the natural number more than or equal to 1.
In addition, in the transmission of code data, be difficult to determine in order to make the third party, so also can maintain secrecy.For example, can be with hidden key K to the code data C that sends to server computer 40 from client computer 10 with carry out hidden to the code data S that client computer 10 sends from server computer 40.That is can be that hidden key K is appended function into parameter.
(detailed process)
Fig. 4 is the figure that shows detailed process in the mutual authentication of embodiments of the invention 1.Below, the detailed process of present embodiment is described with reference to Fig. 4.
Step P0: client computer 10 and server computer 40 separately in the hidden key K of storing initial value
0This processing is equivalent to the step 100 of Fig. 3, processing Pc0 and the Ps0 of Fig. 4.
Step P1: in client computer 10, generate random number R, calculate code data C and verify data A, and send to server computer 40.This processing is equivalent to the step 110 of Fig. 3, the processing Pc1 of Fig. 4.
That is, in client computer 10, generate random number R by tandom number generator 14
1The random number R that generates
1, be stored in the hidden key K in the memory 16
0With the hidden key K of formation
0C
0, S
0, Q
0, R
0Be imported into authentication data calculator 18.Then, authentication is used this random number R with data calculator 18
1, be stored in the hidden key K in the memory 16
0With the hidden key K of formation
0S
0, verify data R
0, obtain new code data C by above-mentioned function y, v
1With new verify data A
1The new code data C that this is obtained
1With verify data A
1Be stored in the memory 16, be output to communication I/F30 simultaneously, and send to server computer 40 via network 32.These transmission data are equivalent to the data Dc1 of Fig. 4.
Step P2: server computer 40 receives verify data A and code data C from client computer 10, generates random number Q simultaneously and calculates code data S, verify data Q, sends to client computer 10.Meanwhile, with the hidden key K of storing
0Be updated to new hidden key K
1This processing is equivalent to the step 120 of Fig. 3, the processing Ps1 of Fig. 4.
That is, in server computer 40, via communication I/F60 to the code data C of validator 50 input from client computer 10
1With verify data A
1At this moment, in server computer 40, in tandom number generator 44, generate random number Q
1The random number Q that generates
1, be stored in the hidden key K in the memory 46
0With the hidden key K of formation
0C
0, S
0, Q
0, R
0Be imported into authentication data calculator 48.In addition, validator 50 is to the authentication code data C of data calculator 48 outputs from client computer 10
1With verify data A
1
Authentication is used this random number Q with data calculator 48
1, the code data C that receives
1, the storage hidden key K
0With the hidden key K of formation
0Verify data Q
0, obtain new code data S by above-mentioned function z, w
1With new verify data B
1The new code data S that this is obtained
1With verify data B
1Output to communication I/F60, and send to client computer 10 via network 32.These transmission data are equivalent to the data Ds1 of Fig. 4.
At this moment, in server computer 40, constitute hidden key K as initial value
0Each data are new data.That is, code data C is the code data C that receives from client computer 10
1, code data S is the code data S that calculates with data calculator 48 by authentication
1, verify data Q is the random number Q that produces by tandom number generator 44
1, verify data R calculates by contrary from the verify data A that client computer 10 receives, promptly by deducting hidden key K
0The random number R that obtains
1
So, as these code datas of new Data Update C
1, code data S
1, verify data Q
1, verify data R
1, simultaneously as new hidden key K
0Upgrade.Thus, in server computer 40, can be automatically updated into up-to-date data as the resume of hidden key K.
Step P3: client computer 10 receives verify data B and code data S from server computer 40, generates random number R simultaneously and calculates code data C
2, verify data A
2, send to server computer 40.Meanwhile, with the hidden key K of storing
0Be updated to new hidden key K
1This processing is equivalent to the step 130 of Fig. 3, the processing Pc2 of Fig. 4.
That is, in client computer 10, via communication I/F30 to the code data S of validator 20 input from server computer 40
1With verify data B
1At this moment, in client computer 10, in tandom number generator 14, generate random number R
2The random number R that generates
2, be stored in the hidden key K in the memory 46
0With the hidden key K of formation
0C
0, S
0, Q
0, R
0Be imported into authentication data calculator 18.In addition, validator 20 is to the authentication code data S of data calculator 18 outputs from server computer 40
1With verify data B
1
At this moment, in client computer 10, constitute as initial value and be stored in hidden key K in the memory 16
0Each data be that new data (constitute new hidden key K
1Data).That is, code data C is the code data S that receives from server computer 40
1Calculate through contrary, promptly deduct the hidden key K of formation
0Be stored in verify data Q in the memory 16
0The code data C that obtains
1, perhaps with the code data C that last time sent that is stored in the memory 16
1Corresponding.Code data S is the code data S that receives from server computer 40
1, verify data Q is the verify data B that receives from server computer 40
1Calculate through contrary, promptly deduct hidden key K
0The verify data Q that obtains
1, verify data R is the random number R that last time generated
1
So, as these code datas of new Data Update C
1, code data S
1, verify data Q
1, verify data R
1, simultaneously as new hidden key K
1Upgrade.Thus, in client computer 10, the hidden key K identical with server computer 40 can be automatically updated into up-to-date data.In addition, authentication is used the random number R that generates with data calculator 18
2, the hidden key K upgraded
1Verify data R
1, the code data S that receives
1With new hidden key K
1, obtain new code data C by above-mentioned function y, v
2With new verify data A
2The new code data C that this is obtained
2With verify data A
2Be stored in the memory 16, be output to communication I/F30 simultaneously, send to server computer 40 via network 32.These transmission data are equivalent to the data Dc2 of Fig. 4.
Step P4: the processing of above-mentioned steps P2 and the P3 of the number of times m that only puts rules into practice.In addition, in the present embodiment, the number of times m of regulation comprises data transmit-receive at least once.Therefore, comprise the number of times (m=1) that does not carry out circulating.Promptly, when between client computer 10 and server computer 40, carrying out data transmit-receive, owing to utilize the resume data of the data transmit-receive that has carried out both sides, even so in data transmit-receive once, the resume ground that comprises when this transmitting-receiving between client computer 10 and the server computer 40 carries out data transmit-receive, therefore being not only simple data transmit-receive, also is the transmitting-receiving of resume data, is effective therefore.If the processing of above-mentioned steps P2 and P3 is carried out repeatedly in circulation, then can improve the precision that the data legitimacy is judged.
That is, carry out above-mentioned processing for circulation, promptly carry out number of times by repeatedly carrying out cycle-index, the value of hidden key K changes owing to upgrading, and grasps this change and can suppress the third party.By carrying out repeatedly like this, according to till now resume the hidden key K of common preservation in client computer 10 and the server computer 40 is updated to up-to-date state, therefore be difficult to derive hidden key K.
The put rules into practice processing of step P2 and step P3 of number of times m, the result client computer 10 and server computer 40 separately in, preserve and constitute hidden key K
mWith the hidden key K of formation
mC
m, S
m, Q
m, R
mValue.In addition, when m=1, preserve the value of a data transmit-receive.
In addition, carry out processing for circulation, the processing from processing Pc2 to Psm and Pcm of the processing execution of the judgement of the step 140 of Fig. 3, Fig. 4 is equivalent to circulation and carries out from handling Pc1 to Ps1 and Pc2.
Step P5: after above-mentioned processing finishes, client computer 10 and server computer 40 separately in, whether the legitimacy of the data that inspection receives is set up, if the relation of setting up then making a promise both as authentication success mutually negates both relations as authentication is unsuccessful mutually when being false.This processing is equivalent to the step 150 of Fig. 3, the processing Ps of Fig. 4
M+1And Pc
M+1
Under the situation about after carrying out once, authenticating, carry out primary data from client computer 10 and send, but at this moment client computer 10 sends the hidden key K as the initial value storage that basis comprises the resume of client computer 10 and server computer 40 to server computer 40
0The verify data A that generates
1With code data C
1This processing is equivalent to send data Dc behind the processing Pc1 of Fig. 4
1
In server computer 40, via communication I/F60 to the code data C of validator 50 input from client computer 10
1With verify data A
1, in authenticator 50 to code data C
1The checking legitimacy.Because the code data C that receives
1Be that basis resume data last time generate, constitute the hidden key K that is updated to last state and stores so in server computer 40, use
0The code data S of (is initial value at this)
0With verify data R
0, judge whether the result of calculation of above-mentioned function y is consistent with the data that receive, under the situation of unanimity, think properly, under inconsistent situation, negate legitimacy.Thinking in the right seasonly, after by OK device 52 report legitimacy, proceeding to handle, when negative, reporting improper end process afterwards by NG device 54.
Think just when and when proceeding to handle, P2 is the same with above-mentioned steps, generates random number Q in tandom number generator 44
1, at authentication generation code data S in the data calculator 48
1, verify data B
1, send to client computer 10, be hidden key K with hidden key updating simultaneously
1
This authentication processing is equivalent to the processing PS of Fig. 4
M+1Processing.In this case, therefore the execution that do not circulate is equivalent to the processing of m=0.That is, at every turn from client computer 10 when server computer 40 sends data, can use the data that comprise resume that receive from client computer 10 to authenticate in server computer 40 sides.
On the other hand, in client computer 10, via communication I/F30 to the code data S of validator 20 input from server computer 40
1With verify data B
1In client computer 10, at code data S
1In validator 20, verify legitimacy.Because the code data S that receives
1Be that basis resume data last time generate in server computer 40 equally, constitute the hidden key K that is updated to last state and stores so in client computer 10, use
0The code data C of (is initial value at this)
0With verify data Q
0, judge whether the result of calculation of above-mentioned function z is consistent with the data that receive, under the situation of unanimity, think properly, under inconsistent situation, negate legitimacy.Thinking in the right seasonly, after by OK device 22 report legitimacy, proceeding to handle, when negative, reporting improper end process afterwards by NG device 24.
Think just when and when proceeding to handle, transfer to the processing that between client computer 10 and server computer 40, should carry out.In addition, in client computer 10, in order to keep identical with the resume data K of server computer 40, and the same with above-mentioned steps P3, be hidden key K with hidden key updating
1
This authentication processing is equivalent to the processing Pc of Fig. 4
M+1Processing.In this case, therefore the execution that do not circulate is equivalent to the processing of m=0.That is, at every turn from server computer 40 when client computer 10 sends data, can use the data that comprise resume that receive from server computer 40 to authenticate in client computer 10 sides.
In addition, at every turn from client computer 10 when server computer 40 sends data, perhaps at every turn from server computer 40 when client computer 10 sends data, with being included in processing that receiver side authenticates, also can repeatedly carry out the session that comprises this authentication as session.
Below, situation about authenticating after circulation is carried out repeatedly is described.In this case, carry out the m time data transmission from client computer 10, client computer 10 is according to the hidden key K of upgrading for m time by circulation
m, send verify data A to server computer 40
M+1, verify data C
M+1This processing is equivalent to the processing Pc at Fig. 4
mThe back sends data Dc
M+1
At first, in server computer 40, via communication I/F60 to the code data C of validator 50 input from client computer 10
M+1With verify data A
M+1In server computer 40, at code data C
M+1In validator 50, verify legitimacy.Because the code data C that receives
M+1Be that basis resume data last time generate, constitute the hidden key K that is updated to last state and stores so in server computer 40, use
mCode data S
mWith verify data R
m, judge whether the result of calculation of above-mentioned function y is consistent with the data that receive, under the situation of unanimity, think properly, under inconsistent situation, negate legitimacy.Thinking in the right seasonly, after by OK device 52 report legitimacy, proceeding to handle, when negative, reporting improper end process afterwards by NG device 54.
Think just when and when proceeding to handle, P2 is the same with above-mentioned steps, generates random number Q in tandom number generator 44
M+1, at authentication generation code data S in the data calculator 48
M+1, verify data B
M+1, send to client computer 10, be hidden key K with hidden key updating simultaneously
M+1This authentication processing is equivalent to the processing Ps of Fig. 4
M+1Processing.
On the other hand, in client computer 10, via communication I/F30 to the code data S of validator 20 input from server computer 40
M+1With verify data B
M+1In client computer 10, at code data S
M+1In validator 20, verify legitimacy.Because the code data S that receives
M+1With code data C is to generate in server computer 40 according to last time resume data equally, the hidden key K of storing so use formation to be updated to last state in client computer 10
mCode data C
mWith verify data Q
m, judge whether the result of calculation of above-mentioned function z is consistent with the data that receive, under the situation of unanimity, think properly, under inconsistent situation, negate legitimacy.Thinking in the right seasonly, after by OK device 22 report legitimacy, proceeding to handle, when negative, reporting improper end process afterwards by NG device 24.
Think just when and when proceeding to handle, transfer to the processing that between client computer 10 and server computer 40, should carry out.In addition, in client computer 10, in order to keep identical with the resume data K of server computer 40, and the same with above-mentioned steps P3, be hidden key K with hidden key updating
M+1This authentication processing is equivalent to the processing Pc of Fig. 4
M+1Processing.
Like this, in the present embodiment, when the mutual authentication of carrying out between client computer 10 and the server computer 40, both sides have common hidden key K, upgrade this hidden key K when each information transmit-receive.Therefore, even the data in analytical information when transmitting-receiving also are difficult to determine the data of authentication usefulness can improve confidentiality, can positively authenticate mutually.
In above-mentioned, being that example is illustrated between client computer 10 and the server computer 40, but in nonsynchronous networks such as internet, in server computer 40, must authenticate client computer 10.In this case, also can the user of each client computer 10 be handled discretely.
The handling procedure that above-mentioned processing can be used as client computer 10 and server computer 40 is stored in the removable dish as recording medium with the form that can carry out.In this case, the removable dish unit (FDU) that can plug can be connected with each device, from removable dish via the handling procedure of FDU executive logging.In addition, also can with handling procedure with the form that can visit storage (installation) in computer RAM or other storage areas (for example hard disk unit) in carry out.In addition, also can be stored among the ROM in advance.In addition, tapes such as dish such as CD-ROM, MD, MO, DVD and DAT are arranged as recording medium, when using them, can use CD-ROM device, MD device, MO device, DVD device, DAT device etc. as the device of correspondence.
As described above such, according to embodiments of the invention 1, when between the 1st authenticate device and the 2nd authenticate device, authenticating mutually, commonly store the resume data at the 1st authenticate device and the 2nd authenticate device in separately, upgrade the resume data simultaneously, therefore can authenticate mutually safely and easily, for example can obtain following effect: can positively authenticate not between client computer and server computer, sending the key ground that leaks client computer the information that receives.
(embodiment 2)
Fig. 5 is a summary structure chart of showing the embodiment 2 of Verification System of the present invention.This Verification System is roughly by constituting via network 40 interconnective servers such as common wire road network or internet (the 2nd device) 10 and client (the 1st device) 20.A plurality of server A, B, the C of various services are provided in this embodiment ... be connected with server 10, this server 10 as decision can access server A, B, C ... certificate server performance function.
CPU (CPU) 11 will be stored in various handling procedures in the storage area of storage device 13, store into the RAM12 from input unit 14 or the various instructions of communicator 16 inputs or the various data of and instruction correspondence etc., and carry out various processing according to the various handling procedures that are stored among the RAM12 accordingly with these input instructions and various data, and this result temporarily stored among the RAM12, output to display unit 15 etc. simultaneously.
This CPU11 constitutes receiving system and the judgment means in this server 10, client id openly is worth g as HASHc, disposable ID (SIGNAL), the DH of the functional value of the one-way function (one-way function Fc) of parameter receiving from client 20
x(promptly receive the situation of access request) under the situation of (side that Diffie-Hellman openly is worth) from client 20, use is from client 20 reception data that receive and the storage data that are stored in the storage device 13, obtain disposable ID and HASHc by calculating, by this result of calculation, the disposable ID and the HASHc that receive from client 20 are compared, carry out the processing of the legitimacy of judging client 20.
In addition, CPU11 constitutes the dispensing device in this server 10, carry out following processing: judging client 20 is under the proper situation, use above-mentioned reception data and above-mentioned storage data, obtain the HASHs of server ID by calculating as the functional value of the one-way function (one-way function Fs) of parameter, and to client 20 send these HASHs, the DH that is stored in the storage device 13 openly is worth g
x(the opposing party that Diffie-Hellman openly is worth).
In addition, above-mentioned disposable ID (SIGNAL) only limits expendable identifying information in the authentication between server, client, under the situation that generates this disposable ID, read in the encryption key K (variable total key) that changes the communication unit of each regulation from storage device 13, and obtain the functional value as hash (Hash) function (one-way function) of parameter with this encryption key K, generate above-mentioned disposable ID from this functional value.
RAM (random access storage device) 12 possesses: temporarily be stored in client 20 between the storage area, the working region of CPU11 etc. of various data relevant such as the data that send to receive with authentication.
On the other hand, client 20 is made of CPU21, RAM22, storage device 23, input unit 24, display unit 25 and communicator 26 etc. as shown in Figure 7, and each several part connects by bus 27.Specifically, for example can enumerate personal computer, PDA portable information terminals such as (personal digital assistants), can utilize the portable phone of internet Connection Service etc. as client 20.Therefore in addition, each inscape of this client 20 and each inscape of above-mentioned server 10 are roughly the same, difference only are described below.
Promptly, the CPU21 of client 20 constitutes the dispensing device in this client 20, carry out following processing: according to from the instruction input of input unit 24 etc., generate disposable ID (SIGNAL), obtain simultaneously the HASHc of client id as the functional value of the one-way function (one-way function Fc) of parameter, to server 10 send these disposable ID and HASHc, the DH that is stored in the storage device 23 openly is worth g
x(side that Diffie-Hellman openly is worth).
In addition, CPU21 constitutes receiving system and the judgment means in this client 20, server ID openly is worth g as HASHs, the DH of the functional value of the one-way function (one-way function Fs) of parameter receiving from server 10
yUnder the situation of (the opposing party that Diffie-Hellman openly is worth) (promptly judging client 20 by server 10 is proper situations), use is from server 10 reception data that receive and the storage data that are stored in the storage device 23, obtain HASHs by calculating, by this result of calculation, the HASHs that receives from server 10 are compared, carry out the processing of the legitimacy of judging server 10.
ID distribution management server 30 is to be used for issuing, to manage the server in secret information total between client, the server (for example generating use in the initial value of disposable ID random number R etc.), client id, server ID etc.This ID distribution management server 30 has the database of storing under the ID that makes the user who utilizes client 20 (for example accumulating card No, dwelling house fund network ID, office worker No, student No, the particular member No etc.) state corresponding with above-mentioned secret information and password etc.In addition, ID distribution management server 30 upgrades the secret information in the above-mentioned database under some cycles, and by online (online) (for example Email etc.) or off-line (offline) (for example mailing etc.), this secret information that has upgraded is sent to the both sides of client 20 and server 10.In addition, also can carry out the distribution of above-mentioned secret information based on entrusting from the distribution of client 20 or server 10.
Below, according to Fig. 8, the embodiment 2 of the authentication method that is undertaken by the Verification System of said structure is described.This method is applicable to disposable ID of the present invention (SIGNAL) the IKE mode of having stipulated in RFC2409.
At first, at step S1, carry out following the processing: when generating SA based on IKE, generate disposable ID (SIGNAL) by client 20 as the promoter, obtain HASHc by calculating simultaneously, with the SA motion to the server 10 as the respondent send these disposable ID and HASHc, the DH that is stored in the storage device 23 openly is worth g
x
At this, for example use hash function as the SIGNAL of disposable ID, generate as follows.
SIGNAL
1=R
SIGNAL
2=hash(K
1)
SIGNAL
3=hash(K
2)
……
SIGNAL
n=hash(K
n-1)
Formula (2)
In the definition of above-mentioned SIGNAL, hash is a hash function, and R is the random number that has had to server 10 and client 20 both sides distribution and between the two from ID distribution management server 30, K
iBe server, the total encryption key (variable total key) of client that in i session, generates.In addition, above-mentioned conversational list is shown in the communication unit of having established behind the SA to this SA till invalid.
That is,, obtain the above-mentioned encryption key K that will in session last time, generate functional value as the hash function of parameter according to the definition of above-mentioned SIGNAL, and with the SIGNAL of this functional value as this session.In addition, in initial session, the random number R that will have in advance between server, client is used as the initial value of SIGNAL.In addition, above-mentioned encryption key K
iFor example obtain by following formula (3).
K
i=prf (total key, g
Xy, SIGNAL
i) ... formula (3)
In this formula (3), g
XyBe the common key of DH, total key is the total arbitrarily key between server, the client.
On the other hand, HASHc openly is worth g as shown in the formula shown in (4) as having key, DH
x, IDc (client id) and SIGNAL obtain as the functional value of the pseudo random number function (hash function with key) of parameter.
HASHc=prf (total key, g
x, IDc, SIGNAL) ... formula (4)
Then, at step S2, carry out following processing: server 10 is obtained SIGNAL and HASHc by calculating, by these result of calculations, the SIGNAL and the HASHc that receive from client 20 are compared, judges the legitimacy of client 20.
In the result of above-mentioned judgement is that to receive data consistent with result of calculation, judges client 20 and is under the proper situation, obtains HASHs by calculating, with the SA that promises to undertake to client 20 send these HASHs, the DH that is stored in the storage device 13 openly is worth g
y(step S3).
On the other hand, data and result of calculation are inconsistent receiving, and judge under the client 20 wrongful situations, and refusal finishes this authentication processing from the visit of client 20.
At this, HASHs openly is worth g as shown in the formula shown in (5) as having key, DH
x, g
y, IDs (server ID) and SIGNAL obtain as the functional value of the pseudo random number function (hash function with key) of parameter.
HASHs=prf (total key, g
x, g
y, IDs, SIGNAL) ... formula (5)
In addition, in this step S3, carry out following processing simultaneously: openly be worth g according to the DH that is stored in the storage device 13
y, the DH that receives from client 20 openly is worth g
xGenerate the common key g of DH
Xy, and with the common key g of DH
XyBe stored in the storage device 13.
Then, at step S4, carry out following the processing: client 20 is obtained HASHs by calculating, by this result of calculation, the HASHs that receives from server 10 are compared, judges the legitimacy of server 10.
In the result of above-mentioned judgement is that to receive data consistent with result of calculation, judges server 10 and is under the proper situation, openly is worth g according to the DH that is stored in the storage device 23
x, the DH that receives from server 10 openly is worth g
yGenerate the common key g of DH
Xy, in being stored in storage device 23 after, finish this authentication processing, transfer to next data transfer process.On the other hand, data and result of calculation are inconsistent receiving, and judge under the server 10 wrongful situations, end the visit to server 10, finish this authentication processing.
As mentioned above, according to this embodiment 2, use the encryption key K (variable total key) that will in each session, change functional value as the hash function of parameter as disposable ID (SIGNAL), even therefore for example encryption key K is leaked to the third party, because encryption key K changes in each session, so use the disposable ID disposable ID in addition of the unpredictable generation of encryption key K of leaking.That is, can generate and be difficult to eavesdrop and disposable ID that fail safe is superior, can realize the fail safe (PFS) in the future of disposable ID.
In addition, use above-mentioned disposable ID (SIGNAL) to carry out authentication between client, the server, so the third party can't determine sender, recipient, on the other hand if proper sender, recipient then can grasp disposable ID as identifying information.Therefore, can strengthen patience,, improve the fail safe of communication even under open network environment, also can seek the protection of id information to DoS attack and personation.In addition, can carry out remote access, improve convenience.
In addition, in this embodiment, as the one-way function Fc that uses in the legitimacy process of judging client 20, use will have key, DH and openly be worth g
x, IDc (client id) and SIGNAL be as the pseudo random number function of parameter, as the one-way function Fs that uses in the proper process of judging server 10, use will have key, DH and openly be worth g simultaneously
x, g
y, IDs (server ID) and SIGNAL be as the pseudo random number function of parameter, therefore can realize rapid and safe authentication and cipher key change with needing 3 times number of communications to be reduced to 2 times in existing cipher key change authentication mode.
(embodiment 3)
In the foregoing description 2, obtain the encryption key (variable total key) that will in session last time, generate functional value as the hash function of parameter, with the disposable ID (SIGNAL) of this functional value as this session, but in present embodiment 3, obtain the total key that will in session last time, generate, the communication sequence in this session functional value, the disposable ID with this functional value during as respectively the communicating by letter of this session as the hash function of parameter.The same beyond the unique portion of present embodiment 3 with embodiment 2.In present embodiment 3, pay identical symbol to the part identical, and omit its explanation with embodiment 2.
Fig. 9 is the figure of the embodiment 3 of explanation authentication method of the present invention.In present embodiment 3, at first, at step P1, client 20 generates SIGNAL
N, 1(the 1st disposable ID) is simultaneously with total key K
N-1(the 1st variable total key) openly is worth gxn and SIGNAL to IDc (client id), IDs (server ID), DH
N, 1Encrypt, send this enciphered data and SIGNAL to server 10
N, 1
At this, the SIGNAL that SIGNAL utilizes in j the communication of establishing i the client 20 in the session is SIGNALi, and j establishes the SIGNAL that utilizes in j the communication of i the server 10 in the session and is SIGNAL ' i, under the situation of j, generates as follows.
SIGNAL
1,j=hash(R,j) i=1
SIGNAL
i,j=hash(K
i-1,j) i≥2
SIGNAL’
1,j=hash’(R,j) i=1
SIGNAL’
i,j=hash’(K
i-1,j) i≥2
Formula (6)
In the definition (6) of above-mentioned SIGNAL, hash and hash ' are different hash functions mutually, and R is the random number that has had to server 10 and client 20 both sides distribution and between the two from ID distribution management server 30, K
iBe the DH common key g that in i session, has had
Xiyi(total key).
That is,, obtain the total key K that generates in session last time according to the definition (6) of above-mentioned SIGNAL
I-1With communication sequence j in this session functional value as the hash function of parameter, with this functional value as the SIGNAL that in j communication of this session, uses.Wherein, in initial session (i=1), obtain the random number R that will between server, client, have and the communication sequence j in this session functional value as the hash function of parameter, with this functional value as the SIGNAL that in j communication of initial session, uses.
Then, at step P2, server 10 is obtained SIGNAL by calculating
N, 1, by the SIGNAL that receives to this result of calculation, from client 20
N, 1Contrast, identify customer end 20, under situation about can't discern, refusal communication.Under situation about can discern, use total key K
I-1Enciphered data is decrypted, according to IDc, the IDs and the SIGNAL that are included in these data of having deciphered
N, 1, the legitimacy of judgement client 20.
In above-mentioned judged result is to receive data and the storage data consistent that is stored in advance in the server 10, judges client 20 and is under the proper situation, generates SIGNAL ' n according to the definition of above-mentioned SIGNAL,
1(the 2nd disposable ID) is simultaneously as total key K
n(the 2nd variable total key) openly is worth g according to the DH that receives from client 20
XnThe DH that is stored in advance in this server 10 openly is worth g
YnGenerate the common key g of DH
Xnxy, should have key K to client 20 transmissions
n, IDc, IDs and SIGNAL ' n,
1Functional value, DH as the hash function h of parameter openly are worth g
Yn, SIGNAL ' n,
1(step P3).
On the other hand, inconsistent in reception data and storage data, to judge under the client 20 wrongful situations, refusal finishes this authentication processing from the visit of client 20.
Then, at step P4, client 20 is obtained SIGNAL ' n by calculating,
1, by the SIGNAL ' n that receives to this result of calculation, from server 10,
1Contrast, identified server 10, under situation about can't discern, refusal communication.Under situation about can discern, as total key K
nOpenly be worth g according to the DH that receives from server 10
YnThe DH that is stored in advance in this client 20 openly is worth g
XnGenerate the common key g of DH
Xnxy, using simultaneously should total key K
n, obtain the functional value of hash function h by calculating, the functional value by the hash function h that receives to this result of calculation, from server 10 contrasts, and judges the legitimacy of server 10.
In the result of above-mentioned judgement is that to receive data consistent with result of calculation, judges server 10 and is under the proper situation, finishes this authentication processing, transfers to next data transfer process.On the other hand, data and result of calculation are inconsistent receiving, and judge under the server 10 wrongful situations, end the visit to server 10, finish this authentication processing.
In addition, need confirm that in server 10 sides client 20 has had key K
iSituation under, after client 20 has been judged the legitimacy of server 10 in this step P4, also can send and will have key K to server 10
n, IDc, IDs be as the functional value of the hash function h of parameter.
As mentioned above, according to this embodiment 3, obtain the total key K that in session last time, to generate
I-1Communication sequence j in (variable total key) and this session is as the functional value of the hash function of parameter, with this functional value as only in j communication of this session effective disposable ID (SIGNAL) use, even so total key K that for example in n session, generates
nLeak and give the third party, because total key K
nIn each session, all change, so the total key K that also unpredictable use is leaked
nDisposable ID (the SIGNAL that generates
N+1, j, SIGNAL '
N+1, j) in addition disposable ID.That is, can generate and be difficult to eavesdrop and disposable ID that fail safe is superior, can realize the fail safe (PFS) in the future of disposable ID.
In addition; because the above-mentioned disposable ID of use (SIGNAL) carries out the authentication between client, the server; so it is same with the foregoing description 2; can prevent from the amount of calculation that produces such as to require and to the DoS attack of memory because of a large amount of calculation requirements, response; even under open network environment; also can seek the protection of id information, improve the fail safe of communication.
In addition, as preventing one of method of DoS attack, the general known method of using cookie (random number).According to this method,, can prevent DoS attack from same IP address by combination IP address and the secret of having only cookie generation person to know.Relative therewith, under the situation of the SIGNAL of present embodiment, only know the common key of DH, unpredictable next time effective SIGNAL.So,, can access the effect same with cookie by in each communication, utilizing SIGNAL.And then, under the situation of cookie, do not allow change IP address in session, but can change SIGNAL.In addition, under the situation of having used cookie, can't prevent the DoS attack of spoofed IP address, but under the situation of disposable ID, since irrelevant with the IP address, so can prevent such attack.
In addition, in the present embodiment, for example considered that client 20 sends the initial information (step P1) of agreement, server 10 carries out the calculating (step P2) of DH cipher key change correspondingly, sends the situation of the 2nd information (step P3).If the information of server 10 disappears halfway, perhaps victim obtains, and under the situation that client 20 can't receive, client 20 must send initial information again.At this moment, server 10 can't judge that client 20 communicates by letter again, or the assailant has read initial information and carried out repeat attack.So client 20 sends the information of the content identical with the information that sends when the initial inquiry under the situation that resends initial information once more, server 10 also former state ground sends duplicating of former information of having write in reply.Thus, the calculating of useless DH cipher key change can be avoided, the DoS attack of repeat attack can be prevented.
In addition, in the present embodiment, obtain total key (the common key of the DH) K that generates in session last time
I-1With communication sequence j in this session functional value as the hash function of parameter, and with this functional value as only effective disposable ID (SIGNAL) generation in j communication of this session, but for example also can generate SIGNAL as follows.
SS
j=h1(K
i-1)
SIGNAL
i,j=hash(SS
i,j)
SIGNAL '
I, j=hash ' (SS
i, j) ... formula (7)
In the definition (7) of above-mentioned SIGNAL, SS
iIt is the common key K of DH that will in (i-1) individual session, have
I-1Functional value as the hash function of parameter.
In addition, in this case, the authentication that will use in i session uses key as AK
i, with encryption key as SK
i, for example can as following formula, obtain these keys,
AK
i=h2(K
i-1) SK
i=h3(K
i-1)
Wherein, h1, h2, h3 are the one-way hash functions that does not have conflict.
Like this, according to SS
iGenerate under the situation of authentication with key and encryption key, in above-mentioned steps P1, openly be worth g at client 20 couples of IDc, IDs, DH
XnAnd SIGNAL
N, 1Encrypt and when server 10 sends, use authentication key A K
nIn addition, in step P3, in the hash function h that client 20 sends, use encryption key SK at server 10
n, IDc, IDs and SIGNAL '
N, 1Hash function as parameter.
By like this, even the hypothesis assailant can know SS
i, AK
i, SK
iIn any one value, also can't calculate other value.So the assailant just must know AK for the regular user of personation in i session carries out cipher key change
i, SIGNAL, regular user id information (IDs, IDc), in order to carry out coded communication, also to know SK
i, SIGNAL, regular user's id information, the information of number of communications.
In addition, use authenticate key AK
i(h2 (K
I-1)) DH of the client 20 in n the session openly is worth g
XnEncrypt.So, do not know AK
iThe assailant can't know g
XnTherefore, the common key of Diffie-Hellman that generates in the manner, has is the few and information security of amount of calculation.
(embodiment 4)
In the foregoing description 2 and embodiment 3, carry out the Diffie-Hellman cipher key change simultaneously with authentication, but in present embodiment 4, omit the Diffie-Hellman cipher key change.The same beyond the unique portion of present embodiment 4 with embodiment 2.In present embodiment 4, pay prosign to the part identical, and omit explanation with embodiment 2.
Figure 10 is the figure of the embodiment 4 of explanation authentication method of the present invention.In present embodiment 4, at first, client 20 generates random number R c (the 1st random number), simultaneously will and server 10 between the total key K 1 (the 1st total key) that had in advance and random number R 0 (initial random number) (K1, functional value R0) is as SIGNAL as the pseudo random number prf of parameter
C1(the 1st disposable ID) obtains (step S11), sends this SIGNAL to server 10
C1, the random number R c (step S12) that encrypted with total key K 1.
Then, carry out following the processing: server 10 generates random number R s (the 2nd random number), and (K1, functional value Rc) is as SIGNAL as the pseudo random number prf of parameter for random number R c that will decode with total key K 1 and total key K 1 simultaneously
S1(the 2nd disposable ID) obtains (step S13), sends this SIGNAL to client 20
S1, random number R s, the random number R 0+Rc (with random number R 0, Rc result of calculation, for example both XORs etc.) (step S14) that have encrypted with total key K 1 as the regulation of parameter.
Then, carry out following processing: client 20 is obtained SIGNAL according to random number R c and total key K 1 by calculating
S1, by to this result of calculation and the SIGNAL that receives from server 10
S1Compare, identified server 10 compares by reception data and result of calculation to random number R 0+Rc simultaneously, judges the legitimacy (step S15) of server 10.
The result of above-mentioned judgement be each to receive data be consistent with result of calculation, judge server 10 and be under the proper situation, client 20 generates total key K 2 (the 2nd total key) according to random number R c and random number R s, simultaneously as SIGNAL
C2(the 3rd disposable ID) obtains that (functional value Rc) sends these SIGNAL to server 10 for K2, Rs as the pseudo random number function prf of parameter with this total key K 2, random number R s and random number R c
C2, random number R c+Rs (with random number R c, Rs result of calculation) (step S16) as the regulation of parameter.On the other hand, data and result of calculation are inconsistent receiving, and judge under the server 10 wrongful situations, end the visit to server 10, finish this authentication processing.
If server 10 receives SIGNAL from client 20
C2, then generate total key K 2 according to random number R c and random number R s, obtain SIGNAL according to total key K 2, random number R s and random number R c by calculating simultaneously
C2, by to this result of calculation and the SIGNAL that receives from client 20
C2Compare, identify customer end 20 compares by reception data and result of calculation to random number R c+Rs simultaneously, judges the legitimacy (step S17) of client 20.
It is consistent with result of calculation to be in above-mentioned judged result that each receives data, judges client 20 and is under the proper situation, finishes this authentication processing, transfers to next data transfer process.
On the other hand, data and result of calculation are inconsistent receiving, and judging client 20 is under the wrongful situation, and refusal finishes this authentication processing from the visit of client 20.
As mentioned above, according to present embodiment 4, use the random number that will in mutual authentication process, generate, the total key K that in mutual authentication process, changes functional value as disposable ID as the pseudo random number function prf of parameter, therefore the same with the foregoing description 2, the fail safe of disposable ID can be improved, rapid and safe mutual authentication can be realized.
(embodiment 5)
In the foregoing description 4, the feasible total cipher key change that is used for the generation of disposable ID (SIGNAL) in the process of authentication mutually, but in present embodiment 5, above-mentioned total key is fixed.
That is, in present embodiment 5, as shown in figure 11, at first, client 20 generates random number R c (the 1st random number), simultaneously as SIGNAL
C1(the 1st disposable ID) obtain with and server 10 between the total key K that had in advance and random number R 0 (initial random number) (K, functional value R0) (step S21) sends this SIGNAL to server as the pseudo random number function prf of parameter
C1, the random number R c (step S22) that encrypted with total key K.
Then, server 10 generates random number R s (the 2nd random number), simultaneously as SIGNAL
S1(the 2nd disposable ID) obtains the random number R c that will encrypt with total key K and total key K, and (K, functional value Rc) (step S23) send these SIGNAL to client 20 as the pseudo random number function prf of parameter
S1, random number R s, the random number R 0+Rc (with random number R 0, Rc result of calculation) (step S24) that have encrypted with total key K as the regulation of parameter.
Then, client 20 is obtained SIGNAL according to random number R c and total key K by calculating
S1, by to this result of calculation and the SIGNAL that receives from server 10
S1Compare, identified server 10 compares by reception data and result of calculation to random number R 0+Rc simultaneously, judges the legitimacy (step S25) of server 10.
It is consistent with result of calculation to be in above-mentioned judged result that each receives data, judges server 10 and is under the proper situation, and client 20 is as SIGNAL
C2(the 3rd disposable ID) obtains that (functional value Rc) sends these SIGNAL to server 10 for K, Rs as the pseudo random number function prf of parameter with random number R c, random number R s and total key K
C2, random number R c+Rs (with random number R c, Rs result of calculation) (step S26) as the regulation of parameter.
On the other hand,, judge under the server 10 wrongful situations, end visit, finish this authentication processing server 10 if reception data and result of calculation are inconsistent.
If server 10 receives SIGNAL from client 20
C2, then obtain SIGNAL by calculating according to random number R c, random number R s and total key K
C2, by to this result of calculation and the SIGNAL that receives from client 20
C2Compare, identify customer end 20 compares by reception data and result of calculation to random number R c+Rs simultaneously, judges the legitimacy (step S27) of client 20.
It is consistent with result of calculation to be in above-mentioned judged result that each receives data, judges client 20 and is under the proper situation, finishes this authentication processing, transfers to next data transfer process.
On the other hand, data and result of calculation are inconsistent receiving, and judging client 20 is under the wrongful situation, and refusal finishes this authentication processing from the visit of client 20.
As mentioned above, according to present embodiment 5, random number that will generate in mutual authentication process and total key K are used as disposable ID as the functional value of the pseudo random number function prf of parameter, even therefore for example total key K is leaked to the third party, but because the functional value by random number pseudo random number function prf changes successively in the process of authentication mutually, so do not know the random number that in the process of mutually authentication, generates, unpredictable disposable ID yet.Therefore, the same with the foregoing description 2~4, the fail safe that can improve disposable ID can realize rapid and safe mutual authentication.
(embodiment 6)
Figure 12 is the figure of the embodiment 6 of explanation authentication method of the present invention.In this embodiment 6, at first, client 20 generates random number R
Ci(the 1st random number) is simultaneously as SIGNAL
Ci(the 1st disposable ID) obtain with and server 10 between the total key K that had in advance
i, random number R
Ci-1(the 1st storage random number) and random number R
Si-1(the 2nd storage random number) is as the pseudo random number function prf (K of parameter
i, R
Ci-1, R
Si-1) functional value (step S31).
In addition, R
CiBe the random number that in i session, generates by client 20, R
SiBe the random number that in i session, generates by server 10, K
iIt is the variable total key that in i session, uses.In addition, the random number R that in (i-1) session last time, generates
Ci-1, R
Si-1Be stored in the storage area of each storage device 13,23 of server 10 and client 20, according to these R
Ci-1, R
Si-1, generate total key K
i
Then, client 20 is generating SIGNAL
C1After, send with total key K to server 10
iTo IDc (client id), IDs (server ID) and random number R
CiCarried out the enciphered data E that encrypts
Ki(IDc, IDs, R
Ci), SIGNAL
C1(step S32).
If server 10 receives SIGNAL from client 20
C1, then according to total key K
i, random number R
Ci-1And random number R
Si-1Obtain SIGNAL by calculating
C1, by to this result of calculation and the SIGNAL that receives from client 20
C1Compare, identify customer end 20, under situation about can't discern, refusal communication.Under situation about can discern, use total key K
iTo enciphered data E
Ki(IDc, IDs, R
Ci) be decrypted, according to the IDc and the IDs that are included in these data of having deciphered, judge the legitimacy of client 20.
In the result of above-mentioned judgement is to receive data and be stored in storage data consistent in the server 10 in advance, judges client 20 and is under the proper situation, the generation random number R
Si(the 2nd random number) is simultaneously as SIGNAL
S1Obtain random number R
Ci, random number R
Si-1With total key K
iPseudo random number function prf (K as parameter
i, R
Ci, R
Si-1) functional value.Then, storing random number R
Ci-1, R
Si-1Storage area in store R respectively
Ci, R
Si, simultaneously according to these random number R
Ci, R
SiGenerate total key K
I+1And storage (step S33).
Then, server 10 sends with total key K to client 20
iTo IDc, IDs and random number R
SiCarried out the enciphered data E that encrypts
Ki(IDs, IDc, R
Si), SIGNAL
S1(step S34).
On the other hand, inconsistent in reception data and storage data, to judge under the client 20 wrongful situations, refusal finishes this authentication processing from the visit of client 20.
If client 20 receives SIGNAL from server 10
S1, then according to total key K
i, random number R
CiAnd R
Si-1Obtain SIGNAL by calculating
S1, by to this result of calculation and the SIGNAL that receives from client 20
S1Compare, identified server 10, under situation about can't discern, refusal communication.On the other hand, under situation about can discern, use total key K
i, to enciphered data E
Ki(IDs, IDc, R
Si) be decrypted, according to the IDc and the IDs that are included in these data of having deciphered, judge the legitimacy of server 10.Under the situation that identifies server 10, be not merely able to determine communication counterpart, can also confirm that server 10 has received random number R
Ci
Then, be to receive data and be stored in storage data consistent in the client 20 in advance in above-mentioned judged result, judge server 10 and be under the proper situation, storing random number R
Ci-1, R
Si-1Storage area in store R respectively
Ci, R
Si, according to these random number R
Ci, R
SiGenerate, store total key K
I+1This authentication processing is finished in back (step S35), transfers to next data transfer process.On the other hand, inconsistent in reception data and storage data, judging server 10 is under the wrongful situation, and refusal finishes this authentication processing from the visit of server 10.
As mentioned above, according to this embodiment 6, on the basis that can access the effect the same, effect, by sending to communication counterpart with total key K with the foregoing description 4
iTo IDc, IDs and random number R
SiCarried out the enciphered data E that encrypts
Ki(IDs, IDc, R
Si), even for example rewriting by the assailant under the situation of enciphered data thus, owing to be included in the id information (IDs in the enciphered data, IDc) correctly do not deciphered, also can easily to detect the enciphered data of sending be wrong so receive the server 10 of these data or client 20, can not accept random number and discard.In addition, even at SIGNAL
C1Value and other a plurality of clients situation about repeating under, by with reference to the id information (IDs, IDc) that is included in the enciphered data, also can easily determine communication counterpart.
And then, according to this embodiment 6, whether correctly the id information (IDs, IDc) of server, client is encrypted by confirming communication counterpart, judge the legitimacy of communication counterpart, therefore the number of communications that needs to carry out 3 times in the foregoing description 4 can be reduced to 2 times, can carry out more efficient authentication.
(embodiment 7)
Figure 13 is the figure of the embodiment 7 of explanation authentication method of the present invention.In present embodiment 7, at first, client 20 generates random number R
Ci(the 1st random number) is simultaneously as SIGNAL
C1(the 1st disposable ID) obtain with and server 10 between the fixing total key K, the random number R that have had in advance
Ci-1(the 1st storage random number) and random number R
Si-1(the 2nd storage random number) is as pseudo random number function prf (K, the R of parameter
Ci-1, R
Si-1) functional value (step S41).
In addition, R
CiBe the random number that in i session, generates by client 20, R
SiIt is the random number that in i session, generates by server 10.In addition, last time generating random number R in (the i-1 time) session
Ci-1, R
Si-1Be stored in the storage area of each storage device 13,23 of server 10 and client 20.
Then, client 20 is generating SIGNAL
C1After, send with total key K IDc (client id), IDs (server ID) and random number R to server 10
CiCarried out the enciphered data E that encrypts
k(IDc, IDs, R
Ci), SIGNAL
C1(step S42).
If server 10 receives SIGNAL from client 20
C1, then according to total key K, random number R
Ci-1And random number R
Si-1Obtain SIGNAL by calculating
C1, by to this result of calculation and the SIGNAL that receives from client 20
C1Compare, identify customer end 20, under situation about can't discern, refusal communication.Under situation about can discern, use total key K to enciphered data E
k(IDc, IDs, R
Ci) be decrypted, according to the IDc, the IDs that are included in these data of having decoded, judge the legitimacy of client 20.
In above-mentioned judged result is to receive data and be stored in storage data consistent in the server 10 in advance, judges client 20 and is under the proper situation, the generation random number R
Si(the 2nd random number) is simultaneously as SIGNAL
S1(the 2nd disposable ID) obtains random number R
Ci, random number R
Si-1With pseudo random number function prf (K, the R of total key K as parameter
Ci, R
Si-1) functional value.Then, storing random number R
Ci-1, R
Si-1Storage area in store R respectively
Ci, R
Si(step S43).
Then, server 10 sends with total key K IDc, IDs and random number R to client 20
SiCarried out ciphered data E
k(IDs, IDc, R
Si), SIGNAL
S1(step S44).
On the other hand, inconsistent in reception data and storage data, judging client 20 is under the wrongful situation, and refusal finishes this authentication processing from the visit of client 20.
If client 20 receives SIGNAL from server 10
S1, then according to total key K, random number R
CiAnd random number R
Si-1Obtain SIGNAL by calculating
S1, by to this result of calculation and the SIGNAL that receives from client 20
S1Compare, identified server 10, under situation about can't discern, refusal communication.On the other hand, under situation about can discern, use total key K, to enciphered data E
k(IDs, IDc, R
Si) be decrypted, according to the IDc and the IDs that are included in these data of having deciphered, judge the legitimacy of server 10.Under the situation that identifies server 10, be not merely able to determine communication counterpart, can also confirm that server 10 has received random number R
Ci
Then, be to receive data and be stored in storage data consistent in the client 20 in advance in above-mentioned judged result, judge server 10 and be under the proper situation, storing random number R
Ci-1, R
Si-1Storage area in store R respectively
Ci, R
Si, according to these random number R
Ci, R
SiAfter generation, the total key K of storage (step S45), finish this authentication processing, transfer to next data transfer process.On the other hand, inconsistent in reception data and storage data, judging server 10 is under the wrongful situation, and refusal finishes this authentication processing from the visit of server 10.
As mentioned above, according to this embodiment 7, on the basis that can access the effect the same, effect with the foregoing description 5, even for example rewriting under the situation of enciphered data by the assailant, receiving the server 10 of these data or client 20, also can easily to detect the enciphered data of sending be wrong, can not accept random number and discard.In addition, even at SIGNAL
C1Value and other a plurality of clients situation about repeating under, by with reference to the id information (IDs, IDc) that is included in the enciphered data, also can easily determine communication counterpart.And then, according to present embodiment 7, the number of communications that needs to carry out 3 times in the foregoing description 4 can be reduced to 2 times, can carry out more efficient authentication.
(embodiment 8)
In present embodiment 8, the method that prevents of the repeat attack that has used disposable ID is described.Repeat attack be meant assailant (third party) eavesdropping in the past just when correspondent's effective communication information when sending, and the attack that utilizes again.
At first, authentication mode (the Chun-Li Lin that has utilized the password that is called as OSPA (Optimal StrongPassword Authentication) is described according to Fig. 4, Hung-Min SUN, TzoneLih HWANG, Attacks and Solutions on Strong-Password Authentication, IEICE TRANS.COMMUN., Vol.E84-B.No.9, September 2001.).
Before this authentication, hash function h and password P are preserved in storage in advance in client 20, and hash function h, log-on count n, IDc (client id) and checking information h are preserved in storage in advance in server 10
2(P@n).Checking information h
2(P@n) be to be used for the information of legitimacy of checking client 20, and the information that is to use the XOR of password P and number of communications n to generate by hash function h.In addition, h
2(P@n) calculating of 2 hash function h is carried out in expression, i.e. h (h (P@n)), and the @ in this formula represents XOR.
In this authentication mode, at first client 20 sends IDc (step S51) to server 10.
If server 10 receives IDc from client 20, then compare by IDc that this is received and the IDc that stores in advance, identify customer end 20, under situation about can't discern, refusal communication.Under situation about can discern, send log-on count n (step S52) to server 10.
If client 20 receives log-on count n from server 10, then use the hash function h and the password P of this log-on count n that receives, storage in advance, generate the 1st~the 3rd authentication information C1, C2, C3 (step S53), and send these C1, C2, C3 (step S54) to server 10.At this, C1=h (P@n) @h
2(P@n), C2=h
2(P@ (n+1)) @h (P@n), C3=h
3(P@ (n+1)).
If server 10 receives C1, C2, C3 from client 20, then at first confirm the C1 ≠ C2 that receives.This is because owing to might produce following problem: calculating C1=h (P@n) @h
2(P@n), C2=h (P@n) @h
2(P@n), C3=h
3(P@n) under the situation about also sending, server 10 Authentication Clients 20, information is used in checking as the next one, does not store h
2(P@ (n+1)), but storage h
2(P@n), so will prevent to produce such problem.
Then, server 10 is obtained h (P@n), h by calculating from C1, C2
2(P@ (n+1)).That is, by obtaining C1 that receives and the checking information h that stores in advance
2(P@n) XOR is derived h (P@n), derives h by the XOR of the C2 that obtains this h (P@n) and receive
2(P@ (n+1)).
Then, use the hash function h of storage in advance, calculate h (h (P@n)) from the h (P@n) that obtains, verify this h (h (P@n)) whether with the checking information h of storage in advance
2(P@n) unanimity.H from obtaining simultaneously
2(P@ (n+1)) uses above-mentioned hash function h to calculate h (h
2(P@ (n+1))), and verify this h (h
2(P@ (n+1))) whether consistent with the C3 that receives (step S55).
The result is consistent in these checkings, judges client 20 and is under the proper situation, will verify with information from h
2(P@n) be updated to h
2(P@ (n+1)) after the session number of times is updated to n+1 from n, makes a promise the visit from client 20, finishes this authentication processing.
On the other hand, be that any one is inconsistent at least in above-mentioned authentication result, to judge under the client 20 wrongful situations, refusal finishes this authentication processing from the visit of client 20.
By above-mentioned authentication mode, can carry out authentication to listener-in's safety, have the following advantages simultaneously: can when each session, will verify with information from h
2(P@n) be updated to h
2(P@ (n+1)).
But, in above-mentioned authentication mode, have the problem of the repeat attack that can't prevent from once used authentication information C1, C2, C3 reused and carry out.
So present inventors etc. have developed following authentication mode as the authentication mode that solves such problem.
Figure 15 is the figure of the embodiment 8 of explanation authentication method of the present invention.As shown in Figure 15, hash function h and password P are preserved in storage in advance in client 20, and hash function h, log-on count n, IDc and checking information h are preserved in storage in advance in server 10
2(P@n) under the situation, at first client 20 sends IDc (step S61) to server 10.
If server 10 receives IDc from client 20, then compare by IDc that this is received and the IDc that stores in advance, come identify customer end 20, under situation about can't discern, refusal communication.Under situation about can discern, send log-on count n (step S62) to server 10.
If client 20 receives log-on count n from server 10, then use the hash function h and the password P of this log-on count n that receives, storage in advance, generate the 1st~the 3rd authentication information C1, C2, C3, SIGNAL
n(step S63), and with these C1, C2, C3, SIGNAL
nSend to server 10 (step S64).At this, C1=h (P@n) @h
2(P@n), C2=h
2(P@ (n+1)) @h (P@n), C3=h
3(P@ (n+1)), SIGNAL
n=h (h
2(P@n), n).Promptly.SIGNAL as the disposable ID that in n session, uses
nBecome checking information h
2(P@n) and log-on count n as the functional value of the hash function h of parameter.
If server 10 receives C1, C2, C3, SIGNAL from client 20
n, then at first according to the checking information h that stores in advance
2(P@n) and log-on count n obtain SIGNAL by calculating
n, by to this result of calculation and the SIGNAL that receives from client 20
nCompare, identify customer end 20, under situation about can't discern, refusal communication.Under situation about can discern, after having confirmed the C1 ≠ C2 that receives, obtain h (P@n), h by calculating from C1 and C2
2(P@ (n+1)).
Then, server 10 uses the hash function h of storage in advance, calculates h (h (P@n)) from the h (P@n) that obtains, and verify this h (h (P@n)) whether with the checking information h of storage in advance
2(P@n) unanimity.Simultaneously, the h from obtaining
2(P@ (n+1)) uses above-mentioned hash function h to calculate h (h
2(P@ (n+1))), and verify this h (h
2(P@ (n+1))) whether consistent with the C3 that receives (step S65).
The result is consistent in these checkings, judges client 20 and is under the proper situation, will verify with information from h
2(P@n) be updated to h
2(P@ (n+1)) after the session number of times is updated to n+1 from n, makes a promise the visit from client 20, finishes this authentication processing.
On the other hand, be that any one is inconsistent at least in above-mentioned authentication result, judging client 20 is under the wrongful situation, refusal finishes this authentication processing from the visit of client 20.
According to above-mentioned authentication mode, because the assailant can not know as the h of checking with information
2(P@n), so the SIGNAL of the unpredictable next session of assailant.And, owing in other sessions, can't use SIGNAL, so can prevent assailant's repeat attack effectively.
In addition, as shown in figure 16, beyond hash function h and password P, also in client 20, under the situation of storage preservation log-on count n, can omit above-mentioned step S61,62 processing in advance.So, in this case, in the protection of seeking the eavesdropping of id information (IDc), can also prevent assailant's repeat attack effectively.
In addition, in above each embodiment, use disposable ID in the checking between multiple arrangement, but also can in the authentication between a plurality of application programs in the device, use disposable ID.
In addition, in the various embodiments described above, example in client server system, be suitable for the situation of authentication method of the present invention, but be not limited to this, for example, also can in P2P (Peer to Peer) system, be suitable for authentication method of the present invention.
In addition, also can utilize authentication method of the present invention when each visit of user, in this case, can urge the user to input password, value that generates with password or from password and disposable ID are as the authentication data.
As described above,, can generate and be difficult to eavesdrop and disposable ID that fail safe is superior, can realize the fail safe (PFS) in the future of disposable ID according to the present invention.
In addition, use disposable ID by the generation method generation of disposable ID of the present invention, (between client, server) authenticates between device, therefore the third party can't determine sender, recipient, on the other hand, if proper sender, recipient then can grasp disposable ID as identifying information.
Therefore, can strengthen patience,, improve the fail safe of communication even under open network environment, also can seek the protection of id information to DoS attack and personation etc.In addition, remote access can be carried out, convenience can be improved.
In addition,, the number of communications that needs to carry out 3 times in existing cipher key change, authentication mode can be reduced to 2 times, can realize rapid and safe authentication and cipher key change according to the present invention.
Desirable embodiment with reference to the accompanying drawings describes the present invention, and does not easily obtain various distortion and change but those skilled in the art certainly do not break away from thought of the present invention ground.The present invention also comprises such distortion example.
Claims (50)
1. an inter-authentication method authenticates via the 1st authenticate device of communication line connection and the correlation of the 2nd authenticate device, it is characterized in that comprising:
Each when authentication of the authentication that will between above-mentioned the 1st authenticate device and the 2nd authenticate device, carry out mutually in advance use last time authentication the storage Data Update be used for determining above-mentioned the 1st authenticate device the storage data, be used for determining that the renewal result of storage data of the 2nd authenticate device is as the resume data, above-mentioned the 1st authenticate device and the 2nd authenticate device separately in the storing step of storage commonly, wherein
Above-mentioned the 1st authenticate device comprises: use the newly-generated storage data of resume data of storage, and use above-mentioned resume data the new storage data that generate to be carried out the 1st forwarding step of encrypting and transmitting to the 2 authenticate devices; According to from the storage data of above-mentioned the 2nd authenticate device and the new storage data of above-mentioned transmission, upgrade the 1st step of updating of above-mentioned resume data,
Above-mentioned the 2nd authenticate device comprises: use from the storage data of above-mentioned the 1st authenticate device and the newly-generated storage data of resume data of storage, and use above-mentioned resume data the new storage data that generate to be carried out the 2nd forwarding step of encrypting and transmitting to the 1 authenticate device; According to from the storage data of above-mentioned the 1st authenticate device and the new storage data of above-mentioned transmission, upgrade the 2nd step of updating of above-mentioned resume data,
In at least one side's device of above-mentioned the 1st authenticate device and the 2nd authenticate device, when the legitimacy of storing data according to the resume data was set up, the correlation that is verified as the 1st authenticate device and the 2nd authenticate device was proper.
2. inter-authentication method according to claim 1 is characterized in that:
With above-mentioned resume data as resume data K, as these resume data K storage be used for determine that the storage data of above-mentioned the 1st authenticate device are code data C and verify data R, be used for determining that the storage data of above-mentioned the 2nd authenticate device are code data S and verify data Q.
3. inter-authentication method according to claim 2 is characterized in that:
Above-mentioned the 1st forwarding step uses code data S and the verify data R of the resume data K that is stored, newly-generated code data C, and the verify data R at the resume data K that is stored carries out newly-generated, use above-mentioned resume data K that the new verify data R of generation is encrypted and obtain verify data A, send above-mentioned verify data A and new code data C to above-mentioned the 2nd authenticate device
Above-mentioned the 1st step of updating receives data from above-mentioned the 2nd authenticate device, according to the above-mentioned new code data C that has sent, the newly-generated code data S that receives, the newly-generated verify data Q that receives, the above-mentioned new verify data R that has sent, upgrade above-mentioned resume data K
Above-mentioned the 2nd forwarding step receives data from above-mentioned the 1st authenticate device, the verify data Q of new code data C that use receives and the resume data K that is stored, newly-generated code data S, and the verify data Q at the resume data K that is stored carries out newly-generated, the resume data K that the new verify data Q that generates has been stored in use encrypts and obtains verify data B, send above-mentioned verify data B and new code data S to the 1st authenticate device
Above-mentioned the 2nd step of updating is upgraded above-mentioned resume data K according to the new code data C, newly-generated code data S, newly-generated verify data Q, the new verify data R that receives that receive,
In at least one side's device of above-mentioned the 1st authenticate device and the 2nd authenticate device, according to resume data K and the legitimacy of code data when setting up, the correlation that is verified as the 1st authenticate device and the 2nd authenticate device is proper.
4. inter-authentication method according to claim 1 is characterized in that:
In above-mentioned storing step, as the renewal result of the authentication in above-mentioned the 1st forwarding step of resume storage, the 1st step of updating, the 2nd forwarding step, the 2nd step of updating.
5. inter-authentication method according to claim 2 is characterized in that:
At least one side of above-mentioned verify data R and verify data Q is at least one of the random number that produces by random number generating apparatus, data capacity, time data.
6. inter-authentication method according to claim 2 is characterized in that:
In the 1st forwarding step of above-mentioned the 1st authenticate device, the value of the operation result of the function that has generated based on pre-determining of above-mentioned code data S and verify data R as code data C, in the 2nd forwarding step of above-mentioned the 2nd authenticate device, the value of the operation result of the function that has generated based on pre-determining of above-mentioned code data C and above-mentioned verify data Q as code data S.
7. inter-authentication method according to claim 2 is characterized in that:
In the 1st forwarding step of above-mentioned the 1st authenticate device, the value of the operation result of the function of having obtained based on pre-determining of above-mentioned new verify data R that has generated and above-mentioned resume data K as verify data A, in the 2nd forwarding step of above-mentioned the 2nd authenticate device, the value of the operation result of the function of having obtained based on pre-determining of above-mentioned new verify data Q that has generated and above-mentioned resume data K as verify data B.
8. inter-authentication method according to claim 2 is characterized in that:
The verification step of above-mentioned the 1st authenticate device based on the verify data Q that is stored among the above-mentioned resume data K with last time sent before the value of operation result of the function that has pre-determined of the code data C that generated when consistent with the code data S that receives, it is proper being verified as above-mentioned correlation.
9. inter-authentication method according to claim 2 is characterized in that:
The verification step of above-mentioned the 2nd authenticate device based on the code data S that is stored among the above-mentioned resume data K with pre-determining of verify data R the value of operation result of function when consistent with the code data C that receives, it is proper being verified as above-mentioned correlation.
10. inter-authentication method according to claim 2 is characterized in that:
Above-mentioned storing step will be carried out the resulting data of result of a plurality of above-mentioned the 1st forwarding steps, the 2nd forwarding step, the 1st step of updating and the 2nd step of updating and store as resume data K.
11. a mutual authenticate device is made of the 1st authenticate device and the 2nd authenticate device that connect via communication line, and authenticates the correlation between above-mentioned the 1st authenticate device and the 2nd authenticate device, it is characterized in that comprising:
Be arranged in above-mentioned the 1st authenticate device, storage is used for determining the 1st memory of the storage data of the 1st authenticate device;
Be arranged in above-mentioned the 2nd authenticate device, storage is used for determining the 2nd memory of the storage data of the 2nd authenticate device;
During each authentication of the authentication of carrying out mutually in advance between above-mentioned the 1st authenticate device and the 2nd authenticate device, storage is the verify data storage device of the storage data of authentication last time;
The renewal result that uses above-mentioned verify data to upgrade as the resume data, commonly is stored in above-mentioned the 1st authenticate device and the 2nd authenticate device resume data storage device in separately;
Be arranged in the authenticate device of authentication in above-mentioned the 1st authenticate device or the 2nd authenticate device, use the storage data generating device of the newly-generated storage data of above-mentioned resume data with the data transmitter side;
Use above-mentioned resume data that the new storage data that generate are encrypted, and send to 1st dispensing device of authentication with the authenticate device of Data Receiving side;
Be arranged in the authenticate device of authentication usefulness Data Receiving side, use is from the storage data of the authenticate device of above-mentioned authentication usefulness data transmitter side and the resume data of storage, the storage data generating device of newly-generated storage data;
Use above-mentioned resume data that the new storage data that generate are encrypted, and be transmitted back to 2nd dispensing device of above-mentioned authentication with the authenticate device of data transmitter side;
Be arranged in the authenticate device of authentication with the data transmitter sides, according to from above-mentioned authentication with the storage data of the authenticate device loopback of Data Receiving side and the above-mentioned new storage data that sent, upgrade the 1st updating device of above-mentioned resume data;
Be arranged in the authenticate device of authentication with the Data Receiving side,, upgrade the 2nd updating device of above-mentioned resume data, wherein according to the storage data of the authenticate device of using the data transmitter side from above-mentioned authentication and the new storage data of above-mentioned loopback
Possess at least one side of above-mentioned the 1st authenticate device and the 2nd authenticate device: when the legitimacy of storing data according to above-mentioned resume data was set up, the correlation that is verified as the 1st authenticate device and the 2nd authenticate device was proper demo plant.
12. mutual authenticate device according to claim 11 is characterized in that also comprising:
The authentication data computing device that calculating is used for using above-mentioned resume data that the new storage data that generate are encrypted.
13. mutual authenticate device according to claim 12 is characterized in that also comprising:
When using data, generate the random number generating apparatus of the data of encrypting usefulness by aforementioned calculation device generation authentication.
14. the generation method of a disposable ID between a plurality of devices that authenticate mutually or in the authentication between application program, will only limit expendable identifying information as disposable ID, generate this disposable ID, it is characterized in that:
Device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that all changes in necessary each the regulation communication unit of above-mentioned authentication, obtain simultaneously the functional value of this variable total key, generate above-mentioned disposable ID from this functional value as the one-way function of parameter.
15. the generation method of a disposable ID in the authentication between multiple arrangement or between application program, will only limit expendable identifying information as disposable ID, generate this disposable ID, it is characterized in that:
Device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that all changes in necessary each the regulation communication unit of above-mentioned authentication, obtain simultaneously this variable total key and the information relevant functional value, generate above-mentioned disposable ID from this functional value as the one-way function of parameter with communication sequence or number of times.
16. the generation method of a disposable ID in the authentication between multiple arrangement or between application program, will only limit expendable identifying information as disposable ID, generate this disposable ID, it is characterized in that:
Device that carries out above-mentioned authentication or application program separately in, in necessary each the regulation communication unit of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value, generate above-mentioned disposable ID from this functional value as the one-way function of parameter.
17. the generation method of a disposable ID, be only to limit expendable identifying information in the authentication between side's device and the opposing party's device as disposable ID, in both sides' device, generate this disposable ID, side's device sends disposable ID to the opposing party's device simultaneously, the opposing party's device is by comparing and contrast disposable ID that receives from side's device and the disposable ID that oneself generates, under the situation of identification or authentication the opposing party device, one side's device and the opposing party's device generate the method for disposable ID, it is characterized in that:
One side's device and the opposing party's device are created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously the functional value of this variable total key, and generate above-mentioned disposable ID from this functional value as the one-way function of parameter.
18. the generation method of a disposable ID, be only to limit expendable identifying information in the authentication between side's device and the opposing party's device as disposable ID, in both sides' device, generate this disposable ID, side's device sends disposable ID to the opposing party's device simultaneously, the opposing party's device is by comparing and contrast disposable ID that receives from side's device and the disposable ID that oneself generates, under the situation of identification or authentication the opposing party device, one side's device and the opposing party's device generate the method for disposable ID, it is characterized in that:
One side's device and the opposing party's device are created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously this variable total key and the information relevant functional value, and generate above-mentioned disposable ID from this functional value as the one-way function of parameter with communication sequence or number of times.
19. the generation method of a disposable ID, be only to limit expendable identifying information in the authentication between side's device and the opposing party's device as disposable ID, in both sides' device, generate this disposable ID, side's device sends disposable ID to the opposing party's device simultaneously, the opposing party's device is by comparing and contrast disposable ID that receives from side's device and the disposable ID that oneself generates, under the situation of identification or authentication the opposing party device, one side's device and the opposing party's device generate the method for disposable ID, it is characterized in that:
One side's device and the opposing party's device generate random number in the communication unit of the necessary regulation of above-mentioned authentication, obtain simultaneously the total key of this random number and the regulation functional value as the one-way function of parameter, and generate above-mentioned disposable ID from this functional value.
20. authentication method, between device or in the authentication between application program, to only limit expendable identifying information as disposable ID, the device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that all changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously the functional value of this variable total key as the one-way function of parameter, generate disposable ID from this functional value, use the disposable ID of this generation, carry out the authentication between the 1st device and the 2nd device, it is characterized in that comprising:
Above-mentioned the 1st device use and above-mentioned the 2nd device between the variable total key that had in advance generate above-mentioned disposable ID, simultaneously to above-mentioned the 2nd device be sent to disposable ID that the major general should generate, the ID that set in advance in the 1st device is as the functional value of the one-way function Fc of parameter, be stored in the side's that the 1st Diffie-Hellman in installing openly is worth step in advance;
Above-mentioned the 2nd device is obtained the functional value of above-mentioned disposable ID and above-mentioned one-way function Fc by calculating, disposable ID that receives to this result of calculation, from above-mentioned the 1st device and the functional value of one-way function Fc contrast, and judge the step of the legitimacy of above-mentioned the 1st device;
Above-mentioned the 2nd device is under the proper situation judging above-mentioned the 1st device, is sent to the major general to above-mentioned the 1st device and sets in advance ID in the 2nd installs as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the 2nd Diffie-Hellman in installing openly is worth step in advance;
Above-mentioned the 1st device is obtained the functional value of above-mentioned one-way function Fs by calculating, and the functional value of the one-way function Fs that receives to this result of calculation, from above-mentioned the 2nd device contrasts, and judges the step of the above-mentioned the 2nd legitimacy of installing.
21. authentication method according to claim 20 is characterized in that:
As above-mentioned one-way function Fc, the side that the total key that use will be stipulated, above-mentioned Diffie-Hellman openly are worth, set in advance ID, above-mentioned disposable ID in above-mentioned the 1st device as the pseudo random number function of parameter,
Simultaneously as above-mentioned one-way function Fs, use a side that the total key of afore mentioned rules, above-mentioned Diffie-Hellman openly are worth, the opposing party that above-mentioned Diffie-Hellman openly is worth, set in advance ID, above-mentioned disposable ID in the above-mentioned the 2nd installs as the pseudo random number function of parameter.
22. authentication method, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously this variable total key and the information relevant functional value as the one-way function of parameter with communication sequence or number of times, generate disposable ID from this function, use this disposable ID carry out the 1st the device and the 2nd the device between authentication, it is characterized in that comprising:
Above-mentioned the 1st device as the 1st disposable ID generate will and above-mentioned the 2nd device between the 1st variable total key that had in advance, the information relevant with the communication sequence of the 1st device is as the functional value of the one-way function of parameter, use the above-mentioned the 1st variable total key simultaneously, to setting in advance the ID in the 1st device, set in advance the ID in above-mentioned the 2nd device, the Diffie-Hellman side and the above-mentioned the 1st disposable ID that openly are worth that are stored in advance in the 1st device encrypt, to the above-mentioned the 2nd step of installing this enciphered data of transmission and above-mentioned the 1st disposable ID;
Above-mentioned the 2nd device is obtained the above-mentioned the 1st disposable ID by calculating, by this result of calculation, the above-mentioned the 1st disposable ID that receives from above-mentioned the 1st device are contrasted, discerns the above-mentioned the 1st step of installing;
Above-mentioned the 2nd device is under the situation that identifies above-mentioned the 1st device, use the above-mentioned enciphered data of the above-mentioned the 1st variable total secret key decryption, according to being included in setting in advance ID in above-mentioned the 1st device, set in advance ID and the above-mentioned the 1st disposable ID in the 2nd device in these data of having deciphered, judge the step of the legitimacy of above-mentioned the 1st device;
Above-mentioned the 2nd device is under the proper situation judging above-mentioned the 1st device, generating as the 2nd disposable ID will the above-mentioned the 1st variable total key and the information relevant with the 2nd communication sequence that the installs functional value as the one-way function of parameter, simultaneously a side who openly is worth according to the Diffie-Hellman that receives from above-mentioned the 1st device as the 2nd variable total key and be stored in the opposing party that the 2nd Diffie-Hellman installing openly is worth in advance and generate the common key of Diffie-Hellman installs transmission with the 2nd variable total key to the above-mentioned the 1st, set in advance the ID in above-mentioned the 1st device, set in advance ID in the 2nd device and the above-mentioned the 2nd disposable ID as the functional value of the one-way function h of parameter, the opposing party that above-mentioned Diffie-Hellman openly is worth, the step of above-mentioned the 2nd disposable ID;
Above-mentioned the 1st device is obtained the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned the 2nd device are contrasted, discerns the above-mentioned the 2nd step of installing;
Above-mentioned the 1st device is under the situation that identifies above-mentioned the 2nd device, the opposing party that the above-mentioned Diffie-Hellman that receives from above-mentioned the 2nd device as the above-mentioned the 2nd variable total key basis openly is worth, be stored in the common key of side generation Diffie-Hellman that the above-mentioned Diffie-Hellman in the 1st device openly is worth in advance, use the 2nd variable total key simultaneously, obtain the functional value of above-mentioned one-way function h by calculating, by to this result of calculation, the functional value of the one-way function h that receives from above-mentioned the 2nd device contrasts, and judges the step of the legitimacy of above-mentioned the 2nd device.
23. authentication method according to claim 22 is characterized in that:
As the one-way function that generates above-mentioned the 2nd disposable ID, use and the different one-way function of one-way function that generates above-mentioned the 1st disposable ID.
24. authentication method, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this function, use the disposable ID of this generation to carry out authentication between the 1st device and the 2nd device, it is characterized in that comprising:
Above-mentioned the 1st device generates the 1st random number, simultaneously as the 1st disposable ID obtain with and above-mentioned the 2nd device between the 1st total key that had in advance as the functional value of the one-way function of parameter, send the step of the 1st disposable ID and above-mentioned the 1st random number to above-mentioned the 2nd device;
Above-mentioned the 2nd device generates the 2nd random number, obtain as the 2nd disposable ID simultaneously above-mentioned the 1st random number and the above-mentioned the 1st is had the functional value of key as the one-way function of parameter, send the step of the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned the 1st device;
Above-mentioned the 1st device is according to above-mentioned the 1st random number and the above-mentioned the 1st total key, obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned the 2nd device are compared, judge the step of the legitimacy of above-mentioned the 2nd device;
Above-mentioned the 1st device generates the 2nd total key according to above-mentioned the 1st random number and above-mentioned the 2nd random number, obtain the 2nd total key, above-mentioned the 1st random number and above-mentioned the 2nd random number functional value as the 3rd disposable ID simultaneously, send the step of the 3rd disposable ID to above-mentioned the 2nd device as the one-way function of parameter;
Above-mentioned the 2nd device generates the above-mentioned the 2nd total key according to above-mentioned the 1st random number and above-mentioned the 2nd random number, obtain the above-mentioned the 3rd disposable ID according to the 2nd total key, above-mentioned the 1st random number and above-mentioned the 2nd random number by calculating simultaneously, by this result of calculation, the above-mentioned the 3rd disposable ID that receives from above-mentioned the 1st device are compared, judge the step of the legitimacy of above-mentioned the 1st device.
25. authentication method, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the shared key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this function, use the disposable ID of this generation to carry out authentication between the 1st device and the 2nd device, it is characterized in that comprising:
Above-mentioned the 1st device generates the 1st random number, simultaneously as the 1st disposable ID obtain with and above-mentioned the 2nd device between the total key that had in advance as the functional value of the one-way function of parameter, send the step of the 1st disposable ID and above-mentioned the 1st random number to above-mentioned the 2nd device;
Above-mentioned the 2nd device generates the 2nd random number, obtains above-mentioned the 1st random number and the above-mentioned total key functional value as the one-way function of parameter as the 2nd disposable ID simultaneously, sends the step of the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned the 1st device;
Above-mentioned the 1st device is according to above-mentioned the 1st random number and above-mentioned total key, obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned the 2nd device are compared, judge the step of the legitimacy of above-mentioned the 2nd device;
Above-mentioned the 1st device is obtained above-mentioned the 1st random number, above-mentioned the 2nd random number and the above-mentioned total key functional value as the one-way function of parameter as the 3rd disposable ID, sends the step of the 3rd disposable ID to above-mentioned the 2nd device;
Above-mentioned the 2nd device is obtained the above-mentioned the 3rd disposable ID according to above-mentioned the 1st random number, above-mentioned the 2nd random number and above-mentioned total key by calculating, by this result of calculation, the above-mentioned the 3rd disposable ID that receives from above-mentioned the 1st device are compared, judge the step of the legitimacy of above-mentioned the 1st device.
26. authentication method according to claim 24 is characterized in that:
Send being used under the state that the total key that had in advance between above-mentioned the 1st device and above-mentioned the 2nd device carried out encrypting to above-mentioned the 1st random number and above-mentioned the 2nd random number.
27., it is characterized in that according to the described authentication method of claim:
Send being used under the state that the total key that had in advance between above-mentioned the 1st device and above-mentioned the 2nd device carried out encrypting to above-mentioned the 1st random number and above-mentioned the 2nd random number.
28. any one the described authentication method according in the claim 24~26 is characterized in that:
Send in the step of the above-mentioned the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned the 1st device at above-mentioned the 2nd device, above-mentioned the 2nd device will and above-mentioned the 1st device between the random number that had in advance as initial random number, carry out the calculating of this initial random number and above-mentioned the 1st random number as the regulation of parameter, send this result of calculation to above-mentioned the 1st device, above-mentioned on the other hand the 1st device uses the aforementioned calculation result who receives from above-mentioned the 2nd device as the judgement material of the legitimacy of above-mentioned the 2nd device with the above-mentioned the 2nd disposable ID.
29. authentication method according to claim 24 is characterized in that:
Send in the step of above-mentioned the 3rd disposable ID to above-mentioned the 2nd device at above-mentioned the 1st device, above-mentioned the 1st device carries out the calculating as the regulation of parameter of above-mentioned the 1st random number and above-mentioned the 2nd random number, send this result of calculation to above-mentioned the 2nd device, above-mentioned on the other hand the 2nd device uses the aforementioned calculation result who receives from above-mentioned the 1st device as the judgement material of the legitimacy of above-mentioned the 1st device with the above-mentioned the 3rd disposable ID.
30. authentication method according to claim 25 is characterized in that:
Send in the step of above-mentioned the 3rd disposable ID to above-mentioned the 2nd device at above-mentioned the 1st device, above-mentioned the 1st device carries out the calculating as the regulation of parameter of above-mentioned the 1st random number and above-mentioned the 2nd random number, send this result of calculation to above-mentioned the 2nd device, above-mentioned on the other hand the 2nd device uses the aforementioned calculation result who receives from above-mentioned the 1st device as the judgement material of the legitimacy of above-mentioned the 1st device with the above-mentioned the 3rd disposable ID.
31. authentication method, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this function, use the disposable ID of this generation to carry out authentication between the 1st device and the 2nd device, it is characterized in that comprising:
Above-mentioned the 1st device generates the 1st random number, simultaneously as the 1st disposable ID obtain with and above-mentioned the 2nd device between the total key, the 1st storage random number and the 2nd storage random number that have had in advance as the functional value of the one-way function of parameter, send with above-mentioned total key setting in advance ID in the 1st device, setting in advance the 1st enciphered data that ID in the above-mentioned the 2nd installs and above-mentioned the 1st random number carried out encrypting, the step of above-mentioned the 1st disposable ID to above-mentioned the 2nd device;
Above-mentioned the 2nd device is obtained the above-mentioned the 1st disposable ID by calculating, by this result of calculation, the above-mentioned the 1st disposable ID that receives from above-mentioned the 1st device are contrasted, discerns the above-mentioned the 1st step of installing;
Above-mentioned the 2nd device is under the situation that identifies above-mentioned the 1st device, use above-mentioned total key that above-mentioned the 1st enciphered data is decrypted, according to being included in setting in advance the ID in above-mentioned the 1st device and setting in advance ID in the 2nd device in these data of having deciphered, judge the step of the legitimacy of above-mentioned the 1st device;
Above-mentioned the 2nd device is under the proper situation judging above-mentioned the 1st device, generate the 2nd random number, obtain above-mentioned the 1st random number, above-mentioned the 2nd storage random number and above-mentioned total key functional value simultaneously as the one-way function of parameter as the 2nd disposable ID, to above-mentioned the 1st device send with above-mentioned total key to set in advance the ID in above-mentioned the 1st device, ID and above-mentioned the 2nd random number that sets in advance in the 2nd device carried out the 2nd enciphered data of encryption, the step of above-mentioned the 2nd disposable ID;
Above-mentioned the 2nd device is replaced into above-mentioned the 1st random number with above-mentioned the 1st storage random number, above-mentioned the 2nd storage random number is replaced into the step of above-mentioned the 2nd random number;
Above-mentioned the 1st device is obtained the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned the 2nd device are contrasted, discerns the above-mentioned the 2nd step of installing;
Above-mentioned the 1st device is under the situation that identifies above-mentioned the 2nd device, use above-mentioned total key that above-mentioned the 2nd enciphered data is decrypted, according to being included in setting in advance the ID in above-mentioned the 2nd device and setting in advance ID in the 1st device in these data of having deciphered, judge the step of the legitimacy of above-mentioned the 2nd device;
Above-mentioned the 1st device is replaced into above-mentioned the 1st random number with above-mentioned the 1st storage random number, above-mentioned the 2nd storage random number is replaced into the step of above-mentioned the 2nd random number.
32. authentication method according to claim 31 is characterized in that:
Above-mentioned the 1st storage random number is being replaced into above-mentioned the 1st random number, will be above-mentioned after the 2nd storage random number is replaced into above-mentioned the 2nd random number, generate above-mentioned total key by storing random number according to these the 1st storage random numbers and the 2nd, make this total cipher key change.
33. server, between device or in the authentication between application program, will only limit expendable identifying information as disposable ID, the device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously the functional value of this variable total key as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and client between authenticate, it is characterized in that comprising:
Receive to the major general from above-mentioned client and set in advance client id above-mentioned client as the functional value of the one-way function Fc of parameter, be stored in the side that the Diffie-Hellman in the above-mentioned client openly is worth, the receiving system of above-mentioned disposable ID in advance;
Obtain the functional value Fc and the above-mentioned disposable ID of above-mentioned one-way function by calculating, compare by the above-mentioned disposable ID that receives to this result of calculation, from above-mentioned client and the functional value of above-mentioned one-way function Fc, judge the judgment means of the legitimacy of above-mentioned client;
Judging above-mentioned client in above-mentioned judgment means is under the proper situation, is sent to the major general to above-mentioned client and sets in advance server ID in this server as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the Diffie-Hellman in this server openly is worth dispensing device in advance.
34. client, between device or in the authentication between application program, will only limit expendable identifying information as disposable ID, the device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously the functional value of this variable total key as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and server between authenticate, it is characterized in that comprising:
Use and above-mentioned server between the variable total key that had in advance generate above-mentioned disposable ID, obtain to the major general by calculating simultaneously and set in advance client id in this client, send the functional value of these disposable ID and one-way function Fc, be stored in the side's that the Diffie-Hellman in this client openly is worth dispensing device in advance to above-mentioned server as the functional value of the one-way function Fc of parameter;
Receive to the major general from above-mentioned server and set in advance server ID above-mentioned server as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the Diffie-Hellman in the above-mentioned server openly is worth receiving system in advance;
Obtain the functional value of above-mentioned one-way function Fs by calculating, the functional value by the above-mentioned one-way function Fs that receives to this result of calculation, from above-mentioned server compares, and judges the judgment means of the legitimacy of above-mentioned server.
35. Verification System, constitute by the server and client side, to only limit expendable identifying information as disposable ID in the authentication of above-mentioned server and client side between device or between application program, the device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously the functional value of this variable total key as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and client between authenticate, it is characterized in that:
Above-mentioned server possesses:
Receive to the major general from above-mentioned client and set in advance client id above-mentioned client as the functional value of the one-way function Fc of parameter, be stored in the side that the Diffie-Hellman in the above-mentioned client openly is worth, the receiving system of above-mentioned disposable ID in advance;
Obtain the functional value Fc and the above-mentioned disposable ID of above-mentioned one-way function by calculating, compare by the above-mentioned disposable ID that receives to this result of calculation, from above-mentioned client and the functional value of above-mentioned one-way function Fc, judge the judgment means of the legitimacy of above-mentioned client;
Judging above-mentioned client in above-mentioned judgment means is under the proper situation, be sent to the major general to above-mentioned client and set in advance server ID in this server as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the Diffie-Hellman in this server openly is worth dispensing device in advance
Above-mentioned client possesses:
Use and above-mentioned server between the variable total key that had in advance generate above-mentioned disposable ID, obtain to the major general by calculating simultaneously and set in advance client id in this client, send the functional value of these disposable ID and one-way function Fc, be stored in the side's that the Diffie-Hellman in this client openly is worth dispensing device in advance to above-mentioned server as the functional value of the one-way function Fc of parameter;
Receive to the major general from above-mentioned server and set in advance server ID above-mentioned server as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the Diffie-Hellman in the above-mentioned server openly is worth receiving system in advance;
Obtain the functional value of above-mentioned one-way function Fs by calculating, the functional value by the above-mentioned one-way function Fs that receives to this result of calculation, from above-mentioned server compares, and judges the judgment means of the legitimacy of above-mentioned server.
36. program, be between device or in the authentication between application program, will only limit expendable identifying information as disposable ID, the device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously the functional value of this variable total key as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and client between the program carried out in the server that authenticates, it is characterized in that:
Make above-mentioned server carry out following processing:
Receive to the major general from above-mentioned client and set in advance client id above-mentioned client as the functional value of the one-way function Fc of parameter, be stored in the side that the Diffie-Hellman in the above-mentioned client openly is worth, the processing of above-mentioned disposable ID in advance;
Obtain the functional value Fc and the above-mentioned disposable ID of above-mentioned one-way function by calculating, compare by the above-mentioned disposable ID that receives to this result of calculation, from above-mentioned client and the functional value of above-mentioned one-way function Fc, judge the processing of the legitimacy of above-mentioned client;
Judging above-mentioned client is under the proper situation, is sent to the major general to above-mentioned client and sets in advance server ID in above-mentioned server as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the Diffie-Hellman in the above-mentioned server openly is worth processing in advance.
37. program, be between device or in the authentication between application program, will only limit expendable identifying information as disposable ID, the device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously the functional value of this variable total key as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and server between the program carried out in the client that authenticates, it is characterized in that:
Make the following processing of above-mentioned client executing:
Use and above-mentioned server between the variable total key that had in advance generate above-mentioned disposable ID, obtain to the major general by calculating simultaneously and set in advance client id in above-mentioned client, send the functional value of these disposable ID and one-way function Fc, be stored in the side's that the Diffie-Hellman in the above-mentioned client openly is worth processing in advance to above-mentioned server as the functional value of the one-way function Fc of parameter;
Receive to the major general from above-mentioned server and set in advance server ID above-mentioned server as the functional value of the one-way function Fs of parameter, be stored in the opposing party's that the Diffie-Hellman in the above-mentioned server openly is worth processing in advance;
Obtain the functional value of above-mentioned one-way function Fs by calculating, the functional value by the above-mentioned one-way function Fs that receives to this result of calculation, from above-mentioned server compares, and judges the processing of the legitimacy of above-mentioned server.
38. server, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously this variable total key and the information relevant functional value as the one-way function of parameter with communication sequence or number of times, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and client between authenticate, it is characterized in that comprising:
With with above-mentioned client between the 1st variable total key, the information relevant that have had in advance with the communication sequence of above-mentioned client as the functional value of the one-way function of parameter as the 1st disposable ID, and from above-mentioned client receive with the above-mentioned the 1st variable total key to the 1st disposable ID, set in advance client id above-mentioned client, set in advance server ID in this server, be stored in the side that the Diffie-Hellman in the above-mentioned client openly is worth in advance and carried out the enciphered data of encryption, the receiving system of above-mentioned the 1st disposable ID;
Obtain the above-mentioned the 1st disposable ID by calculating, by this result of calculation, the above-mentioned the 1st disposable ID that receives from above-mentioned client are contrasted, discern above-mentioned client, identifying under the situation of above-mentioned client, use the above-mentioned the 1st variable total key that above-mentioned enciphered data is decrypted, according to the above-mentioned client id, above-mentioned server ID and the above-mentioned the 1st disposable ID that are included in these data of having deciphered, judge the judgment means of the legitimacy of above-mentioned client;
Judging above-mentioned client in above-mentioned judgment means is under the proper situation, generate the above-mentioned the 1st variable total key and the information relevant functional value as the 2nd disposable ID as the one-way function of parameter with the communication sequence of this server, the side that while openly is worth according to the Diffie-Hellman that receives from above-mentioned client as the 2nd variable total key, be stored in the opposing party that the Diffie-Hellman in this server openly is worth in advance and generate the common key of Diffie-Hellman, send the 2nd variable total key to above-mentioned client, above-mentioned client id, above-mentioned server ID and the above-mentioned the 2nd disposable ID are as the functional value of the one-way function h of parameter, the opposing party that above-mentioned Diffie-Hellman openly is worth, the dispensing device of above-mentioned the 2nd disposable ID.
39. client, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously this variable total key and the information relevant functional value as the one-way function of parameter with communication sequence or number of times, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and server between authenticate, it is characterized in that comprising:
As the 1st disposable ID generate will and above-mentioned server between the 1st variable total key that had in advance, the information relevant with the communication sequence of this client is as the functional value of the one-way function of parameter, use the above-mentioned the 1st variable total key simultaneously, to setting in advance the client id in this client, set in advance the server ID in above-mentioned server, be stored in a side and the above-mentioned the 1st disposable ID that the Diffie-Hellman in this client openly is worth in advance and encrypt, send the dispensing device of this enciphered data and above-mentioned the 1st disposable ID to above-mentioned server;
With the above-mentioned the 1st variable total key and the information relevant with the communication sequence of above-mentioned server as the functional value of the one-way function of parameter as the 2nd disposable ID, the common key of Diffie-Hellman as the 2nd variable total key, is received the above-mentioned the 2nd disposable ID, the above-mentioned the 2nd variable total key, above-mentioned client id and above-mentioned server ID as the functional value of the one-way function h of parameter, be stored in the opposing party that the Diffie-Hellman the above-mentioned server openly is worth, the receiving system of above-mentioned the 2nd disposable ID in advance from above-mentioned server;
Obtain the above-mentioned the 2nd disposable ID by calculating, by to this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server contrasts, discern above-mentioned server, identifying under the situation of above-mentioned server, the opposing party that the above-mentioned Diffie-Hellman that receives from above-mentioned server as the above-mentioned the 2nd variable total key basis openly is worth, be stored in the common key of side generation Diffie-Hellman that the above-mentioned Diffie-Hellman in this client openly is worth in advance, use the 2nd variable total key simultaneously, obtain the functional value of above-mentioned one-way function h by calculating, by to this result of calculation, the functional value of the one-way function h that receives from above-mentioned server contrasts, and judges the judgment means of the legitimacy of above-mentioned server.
40. Verification System, constitute by the server and client side, to only limit expendable identifying information as disposable ID in the authentication of above-mentioned server and client side between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, be created on the variable total key that changes in the communication unit of necessary each regulation of above-mentioned authentication, obtain simultaneously this variable total key and the information relevant functional value as the one-way function of parameter with communication sequence or number of times, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and client between authenticate, it is characterized in that:
Above-mentioned server possesses:
With with above-mentioned client between the 1st variable total key, the information relevant that have had in advance with the communication sequence of above-mentioned client as the functional value of the one-way function of parameter as the 1st disposable ID, and from above-mentioned client receive with the above-mentioned the 1st variable total key to the 1st disposable ID, set in advance client id above-mentioned client, set in advance server ID in this server, be stored in the side that the Diffie-Hellman in the above-mentioned client openly is worth in advance and carried out the enciphered data of encryption, the receiving system of above-mentioned the 1st disposable ID;
Obtain the above-mentioned the 1st disposable ID by calculating, by this result of calculation, the above-mentioned the 1st disposable ID that receives from above-mentioned client are contrasted, discern above-mentioned client, identifying under the situation of above-mentioned client, use the above-mentioned the 1st variable total key that above-mentioned enciphered data is decrypted, according to the above-mentioned client id, above-mentioned server ID and the above-mentioned the 1st disposable ID that are included in these data of having deciphered, judge the judgment means of the legitimacy of above-mentioned client;
Judging above-mentioned client in above-mentioned judgment means is under the proper situation, generate the above-mentioned the 1st variable total key and the information relevant functional value as the 2nd disposable ID as the one-way function of parameter with the communication sequence of this server, the side that while openly is worth according to the Diffie-Hellman that receives from above-mentioned client as the 2nd variable total key, be stored in the opposing party that the Diffie-Hellman in this server openly is worth in advance and generate the common key of Diffie-Hellman, send the 2nd variable total key to above-mentioned client, above-mentioned client id, above-mentioned server ID and the above-mentioned the 2nd disposable ID are as the functional value of the one-way function h of parameter, the opposing party that above-mentioned Diffie-Hellman openly is worth, the dispensing device of above-mentioned the 2nd disposable ID
Above-mentioned client possesses:
As the 1st disposable ID generate will and above-mentioned server between the 1st variable total key that had in advance, the information relevant with the communication sequence of this client is as the functional value of the one-way function of parameter, use the above-mentioned the 1st variable total key simultaneously, to setting in advance the client id in this client, set in advance the server ID in above-mentioned server, be stored in a side and the above-mentioned the 1st disposable ID that the Diffie-Hellman in this client openly is worth in advance and encrypt, send the dispensing device of this enciphered data and above-mentioned the 1st disposable ID to above-mentioned server;
With the above-mentioned the 1st variable total key and the information relevant with the communication sequence of above-mentioned server as the functional value of the one-way function of parameter as the 2nd disposable ID, the common key of Diffie-Hellman as the 2nd variable total key, is received the above-mentioned the 2nd disposable ID, the above-mentioned the 2nd variable total key, above-mentioned client id and above-mentioned server ID as the functional value of the one-way function h of parameter, be stored in the opposing party that the Diffie-Hellman the above-mentioned server openly is worth, the receiving system of above-mentioned the 2nd disposable ID in advance from above-mentioned server;
Obtain the above-mentioned the 2nd disposable ID by calculating, by to this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server contrasts, discern above-mentioned server, identifying under the situation of above-mentioned server, the opposing party that the above-mentioned Diffie-Hellman that receives from above-mentioned server as the above-mentioned the 2nd variable total key basis openly is worth, be stored in the common key of side generation Diffie-Hellman that the above-mentioned Diffie-Hellman in this client openly is worth in advance, use the 2nd variable total key simultaneously, obtain the functional value of above-mentioned one-way function h by calculating, by to this result of calculation, the functional value of the one-way function h that receives from above-mentioned server contrasts, and judges the judgment means of the legitimacy of above-mentioned server.
41. server, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and client between authenticate, it is characterized in that comprising:
Will and above-mentioned client between the 1st total key that had in advance as the functional value of the one-way function of parameter as the 1st disposable ID, receive the 1st disposable ID and the 1st receiving system of the 1st random number that above-mentioned client, generates from above-mentioned client;
Generate the 2nd random number, obtain as the 2nd disposable ID simultaneously above-mentioned the 1st random number and the above-mentioned the 1st is had the functional value of key as the one-way function of parameter, send the dispensing device of the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned client;
With above-mentioned the 1st random number, above-mentioned the 2nd random number and the 2nd total key as the functional value of the one-way function of parameter as the 3rd disposable ID, receive the 2nd receiving system of the 3rd disposable ID from above-mentioned client;
Generate the above-mentioned the 2nd total key according to above-mentioned the 1st random number and above-mentioned the 2nd random number, obtain the above-mentioned the 3rd disposable ID according to the 2nd total key, above-mentioned the 1st random number and above-mentioned the 2nd random number by calculating simultaneously, by this result of calculation, the above-mentioned the 3rd disposable ID that receives from above-mentioned client are compared, judge the judgment means of the legitimacy of above-mentioned client.
42. client, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and server between authenticate, it is characterized in that comprising:
Generate the 1st random number, simultaneously as the 1st disposable ID obtain with and above-mentioned server between the 1st total key of having had in advance as the functional value of the one-way function of parameter, send the 1st dispensing device of the 1st disposable ID and above-mentioned the 1st random number to above-mentioned server;
With above-mentioned the 1st random number, the above-mentioned the 1st total key as the functional value of the one-way function of parameter as the 2nd disposable ID, from above-mentioned server receive the 2nd disposable ID, the receiving system of the 2nd random number that above-mentioned server, generates;
According to above-mentioned the 1st random number and the above-mentioned the 1st total key, obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server are compared, judge the judgment means of the legitimacy of above-mentioned server;
Judge above-mentioned server by above-mentioned judgment means is under the proper situation, generate the 2nd total key according to above-mentioned the 1st random number and above-mentioned the 2nd random number, obtain the 2nd total key, above-mentioned the 1st random number and above-mentioned the 2nd random number functional value as the 3rd disposable ID simultaneously, send the 2nd dispensing device of the 3rd disposable ID to above-mentioned server as the one-way function of parameter.
43. Verification System, constitute by the server and client side, to only limit expendable identifying information as disposable ID in the authentication of above-mentioned server and client side between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and client between authenticate mutually, it is characterized in that:
Above-mentioned server possesses:
Will and above-mentioned client between the 1st total key that had in advance as the functional value of the one-way function of parameter as the 1st disposable ID, receive the 1st disposable ID and the 1st receiving system of the 1st random number that above-mentioned client, generates from above-mentioned client;
Generate the 2nd random number, obtain as the 2nd disposable ID simultaneously above-mentioned the 1st random number and the above-mentioned the 1st is had the functional value of key as the one-way function of parameter, send the dispensing device of the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned client;
With above-mentioned the 1st random number, above-mentioned the 2nd random number and the 2nd total key as the functional value of the one-way function of parameter as the 3rd disposable ID, receive the 2nd receiving system of the 3rd disposable ID from above-mentioned client;
Generate the above-mentioned the 2nd total key according to above-mentioned the 1st random number and above-mentioned the 2nd random number, obtain the above-mentioned the 3rd disposable ID according to the 2nd total key, above-mentioned the 1st random number and above-mentioned the 2nd random number by calculating simultaneously, by this result of calculation, the above-mentioned the 3rd disposable ID that receives from above-mentioned client are compared, judge the judgment means of the legitimacy of above-mentioned client
Above-mentioned client possesses:
Generate the 1st random number, simultaneously as the 1st disposable ID obtain with and above-mentioned server between the 1st total key of having had in advance as the functional value of the one-way function of parameter, send the 1st dispensing device of the 1st disposable ID and above-mentioned the 1st random number to above-mentioned server;
With above-mentioned the 1st random number, the above-mentioned the 1st total key as the functional value of the one-way function of parameter as the 2nd disposable ID, from above-mentioned server receive the 2nd disposable ID, the receiving system of the 2nd random number that above-mentioned server, generates;
According to above-mentioned the 1st random number and the above-mentioned the 1st total key, obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server are compared, judge the judgment means of the legitimacy of above-mentioned server;
Judge above-mentioned server by above-mentioned judgment means is under the proper situation, generate the 2nd total key according to above-mentioned the 1st random number and above-mentioned the 2nd random number, obtain the 2nd total key, above-mentioned the 1st random number and above-mentioned the 2nd random number functional value as the 3rd disposable ID simultaneously, send the 2nd dispensing device of the 3rd disposable ID to above-mentioned server as the one-way function of parameter.
44. server, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and client between authenticate, it is characterized in that comprising:
Will and above-mentioned client between the total key that had in advance as the functional value of the one-way function of parameter as the 1st disposable ID, receive the 1st disposable ID and the 1st receiving system of the 1st random number that above-mentioned client, generates from above-mentioned client;
Generate the 2nd random number, obtain above-mentioned the 1st random number and above-mentioned total key functional value simultaneously, send the dispensing device of the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned client as the one-way function of parameter as the 2nd disposable ID;
With above-mentioned total key, above-mentioned the 1st random number and above-mentioned the 2nd random number as the functional value of the one-way function of parameter as the 3rd disposable ID, receive the 2nd receiving system of the 3rd disposable ID from above-mentioned client;
Obtain the above-mentioned the 3rd disposable ID according to above-mentioned the 1st random number, above-mentioned the 2nd random number and above-mentioned total key by calculating, by this result of calculation, the above-mentioned the 3rd disposable ID that receives from above-mentioned client are compared, judge the judgment means of the legitimacy of above-mentioned client.
45. client, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and server between authenticate, it is characterized in that comprising:
Generate the 1st random number, simultaneously as the 1st disposable ID obtain with and above-mentioned server between the total key that had in advance as the functional value of the one-way function of parameter, send the 1st dispensing device of the 1st disposable ID and above-mentioned the 1st random number to above-mentioned server;
With above-mentioned the 1st random number, above-mentioned total key as the functional value of the one-way function of parameter as the 2nd disposable ID, from above-mentioned server receive the 2nd disposable ID, the receiving system of the 2nd random number that above-mentioned server, generates;
According to above-mentioned the 1st random number and above-mentioned total key, obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server are compared, judge the judgment means of the legitimacy of above-mentioned server;
Judge above-mentioned server by above-mentioned judgment means is under the proper situation, obtain above-mentioned the 1st random number, above-mentioned the 2nd random number and above-mentioned total key functional value as the 3rd disposable ID, send the 2nd dispensing device of the 3rd disposable ID to above-mentioned server as the one-way function of parameter.
46. Verification System, constitute by the server and client side, to only limit expendable identifying information as disposable ID in the authentication of above-mentioned server and client side between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and client between authenticate mutually, it is characterized in that:
Above-mentioned server possesses:
Will and above-mentioned client between the total key that had in advance as the functional value of the one-way function of parameter as the 1st disposable ID, receive the 1st disposable ID and the 1st receiving system of the 1st random number that above-mentioned client, generates from above-mentioned client;
Generate the 2nd random number, obtain above-mentioned the 1st random number and above-mentioned total key functional value simultaneously, send the dispensing device of the 2nd disposable ID and above-mentioned the 2nd random number to above-mentioned client as the one-way function of parameter as the 2nd disposable ID;
With above-mentioned total key, above-mentioned the 1st random number and above-mentioned the 2nd random number as the functional value of the one-way function of parameter as the 3rd disposable ID, receive the 2nd receiving system of the 3rd disposable ID from above-mentioned client;
Obtain the above-mentioned the 3rd disposable ID according to above-mentioned the 1st random number, above-mentioned the 2nd random number and above-mentioned total key by calculating, by this result of calculation, the above-mentioned the 3rd disposable ID that receives from above-mentioned client are compared, judge the judgment means of the legitimacy of above-mentioned client
Above-mentioned client possesses:
Generate the 1st random number, simultaneously as the 1st disposable ID obtain with and above-mentioned server between the total key that had in advance as the functional value of the one-way function of parameter, send the 1st dispensing device of the 1st disposable ID and above-mentioned the 1st random number to above-mentioned server;
With above-mentioned the 1st random number, above-mentioned total key as the functional value of the one-way function of parameter as the 2nd disposable ID, from above-mentioned server receive the 2nd disposable ID, the receiving system of the 2nd random number that above-mentioned server, generates;
According to above-mentioned the 1st random number and above-mentioned total key, obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server are compared, judge the judgment means of the legitimacy of above-mentioned server;
Judge above-mentioned server by above-mentioned judgment means is under the proper situation, obtain above-mentioned the 1st random number, above-mentioned the 2nd random number and above-mentioned total key functional value as the 3rd disposable ID, send the 2nd dispensing device of the 3rd disposable ID to above-mentioned server as the one-way function of parameter.
47. server, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and client between authenticate mutually, it is characterized in that comprising:
Will and above-mentioned client between the total key, the 1st storage random number and the 2nd storage random number that have had in advance as the functional value of the one-way function of parameter as the 1st disposable ID, receive the 1st disposable ID from above-mentioned client, simultaneously from above-mentioned client receive with above-mentioned total key to the 1st random number that above-mentioned client, generates, set in advance the client id in above-mentioned client and set in advance the receiving system that in this server server ID has been carried out the 1st enciphered data of encryption;
Obtain the above-mentioned the 1st disposable ID by calculating, by this result of calculation, the above-mentioned the 1st disposable ID that receives from above-mentioned client are contrasted, discern above-mentioned client, identifying under the situation of above-mentioned client, use above-mentioned total key that above-mentioned the 1st enciphered data is decrypted, according to the above-mentioned client id and the above-mentioned server ID that are included in these data of having deciphered, judge the judgment means of the legitimacy of above-mentioned client;
Judge above-mentioned client by above-mentioned judgment means is under the proper situation, generate the 2nd random number, obtain above-mentioned the 1st random number, above-mentioned the 2nd storage random number and above-mentioned total key functional value as the 2nd disposable ID simultaneously, send with above-mentioned total key to above-mentioned client above-mentioned client id, above-mentioned server ID and above-mentioned the 2nd random number have been carried out the 2nd enciphered data of encrypting, the dispensing device of above-mentioned the 2nd disposable ID as the one-way function of parameter;
Above-mentioned the 1st storage random number is replaced into above-mentioned the 1st random number, above-mentioned the 2nd storage random number is replaced into the displacement apparatus of above-mentioned the 2nd random number.
48. client, to only limit expendable identifying information as disposable ID in the authentication between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and server between authenticate mutually, it is characterized in that comprising:
Generate the 1st random number, simultaneously as the 1st disposable ID obtain with and above-mentioned server between the total key, the 1st storage random number and the 2nd storage random number that have had in advance as the functional value of the one-way function of parameter, to above-mentioned server send with above-mentioned total key to set in advance the client id in this client, server ID and above-mentioned the 1st random number that sets in advance in above-mentioned server carried out the 1st enciphered data of encryption, the dispensing device of above-mentioned the 1st disposable ID;
With above-mentioned the 1st random number, above-mentioned the 2nd storage random number and above-mentioned total key as the functional value of the one-way function of parameter as the 2nd disposable ID, receive the 2nd disposable ID from above-mentioned server, receive the receiving system that the 2nd random number that generates, above-mentioned client id and above-mentioned server ID has been carried out the 2nd enciphered data of encryption above-mentioned server with above-mentioned total key from above-mentioned server simultaneously;
Obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server are contrasted, discern above-mentioned server, identifying under the situation of above-mentioned server, use above-mentioned total key that above-mentioned the 2nd enciphered data is decrypted, according to the above-mentioned server ID and the above-mentioned client id that are included in these data of having deciphered, judge the judgment means of the legitimacy of above-mentioned server;
Above-mentioned the 1st storage random number is replaced into above-mentioned the 1st random number, above-mentioned the 2nd storage random number is replaced into the displacement apparatus of above-mentioned the 2nd random number.
49. Verification System, constitute by the server and client side, to only limit expendable identifying information as disposable ID in the authentication of above-mentioned server and client side between multiple arrangement or between application program, the device that carries out above-mentioned authentication or application program separately in, in the communication unit of the necessary regulation of above-mentioned authentication, generate random number, obtain simultaneously the total key of this random number and regulation functional value as the one-way function of parameter, generate above-mentioned disposable ID from this functional value, the disposable ID that uses this generation and client between authenticate mutually, it is characterized in that:
Above-mentioned server possesses:
Will and above-mentioned client between the total key, the 1st storage random number and the 2nd storage random number that have had in advance as the functional value of the one-way function of parameter as the 1st disposable ID, receive the 1st disposable ID from above-mentioned client, simultaneously from above-mentioned client receive with above-mentioned total key to the 1st random number that above-mentioned client, generates, set in advance the client id in above-mentioned client and set in advance the receiving system that in this server server ID has been carried out the 1st enciphered data of encryption;
Obtain the above-mentioned the 1st disposable ID by calculating, by this result of calculation, the above-mentioned the 1st disposable ID that receives from above-mentioned client are contrasted, discern above-mentioned client, identifying under the situation of above-mentioned client, use above-mentioned total key that above-mentioned the 1st enciphered data is decrypted, according to the above-mentioned client id and the above-mentioned server ID that are included in these data of having deciphered, judge the judgment means of the legitimacy of above-mentioned client;
Judge above-mentioned client by above-mentioned judgment means is under the proper situation, generate the 2nd random number, obtain above-mentioned the 1st random number, above-mentioned the 2nd storage random number and above-mentioned total key functional value as the 2nd disposable ID simultaneously, send with above-mentioned total key to above-mentioned client above-mentioned client id, above-mentioned server ID and above-mentioned the 2nd random number have been carried out the 2nd enciphered data of encrypting, the dispensing device of above-mentioned the 2nd disposable ID as the one-way function of parameter;
Above-mentioned the 1st storage random number is replaced into above-mentioned the 1st random number, above-mentioned the 2nd storage random number is replaced into the displacement apparatus of above-mentioned the 2nd random number,
Above-mentioned client possesses:
Generate the 1st random number, simultaneously as the 1st disposable ID obtain with and above-mentioned server between the total key, the 1st storage random number and the 2nd storage random number that have had in advance as the functional value of the one-way function of parameter, to above-mentioned server send with above-mentioned total key to set in advance the client id in this client, server ID and above-mentioned the 1st random number that sets in advance in above-mentioned server carried out the 1st enciphered data of encryption, the dispensing device of above-mentioned the 1st disposable ID;
With above-mentioned the 1st random number, above-mentioned the 2nd storage random number and above-mentioned total key as the functional value of the one-way function of parameter as the 2nd disposable ID, receive the 2nd disposable ID from above-mentioned server, receive the receiving system that the 2nd random number that generates, above-mentioned client id and above-mentioned server ID has been carried out the 2nd enciphered data of encryption above-mentioned server with above-mentioned total key from above-mentioned server simultaneously;
Obtain the above-mentioned the 2nd disposable ID by calculating, by this result of calculation, the above-mentioned the 2nd disposable ID that receives from above-mentioned server are contrasted, discern above-mentioned server, identifying under the situation of above-mentioned server, use above-mentioned total key that above-mentioned the 2nd enciphered data is decrypted, according to the above-mentioned server ID and the above-mentioned client id that are included in these data of having deciphered, judge the judgment means of the legitimacy of above-mentioned server;
Above-mentioned the 1st storage random number is replaced into above-mentioned the 1st random number, above-mentioned the 2nd storage random number is replaced into the displacement apparatus of above-mentioned the 2nd random number.
50., it is characterized in that according to the described Verification System of claim 49:
Above-mentioned server and above-mentioned client are being replaced into above-mentioned the 1st random number with above-mentioned the 1st storage random number, after random number is replaced into above-mentioned the 2nd random number with above-mentioned the 2nd storage, by generating above-mentioned total key, make this total cipher key change according to these the 1st storage random numbers and the 2nd storage random number.
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2002178947A JP2004023662A (en) | 2002-06-19 | 2002-06-19 | Mutual authentication method |
| JP178947/2002 | 2002-06-19 | ||
| JP69375/2003 | 2003-03-14 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1768502A true CN1768502A (en) | 2006-05-03 |
Family
ID=31176521
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN03814223.6A Pending CN1768502A (en) | 2002-06-19 | 2003-06-19 | Inter-authentication method and device |
Country Status (2)
| Country | Link |
|---|---|
| JP (1) | JP2004023662A (en) |
| CN (1) | CN1768502A (en) |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101056166B (en) * | 2007-05-28 | 2010-04-21 | 北京飞天诚信科技有限公司 | A method for improving the data transmission security |
| CN101110831B (en) * | 2007-08-24 | 2010-12-01 | 中兴通讯股份有限公司 | Digital cryptographic key protection method |
| CN101217532B (en) * | 2007-12-28 | 2011-05-18 | 深圳市融创天下科技发展有限公司 | An anti-network attack data transmission method and system |
| CN102195983A (en) * | 2011-05-12 | 2011-09-21 | 深圳Tcl新技术有限公司 | Network terminal encryption authentication method and server |
| CN102232275A (en) * | 2008-12-05 | 2011-11-02 | 松下电工株式会社 | Key distribution system |
| CN102724040A (en) * | 2011-03-02 | 2012-10-10 | 西门子公司 | Method, controller and system for detecting infringements of the authenticity of system components |
| CN101631017B (en) * | 2008-07-14 | 2012-11-28 | 索尼株式会社 | Information processing device, and information processing system |
| CN103237245A (en) * | 2013-05-13 | 2013-08-07 | 无锡北斗星通信息科技有限公司 | Vehicle-mounted DVB (Digital Video Broadcasting) conditional access system for identifying set-top-box identity |
| CN104954123A (en) * | 2014-03-28 | 2015-09-30 | 中国银联股份有限公司 | Intelligent POS terminal main key updating system and updating method |
| CN105162596A (en) * | 2008-03-11 | 2015-12-16 | 威斯科数据安全国际有限公司 | A strong authentication token generating one-time passwords and signatures upon server credential verification |
| CN103051628B (en) * | 2012-12-21 | 2016-05-11 | 微梦创科网络科技(中国)有限公司 | Obtain the method and system of authentication token based on server |
| CN106506157A (en) * | 2016-12-22 | 2017-03-15 | 天泽信息产业股份有限公司 | The method authenticated between internet-of-things terminal and cloud data platform |
| CN107148629A (en) * | 2015-10-02 | 2017-09-08 | 株式会社派普斯 | Disposable Verification System |
| CN109255207A (en) * | 2017-07-14 | 2019-01-22 | 中国电力科学研究院 | A kind of application authentication system and authentication method |
| CN110762007A (en) * | 2019-10-31 | 2020-02-07 | 上海斯可络压缩机有限公司 | Automatic identification system for variable-frequency screw compressor controller |
| CN111064572A (en) * | 2019-12-24 | 2020-04-24 | 珠海荣邦智能科技有限公司 | Data communication method and device |
| CN111182010A (en) * | 2018-11-09 | 2020-05-19 | 杭州海康威视数字技术股份有限公司 | Local service providing method and device |
| CN114553412A (en) * | 2022-02-28 | 2022-05-27 | 百果园技术(新加坡)有限公司 | Data transmission method, device, equipment and storage medium |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100969196B1 (en) | 2007-10-05 | 2010-07-09 | 인하대학교 산학협력단 | Secure user session managing method under web environment and recording medium recorded program executing it |
| JP2010165231A (en) * | 2009-01-16 | 2010-07-29 | Panasonic Corp | Server authentication method and client terminal |
-
2002
- 2002-06-19 JP JP2002178947A patent/JP2004023662A/en active Pending
-
2003
- 2003-06-19 CN CN03814223.6A patent/CN1768502A/en active Pending
Cited By (28)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101056166B (en) * | 2007-05-28 | 2010-04-21 | 北京飞天诚信科技有限公司 | A method for improving the data transmission security |
| CN101110831B (en) * | 2007-08-24 | 2010-12-01 | 中兴通讯股份有限公司 | Digital cryptographic key protection method |
| CN101217532B (en) * | 2007-12-28 | 2011-05-18 | 深圳市融创天下科技发展有限公司 | An anti-network attack data transmission method and system |
| CN105162596A (en) * | 2008-03-11 | 2015-12-16 | 威斯科数据安全国际有限公司 | A strong authentication token generating one-time passwords and signatures upon server credential verification |
| CN105162596B (en) * | 2008-03-11 | 2018-11-13 | 万思伴国际有限公司 | For generating the safety value used in being interacted with server and the equipment for sending user to |
| CN101631017B (en) * | 2008-07-14 | 2012-11-28 | 索尼株式会社 | Information processing device, and information processing system |
| CN102232275A (en) * | 2008-12-05 | 2011-11-02 | 松下电工株式会社 | Key distribution system |
| CN102232275B (en) * | 2008-12-05 | 2014-03-12 | 松下电器产业株式会社 | Key distribution system |
| CN102724040A (en) * | 2011-03-02 | 2012-10-10 | 西门子公司 | Method, controller and system for detecting infringements of the authenticity of system components |
| CN102195983A (en) * | 2011-05-12 | 2011-09-21 | 深圳Tcl新技术有限公司 | Network terminal encryption authentication method and server |
| CN102195983B (en) * | 2011-05-12 | 2015-08-19 | 深圳Tcl新技术有限公司 | network terminal encryption authentication method and server |
| CN103051628B (en) * | 2012-12-21 | 2016-05-11 | 微梦创科网络科技(中国)有限公司 | Obtain the method and system of authentication token based on server |
| CN103237245A (en) * | 2013-05-13 | 2013-08-07 | 无锡北斗星通信息科技有限公司 | Vehicle-mounted DVB (Digital Video Broadcasting) conditional access system for identifying set-top-box identity |
| CN104954123A (en) * | 2014-03-28 | 2015-09-30 | 中国银联股份有限公司 | Intelligent POS terminal main key updating system and updating method |
| CN107148629A (en) * | 2015-10-02 | 2017-09-08 | 株式会社派普斯 | Disposable Verification System |
| CN107148629B (en) * | 2015-10-02 | 2018-07-27 | 株式会社派普斯 | Disposable Verification System |
| CN106506157B (en) * | 2016-12-22 | 2019-05-03 | 天泽信息产业股份有限公司 | The method authenticated between internet-of-things terminal and cloud data platform |
| CN106506157A (en) * | 2016-12-22 | 2017-03-15 | 天泽信息产业股份有限公司 | The method authenticated between internet-of-things terminal and cloud data platform |
| CN109255207B (en) * | 2017-07-14 | 2022-07-01 | 中国电力科学研究院有限公司 | Application program authentication system and authentication method |
| CN109255207A (en) * | 2017-07-14 | 2019-01-22 | 中国电力科学研究院 | A kind of application authentication system and authentication method |
| CN111182010A (en) * | 2018-11-09 | 2020-05-19 | 杭州海康威视数字技术股份有限公司 | Local service providing method and device |
| CN111182010B (en) * | 2018-11-09 | 2023-04-07 | 杭州海康威视数字技术股份有限公司 | Local service providing method and device |
| CN110762007A (en) * | 2019-10-31 | 2020-02-07 | 上海斯可络压缩机有限公司 | Automatic identification system for variable-frequency screw compressor controller |
| CN110762007B (en) * | 2019-10-31 | 2021-05-25 | 上海斯可络压缩机有限公司 | Automatic identification system for variable-frequency screw compressor controller |
| CN111064572A (en) * | 2019-12-24 | 2020-04-24 | 珠海荣邦智能科技有限公司 | Data communication method and device |
| CN111064572B (en) * | 2019-12-24 | 2024-02-02 | 珠海荣邦智能科技有限公司 | Data communication method and device |
| CN114553412A (en) * | 2022-02-28 | 2022-05-27 | 百果园技术(新加坡)有限公司 | Data transmission method, device, equipment and storage medium |
| CN114553412B (en) * | 2022-02-28 | 2024-02-23 | 百果园技术(新加坡)有限公司 | Data transmission method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| JP2004023662A (en) | 2004-01-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1768502A (en) | Inter-authentication method and device | |
| CN1249972C (en) | System, methods, and software for remote password authentication using multiple servers | |
| CN1941699A (en) | Cryptographic methods, host system, trusted platform module, and computer arrangement | |
| CN1268105C (en) | Communication system using communication network and communication method | |
| CN1855805A (en) | Encryption method for sip message and encrypted sip communication system | |
| CN100338907C (en) | Information processing system and method, information processing apparatus and method, recording medium, and program | |
| CN1238989C (en) | Data distribution | |
| CN1272929C (en) | Encryption/decryption method and identification method and device using multi affine cryptographic key system | |
| CN1871810A (en) | Authentication system, and remotely distributed storage system | |
| CN1492346A (en) | Electronic value authentication method, authentication system and device | |
| CN1496628A (en) | Content delivery system | |
| CN1504028A (en) | Cryptographic authentication with ephemeral modules | |
| CN1969501A (en) | Systems and methods to securely generate shared keys | |
| CN1736082A (en) | Group entry approval system, server apparatus, and client apparatus | |
| CN1496063A (en) | Interconnected network protocol safety protocol set server equipment and processing equipment | |
| CN1520655A (en) | Information processing appts. and method, and storage medium | |
| CN1682499A (en) | Contents distribution system | |
| CN1460225A (en) | Data processing system, memory device, data processor, data processing method and program | |
| CN1581118A (en) | Secure device, information processing terminal, integrated circuit, application apparatus and method | |
| CN101056263A (en) | Data communication method and system | |
| CN1879138A (en) | Encryption device, encryption method, and computer program | |
| CN1518268A (en) | Common secret key changing method and communication equipment | |
| CN1656555A (en) | Authentication communication system, authentication communication apparatus, and authentication communicating method | |
| CN1993684A (en) | Memory card, data exchanging system and data exchanging method | |
| CN1836398A (en) | Transmission/reception system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20060503 |