JP2006041714A - Authentication and authentication response system - Google Patents

Authentication and authentication response system Download PDF

Info

Publication number
JP2006041714A
JP2006041714A JP2004215929A JP2004215929A JP2006041714A JP 2006041714 A JP2006041714 A JP 2006041714A JP 2004215929 A JP2004215929 A JP 2004215929A JP 2004215929 A JP2004215929 A JP 2004215929A JP 2006041714 A JP2006041714 A JP 2006041714A
Authority
JP
Japan
Prior art keywords
authentication
data
value
exclusive
encrypted data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2004215929A
Other languages
Japanese (ja)
Inventor
Shogo Hayashida
章吾 林田
Osamu Atsumi
治 渥美
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sangikyo Corp
Original Assignee
Sangikyo Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sangikyo Corp filed Critical Sangikyo Corp
Priority to JP2004215929A priority Critical patent/JP2006041714A/en
Publication of JP2006041714A publication Critical patent/JP2006041714A/en
Pending legal-status Critical Current

Links

Images

Abstract

<P>PROBLEM TO BE SOLVED: To provide authentication disabling tapping and fraud of authentication information of a communication terminal and to provide an authentication response system. <P>SOLUTION: An authentication requester side obtains y1, y2 for random number data R1, R2 by using an undisclosed eigen value N as a parameter with a prescribed method, obtains Y by applying exclusive logical OR to the y1, y2, decreases the number of digits of the Y by a prescribed method to obtain Y', converts the Y' into a binary value and bisects the result to obtain numerals Y1', Y2', stores the Y1', Y2' as authentication encryption data and authentication response identification data, respectively, and transmits the data Y1', R1, and R2 to an authentication side. The authentication side obtains y1, y2 from the received R1, R2 and the eigen value N, applies exclusive logical OR to the y1, y2 to obtain the result Y, obtains Y', Y1', Y2', from the Y by the same method as that of the authentication requester side, stores the Y1', Y2' as authentication identification data and authentication response encryption data respectively, compares the received Y1' with the authentication identification data Y1', determines authentication OK when they are coincident with each other, the authentication side transmits the Y2' to the authentication requester side, the authentication requester side compares the received Y2' with the authentication response identification data Y2' stored by the requester side, and determines authentication response OK when they are coincident with each other. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

本発明は認証と認証応答システムに関し、特に“なりすまし”や認証と認証応答システムに関する。   The present invention relates to authentication and an authentication response system, and more particularly to “spoofing” and authentication and an authentication response system.

携帯電話機やPDA等、ユビキタス社会の進展に伴い、各種の通信端末が非常に広い範囲で使用されるようになっている。このような通信分野においては、携帯電話機のように通話やデータ送受に課金される通信端末も多い。また、当該通信端末を利用して決済するようなサービスも現実化している。   With the progress of the ubiquitous society such as mobile phones and PDAs, various communication terminals are used in a very wide range. In such a communication field, there are many communication terminals charged for calls and data transmission / reception, such as mobile phones. In addition, services that make payments using the communication terminals are also becoming reality.

課金や決済を伴う通信端末では、通信端末の本来の所有者の利用であることはきわめて重要であり大前提である。そのためには、本人認証が必須であり、認証技術としては各種の手法が提案されている。その中で最も広く用いられている携帯電話機は、もし真のユーザでない人の“なりすまし”が可能になった場合には、上記決済機能の拡大も考慮すると、被害は甚大なものになり得る。このような状態は、真のユーザ(本人)ではない他人が本人に“なりすましをする”ことになる。より正確には、他人が所有する携帯電話機が、本人の携帯電話機であるとして機能することになる。すなわち、いわゆるクローン携帯電話機の存在による問題が生ずることになる。このクローン携帯電話機の存在が明らかになれば(通信事業者が認めると)、ユーザ自身が事後においてユーザ自身の行動を否認する”事後否認”により課金や決済を回避することが可能になり、問題の拡大は大きくなってしまう。   In communication terminals that involve billing and settlement, it is extremely important and essential to use the original owner of the communication terminal. For this purpose, personal authentication is essential, and various techniques have been proposed as authentication techniques. Among the most widely used mobile phones, if it is possible to “spoof” a person who is not a true user, the damage can be serious considering the expansion of the payment function. In such a state, another person who is not a true user (person) “spoofs” the person. More precisely, the mobile phone owned by another person functions as the mobile phone of the user. That is, there arises a problem due to the presence of a so-called clone mobile phone. If the existence of this clone mobile phone becomes clear (if the carrier accepts it), it will be possible to avoid billing and settlement by “post-rejection” in which the user himself / herself rejects the user ’s own behavior afterwards. The expansion of will become larger.

携帯電話機では、通常、ユーザ個人を認証するユーザ認証(User Authentication)が実行される。この認証以外に通信内容に対する認証技術(Message
Authentication、いわゆる電子署名)がある。
In a mobile phone, user authentication (User Authentication) for authenticating a user is usually performed. In addition to this authentication, authentication technology (Message
Authentication, so-called electronic signature).

上記“なりすまし”を目的とした、クローン携帯電話機の作成には、ユーザ認証技術をくぐりぬけなければならず、ユーザ認証に必要な情報を取得しなければならない。   In order to create a clone mobile phone for the purpose of “spoofing”, user authentication technology must be passed, and information necessary for user authentication must be acquired.

従来のユーザ認証においては、携帯電話機自体の認証情報と、ユーザ個人の情報とに基づいて認証処理が実行される。携帯電話機認証情報としては、通常、携帯電話機製造会社が当該携帯電話機に付与する例えば固定型認証識別子βと、通信事業者が当該携帯電話機に付与する例えば可変型認証識別子αと、当該携帯電話機に付与されている電話番号やIPアドレスのような多種類の認証情報が設定されている。この認証情報の付与の流れと、通信の流れの説明について図3を参照しながら説明する。   In conventional user authentication, authentication processing is executed based on authentication information of the mobile phone itself and individual user information. As mobile phone authentication information, for example, a fixed authentication identifier β assigned to the mobile phone by a mobile phone manufacturer, for example, a variable authentication identifier α assigned to the mobile phone by a communication carrier, and Various types of authentication information such as assigned telephone numbers and IP addresses are set. The flow of giving the authentication information and the communication flow will be described with reference to FIG.

図3において、携帯電話機を製造する製造会社100では製造した携帯電話機に固定型の認証識別子としての例えば認証識別子βを付与した携帯電話機を流通システムBを介して通信事業者200に渡し、通信事業者200で可変型の認証識別子としての例えば認証識別子αを付与し、流通システムAを介して販売店300に納品される。販売店300においては、電話番号、IPアドレスを付与してユーザ400に手渡しする。ユーザ400は、認証識別子α、β及び電話番号、IPアドレスの多種類の認証情報が付与された携帯電話機を用いて通話やデータ情報授受が通信回線を介して行なうが、認証情報は通信事業者側の認証サーバ500に送出されて認証処理が実行される。   In FIG. 3, a manufacturing company 100 that manufactures a mobile phone passes a mobile phone in which, for example, an authentication identifier β as a fixed authentication identifier is given to the manufactured mobile phone to the communication carrier 200 via the distribution system B, For example, an authentication identifier α as a variable authentication identifier is given by the user 200 and delivered to the store 300 via the distribution system A. In the store 300, a telephone number and an IP address are assigned and handed to the user 400. The user 400 uses a mobile phone to which various kinds of authentication information including authentication identifiers α and β, a telephone number, and an IP address are used, and performs communication and data information exchange via a communication line. Is sent to the authentication server 500 on the side and authentication processing is executed.

図3において、不法行為者によって、製造会社100内部や流通システムBの段階で(流通システムBでの入手の可能性が高い)認証識別子βが入手され、通信事業者200内部や流通システムAの段階で(流通システムAでの入手の可能性が高い)認証識別子αが入手される恐れがあり、一般公開情報である電話番号情報とIPアドレス情報の入手が容易であることを考えると、認証に必要な多種類の認証情報を用いたいわゆるクローン携帯電話機を作成できることになる。   In FIG. 3, an illegal identifier obtains an authentication identifier β in the manufacturing company 100 or distribution system B (highly available in the distribution system B), and the inside of the communication carrier 200 or distribution system A. Authentication identifier α is likely to be obtained at the stage (highly available in distribution system A), and it is easy to obtain telephone number information and IP address information, which are publicly available information. Thus, a so-called clone mobile phone using various kinds of authentication information necessary for the above can be created.

また、製造会社100からの認証識別子βの入手や通信事業者200からの認証識別子αの入手が困難であっても、ユーザ400が通信回線を介して通話やデータ通信を行なうに際して最初に実行される認証処理に必要な上記種類の認証情報の当該通信回線を介しての認証サーバ500への送信時、不法行為者によって通信回線を介して盗聴、傍受により上記認証識別情報を入手される恐れがある。   Further, even if it is difficult to obtain the authentication identifier β from the manufacturing company 100 or the authentication identifier α from the communication carrier 200, the user 400 is executed first when making a call or data communication via the communication line. When the above-mentioned type of authentication information necessary for authentication processing is transmitted to the authentication server 500 via the communication line, there is a risk that an illegal person may obtain the authentication identification information by eavesdropping or interception via the communication line. is there.

そこで、携帯電話機から認証サーバへの通信回線を介して送信される認証情報の盗聴や傍受を回避するため、送信される認証情報を暗号化し、認証サーバ側で暗号化された認証情報を復号した後、認証処理を実行するシステムが提案されている。   Therefore, in order to avoid eavesdropping and interception of authentication information transmitted from the mobile phone to the authentication server, the transmitted authentication information is encrypted and the authentication information encrypted on the authentication server side is decrypted. Later, a system for executing authentication processing has been proposed.

かかる暗号化処理は、暗号処理と解読処理(復号処理)に要する計算量の大きさに応じて安全性が定まることが多く、クローン携帯電話機の作成を不可能とするような絶対的な安全性を得るためには、必要な計算量を大きくしなければならないが、画像通信等の膨大な計算量を必要とする携帯電話機では、既にその処理のために複雑な演算を実行するLSIとメモリを要し、消費電力の問題も考えると、低価格化、省電力化、小型化が最重要課題である携帯電話機では計算量の大きい高度な暗号化は搭載困難である。   In such encryption processing, safety is often determined according to the amount of calculation required for encryption processing and decryption processing (decryption processing), and absolute safety that makes it impossible to create a clone mobile phone In order to obtain the above, it is necessary to increase the amount of calculation required. However, in a mobile phone that requires a large amount of calculation such as image communication, an LSI and a memory that already perform complicated operations are required for the processing. Therefore, considering the problem of power consumption, it is difficult to mount advanced encryption with a large calculation amount in a mobile phone in which cost reduction, power saving, and downsizing are the most important issues.

一方、当該携帯電話機には上記認証情報が格納されている記憶媒体(ROM)が搭載されており、この記憶媒体から上記認証情報(認証識別子)をそっくり盗み取り複写される恐れもある。この複写技術によれば、携帯電話機を製造からユーザまでの流通過程において記憶媒体にある認証識別子、暗号アルゴリズムなど全てを盗み取ることが可能となり、この場合は暗号化しても対策とはなり得なくなる。このような記憶媒体(ROM)の複写に対してはROMに記憶されている情報自体に対する不法な読み込みを不可能とするような対策が望まれるところである。しかし、この問題の解決は、本発明の主課題ではないのでこれ以上の言及はしない。   On the other hand, a storage medium (ROM) in which the authentication information is stored is mounted on the mobile phone, and the authentication information (authentication identifier) may be completely stolen and copied from the storage medium. According to this copying technology, it is possible to steal all authentication identifiers, encryption algorithms, etc. in the storage medium during the distribution process from the manufacture to the user of the mobile phone. In this case, even if it is encrypted, no countermeasure can be taken. . For such a copy of a storage medium (ROM), a measure that makes illegal reading of information stored in the ROM impossible is desired. However, since the solution of this problem is not the main subject of the present invention, no further mention will be made.

上述したように、認証情報の取得が可能であれば、クローン携帯電話機等の作成が可能となり、第三世代〜第四世代の携帯電話機の電子財布としての機能を使う場合には被害が通信料金だけでなく社会一般の商取り引きにおいても拡大し社会問題になる。また、麻薬取引など最初から大掛かりな犯罪行為を計画しているグループでは、犯行時に警察の盗聴、追跡を逃れるためにクローン携帯電話機は活用される恐れもある。   As described above, if the authentication information can be obtained, it is possible to create a clone mobile phone, etc., and if you use the function as an electronic wallet for third-generation to fourth-generation mobile phones, damage will be caused by communication charges In addition to the general business transactions of society, it expands and becomes a social problem. Also, in groups that are planning large-scale criminal activities such as drug trafficking, clone mobile phones may be used to escape police eavesdropping and tracking during crimes.

以上の説明は、携帯電話機についてのものであるが、上述の問題は、同様なシステムを採用している通信端末についても同様である。また、電子商取引のような認証が重要なシステムにおいても同様である。   The above description is about a mobile phone, but the above-mentioned problem is the same for a communication terminal that employs a similar system. The same applies to systems where authentication is important, such as electronic commerce.

電子商取引における認証システムの一例としては、特許文献1に開示されているように、一定時間おきに通信端末からユーザIDとパスワードを送信し、取引システムのサーバ側が認証を行って、二重ログインや取引途中からの
“なりすまし”等の不法行為を防止するシステムがある。
特開平2000−215241(段落番号〔0008〕〜〔0017〕、図1)
As an example of an authentication system in electronic commerce, as disclosed in Patent Document 1, a user ID and a password are transmitted from a communication terminal at regular intervals, and the server side of the transaction system performs authentication, and double login or There is a system that prevents illegal activities such as “spoofing” from the middle of a transaction.
Japanese Patent Laid-Open No. 2000-215241 (paragraph numbers [0008] to [0017], FIG. 1)

本発明は、従来技術の上述した課題に鑑み、なされたものであり、その主要な目的は、通信端末の認証情報の盗聴や詐取を不可能とする認証と認証応答システムを提供することである。   The present invention has been made in view of the above-described problems of the prior art, and its main purpose is to provide an authentication and authentication response system that makes it impossible to wiretap or fraud authentication information of a communication terminal. .

本発明の他の目的は、クローン携帯電話機の作成を阻止する認証と認証応答システムを提供することにある。   Another object of the present invention is to provide an authentication and authentication response system that prevents creation of a clone mobile phone.

本発明の更に他の目的は、“なりすまし”を防止する認証と認証応答システムとを提供することにある。   Still another object of the present invention is to provide an authentication and an authentication response system for preventing “spoofing”.

前述の課題を解決するため、本発明による認証と認証応答システムとは、次のような特徴的な構成を採用している。   In order to solve the above-described problems, the authentication and authentication response system according to the present invention employs the following characteristic configuration.

(1)認証請求側では、2組の乱数データR1、R2のそれぞれについて、予め定めた少なくとも一つの非公開の固有値Nをパラメータとして、所定の暗号化アルゴリズムを実行して2つの暗号化データy1とy2を求め、求められた2つの暗号化データy1とy2の排他的論理和を取って排他的論理和値Yを求め、求められた排他的論理和値Yを2進値に変換し更に2分割した数値Y1、Y2を求め、2分割して求められた一方の数値Y1を認証暗号データとし、他方の数値Y2を認証応答識別データとして保存し、前記2組の乱数データR1、R2と前記認証暗号データY1を認証側に送信し、
認証側では、受信した前記2組の乱数データR1、R2と予め認証請求側から非公開で登録した認証請求側と同じ値の初期値に基づく固有値Nをパラメータとして前記所定の暗号化アルゴリズムを実行して2つの暗号化データy1とy2を求め、求められた2つの暗号化データy1とy2の排他的論理和を取って排他的論理和値Yを求め、求められた排他的論理和値Yを前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y1、Y2を求め、求められた一方の数値Y1を認証識別データとし、他方の数値Y2を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY1と前記認証識別データY1を比較し、両値が一致しているときに認証OKと判断し、前記引き続く認証側では前記認証応答暗号データY2を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY2と前記認証請求側が予め保存している認証応答識別データY2を比較し、両値が一致している時に認証応答OKと判断する認証と認証応答システム。
(1) On the authentication request side, two encryptions are executed by executing a predetermined encryption algorithm for each of the two sets of random data R 1 and R 2 using at least one private eigenvalue N as a parameter. Data y 1 and y 2 are obtained, exclusive OR of the obtained two encrypted data y 1 and y 2 is obtained to obtain an exclusive OR value Y, and the obtained exclusive OR value Y is 2 The numerical values Y1 and Y2 which are converted into a hexadecimal value and further divided into two are obtained, one numerical value Y1 obtained by dividing into two is stored as authentication encrypted data, and the other numerical value Y2 is stored as authentication response identification data. the random number data R 1, R 2 and the authentication encryption data Y1 transmitted to the authenticator,
On the authentication side, the predetermined encryption algorithm using the two sets of received random number data R 1 and R 2 and the eigenvalue N based on the initial value of the same value as that of the authentication requester registered in advance from the authentication requester as a parameter. To obtain the two encrypted data y 1 and y 2 , obtain the exclusive OR of the two obtained encrypted data y 1 and y 2 , and obtain the exclusive OR value Y The exclusive OR value Y is converted into a binary value by the same method as the above-mentioned authentication requester, and further divided into two values Y1 and Y2, and the obtained one value Y1 is used as authentication identification data, and the other value Y2 is obtained. Each of them is stored as authentication response encryption data, and the authentication encryption data Y1 received from the authentication requesting side is compared with the authentication identification data Y1, and when both values match, it is determined that the authentication is OK. Send the authentication response encryption data Y2 to the authentication requester The authentication request side compares the authentication response encryption data Y2 received from the authentication side with the authentication response identification data Y2 stored in advance by the authentication request side, and determines that the authentication response is OK when both values match. Authentication response system.

(2)認証請求側では、初期状態の2組の乱数データR01、R02のそれぞれについて、予め定めた少なくとも一つの非公開の固有値N0をパラメータとして、所定の暗号化アルゴリズムを実行して2つの暗号化データy01とy02を求め、求められた2つの暗号化データy01とy02の排他的論理和を取って排他的論理和値Y0を求め、求められた排他的論理和値Y0を2進値に変換し更に2分割した数値Y10、Y20を求め、求められた一方の数値Y10を認証暗号データとし、他方の数値Y20を認証応答識別データとして保存し、前記2組の乱数データR01、R02と前記認証暗号データY10を認証側に送信し、
前記引き続く認証請求側では、前記暗号化データy01とy02のいずれかを予め定めた方法で選択し割り当てた固有値N1と、新たな2組の乱数データR11、R12のそれぞれについて、前記固有値N1をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy11とy12の排他的論理和を取って得られた排他的論理和値Y1を2進値に変換し更に2分割した数値Y11、Y21を求め、求められた一方の数値Y11を認証暗号データとし、他方の数値Y21を認証応答識別データとして保存し、前記2組の乱数データR11、R12と前記認証暗号データY11を認証側に送信し、
認証側では、受信した前記2組の乱数データR01、R02と予め認証請求側から非公開で登録された前記認証請求側と同じ値の固有値N0をパラメータとして前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy01とy02の排他的論理和を取って得られた排他的論理和値Y0を求め、求められた排他的論理和値Y0を前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y10、Y20を求め、求められた一方の数値Y10を認証識別データとし、他方の数値Y20を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY10と前記認証識別データY1を比較し、両値が一致しているときに認証OKと判断し、前記引き続く認証側では前記認証応答暗号データY20を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY20と前記認証請求側が予め保存している認証応答識別データY20を比較し、両値が一致している時に認証応答OKと判断し、
前記引き続く認証側では、前記暗号化データy01とy02のいずれかを予め定めた認証請求側と同一の方法で選択し割当てた固有値N1と、受信した前記新たな2組の乱数データR11、R12のそれぞれについて、前記固有値N1をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy11とy12の排他的論理和を取って得られた排他的論理和値Y1を求め、求められた排他的論理和値Y1を前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y11、Y21を求め、求められた一方の数値Y11を認証識別データとし、他方の数値Y21を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY11と前記認証識別データY11とを比較し、両値が一致しているときに認証OKと判断する処理をカスケードに実行し、前記引き続く認証側では前記認証応答暗号データY21を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY21と前記認証請求側が予め保存している認証応答識別データY21を比較し、両値が一致している時に認証応答OKと判断する認証と認証応答システム。
(2) The authentication request side executes a predetermined encryption algorithm for each of the two sets of random number data R 01 and R 02 in the initial state, using at least one private eigenvalue N 0 as a parameter. obtains two enciphered data y 01 and y 02, taking two exclusive OR of enciphered data y 01 and y 02 obtained determined the exclusive-OR value Y 0, obtained exclusive seeking a number Y1 0, Y2 0 where the sum value Y 0 is converted further divided into two binary values, numeric values Y1 0 of one obtained by the authentication encryption data, saving the other numerical Y2 0 as an authentication response identification data The two sets of random number data R 01 and R 02 and the authentication encryption data Y1 0 are transmitted to the authentication side,
The subsequent authentication request side selects either one of the encrypted data y 01 and y 02 by a predetermined method and assigns the unique value N 1 and each of the two new sets of random number data R 11 and R 12 . Using the eigenvalue N 1 as a parameter, an exclusive OR value Y 1 obtained by taking the exclusive OR of the two encrypted data y 11 and y 12 obtained by executing the predetermined encryption algorithm The numerical values Y1 1 and Y2 1 converted into binary values and further divided into two are obtained, one of the obtained numerical values Y1 1 is used as authentication encryption data, and the other numerical value Y2 1 is stored as authentication response identification data. the random number data R 11, R 12 and the authentication encryption data Y1 1 transmits to the authenticator,
On the authentication side, the predetermined encryption algorithm is used with the received two sets of random number data R 01 and R 02 and the eigenvalue N 0 having the same value as that of the authentication requesting side registered in advance from the authentication requesting side as parameters. obtains an exclusive OR value Y 0 to the exclusive OR obtained by taking the two enciphered data y 01 and y 02 obtained by executing the exclusive-OR value Y 0 obtained the authentication The numerical values Y1 0 and Y2 0 which are converted into binary values by the same method as the billing side and further divided into two are obtained, and one of the obtained numerical values Y1 0 is used as authentication identification data, and the other numerical value Y2 0 is used as authentication response encryption data. each saved, the said authentication requesting authentication is received from the side encrypted data Y1 0 compares the authentication identification data Y1 0, it is determined that the authentication OK when both values match, the authentication response in the subsequent authentication side the encrypted data Y2 0 transmits to the authentication requesting side, before the authentication requesting side Comparing the authentication response encrypted data Y2 0 and the authentication requesting side authentication response identification data Y2 0 are previously stored received from the authentication side, it is determined that authentication response OK when both values match,
The subsequent authentication side, the encrypted data y 01 and the eigenvalues N 1 assigned selected either a predetermined authentication requesting side and the same method of y 02, received the new two sets of random number data R 11 and R 12 , obtained by taking the exclusive OR of the two encrypted data y 11 and y 12 obtained by executing the predetermined encryption algorithm using the eigenvalue N 1 as a parameter. The exclusive OR value Y 1 is obtained, and the obtained exclusive OR value Y 1 is converted into a binary value by the same method as the authentication requesting side, and further divided into two numerical values Y1 1 and Y2 1 are obtained. was one of the numeric Y1 1 authentication identification data, save each other numerical Y2 1 as an authentication response encrypted data, the comparing the authentication identification data Y1 1 and the authentication encryption data Y1 1 received from the authentication requesting side , Processing to determine that authentication is OK when both values match Run the cascade, the subsequent transmit the authentication response encrypted data Y2 1 in authenticator to the authentication requesting side, authentication requesting side is to the store the authentication requesting side from authenticator and the authentication response encrypted data Y2 1 received in advance authentication and authorization response system authentication response by comparing the identification data Y2 1, determines that the authentication response OK when both values match you are.

(3)認証請求側には、2組の乱数データR1、R2を出力する乱数発生部と、
予め定めた少なくとも一つの非公開の固有値Nをパラメータとして、所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy1とy2を求める暗号化部と、
求められた前記2つの暗号化データy1とy2の排他的論理和値Yを取る排他的論理和部と、
前記排他的論理和値Yを2進値に変換し更に2分割して求められた認証暗号データY1と認証応答識別データY2を出力する分割部と、前記2組の乱数データR1、R2と認証暗号データY1を認証側に送信する送信部とを備え、
認証側には、前記送信部から送信された2組の乱数データR1、Rと認証暗号データY1を受信する受信部と、
前記受信部で受信した前記2組の乱数データR1、R2と予め認証請求側から非公開で登録した認証請求側と同じ値の初期値に基づく固有値Nをパラメータとして前記所定の暗号化アルゴリズムを実行して2つの暗号化データy1とy2を求める復号化部と、
前記復号化部から出力される2つの暗号化データy1とy2の排他的論理和を取って排他的論理和値Yを出力する排他的論理和部と、
前記排他的論理和部で得られた排他的論理和値Yを前記認証請求側と同じ方法で2進値に変換し更に2分割して求められた認証識別データY1と認証応答暗号データY2を出力する分割部と、前記認証請求側から受信した認証暗号データY1と前記認証識別データY1を比較し、両値が一致しているときに認証OKと判断する比較部と、前記認証側の認証応答暗号データY2を送信する送信部と、前記引き続く認証請求側で認証応答暗号データY2を受信する受信部と、前記認証応答暗号データY2と認証請求側が予め保存している認証応答識別データY2とを比較して両値が一致していることを確認する比較部を備えている認証と認証応答システム。
(3) On the authentication request side, a random number generator that outputs two sets of random number data R 1 and R 2 ,
An encryption unit for obtaining two encrypted data y 1 and y 2 obtained by executing a predetermined encryption algorithm using at least one private eigenvalue N as a parameter;
An exclusive OR part that takes an exclusive OR value Y of the obtained two encrypted data y 1 and y 2 ;
A dividing unit that outputs the authentication encrypted data Y1 and the authentication response identification data Y2 obtained by converting the exclusive OR value Y into a binary value and further dividing into two, and the two sets of random number data R 1 and R 2 And a transmission unit for transmitting the authentication encrypted data Y1 to the authentication side,
On the authentication side, a receiving unit that receives two sets of random number data R 1 and R 2 and authentication encrypted data Y 1 transmitted from the transmitting unit;
The predetermined encryption algorithm using the two sets of random number data R 1 and R 2 received by the receiving unit and the eigenvalue N based on the initial value of the same value as that of the authentication requester registered in advance from the authentication requester as a parameter And a decryption unit for obtaining two encrypted data y 1 and y 2 ,
An exclusive OR unit that takes an exclusive OR of the two encrypted data y 1 and y 2 output from the decryption unit and outputs an exclusive OR value Y;
Authentication exclusive data Y1 and authentication response encryption data Y2 obtained by converting the exclusive OR value Y obtained by the exclusive OR part into a binary value by the same method as the authentication requesting side and further dividing into two values are obtained. A dividing unit that outputs, a comparison unit that compares the authentication encrypted data Y1 received from the authentication requesting side with the authentication identification data Y1, and determines that the authentication is OK when both values match; A transmitting unit for transmitting response encrypted data Y2, a receiving unit for receiving authentication response encrypted data Y2 on the subsequent authentication requesting side, authentication response identifying data Y2 stored in advance on the authentication response encrypted data Y2 and the authentication requesting side, and An authentication and authentication response system comprising a comparison unit that compares the two values and confirms that both values match.

(4)上記(2)における引き続く認証請求側では、前記暗号化データy11とy12のいずれかを予め定めた方法で選択し割り当てた固有値N2と新たな2組の乱数データR21、R22のそれぞれについて、前記固有値N2をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy21とy22の排他的論理和を取って得られた排他的論理和値Y2を求め、求められた排他的論理和値Y2を2進値に変換し更に2分割した数値Y12、Y22を求め、求められた一方の数値Y12を認証暗号データとし、他方の数値Y22を認証応答識別データとして保存し、前記2組の乱数データR21、R22と認証暗号データY12を認証側に送信し、
前記引き続く認証側では、前記暗号化データy11とy12のいずれかを予め定めた認証請求側と同一の方法で選択し割り当てた固有値N2と、受信した前記新たな2組の乱数データR21、R22のそれぞれについて、前記固有値N2をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy21とy22の排他的論理和を取って得られた排他的論理和値Y2を2進値に変換し更に2分割した数値Y12、Y22を求め、求められた一方の数値Y12を認証識別データとし、他方の数値Y22を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY12と前記認証識別データY12を比較し、両値が一致しているときに認証OKとし、前記引き続く認証側では前記認証応答暗号データY22を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY22と前記認証請求側が予め保存している認証応答識別データY22を比較し、両値が一致している時に認証応答OKと判断する処理をカスケードに実行する認証と認証応答システム。
(4) At the subsequent authentication request side in (2) above, one of the encrypted data y 11 and y 12 is selected and assigned by a predetermined method and two new sets of random data R 21 , For each of R 22 , the exclusive value obtained by taking the exclusive OR of the two encrypted data y 21 and y 22 obtained by executing the predetermined encryption algorithm using the eigenvalue N 2 as a parameter The logical sum Y 2 is obtained, the obtained exclusive logical sum Y 2 is converted into a binary value, and further divided into two numerical values Y 1 2 and Y 2 2, and the obtained one numerical value Y 1 2 is used as the authentication encryption data. And the other numerical value Y2 2 is stored as authentication response identification data, and the two sets of random number data R 21 and R 22 and authentication encryption data Y1 2 are transmitted to the authentication side,
The subsequent authentication side, the encrypted data y 11 and the eigenvalues N 2 assigned selected either a predetermined authentication requesting side and the same method of y 12, received the new two sets of random number data R Each of 21 and R 22 was obtained by taking the exclusive OR of the two encrypted data y 21 and y 22 obtained by executing the predetermined encryption algorithm using the eigenvalue N 2 as a parameter. The exclusive OR value Y 2 is converted into a binary value and further divided into two numerical values Y1 2 and Y2 2. The obtained numerical value Y1 2 is used as authentication identification data, and the other numerical value Y2 2 is used as the authentication response encryption. The authentication encryption data Y1 2 received from the authentication requesting side and the authentication identification data Y1 2 are compared with each other, the authentication identification data Y12 is compared, and when both values match, the authentication is OK. the encrypted data Y2 2 transmits the authentication requesting side, sure Treated with the requesting side that compares the authentication response encrypted data Y2 2 and the authentication requesting side in advance are stored authentication response identification data Y2 2 received from the authentication-end, it is determined that the authentication response OK when both values match A cascade of authentication and authentication response system.

(5)初期状態の前記固有値N0は、認証請求側と認証側のみが既知で非公開情報である上記(2)または(4)の認証と認証応答システム。 (5) The authentication and authentication response system according to (2) or (4), wherein only the authentication requesting side and the authentication side are known and private information is the eigenvalue N 0 in the initial state.

(6)前記固有値N0は、認証請求者毎に定められたID(認証識別子)である上記(1)乃至(5)のいずれかの認証と認証応答システム。 (6) The authentication and authentication response system according to any one of (1) to (5), wherein the unique value N 0 is an ID (authentication identifier) determined for each authentication requester.

(7)前記認証請求側と前記認証側間のデータ伝送は、通信回線を介して行われる上記(1)乃至(6)のいずれかの認証と認証応答システム。   (7) The authentication and authentication response system according to any one of (1) to (6), wherein data transmission between the authentication requesting side and the authentication side is performed via a communication line.

(8)前記固有値Nは、携帯電話機個々で定められた固有値である上記(1)乃至(7)のいずれかの認証と認証応答システム。 (8) The authentication and authentication response system according to any one of (1) to (7), wherein the eigenvalue N 0 is an eigenvalue determined for each mobile phone.

(9)前記認証対象は、通信端末である上記(1)乃至(7)のいずれかの認証と認証応答システム。   (9) The authentication and authentication response system according to any one of (1) to (7), wherein the authentication target is a communication terminal.

(10)前記認証対象は、通信を行う通信者である上記(1)乃至(7)のいずれかの認証と認証応答システム。   (10) The authentication and authentication response system according to any one of (1) to (7), wherein the authentication target is a communicator who performs communication.

(11)前記所定の暗号化アルゴリズムは、一方向性関数の演算処理である上記(1)乃至(10)のいずれかの認証と認証応答システム。   (11) The authentication and authentication response system according to any one of (1) to (10), wherein the predetermined encryption algorithm is a calculation process of a one-way function.

(12)前記一方向性関数の演算処理は、2種類の乱数をR1とR2、固有値をN、暗号化データをy1とy2としたとき、
y1=(R1+N)mod N R1>N
y2=(R2+N)mod N R2>N
を実行し、暗号化データy1とy2を求め、求められた2つの暗号化データy1とy2の排他的論理和を取って排他的論理和値Yを求め、求められた排他的論理和値Yの桁数を予め定めた方法で減らしてY’を求め、乱数R1とR2を既知の数値としてNからY’を求めることを順方向計算とし、Y’からNを求めることを逆方向計算とそれぞれ定義し、順方向計算は容易に計算できるが、前記排他的論理和値Yの桁数を予め定めた方法で減らして得られたY’からNを求める逆方向計算は計算式が存在しないことにより計算不可能となり、固有値Nの盗聴、詐取を防止する上記(11)の認証と認証応答システム。
(12) The calculation process of the one-way function is such that two types of random numbers are R 1 and R 2 , the eigenvalue is N, and the encrypted data is y 1 and y 2 .
y 1 = (R 1 + N) mod NR 1 > N
y 2 = (R 2 + N) mod NR 2 > N
Is executed, it obtains the encrypted data y 1 and y 2, obtains an exclusive OR value Y takes two exclusive OR of the encrypted data y 1 and y 2 obtained exclusively obtained Decrease the number of digits of the logical sum Y by a predetermined method to obtain Y ', obtain the random numbers R 1 and R 2 as known numerical values, and obtain N' from Y 'as the forward calculation, and obtain N from Y' This is defined as reverse calculation, and the forward calculation can be easily calculated, but the reverse calculation for obtaining N from Y ′ obtained by reducing the number of digits of the exclusive OR value Y by a predetermined method. Since the calculation formula does not exist, the authentication and authentication response system according to the above (11) can be calculated and prevent eavesdropping and fraud of the eigenvalue N.

(13)認証請求側では、2組の乱数データR1、R2のそれぞれについて、予め定めた少なくとも一つの非公開で16進法の2桁以上で2進法の最上位桁に1を割り当てた固有値Nをパラメータとして、所定の暗号化アルゴリズムを実行して2つの暗号化データy1とy2を求め、求められた2つの暗号化データy1とy2の排他的論理和を取って排他的論理和値Yを求め、求められた前記排他的論理和値Yの桁数を予め定めた方法で減らした数値Y’を2進値に変換し更に2分割した数値Y1’、Y2’を求め、求められた一方の数値Y1’を認証暗号データとし、他方の数値Y2’を認証応答識別データとして保存し、前記2組の乱数データR1、R2と認証暗号データY1’を認証側に送信し、
認証側では、受信した前記2組の乱数データR1、R2と予め認証請求側から非公開で登録した認証請求側と同じ値の初期値に基づく固有値Nをパラメータとして前記所定の暗号化アルゴリズムを実行して2つの暗号化データy1とy2を求め、求められた2つの暗号化データy1とy2の排他的論理和を取って排他的論理和値Yを求め、求められた排他的論理和値Yの桁数を予め定めた認証請求側と同一の方法で減らした数値Y’を前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y1’、Y2’を求め、求められた一方の数値Y1’を認証識別データとし、他方の数値Y2’を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY1’と前記認証識別データY1’を比較し、両値が一致しているときに認証OKと判断し、前記引き続く認証側では前記認証応答暗号データY2’を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY2’と前記認証請求側が予め保存している認証応答識別データY2’を比較し、両値が一致している時に認証応答OKと判断する認証と認証応答システム。
(13) On the authentication requesting side, for each of the two sets of random number data R 1 and R 2 , 1 is assigned to the most significant digit of the binary system with at least one secret and two or more digits in hexadecimal notation. Using the specified eigenvalue N as a parameter, a predetermined encryption algorithm is executed to obtain two encrypted data y 1 and y 2, and an exclusive OR of the obtained two encrypted data y 1 and y 2 is obtained. An exclusive OR value Y is obtained, and a numerical value Y ′ obtained by reducing the number of digits of the obtained exclusive OR value Y by a predetermined method is converted into a binary value and further divided into two numerical values Y1 ′ and Y2 ′. One of the obtained numerical values Y1 ′ is used as authentication encryption data, the other numerical value Y2 ′ is stored as authentication response identification data, and the two sets of random number data R 1 and R 2 and authentication encryption data Y1 ′ are authenticated. To the side,
On the authentication side, the predetermined encryption algorithm using the two sets of received random number data R 1 and R 2 and the eigenvalue N based on the initial value of the same value as that of the authentication requester registered in advance from the authentication requester as a parameter. To obtain the two encrypted data y 1 and y 2 , obtain the exclusive OR of the two obtained encrypted data y 1 and y 2 , and obtain the exclusive OR value Y A numerical value Y ′ obtained by reducing the number of digits of the exclusive OR value Y by the same method as that for the authentication requesting side, which has been determined in advance, is converted into a binary value by the same method as the authentication requesting side, and further divided into two values Y1 ′ and Y2 The obtained numerical value Y1 ′ is stored as authentication identification data, the other numerical value Y2 ′ is stored as authentication response encrypted data, and the authentication encrypted data Y1 ′ received from the authentication requesting side and the authentication identification data Y1 'is compared, and if both values match, it is determined that the authentication is OK. Subsequently, the authentication side transmits the authentication response encryption data Y2 ′ to the authentication requesting side, and the authentication requesting side receives the authentication response encryption data Y2 ′ received from the authentication side and the authentication response identification data Y2 stored in advance by the authentication requesting side. An authentication and authentication response system that compares' and determines that the authentication response is OK when both values match.

(14)認証請求側では、初期状態の2組の乱数データR01、R02のそれぞれについて、予め定めた少なくとも一つの非公開で16進法の2桁以上で2進法の最上位桁に1を割り当てた固有値N0をパラメータとして、所定の暗号化アルゴリズムを実行して2つの暗号化データy01とy02を求め、求められた2つの暗号化データy01とy02の排他的論理和を取って排他的論理和値Y0を求め、求められた排他的論理和値Y0の桁数を予め定めた方法で減らした数値Y0’を2進値に変換し更に2分割した数値Y10’、Y20’を求め、求められた一方の数値Y10’を認証暗号データとし、他方の数値Y20’を認証応答識別データとして保存し、前記2組の乱数データR01、R02と認証暗号データY10’を認証側に送信し、
前記引き続く認証請求側では、前記2つの暗号化データy01とy02のいずれかを予め定めた方法で選択して2進値に変換し、最上位桁が常に1となるようにして割り当てた値を固有値N1として、新たな2組の乱数データR11、R12のそれぞれについて、前記固有値N1をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy11とy12の排他的論理和を取って得られた排他的論理和値Y1を求め、求められた排他的論理和値Y1の桁数を予め定めた方法で減らした数値Y1’を2進値に変換し更に2分割した数値Y11’、Y21’を求め、求められた一方の数値Y11’を認証暗号データとし、他方の数値Y21’を認証応答識別データとして保存し、前記2組の乱数データR11、R12と認証暗号データY11’を認証側に送信し、
認証側では、受信した前記2組の乱数データR01、R02と予め認証請求側から非公開で登録された認証請求側と同じ値の固有値N0をパラメータとして前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy01とy02の排他的論理和を取って得られた排他的論理和値Y0を求め、求められた排他的論理和値Y0の桁数を予め定めた認証請求側と同一の方法で減らした数値Y0’を前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y10’、Y20’を求め、求められた一方の数値Y10’を認証識別データとし、他方の数値Y20’を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY10’と前記認証識別データY10’を比較し、両値が一致しているときに認証OKと判断し、前記引き続く認証側では前記認証応答暗号データY20’を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY20’と前記認証請求側が予め保存している認証応答識別データY20’を比較し、両値が一致している時に認証応答OKと判断し、
前記引き続く認証側では、前記2つの暗号化データy01とy02のいずれかを予め定めた認証請求側と同一の方法で選択して2進値に変換し、最上位桁が常に1となるようにして割り当てた値を固有値N1とし、受信した前記新たな2組の乱数データR11、R12のそれぞれについて、前記固有値N1をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy11とy12の排他的論理和を取って得られた排他的論理和値Y1を求め、求められた排他的論理和値Y1の桁数を予め定めた認証請求側と同一の方法で減らした数値Y1’を前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y11’、Y2’を求め、求められた一方の数値Y11’を認証識別データとし、他方の数値Y21’を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY11’と前記認証識別データY11’を比較し、両値が一致しているときに認証OKと判断し、前記引き続く認証側では前記認証応答暗号データY21’を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY21’と前記認証請求側が予め保存している認証応答識別データY21’を比較し、両値が一致している時に認証応答OKと判断する処理をカスケードに実行する認証と認証応答システム。
(14) At the requesting side of authentication, for each of the two sets of random number data R 01 and R 02 in the initial state, at least one predetermined non-disclosure hexadecimal two or more digits and the most significant digit of the binary notation the eigenvalues N 0 assigned 1 as a parameter, and executes a predetermined encryption algorithm obtains two enciphered data y 01 and y 02, exclusive of the two enciphered data y 01 and y 02 obtained obtains an exclusive OR value Y 0 by taking the sum, converts a number Y 0 'with a reduced number of digits of the exclusive OR value Y 0 obtained by a predetermined method to binary value was further divided into two Numeric values Y1 0 ′, Y2 0 ′ are obtained, one of the obtained numeric values Y1 0 ′ is stored as authentication encrypted data, the other numerical value Y2 0 ′ is stored as authentication response identification data, and the two sets of random number data R 01 , Send R 02 and authentication encrypted data Y1 0 'to the authenticator,
In the subsequent authentication request side, either of the two encrypted data y 01 and y 02 is selected by a predetermined method, converted into a binary value, and assigned so that the most significant digit is always 1. values as eigenvalues N 1, for each of the new two sets of random number data R 11, R 12, the eigenvalues N 1 as a parameter, two encrypted data y obtained by executing the predetermined encryption algorithm obtains an exclusive OR value Y 1 obtained by taking the exclusive OR of 11 and y 12, numerical reduced in the obtained exclusive OR value Y 1 of the digits a predetermined method Y 1 ' Is converted into a binary value and further divided into two numbers Y1 1 ′ and Y2 1 ′. One of the obtained numbers Y1 1 ′ is used as authentication encryption data, and the other number Y2 1 ′ is stored as authentication response identification data Then, the two sets of random number data R 11 and R 12 and the authentication encryption data Y1 1 ′ are transmitted to the authentication side,
On the authentication side, the predetermined encryption algorithm is executed using the received two sets of random number data R 01 and R 02 and the eigenvalue N 0 having the same value as that of the authentication requester registered in advance from the authentication requester as parameters. seeking two exclusive OR value Y 0 to the exclusive OR obtained by taking the enciphered data y 01 and y 02 obtained by, the number of digits of the exclusive-OR value Y 0 obtained The numerical value Y 0 ′ reduced by the same method as the authentication requesting side is converted into a binary value by the same method as the authentication requesting side, and further divided into two values Y1 0 ′ and Y2 0 ′. One numerical value Y1 0 ′ is stored as authentication identification data, and the other numerical value Y2 0 ′ is stored as authentication response encrypted data. The authentication encrypted data Y1 0 ′ received from the authentication requesting side and the authentication identification data Y1 0 ′ are stored. When the two values match, it is determined that the authentication is OK. The authentication response encryption data Y2 0 ′ is transmitted to the authentication requesting side, and the authentication requesting side receives the authentication response encryption data Y2 0 ′ received from the authentication side and the authentication response identification data Y2 0 ′ previously stored by the authentication requesting side. Compare and judge that the authentication response is OK when both values match,
On the subsequent authentication side, one of the two encrypted data y 01 and y 02 is selected in the same way as the predetermined authentication request side and converted into a binary value, and the most significant digit is always 1. The value assigned in this way is set as the eigenvalue N 1, and each of the received two new sets of random number data R 11 and R 12 is obtained by executing the predetermined encryption algorithm using the eigenvalue N 1 as a parameter. obtains an exclusive OR value Y 1 obtained by taking the two exclusive OR of the encrypted data y 11 and y 12 that is, the predetermined number of digits of the exclusive OR value Y 1 obtained The numerical value Y 1 'reduced by the same method as the certification requesting side is converted into a binary value by the same method as the certification requesting side, and further divided into two numerical values Y1 1 ', Y2 1 ', and one of the obtained numerical values Y1 1 'to the authentication identification data, the other numbers Y2 1' respectively store as the authentication response encrypted data The comparison authentication requesting side received from 'and the authentication identification data Y1 1' authentication encryption data Y1 1 a, it is determined that the authentication OK when both values match, the subsequent said authentication response encrypted data is authenticator Y2 1 ′ is transmitted to the authentication requesting side, and the authentication requesting side compares the authentication response encrypted data Y2 1 ′ received from the authentication side with the authentication response identification data Y2 1 ′ stored in advance by the authentication requesting side. An authentication and authentication response system that cascades the process of determining that the authentication response is OK when the values match.

本発明の認証システムによると次の如き実用上の顕著な効果を有する。即ち、一般的な認証暗号信号は、計算量的安全性に依拠した高度暗号技術で暗号化して送付されるが、本発明では認証暗号信号を乱数に置き換えて通信し、この乱数から抽出される相手確認認証アルゴリズムを最初の通信開始から毎回カスケードに関連づけてワンタイムの使い捨てとする。その結果、通信回線を傍受して相手確認認証アルゴリズム解読を試みても送信される乱数と認証暗号信号の関係は全くアルゴリズムが存在しない乱数と乱数の関係となるので通信回線傍受による解読は完全に不可能であるから、認証暗号信号自体は暗号化しないで通信回線に送信することができるようになると共に、不法行為者が携帯電話機の認証識別子及び相手確認認証アルゴリズムを製造業者又は流通過程などで、携帯電話機の記憶媒体(ROM)から不法に複写して盗み出し、いわゆるクローン携帯電話機を製作して“なりすまし”を試みても、前記相手確認認証アルゴリズムがカスケードに関連づけてある為、不法行為者は前記乱数と認証暗号データをユーザが通信開始時から継続的に全て盗聴し、データベースに蓄積して解析しなければならず“なりすまし”は極めて困難であり、万一、不法行為者がクローン携帯電話機を使用して“なりすまし”に成功しても、ユーザの携帯電話機は不法行為者が“なりすまし”を実行した時点で無効化されるため、ユーザは“なりすまし”が行われたことに気づくことになり、不法行為者が“なりすまし”を継続して実行することは困難となる。   The authentication system according to the present invention has the following remarkable practical effects. That is, a general authentication encryption signal is sent after being encrypted by advanced encryption technology that relies on computational security, but in the present invention, the authentication encryption signal is replaced with a random number and communicated, and extracted from this random number. The partner confirmation / authentication algorithm is associated with the cascade every time from the start of the first communication and is one-time disposable. As a result, even if the communication line is intercepted and the other party authentication algorithm is attempted to be decrypted, the relationship between the random number sent and the authentication encryption signal is the relationship between the random number and the random number for which no algorithm exists. Since it is impossible, the authentication encrypted signal itself can be transmitted to the communication line without being encrypted, and the illegal person can obtain the authentication identifier of the mobile phone and the partner confirmation authentication algorithm by the manufacturer or the distribution process. Even if illegally copying and stealing from a storage medium (ROM) of a mobile phone and making a so-called clone mobile phone and attempting "spoofing", the torrent authentication algorithm is associated with the cascade, The random number and the authentication encryption data are continuously eavesdropped from the beginning of communication by the user, stored in the database and analyzed. “Spoofing” is extremely difficult, and even if an illegal person succeeds in “spoofing” using a clone mobile phone, the user's mobile phone performs “spoofing”. Since it is invalidated at this point, the user will notice that “spoofing” has been performed, and it will be difficult for an illegal person to continue “spoofing”.

ユーザ認証においては、通常、ワンタイムの使い捨て相手確認認証信号は、過去の全ての通信履歴を継続的に記録管理して同じワンタイム相手確認認証信号が繰り返すことを避ける方法がとられているが、本発明では、過去の全ての通信履歴を継続的に記録管理することなく、直前に使用した固有値Nを記録し、ワンタイムの使い捨て相手確認認証信号を確立することができる。その結果、通信事業者の認証サーバ内のメモリを節約し、プログラムを簡素化することができる。   In user authentication, a one-time disposable partner confirmation authentication signal is usually recorded and managed by continuously recording all past communication histories so that the same one-time partner confirmation authentication signal is not repeated. In the present invention, the one-time disposable partner confirmation authentication signal can be established by recording the eigenvalue N used immediately before without continuously recording and managing all past communication histories. As a result, the memory in the authentication server of the communication carrier can be saved and the program can be simplified.

以下、本発明による認証システムの実施例について説明する。
一般のユーザ認証技術は、通信回線で傍受解読を避けるために認証暗号データを計算量的安全性に依拠した高度暗号技術で暗号化して送付されるが、本発明では認証暗号データを乱数に置き換えて通信し、この乱数から抽出される相手確認認証アルゴリズムを最初の通信開始から毎回カスケードに関連づけてワンタイムの使い捨てとする。その結果、通信回線を傍受して相手確認認証アルゴリズム解読を試みても送信される乱数R1、R2と認証暗号データY1’の関係は全くアルゴリズムが存在しない乱数と乱数の関係となるので通信回線傍受による解読は完全に不可能であるから、認証暗号データ自体は暗号化しないで通信回線に送信することができるようになると共に過去の通信履歴から乱数データR1、R2と認証暗号データY’の数値を模倣して“なりすまし”を試みても、乱数R1、R2と認証暗号データY’の関係が偶然一致することを除き、合理的に“なりすまし”をすることは不可能となり、乱数R1、R2と認証暗号データの関係が偶然に一致する確率は乱数R1、R2と認証暗号データY1’の2進値の総当り数に反比例するので、乱数R1、R2と認証暗号データY1’の2進値の全ての乗算値が少なくとも128桁(128ビット)以上になるような乱数データR1、R2と認証暗号データY1’を選択することにより、偶然一致による“なりすまし”を殆ど防止することができるとともに認証応答暗号データY2’も認証暗号データY1’と同じ原理で“なりすまし”を殆ど防止できる。
Embodiments of the authentication system according to the present invention will be described below.
In general user authentication technology, in order to avoid eavesdropping on communication lines, authentication encryption data is encrypted and sent using advanced encryption technology that relies on computational security. In the present invention, authentication encryption data is replaced with random numbers. The partner confirmation authentication algorithm extracted from this random number is associated with the cascade every time from the start of the first communication, and is made one-time disposable. As a result, the relationship between the random numbers R 1 and R 2 and the authentication encrypted data Y1 'that are sent even if the communication line is intercepted and the other party authentication algorithm is decrypted is a relationship between the random number and the random number for which no algorithm exists. Since decryption by line interception is completely impossible, the authentication encryption data itself can be transmitted to the communication line without being encrypted, and the random number data R 1 and R 2 and the authentication encryption data can be transmitted from the past communication history. Even if you attempt “spoofing” by imitating the value of Y ′, it is impossible to “spoof” reasonably, except that the relationship between the random numbers R 1 and R 2 and the authentication encryption data Y 'coincides. next, the relation of the random number R 1, R 2 and the authentication encryption data the probability of match by chance is inversely proportional to the total number per binary value of the random number R 1, R 2 and the authentication encryption data Y1 ', the random number R 1, All multiplication values of binary value of R 2 and authentication encryption data Y1 ' By selecting random number data R 1 , R 2 and authentication encryption data Y1 ′ that are at least 128 digits (128 bits) or more, “spoofing” due to coincidence can be almost prevented and authentication response encryption data Y2 'can almost prevent "spoofing" by the same principle as the authentication encryption data Y1'.

ユーザ認証においては、通常、ワンタイムの使い捨て相手確認認証信号は、過去の全ての通信履歴を継続的に記録管理して同じワンタイム相手確認認証信号が繰り返すことを避ける方法がとられているが、本発明では、認証暗号データと認証応答暗号データを乱数に置き換えて通信し、この乱数から抽出される相手確認認証アルゴリズムを最初の通信開始から毎回カスケードに関連付けてワンタイムの使い捨てとすることにより、過去の全ての通信履歴を継続的に記録管理することなく、直前に使用した固有値Nを記録し、ワンタイムの使い捨て相手確認認証信号を確立することができる。その結果、通信事業者の認証サーバ内のメモリを節約し、プログラムを簡素化することができる。   In user authentication, a one-time disposable partner confirmation authentication signal is usually recorded and managed by continuously recording all past communication histories so that the same one-time partner confirmation authentication signal is not repeated. In the present invention, the authentication encryption data and the authentication response encryption data are replaced with random numbers for communication, and the other party authentication algorithm extracted from the random numbers is associated with the cascade every time from the start of the first communication so that it is one-time disposable. The eigenvalue N used immediately before can be recorded and the one-time disposable partner confirmation authentication signal can be established without continuously recording and managing all past communication histories. As a result, the memory in the authentication server of the communication carrier can be saved and the program can be simplified.

図1は、本発明による認証システムの一実施例における認証請求側としての送信側のシステム構成図である。   FIG. 1 is a system configuration diagram of a transmission side as an authentication request side in an embodiment of an authentication system according to the present invention.

本実施例では、送信側である認証請求側に、乱数発生部11、乱数選択部12、暗号化部13、排他的論理和(EX―OR)部14、分割部15、送信部16、受信部17、比較部18を備える。   In the present embodiment, a random number generation unit 11, a random number selection unit 12, an encryption unit 13, an exclusive OR (EX-OR) unit 14, a division unit 15, a transmission unit 16, and a reception are sent to an authentication requesting side that is a transmission side. A unit 17 and a comparison unit 18 are provided.

乱数選択部12は、乱数発生部11で発生された乱数から所望の乱数データを選択して出力するもので、本実施例では、2つの乱数データR1とR2を出力する。2つの乱数データR1とR2は、乱数発生部11から発生される乱数から、例えば256ビットの乱数データを2組切り出して出力する。乱数発生部11から異なる2組の乱数データR1とR2が得られるような構成であれば、乱数選択部12は必ずしも必要ではない。ここで、乱数は真性乱数が好ましいが、疑似乱数であっても適用可能である。 The random number selection unit 12 selects and outputs desired random number data from the random numbers generated by the random number generation unit 11, and outputs two random number data R 1 and R 2 in this embodiment. As the two random number data R 1 and R 2 , for example, two sets of 256-bit random number data are cut out from the random number generated from the random number generator 11 and output. The random number selection unit 12 is not always necessary as long as two different sets of random number data R 1 and R 2 can be obtained from the random number generation unit 11. Here, the random number is preferably a true random number, but even a pseudo-random number is applicable.

暗号化部13は、乱数選択部12から出力される2組の乱数データR1、R2と、予め定めた少なくとも一つの、例えば、128ビットで最上位桁の数値が2進法の1を割り当てた固有値Nをパラメータとして入力とし、所定の暗号化アルゴリズム、例えば、(1)及び(2)式に示すような一方向性関数を実行して暗号化された暗号化データy1とy2の排他的論理和を取って得られた排他的論理和値Yを求めて、求められた排他的論理和値Yの桁数を予め定めた方法で減らした数値Y’を2進値に変換して更に2分割して数値Y1’、Y2’を求め、求められた一方の数値Y1’を認証暗号データとし、他方の数値Y2’を認証応答データとして保存し、前記2組の乱数データR1、R2と認証暗号データY1’を受信側である認証側に送信する。
y1=(R1+N)mod N R1>N (1)
y2=(R2+N)mod N R2>N (2)
The encryption unit 13 sets two sets of random number data R 1 and R 2 output from the random number selection unit 12 and at least one predetermined number of, for example, 128 bits and the most significant digit is binary one. Encrypted data y 1 and y 2 encrypted by using the assigned eigenvalue N as a parameter and executing a predetermined encryption algorithm, for example, a one-way function as shown in equations (1) and (2) Obtain the exclusive OR value Y obtained by taking the exclusive OR of, and convert the number Y 'obtained by reducing the number of digits of the obtained exclusive OR value Y in a predetermined method into a binary value Then, it is further divided into two to obtain numerical values Y1 'and Y2', one of the obtained numerical values Y1 'is used as authentication encryption data, and the other numerical value Y2' is stored as authentication response data. 1 , R 2 and authentication encrypted data Y1 ′ are transmitted to the authenticating side that is the receiving side.
y 1 = (R 1 + N) mod NR 1 > N (1)
y 2 = (R 2 + N) mod NR 2 > N (2)

こうして得られた認証暗号データY1’と2組の乱数データR1、R2が送信部16から通信回線に向けて送信される。 The authentication encryption data Y1 ′ thus obtained and two sets of random number data R 1 and R 2 are transmitted from the transmission unit 16 toward the communication line.

図1に示す送信側の構成と動作を以下より具体的に説明する。
先ず、初期段階の乱数発生部11で発生された異なる2組のそれぞれ、例えば、256ビットの乱数データR01とR02が暗号化部13に出力される。暗号化部13には、認証請求側の、特別な、例えば、128ビットで最上位桁の数値が2進法の1を割り当てた固有値N0をパラメータとして入力されている。この固有値N0としては、例えばID(認証識別子)を用いることができる。
The configuration and operation on the transmission side shown in FIG. 1 will be described more specifically below.
First, two different sets of, for example, 256-bit random number data R 01 and R 02 generated by the initial stage random number generation unit 11 are output to the encryption unit 13. The encryption unit 13 is input with a special value N 0 assigned to the authentication request side, for example, a unique value N 0 in which the numerical value of the highest-order digit of 128 bits is assigned binary one. As the unique value N 0 , for example, an ID (authentication identifier) can be used.

暗号化部13は、かかる乱数データR01、R02及び固有値N02を用いて上記(1)及び(2)式のような関数演算を実行する。ここで、固有値N0<乱数データR01又はR02とする。
2組の乱数データR01、R02のそれぞれに対して下記(3)及び(4)式による2つの暗号化データy01とy02が得られる。すなわち、
y01=(R01+N0)mod N0 (3)
y02=(R02+N0)mod N0 (4)
The encryption unit 13 performs a function operation such as the above expressions (1) and (2) using the random number data R 01 and R 02 and the eigenvalue N 02 . Here, eigenvalue N 0 <random number data R 01 or R 02 is assumed.
Two encrypted data y 01 and y 02 are obtained by the following equations (3) and (4) for each of the two sets of random data R 01 and R 02 . That is,
y 01 = (R 01 + N 0 ) mod N 0 (3)
y 02 = (R 02 + N 0 ) mod N 0 (4)

こうして得られた2つの暗号化データy01とy02は、排他的論理和部14で、次のような排他的論理和の処理が実行され、排他的論理和値Y0を求め、求められた排他的論理和値Y0の桁数を予め定めた方法で減らした数値Y0’が得られる。
Y0=y01(EX-OR)y02 (5)
ここで、y01(EX-OR)y02は、y01とy02の排他的論理和を示す。
The two encrypted data y 01 and y 02 obtained in this way are subjected to the following exclusive OR processing in the exclusive OR unit 14 to obtain an exclusive OR value Y 0 and obtained. A numerical value Y 0 ′ obtained by reducing the number of digits of the exclusive OR value Y 0 by a predetermined method is obtained.
Y 0 = y 01 (EX-OR) y 02 (5)
Here, y 01 (EX-OR) y 02 represents an exclusive OR of y 01 and y 02 .

この数値Y0’は分割部15にて2分割されY1’、Y2’が求められた後、認証暗号データとしてY1’と2組の乱数データR01、R02が、通信回線を介して認証側に送信され、数値Y2’は認証応答識別データとして保存する。この認証暗号データY1’は、一方向性相手確認認証信号である。 This numerical value Y 0 ′ is divided into two by the dividing unit 15, and Y 1 0 ′ and Y 2 0 ′ are obtained. Then, Y 1 0 ′ as authentication encryption data and two sets of random number data R 01 and R 02 are connected to the communication line. The numerical value Y2 0 ′ is stored as authentication response identification data. This authentication encryption data Y1 0 ′ is a one-way partner confirmation authentication signal.

さて、一方、認証側では、認証請求側から送信された乱数データR01、R02及び固有値N0が渡されている。固有値N0は、非公開とし、認証側に手渡しのような、他の媒体を介在させずに渡され、乱数データR01、R02のデータは通信回線を介して送信される。 On the other hand, on the authentication side, random number data R 01 and R 02 and a unique value N 0 transmitted from the authentication requesting side are passed. The eigenvalue N 0 is not disclosed and is passed without any other medium such as handing to the authentication side, and the random number data R 01 and R 02 are transmitted via the communication line.

本発明が適用されるシステムにおいては、認証請求側と認証側との間で使用される上記(1)及び(2)式の関数が取り決められており、お互いに既知である。そして、固有値N0と乱数データR01、R02も既知であるから、認証側においては、認証請求側における上記(3)、(4)式による関数演算を実行でき、暗号化データy01とy02が求められる。 In the system to which the present invention is applied, the functions of the above expressions (1) and (2) used between the authentication requesting side and the authentication side are negotiated and are known to each other. Since the eigenvalue N 0 and the random number data R 01 and R 02 are also known, the authentication side can execute the function calculation according to the above equations (3) and (4) on the authentication request side, and the encrypted data y 01 and y 02 is required.

したがって、求められた暗号化データy01とy02を用いて(5)式により排他的論理和値Y0を求め、求められた排他的論理和値Y0の桁数を予め定めた認証請求側と同一の方法で桁数を減らして数値Y0’が得られる。更に分割部にて前記数値Y0’を前記認証請求側と同じ方法で2進値に変換して2分割し2種類の数値Y10’Y20’を求め一方の数値Y10’を認証識別データとし他方の数値Y20’を認証応答暗号データとする。前記認証請求側から認証暗号データY10’は通信回線を介して送出されているから、認証側では、受信した認証暗号データY10’と、前記認証識別データY10’が一致していれば、認証請求側と認証側間で秘密裏に所持するパラメータが一致していることを示し、認証請求側が本人であると認証することができる。 Therefore, the exclusive OR value Y 0 is obtained by the equation (5) using the obtained encrypted data y 01 and y 02, and the number of digits of the obtained exclusive OR value Y 0 is determined in advance. The number Y 0 'is obtained by reducing the number of digits in the same way as the side. Further, the numerical values Y 0 'the authentication requesting side and converted to binary value in the same way divided into two two numbers Y1 0' Y2 0 'look one numeric Y1 0' authentication identifying the divided portion The other numeric value Y2 0 ′ is used as authentication response encryption data. Since the authentication encryption data Y1 0 ′ is transmitted from the authentication requesting side via a communication line, the authentication side receives the authentication encryption data Y1 0 ′ and the authentication identification data Y1 0 ′ if they match. This indicates that the parameters secretly held by the authentication requesting side and the authentication side match, and it can be authenticated that the authentication requesting side is the principal.

図2には、かかる動作を実行する認証側のシステム構成図が示されている。
通信回線を介して送信される認証暗号データY10’、乱数データR01及びR02を受信部21で受信し、復号化部22において、固有値N、乱数データR01及びR02に基づいて上記(3)、(4)式を演算し、暗号化データy01とy02を得る。得られた暗号化データy01とy02を用いて、排他的論理和部23で(5)式に従って排他的論理和演算が実行され、排他的論理和値Y0を求めて、求められた排他的論理和値Y0の桁数を予め定めた認証請求側と同一の方法で減らして数値Y0’を得る。得られた数値Y0’は、分割部24により前記認証請求側と同じ方法で2進値に変換し2分割して2種類の数値Y10’とY20’を求め一方の数値Y10’を認証識別データとし、他方の数値Y20’を認証応答暗号データとしてそれぞれ保存し、比較部25により受信部21で受信した認証暗号データY10’と認証識別データY10’を比較される。比較の結果、両値が一致していれば、認証OKで認証請求側本人と判断され、不一致であれば、認証不可で認証請求側本人ではないと判断する。この認証判断結果として、前記認証応答暗号データY20
を送信部25から通信回線を介して認証請求側に送信される。
FIG. 2 shows a system configuration diagram of the authentication side that executes such an operation.
The authentication encryption data Y1 0 ′ and random number data R 01 and R 02 transmitted via the communication line are received by the reception unit 21, and the decryption unit 22 receives the eigenvalue N 0 and the random number data R 01 and R 02. The above equations (3) and (4) are calculated to obtain encrypted data y 01 and y 02 . Using the obtained encrypted data y 01 and y 02, is executed exclusive-OR operation is exclusive OR unit 23 in accordance with (5), seeking exclusive-OR value Y 0, obtained A number Y 0 ′ is obtained by reducing the number of digits of the exclusive OR value Y 0 in the same way as the predetermined authentication requesting side. Numerical resulting Y 0 'is by the division unit 24 is converted into a binary value in the same manner as the authentication requesting side 2 divided and two numbers Y1 0' and Y2 0 'look one numeric Y1 0' Are stored as authentication identification data, the other numerical value Y2 0 ′ is stored as authentication response encryption data, and the authentication encryption data Y1 0 ′ received by the reception unit 21 is compared with the authentication identification data Y1 0 ′ by the comparison unit 25. As a result of the comparison, if the two values match, it is determined that the authentication requesting person is authenticated by authentication OK, and if they do not match, it is determined that the authentication is impossible and the authentication requesting person is not. As the authentication judgment result, the authentication response encrypted data Y2 0
Is transmitted from the transmitting unit 25 to the authentication requesting side via the communication line.

認証請求側では認証側から送信された認証応答暗号データY20’を受信部17にて受信し、前記認証請求側で予め保存された認証応答識別データY20’と比較される。比較の結果、両値が一致していれば、認証応答OKで認証側本人と判断され、不一致であれば、認証不可で認証側本人ではないと判断する。 On the authentication requesting side, the authentication response encrypted data Y2 0 ′ transmitted from the authentication side is received by the receiving unit 17 and compared with the authentication response identification data Y2 0 ′ stored in advance on the authentication requesting side. As a result of the comparison, if both values match, it is determined that the user is the authenticating user in the authentication response OK, and if they are not matched, it is determined that the authentication is impossible and the user is not the authenticating user.

ここで、次回の認証時に用いる固有値Nとして暗号化データy01とy02のいずれかを用いることを予め認証請求側と認証側の約束事とする。例えば、次回認証時に認証請求側で選択する固有値N1としては暗号化データy01を用いることとする。初期時のN値としての固有値N0は、前述のように認証請求者のID等の、例えば、128ビットで最上位桁の数値が2進法の1を割り当てた固有値とするが、次回以降のN値を初期固有値N0の桁数と同一桁数とするため、選択された暗号化データy01の2進法の最上位桁に固定値1を割り当て、第2回目の固有値N1とし、第2回目以降も同様な処理を行う。この処理は、認証請求側及び認証側双方でそれぞれ実施される。その後の実際の運用時には、認証回数が最初から数えてn回目とすれば直前の認証処理で用いられた暗号化データy(n−1)1を用いることとする。 Here, it is assumed in advance that the authentication requesting side and the authentication side use one of the encrypted data y 01 and y 02 as the eigenvalue N 1 used for the next authentication. For example, the encrypted data y 01 is used as the unique value N 1 selected on the authentication request side at the next authentication. As described above, the unique value N 0 as the initial N value is a unique value such as the ID of the authentication requester, for example, 128 bits and the most significant digit assigned with binary 1; In order to make the N value of the same number of digits as the initial eigenvalue N 0 , the fixed value 1 is assigned to the most significant binary digit of the selected encrypted data y 01 to be the second eigen value N 1 The same processing is performed after the second time. This process is performed on both the authentication requesting side and the authentication side. In actual operation after that, if the number of authentications is nth from the beginning, the encrypted data y (n−1) 1 used in the immediately preceding authentication process is used.

次の第2回目の認証のタイミングでは、認証請求側では、固有値N1として暗号化データy01を与え、同様に乱数発生部11から異なる2組の乱数データR11、R12を取り出し、上記(3)式と(4)式と同様に、暗号化データy11 とy12を下記(6)、(7)式により求める。
y11=(R11+N1)mod N1 R11>N1 (6)
y12=(R12+N1)mod N1 R12>N1 (7)
At the timing of the next second authentication, the authentication requesting side gives the encrypted data y 01 as the eigenvalue N 1 , similarly takes out two different sets of random number data R 11 and R 12 from the random number generator 11 , and Similarly to the equations (3) and (4), the encrypted data y 11 and y 12 are obtained by the following equations (6) and (7).
y 11 = (R 11 + N 1 ) mod N 1 R 11 > N 1 (6)
y 12 = (R 12 + N 1 ) mod N 1 R 12 > N 1 (7)

こうして得られた2つの暗号化データy11とy12は排他的論理和部14で、次のような(8)式に従う排他的論理和演算が実行され、排他的論理和値Y1を求め、求められた排他的論理和値Y1の桁数を予め定めた方法で減らし数値Y1’が得られる。
Y1=y11(EX-OR)y12 (8)
Thus two encrypted data y 11 and y 12 obtained in exclusive part 14, an exclusive OR operation according as follows (8) is executed, obtains the exclusive-OR value Y 1 The number of digits of the obtained exclusive OR value Y 1 is reduced by a predetermined method to obtain a numerical value Y 1 ′.
Y 1 = y 11 (EX-OR) y 12 (8)

したがって、認証請求側の送信部16からは、(3)式で求めたy01をデータの最上位桁の数値が2進法の1を割り当てた固有値N1としたN1値、2組の乱数データR11、R12及び上記(8)式で排他的論理和値Y1を求め、求めた排他的論理和値Y1の桁数を予め定めた方法で減らした数値Y1’を分割部15にて2進値に変換して更に2分割して数値Y11’、Y21’を求め、Y11’を認証暗号データとし、Y21’を認証応答識別データとし、認証暗号データY11は送信部16により乱数データR11、R12とともに通信回線を介して認証側に送信されることになる。 Therefore, from the transmitter 16 on the authentication request side, y 01 obtained by the equation (3) is set to N 1 value, 2 sets of eigenvalue N 1 in which the numerical value of the most significant digit of the data is assigned binary 1 random number data R 11, R 12 and obtains the exclusive-oR value Y 1 in the above (8), numerically reduced by the determined exclusive-oR value Y 1 of the digits a predetermined method divides Y 1 ' The unit 15 converts it to a binary value and further divides it into two to obtain numerical values Y1 1 ′, Y2 1 ′, Y1 1 ′ as authentication encryption data, Y2 1 ′ as authentication response identification data, and authentication encryption data Y1 1 is transmitted by the transmission unit 16 to the authentication side via the communication line together with the random number data R 11 and R 12 .

認証側では、受信部21で受信した乱数データR11、R12と、前記認証請求側で選択された暗号化データy01と同一の暗号化データを認証側で前記(3)式により求められたy01を選択し、選択された暗号化データy01を2進値に変換し、最上位桁が常に1となるように割り当てた固有値N1を用いて、復号化部22において、上記(6)式と(7)式に基づいて暗号化データy11とy12を求める。得られた暗号化データy11とy12は、排他的論理和部23で(8)式による排他的論理和処理が実行され、排他的論理和値Y1が求まり、求められた排他的論理和値Y1の桁数を予め定めた認証請求側と同一の方法で減らした数値Y1’が求まり、求められた数値Y1’を分割部24にて2進値に変換して更に2分割して数値Y11’、Y21’を求め、Y11’を認証識別データとし、Y21’を認証応答暗号データとしてそれぞれ求まる。 On the authentication side, the random data R 11 and R 12 received by the receiving unit 21 and the same encrypted data as the encrypted data y 01 selected on the authentication requesting side are obtained by the above equation (3). Y 01 is selected, the selected encrypted data y 01 is converted into a binary value, and the decryption unit 22 uses the unique value N 1 assigned so that the most significant digit is always 1 in the above ( Encrypted data y 11 and y 12 are obtained based on equations 6) and (7). The obtained encrypted data y 11 and y 12 are subjected to exclusive OR processing according to the equation (8) in the exclusive OR unit 23 to obtain the exclusive OR value Y 1 , and the obtained exclusive logic A numerical value Y 1 ′ obtained by reducing the number of digits of the sum Y 1 by the same method as that for the predetermined authentication request side is obtained, and the obtained numerical value Y 1 ′ is converted into a binary value by the dividing unit 24 and further 2 By dividing, numerical values Y1 1 ′ and Y2 1 ′ are obtained, Y1 1 ′ is used as authentication identification data, and Y2 1 ′ is obtained as authentication response encryption data.

比較部25は、こうして分割部24で得られた認証識別データY11’と、受信部21で認証請求側から送出され、認証側で受信した認証暗号データY11’を比較する。比較の結果、両値が一致していれば、認証OKで認証請求側本人と判断され、不一致であれば、認証不可で認証請求側本人ではないと判断する。この認証判断結果は、送信部26から通信回線を介して認証請求側に認証応答暗号データY21’として送出され、認証請求側では前記認証側から受信した認証応答暗号データY21’と前記認証請求側が予め保存している認証応答識別データY21’を比較し、両値が一致している時に認証応答OKと判断する。 The comparison unit 25 compares the authentication identification data Y1 1 ′ thus obtained by the dividing unit 24 with the authentication encrypted data Y1 1 ′ sent from the authentication requesting side by the receiving unit 21 and received by the authentication side. As a result of the comparison, if the two values match, it is determined that the authentication requesting person is authenticated by authentication OK, and if they do not match, it is determined that the authentication is impossible and the authentication requesting person is not. This authentication determination result is sent as authentication response encrypted data Y2 1 ′ from the transmitting unit 26 to the authentication requesting side via the communication line, and the authentication requesting side receives the authentication response encrypted data Y2 1 ′ received from the authentication side and the authentication The requester compares the authentication response identification data Y2 1 ′ stored in advance, and determines that the authentication response is OK when both values match.

同様な認証処理は引き続く認証処理においても実行される。例えば、第3回目の認証のタイミングでは、認証請求側では、同様に、当該認証時に用いる固有値N2として前回の認証時に得た暗号化データy11を用いる。そして、乱数発生部11から2組の乱数データR21、R22を取り出し、上記(3)式と(4)式と同様に、暗号化データy21とy22を(9)式と(10)式により求める。
y21=(R21+N2)mod N2 R21>N2 (9)
y22=(R22+N2)mod N2 R22>N2 (10)
Similar authentication processing is executed in subsequent authentication processing. For example, in the timing of the third authentication, the authentication requesting side, likewise, use encryption data y 11 obtained in the previous authentication as eigenvalues N 2 used during the authentication. Then, two sets of random number data R 21 and R 22 are extracted from the random number generator 11, and the encrypted data y 21 and y 22 are converted into the expressions (9) and (10) in the same manner as the expressions (3) and (4). )
y 21 = (R 21 + N 2 ) mod N 2 R 21 > N 2 (9)
y 22 = (R 22 + N 2 ) mod N 2 R 22 > N 2 (10)

こうして得られた2つの暗号化データy21とy22は排他的論理和部14で、次の(11)式に従う排他的論理和演算が実行され、排他的論理和値Y2が求められ、求められた排他的論理和値Y2の桁数を予め定めた方法で減らし、分割部15にて2進値に変換して更に2分割して数値Y12’、Y22’を求め、Y12’を認証暗号データとし、Y212’を認証応答識別データとしてそれぞれが得られる。
Y2=y21(EX-OR)y22 (11)
The two encrypted data y 21 and y 22 obtained in this way are subjected to an exclusive OR operation according to the following equation (11) in the exclusive OR unit 14 to obtain an exclusive OR value Y 2 . The number of digits of the obtained exclusive OR value Y 2 is reduced by a predetermined method, converted into a binary value by the dividing unit 15, and further divided into two to obtain numerical values Y1 2 ′, Y2 2 ′, and Y1 2 'is used as authentication encryption data, and Y2 12 ' is used as authentication response identification data.
Y 2 = y 21 (EX-OR) y 22 (11)

認証請求側の送信部16からは、2組の乱数データR21、R22及び上記(11)式で求めた排他的論理和値Y2を予め定めた方法で桁数を減らし分割部15にて2進値に変換して更に2分割して数値Y12’、Y22’を求め、Y12’を認証暗号データとし、Y22’を認証応答識別データとし、認証暗号データY12’は通信回線を介して2組の乱数データR21、R22とともに認証側に送信され、認証応答識別データY22’は認証請求側にて保存される。 From the transmitter 16 on the authentication request side, the number of digits is reduced to the dividing unit 15 by a predetermined method for the two sets of random number data R 21 and R 22 and the exclusive OR value Y 2 obtained by the above equation (11). To binary values and further divided into two to obtain numerical values Y1 2 ′, Y2 2 ′, Y1 2 ′ as authentication encryption data, Y2 2 ′ as authentication response identification data, and authentication encryption data Y1 2 ′ Two sets of random number data R 21 and R 22 are transmitted to the authentication side via the communication line, and authentication response identification data Y2 2 ′ is stored on the authentication request side.

認証側の受信側では、受信部21により受信した乱数データR21、R22及び前記認証請求側で選択された暗号化データy11と同一の暗号化データy11を認証側で前記(6)式により求められたy11を選択し、選択された暗号化データy11を2進値に変換し、最上位桁が常に1となるように割り当てた固有値N2を用いて、復号化部22において、上記(9)式と(10)式に基づいて暗号化データy21とy22を求める。得られた暗号化データy21とy22は、排他的論理和部23で(11)式による排他的論理和処理が実行され、排他的論理和値Yが求まり、求められた排他的論理和値Y2の桁数を予め定められた認証請求側と同一の方法で減らして数値Y2’が求まり、求められた数値Y2’を分割部24にて認証請求側と同じ方法で2進値に変換して更に2分割して数値Y12’、Y22’を求め、数値Y12’を認証識別データとし、数値Y22’を認証応答暗号データとしてそれぞれ求まる。 The authentication side of the receiving side, the authentication side random number data R 21, R 22 and the authentication requesting same and the encrypted data y 11 selected by side encrypted data y 11 received by the receiving section 21 (6) Y 11 obtained by the equation is selected, the selected encrypted data y 11 is converted into a binary value, and the eigenvalue N 2 assigned so that the most significant digit is always 1 is used to decrypt the decryption unit 22. The encrypted data y 21 and y 22 are obtained based on the above equations (9) and (10). The obtained encrypted data y 21 and y 22 are subjected to exclusive OR processing according to the expression (11) in the exclusive OR unit 23 to obtain the exclusive OR value Y 2 , and the obtained exclusive logic 'Motomari is, the obtained numerical Y 2' numerical Y 2 by reducing the number of digits of sum value Y 2 at a predetermined authentication requesting side and the same way the same manner as the authentication requesting side by division unit 24 2 It is converted into a hexadecimal value and further divided into two to obtain numerical values Y1 2 ′ and Y2 2 ′, the numerical value Y1 2 ′ is used as authentication identification data, and the numerical value Y2 2 ′ is obtained as authentication response encryption data.

比較部25は、こうして分割部24で得られた認証識別データY12’と、受信部21で認証請求側から送出され、受信した認証暗号データY12’を比較する。比較の結果、両値が一致していれば、認証OKで認証側本人と判断され、不一致であれば、認証不可で認証側本人ではないと判断する。この認証判断結果は、送信部26から通信回線を介して認証請求側に認証応答暗号データY22’として送出され、認証請求側では前記認証側から受信した認証応答暗号データY22’と前記認証請求側が予め保存している認証応答識別データY22’を比較し、両値が一致している時に認証応答OKと判断する。 The comparison unit 25 compares the authentication identification data Y1 2 ′ thus obtained by the division unit 24 with the authentication encryption data Y1 2 ′ sent from the authentication requesting side by the reception unit 21 and received. As a result of the comparison, if both values match, it is determined that the user is the authenticating user by authentication OK, and if they are not matched, it is determined that the authentication is not possible and the user is not the authenticating user. This authentication judgment result is sent as authentication response encrypted data Y2 2 ′ from the transmitting unit 26 to the authentication requesting side via the communication line, and the authentication requesting side receives the authentication response encrypted data Y2 2 ′ received from the authenticating side and the authentication The requester compares the authentication response identification data Y2 2 'stored in advance, and determines that the authentication response is OK when both values match.

以上の処理が認証請求側と認証側間で認証請求毎に実行される。   The above processing is executed for each authentication request between the authentication requesting side and the authentication side.

上述システムでは、所定の暗号化アルゴリズムは2つの同一関数に2組の乱数値R1とR2とを既知として1種類の16進数の2桁以上で2進値の最上位桁が常に1を割り当てた固有値Nを代入し、2つの演算処理値y1とy2の排他的論理和をとり、この排他的論理和値Yを2進値に変換し予め定めた方法で桁数を減らした値Y’を求め、NからY’を求める計算を順方向計算とし、順方向計算で求められた値Y’から前記2組の乱数R1とR2を代入して前記固有値Nを求める計算を逆方向計算とそれぞれ定義する。前記排他的論理和を実行した結果、求められる排他的論理輪値Yの2進法の桁数を減らすことによるNからY’の計算は一方向不可逆性の関係が成立し、順方向では計算可能であるが、逆方向は計算不可能であり、総当り法による計算方法で前記固定値Nを求めることを試みても複数の値が求められ、断定的に前記固有値Nであることを確認することは不可能である。 In the above-mentioned system, the predetermined encryption algorithm has two sets of random numbers R 1 and R 2 known to two identical functions, and two or more digits of one kind of hexadecimal number, and the most significant digit of the binary value is always 1. The assigned eigenvalue N is substituted, and the exclusive OR of the two arithmetic processing values y 1 and y 2 is calculated. The exclusive OR value Y is converted into a binary value, and the number of digits is reduced by a predetermined method. A calculation for obtaining the value Y ′, calculating Y ′ from N as a forward calculation, and substituting the two sets of random numbers R 1 and R 2 from the value Y ′ obtained by the forward calculation for calculating the eigenvalue N Are defined as backward calculation. As a result of executing the exclusive OR, the calculation of N to Y 'by reducing the number of binary digits of the obtained exclusive logical ring value Y has a one-way irreversible relationship and is calculated in the forward direction. Although it is possible, the reverse direction cannot be calculated, and even if it is attempted to obtain the fixed value N by the calculation method based on the brute force method, a plurality of values are obtained, and it is confirmed that the eigenvalue N is determined. It is impossible to do.

ここで、データN1〜Nnとしてy01〜y(n−1)1を選択してカスケードに代入して使い捨てる場合、R01〜R(n−1)1が乱数であるので、y01〜y(nー1)1の信号も乱数となり、Nの桁数が変動する。つまり、yの数値の上位桁に偶然0が発生することによりNの桁数が減少し、Nの桁数が減少すればyの桁数もそれに従って小さくなり、Nとyの桁数が二度と元の桁数に戻ることはない。 Here, when y 01 to y (n−1) 1 is selected as the data N 1 to N n and assigned to the cascade for disposal, since R 01 to R (n−1) 1 is a random number, y The signal from 01 to y (n-1) 1 is also a random number, and the number of digits of N varies. In other words, the number of digits of N decreases due to the occurrence of zero in the upper digits of the numerical value of y. If the number of digits of N decreases, the number of digits of y decreases accordingly, and the number of digits of N and y becomes twice. There is no return to the original number of digits.

その結果、認証請求側と認証側双方において、排他的論理輪値Y、認証暗号データY1’、認証応答暗号データY2’の桁数が前記Nとyの桁数が減少するのに一致して減少して、最終的に前記N1、y1、Y、Y1’
Y2’の値がすべてゼロとなり、相手確認認証信号としての機能は消失し、前記N1、y1、Y、Y1’ Y2’の値が元の桁数に戻ることはない。前記N1、y1、Y、Y1’
Y2’の桁数を一定に保つためにyの2進値の最上位桁に常に1となるように割り当てたy01〜y(nー1)1の最上位から二番目以下の桁の数値をy01〜y(nー1)1の数値の変化に一致して前記N1〜Nnの2進値の最上位桁の数値に続いて割り当てることによりyの数値の変化に一致して、Nの数値にyの数値を割り当てる。
As a result, on both the authentication request side and the authentication side, the number of digits of the exclusive logical ring value Y, the authentication encrypted data Y1 ′, and the authentication response encrypted data Y2 ′ coincides with the decrease in the number of N and y digits. Decreasing, finally said N 1 , y 1 , Y, Y1 ′
The values of Y2 ′ are all zero, the function as the partner confirmation authentication signal is lost, and the values of N 1 , y 1 , Y, Y1 ′ Y2 ′ do not return to the original number of digits. N 1 , y 1 , Y, Y1 ′
Y 01 to y (n-1) assigned to the most significant digit of the binary value of y so that the number of digits of Y2 'remains constant To match the change in the numerical value of y 01 to y (n-1) and to match the change in the numerical value of y by allocating the numerical value of the most significant digit of the binary value of N 1 to N n in succession. , N is assigned to y.

上述実施例の説明は、一般的な認証処理についてのものであるが、前述携帯電話機の認証処理に用いることができることは容易に理解できるところである。すなわち、最初に設定するN値として、携帯電話機の保有者の格別な固有情報IDを用いれば良い。   The description of the above embodiment is for a general authentication process, but it can be easily understood that it can be used for the authentication process of the mobile phone. In other words, as the N value to be set first, the unique information ID of the owner of the mobile phone may be used.

以上説明したように、本発明では、一方向性相手確認認証(一方向性関数)において独立に発生した2種類の(2つの)乱数データR01とR02に基づいて(3)式や(4)式の関数演算で得られた暗号化データy01とy02を用いて(5)式に従って排他的論理和処理を実行して得られる排他的論理和値Y0を予め定めた方法で桁数を減らして得られる数値Y0’は一方向不可逆性を確保できる。また、最初の登録時には認証請求者のID等の固有値N0を秘密に手渡しで認証側に登録し、次回の認証以降は予め取り決めた前回認証処理時に得られた暗号化データ(例えば、y01)とすることを決めておき、認証請求側から認証側に送出するデータとしては、認証暗号データY10’、2種類の乱数データR01とR02と認証応答暗号データ
Y20’だけであり、これらデータ自体はアルゴリズムの関係を有しないから、通信回線からこれらデータを盗聴したとしても“なりすまし”はきわめて困難である。つまり、固有値Nは、初期固有値N0(認証請求者のID等の秘密情報)から継続するカスケード的に関連するデータであり、過去の通信履歴を記録管理することなく、直前の認証処理で用いられた固有値Nのみ記録管理するだけで、他人による“なりすまし”を防止できる。
As described above, in the present invention, based on the two types of (two) random number data R 01 and R 02 generated independently in the one-way partner confirmation authentication (one-way function), the equation (3) and ( 4) The exclusive OR value Y 0 obtained by executing the exclusive OR process according to the equation (5) using the encrypted data y 01 and y 02 obtained by the function operation of the equation in a predetermined method. The numerical value Y 0 ′ obtained by reducing the number of digits can ensure one-way irreversibility. Further, at the time of the first registration, the unique value N 0 such as the ID of the authentication requester is secretly registered to the authentication side by hand, and after the next authentication, the encrypted data obtained during the previous authentication process (for example, y 01 The data to be sent from the authentication requesting side to the authentication side is the authentication encryption data Y1 0 ', two types of random number data R 01 and R 02, and authentication response encryption data
Since only Y2 0 ′ and these data itself do not have an algorithmic relationship, “spoofing” is extremely difficult even if these data are wiretapped from the communication line. That is, the eigenvalue N is cascade-related data that continues from the initial eigenvalue N 0 (secret information such as the ID of the authentication requester), and is used in the immediately preceding authentication process without recording and managing past communication history. It is possible to prevent “spoofing” by others by only recording and managing the specified eigenvalue N.

以上、本発明による認証システムの好適実施例の構成および動作を詳述した。しかし、斯かる実施例は、本発明の単なる例示に過ぎず、何ら本発明を限定するものではない。本発明の要旨を逸脱することなく、特定用途に応じて種々の変形変更が可能であること、当該業者には容易に理解できよう。   The configuration and operation of the preferred embodiment of the authentication system according to the present invention have been described above in detail. However, such an example is merely an example of the present invention and does not limit the present invention. It will be easily understood by those skilled in the art that various modifications and changes can be made according to the specific application without departing from the gist of the present invention.

本発明による認証システムの一実施例における認証請求(送信)側のシステム構成図である。It is a system configuration | structure figure by the side of the authentication claim (transmission) in one Example of the authentication system by this invention. 本発明による認証システムの一実施例における認証(受信)側のシステム構成図である。It is a system configuration | structure figure by the side of authentication (reception) in one Example of the authentication system by this invention. 従来の携帯電話機の認証処理の手順を示すシステム構成図である。It is a system configuration | structure figure which shows the procedure of the authentication process of the conventional mobile telephone.

符号の説明Explanation of symbols

11 乱数発生部
12 乱数選択部
13 暗号化部
14 分割部
15 排他的論理和(EX―OR)部
16 送信部
17 受信部
18 比較部
21 受信部
22 復号化部
23 排他的論理和(EX―OR)部
24 分割部
25 比較部(一致)
26 送信部
100 製造会社
200 通信事業者
300 販売店
400 ユーザ
500 通信事業者
DESCRIPTION OF SYMBOLS 11 Random number generation part 12 Random number selection part 13 Encryption part 14 Division | segmentation part 15 Exclusive OR (EX-OR) part 16 Transmission part 17 Reception part 18 Comparison part 21 Reception part 22 Decoding part 23 Exclusive OR (EX- OR) part 24 division part 25 comparison part (match)
26 Transmitter 100 Manufacturing Company 200 Telecom Operator 300 Dealer 400 User 500 Telecom Operator

Claims (14)

認証請求側では、2組の乱数データR1、R2のそれぞれについて、予め定めた少なくとも一つの非公開の固有値Nをパラメータとして、所定の暗号化アルゴリズムを実行して2つの暗号化データy1とy2を求め、求められた2つの暗号化データy1とy2の排他的論理和を取って排他的論理和値Yを求め、求められた排他的論理和値Yを2進値に変換し更に2分割した数値Y1、Y2を求め、2分割して求められた一方の数値Y1を認証暗号データとし、他方の数値Y2を認証応答識別データとして保存し、前記2組の乱数データR1、R2と前記認証暗号データY1を認証側に送信し、
認証側では、受信した前記2組の乱数データR1、R2と予め認証請求側から非公開で登録した認証請求側と同じ値の初期値に基づく固有値Nをパラメータとして前記所定の暗号化アルゴリズムを実行して2つの暗号化データy1とy2を求め、求められた2つの暗号化データy1とy2の排他的論理和を取って排他的論理和値Yを求め、求められた排他的論理和値Yを前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y1、Y2を求め、求められた一方の数値Y1を認証識別データとし、他方の数値Y2を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY1と前記認証識別データY1を比較し、両値が一致しているときに認証OKと判断し、前記引き続く認証側では前記認証応答暗号データY2を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY2と前記認証請求側が予め保存している認証応答識別データY2を比較し、両値が一致している時に認証応答OKと判断することを特徴とする認証と認証応答システム。
On the authentication request side, for each of the two sets of random data R 1 and R 2 , a predetermined encryption algorithm is executed using at least one predetermined private eigenvalue N as a parameter, and the two encrypted data y 1 And y 2 are obtained, the exclusive OR of the obtained two encrypted data y 1 and y 2 is obtained to obtain the exclusive OR value Y, and the obtained exclusive OR value Y is converted into a binary value. Converted and further divided into two numerical values Y1 and Y2, obtain one numerical value Y1 obtained by dividing into two as authentication encryption data, and store the other numerical value Y2 as authentication response identification data. 1 , R 2 and the authentication encryption data Y1 are transmitted to the authentication side,
On the authentication side, the predetermined encryption algorithm using the two sets of received random number data R 1 and R 2 and the unique value N based on the initial value of the same value as the authentication requesting side previously registered privately from the authentication requesting side as parameters two calculated encrypted data y 1 and y 2 run obtains an exclusive OR value Y taking two exclusive OR of the encrypted data y 1 and y 2 obtained was calculated The exclusive OR value Y is converted into a binary value by the same method as the above-mentioned authentication requester, and further divided into two values Y1 and Y2, and the obtained one value Y1 is used as authentication identification data, and the other value Y2 is obtained. Each of them is stored as authentication response encryption data, and the authentication encryption data Y1 received from the authentication requesting side is compared with the authentication identification data Y1, and when both values match, it is determined that the authentication is OK. Send the authentication response encryption data Y2 to the authentication requester, The certificate requesting side compares the authentication response encryption data Y2 received from the authentication side with the authentication response identification data Y2 stored in advance by the authentication requesting side, and determines that the authentication response is OK when both values match. Features authentication and authentication response system.
認証請求側では、初期状態の2組の乱数データR01、R02のそれぞれについて、予め定めた少なくとも一つの非公開の固有値N0をパラメータとして、所定の暗号化アルゴリズムを実行して2つの暗号化データy01とy02を求め、求められた2つの暗号化データy01とy02の排他的論理和を取って排他的論理和値Y0を求め、求められた排他的論理和値Y0を2進値に変換し更に2分割した数値Y10、Y20を求め、求められた一方の数値Y10を認証暗号データとし、他方の数値Y20を認証応答識別データとして保存し、前記2組の乱数データR01、R02と前記認証暗号データY10を認証側に送信し、
前記引き続く認証請求側では、前記暗号化データy01とy02のいずれかを予め定めた方法で選択し割り当てた固有値N1と、新たな2組の乱数データR11、R12のそれぞれについて、前記固有値N1をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy11とy12の排他的論理和を取って得られた排他的論理和値Y1を2進値に変換し更に2分割した数値Y11、Y21を求め、求められた一方の数値Y11を認証暗号データとし、他方の数値Y21を認証応答識別データとして保存し、前記2組の乱数データR11、R12と前記認証暗号データY11を認証側に送信し、
認証側では、受信した前記2組の乱数データR01、R02と予め認証請求側から非公開で登録された前記認証請求側と同じ値の固有値N0をパラメータとして前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy01とy02の排他的論理和を取って得られた排他的論理和値Y0を求め、求められた排他的論理和値Y0を前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y10、Y20を求め、求められた一方の数値Y10を認証識別データとし、
他方の数値Y20を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY10と前記認証識別データY1を比較し、両値が一致しているときに認証OKと判断し、前記引き続く認証側では前記認証応答暗号データY20を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY20と前記認証請求側が予め保存している認証応答識別データY20を比較し、両値が一致している時に認証応答OKと判断し、
前記引き続く認証側では、前記暗号化データy01とy02のいずれかを予め定めた認証請求側と同一の方法で選択し割当てた固有値N1と、受信した前記新たな2組の乱数データR11、R12のそれぞれについて、前記固有値N1をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy11とy12の排他的論理和を取って得られた排他的論理和値Y1を求め、求められた排他的論理和値Y1を前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y11、Y21を求め、求められた一方の数値Y11を認証識別データとし、他方の数値Y21を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY11と前記認証識別データY11を比較し、両値が一致しているときに認証OKと判断する処理をカスケードに実行し、前記引き続く認証側では前記認証応答暗号データY21を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY21と前記認証請求側が予め保存している認証応答識別データY21を比較し、両値が一致している時に認証応答OKと判断することを特徴とする認証と認証応答システム。
The authentication requester executes a predetermined encryption algorithm for each of the two sets of random number data R 01 and R 02 in the initial state, using a predetermined at least one private eigenvalue N 0 as a parameter, and executes two encryptions. the calculated data y 01 and y 02, taking two exclusive OR of enciphered data y 01 and y 02 obtained determined the exclusive-OR value Y 0, obtained exclusive-OR value Y The numerical values Y1 0 and Y2 0 obtained by converting 0 into a binary value and further divided into two are obtained, one of the obtained numerical values Y1 0 is used as authentication encryption data, and the other numerical value Y2 0 is stored as authentication response identification data. Two sets of random data R 01 and R 02 and the authentication encryption data Y1 0 are sent to the authentication side,
The subsequent authentication request side selects one of the encrypted data y 01 and y 02 by a predetermined method and assigns the unique value N 1 and each of two new sets of random number data R 11 and R 12 . Using the eigenvalue N 1 as a parameter, an exclusive OR value Y 1 obtained by taking the exclusive OR of the two encrypted data y 11 and y 12 obtained by executing the predetermined encryption algorithm The numerical values Y1 1 and Y2 1 converted into binary values and further divided into two are obtained, one of the obtained numerical values Y1 1 is used as authentication encryption data, and the other numerical value Y2 1 is stored as authentication response identification data. the random number data R 11, R 12 and the authentication encryption data Y1 1 transmits to the authenticator,
On the authentication side, the predetermined encryption algorithm is used with the received two sets of random number data R 01 and R 02 and the eigenvalue N 0 having the same value as that of the authentication requesting side registered in advance from the authentication requesting side as parameters. obtains an exclusive OR value Y 0 to the exclusive OR obtained by taking the two enciphered data y 01 and y 02 obtained by executing the exclusive-OR value Y 0 obtained the authentication The numerical values Y1 0 and Y2 0 converted into binary values by the same method as the requesting side and further divided into two values are obtained, and the obtained one numerical value Y1 0 is used as the authentication identification data,
The other numerical value Y2 0 is stored as authentication response encryption data, respectively, and the authentication encryption data Y1 0 received from the authentication requesting side is compared with the authentication identification data Y1 0. When both values match, the authentication OK The subsequent authentication side transmits the authentication response encrypted data Y2 0 to the authentication requesting side, and the authentication requesting side transmits the authentication response encrypted data Y2 0 received from the authentication side and the authentication stored in advance by the authentication requesting side. comparing the response identification data Y2 0, determines that the authentication response OK when both values match,
The subsequent authentication side, the encrypted data y 01 and the eigenvalues N 1 assigned selected either a predetermined authentication requesting side and the same method of y 02, received the new two sets of random number data R 11 and R 12 , obtained by taking the exclusive OR of the two encrypted data y 11 and y 12 obtained by executing the predetermined encryption algorithm using the eigenvalue N 1 as a parameter. The exclusive OR value Y 1 is obtained, and the obtained exclusive OR value Y 1 is converted into a binary value by the same method as the authentication requesting side, and further divided into two numerical values Y1 1 and Y2 1 are obtained. One numerical value Y1 1 is used as authentication identification data, the other numerical value Y2 1 is stored as authentication response encrypted data, and the authentication encrypted data Y1 1 received from the authentication requesting side is compared with the authentication identification data Y1 1 . The process for determining that authentication is OK when both values match is Executed Cade, the subsequent transmit the authentication response encrypted data Y2 1 in authenticator to the authentication requesting side, authentication requesting side is to the store the authentication requesting side from authenticator and the authentication response encrypted data Y2 1 received in advance authentication and authorization response system authentication response by comparing the identification data Y2 1, characterized by determining that authentication response OK when both values match you are.
認証請求側には、2組の乱数データR1、R2を出力する乱数発生部と、予め定めた少なくとも一つの非公開の固有値Nをパラメータとして、所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy1とy2を求める暗号化部と、 求められた前記2つの暗号化データy1とy2の排他的論理和値Yを取る排他的論理和部と、
前記排他的論理和値Yを2進値に変換し更に2分割して求められた認証暗号データY1,認証応答識別データY2を出力する分割部と、前記2組の乱数データR1、R2と認証暗号データY1を認証側に送信する送信部とを備え、
認証側には、前記送信部から送信されたデータを受信する受信部と、
前記受信部で受信した前記2組の乱数データR1、R2と予め認証請求側から非公開で登録した認証請求側と同じ値の初期値に基づく固有値Nをパラメータとして前記所定の暗号化アルゴリズムを実行して2つの暗号化データy1とy2を求める復号化部と、
前記復号化部から出力される2つの暗号化データy1とy2の排他的論理和を取って排他的論理和値Yを出力する排他的論理和部と、
前記排他的論理和部で得られた排他的論理和値Yを前記認証請求側と同じ方法で2進値に変換し更に2分割して求められた認証識別データY1と認証応答暗号データY2を出力する分割部と、前記認証請求側から受信した認証暗号データY1と前記認証識別データY1を比較し、両値が一致しているときに認証OKと判断する比較部と、前記認証側の認証応答暗号データY2を送信する送信部と、前記引き続く認証請求側で認証応答暗号データY2を受信する受信部と、前記認証応答暗号データY2と認証請求側が予め保存している認証応答識別データY2とを比較して両値が一致していることを確認する比較部を備えていることを特徴とする認証と認証応答システム。
The authentication request side is obtained by executing a predetermined encryption algorithm using a random number generator for outputting two sets of random data R 1 and R 2 and at least one private eigenvalue N as a parameter. and two of the encryption unit for obtaining the encrypted data y 1 and y 2 and, an exclusive OR unit taking the exclusive-OR value Y of the two encryption data y 1 and y 2 obtained,
A division unit that outputs the authentication encrypted data Y1 and the authentication response identification data Y2 obtained by converting the exclusive OR value Y into a binary value and further dividing into two, and the two sets of random number data R 1 and R 2 And a transmission unit for transmitting the authentication encrypted data Y1 to the authentication side,
On the authentication side, a receiving unit that receives data transmitted from the transmitting unit;
The predetermined encryption algorithm using the two sets of random number data R 1 and R 2 received by the receiving unit and the eigenvalue N based on the initial value of the same value as that of the authentication requester registered in advance from the authentication requester as a parameter And a decryption unit for obtaining two encrypted data y 1 and y 2 ,
An exclusive OR unit that takes an exclusive OR of the two encrypted data y 1 and y 2 output from the decryption unit and outputs an exclusive OR value Y;
Authentication exclusive data Y1 and authentication response encryption data Y2 obtained by converting the exclusive OR value Y obtained by the exclusive OR part into a binary value by the same method as the authentication requesting side and further dividing into two values are obtained. A dividing unit that outputs, a comparison unit that compares the authentication encrypted data Y1 received from the authentication requesting side with the authentication identification data Y1, and determines that the authentication is OK when both values match; A transmitting unit for transmitting response encrypted data Y2, a receiving unit for receiving authentication response encrypted data Y2 on the subsequent authentication requesting side, authentication response identifying data Y2 stored in advance on the authentication response encrypted data Y2 and the authentication requesting side, And an authentication response system, comprising a comparison unit for comparing the two values and confirming that both values match.
請求項2における引き続く認証請求側では、前記暗号化データy11とy12のいずれかを予め定めた方法で選択し割り当てた固有値N2と新たな2組の乱数データR21、R22のそれぞれについて、前記固有値N2をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy21とy22の排他的論理和を取って得られた排他的論理和値Y2を求め、求められた排他的論理和値Y2を2進値に変換し更に2分割した数値Y12、Y22を求め、求められた一方の数値Y12を認証暗号データとし、他方の数値Y22を認証応答識別データとして保存し、前記2組の乱数データR21、R22と認証暗号データY12を認証側に送信し、
前記引き続く認証側では、前記暗号化データy11とy12のいずれかを予め定めた認証請求側と同一の方法で選択し割り当てた固有値N2と、受信した前記新たな2組の乱数データR21、R22のそれぞれについて、前記固有値N2をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy21とy22の排他的論理和を取って得られた排他的論理和値Y2を2進値に変換し更に2分割した数値Y12、Y22を求め、求められた一方の数値Y12を認証識別データとし、他方の数値Y22を認証応答暗号データとしてそれぞれ保存し、
前記認証請求側から受信した認証暗号データY12と前記認証識別データY12を比較し、両値が一致しているときに認証OKとし、前記引き続く認証側では前記認証応答暗号データY22を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY22と前記認証請求側が予め保存している認証応答識別データY22を比較し、両値が一致している時に認証応答OKと判断する処理をカスケードに実行することを特徴とする認証と認証応答システム。
Claims in subsequent authentication requesting side in claim 2, wherein each of the encrypted data y 11 and random number data R 21 either selects in a predetermined manner the assigned eigenvalues N 2 as a new two sets of y 12, R 22 , The exclusive OR value Y obtained by taking the exclusive OR of the two encrypted data y 21 and y 22 obtained by executing the predetermined encryption algorithm using the eigenvalue N 2 as a parameter 2 is obtained, the obtained exclusive OR value Y 2 is converted into a binary value, and further divided into two numbers Y1 2 and Y2 2 are obtained. One of the obtained numbers Y1 2 is used as the authentication encryption data, and the other is obtained. The numerical value Y2 2 is stored as authentication response identification data, and the two sets of random number data R 21 and R 22 and the authentication encryption data Y1 2 are transmitted to the authentication side,
The subsequent authentication side, the encrypted data y 11 and the eigenvalues N 2 assigned selected either a predetermined authentication requesting side and the same method of y 12, received the new two sets of random number data R Each of 21 and R 22 was obtained by taking the exclusive OR of the two encrypted data y 21 and y 22 obtained by executing the predetermined encryption algorithm using the eigenvalue N 2 as a parameter. The exclusive OR value Y 2 is converted into a binary value and further divided into two numerical values Y1 2 and Y2 2. The obtained numerical value Y1 2 is used as authentication identification data, and the other numerical value Y2 2 is used as the authentication response encryption. Save each as data,
Comparing the authentication requesting authentication is received from the side encrypted data Y1 2 and the authentication identification data Y1 2, the authentication OK when both values match, authenticating the authentication response encrypted data Y2 2 in the subsequent authentication side When the authentication request side compares the authentication response encryption data Y2 2 received from the authentication side with the authentication response identification data Y2 2 stored in advance by the authentication request side, the two values match. An authentication and authentication response system characterized in that processing for determining an authentication response OK is executed in cascade.
初期状態の前記固有値N0は、認証請求側と認証側のみが既知で非公開情報であることを特徴とする請求項2または4に記載の認証と認証応答システム。 The eigenvalues N 0 in the initial state, authentication and authorization response system according to claim 2 or 4, characterized in that only the authenticator and the authentication requesting side is public information known. 前記固有値N0は、認証請求者毎に定められたID(認証識別子)であることを特徴とする請求項1乃至5のいずれかに記載の認証と認証応答システム。 6. The authentication and authentication response system according to claim 1, wherein the unique value N0 is an ID (authentication identifier) determined for each authentication requester. 前記認証請求側と前記認証側間のデータ伝送は、通信回線を介して行われることを特徴とする請求項1乃至6のいずれかに記載の認証と認証応答システム。   The authentication and authentication response system according to claim 1, wherein data transmission between the authentication requesting side and the authentication side is performed via a communication line. 前記固有値N0は、携帯電話機個々で定められた固有値であることを特徴とする請求項1乃至7のいずれかに記載の認証と認証応答システム。 The authentication and authentication response system according to claim 1, wherein the eigenvalue N 0 is a eigenvalue determined for each mobile phone. 前記認証対象は、通信端末であることを特徴とする請求項1乃至7のいずれかに記載の認証と認証応答システム。   The authentication and authentication response system according to any one of claims 1 to 7, wherein the authentication target is a communication terminal. 前記認証対象は、通信を行う通信者であることを特徴とする請求項1乃至7のいずれかに記載の認証と認証応答システム。   The authentication and authentication response system according to claim 1, wherein the authentication target is a communicator who performs communication. 前記所定の暗号化アルゴリズムは、一方向性関数の演算処理であることを特徴とする請求項1乃至10のいずれかに記載の認証と認証応答システム。   11. The authentication and authentication response system according to claim 1, wherein the predetermined encryption algorithm is a one-way function calculation process. 前記一方向性関数の演算処理は、2種類の乱数をR1とR2、固有値をN、暗号化データをy1とy2としたとき、
y1=(R1+N)mod N R1 > N
y2=(R2+N) mod N R2 > N
を実行し、暗号化データy1とy2を求め、求められた2つの暗号化データy1とy2の排他的論理和を取って排他的論理和値Yを求め、求められた排他的論理和値Yの桁数を予め定めた方法で減らしてY’を求め、乱数R1とR2を既知の数値としてNからY’を求めることを順方向計算とし、Y’からNを求めることを逆方向計算とそれぞれ定義し、順方向計算は容易に計算できるが、前記排他的論理和値Yの桁数を予め定めた方法で減らして得られたY’からNを求める逆方向計算は計算式が存在しないことにより計算不可能となり、固有値Nの盗聴、詐取を防止することを特徴とする請求項11に記載の認証と認証応答システム。
The calculation process of the one-way function has two types of random numbers R 1 and R 2 , eigenvalue N, and encrypted data y 1 and y 2 .
y 1 = (R 1 + N) mod NR 1 > N
y 2 = (R 2 + N) mod NR 2 > N
Is executed, it obtains the encrypted data y 1 and y 2, obtains an exclusive OR value Y takes two exclusive OR of the encrypted data y 1 and y 2 obtained exclusively obtained Decrease the number of digits of the logical sum Y by a predetermined method to obtain Y ', obtain the random numbers R 1 and R 2 as known numerical values, and obtain N' from Y 'as the forward calculation, and obtain N from Y' This is defined as reverse calculation, and the forward calculation can be easily calculated, but the reverse calculation for obtaining N from Y ′ obtained by reducing the number of digits of the exclusive OR value Y by a predetermined method. 12. The authentication and authentication response system according to claim 11, wherein calculation is impossible due to the absence of a calculation formula, and eavesdropping and fraud of the eigenvalue N are prevented.
認証請求側では、2組の乱数データR1、R2のそれぞれについて、予め定めた少なくとも一つの非公開で16進法の2桁以上で2進法の最上位桁に1を割り当てた固有値Nをパラメータとして、所定の暗号化アルゴリズムを実行して2つの暗号化データy1とy2を求め、求められた2つの暗号化データy1とy2の排他的論理和を取って排他的論理和値Yを求め、求められた前記排他的論理和値Yの桁数を予め定めた方法で減らした数値Y’を2進値に変換し更に2分割した数値Y1’、Y2’を求め、求められた一方の数値Y1’を認証暗号データとし、他方の数値Y2’を認証応答識別データとして保存し、前記2組の乱数データR1、R2と認証暗号データY1’を認証側に送信し、
認証側では、受信した前記2組の乱数データR1、R2と予め認証請求側から非公開で登録した認証請求側と同じ値の初期値に基づく固有値Nをパラメータとして前記所定の暗号化アルゴリズムを実行して2つの暗号化データy1とy2を求め、求められた2つの暗号化データyとyの排他的論理和を取って排他的論理和値Yを求め、求められた排他的論理和値Yの桁数を予め定めた認証請求側と同一の方法で減らした数値Y’を前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y1’、Y2’を求め、求められた一方の数値Y1’を認証識別データとし、他方の数値Y2’を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY1’と前記認証識別データY1’を比較し、両値が一致しているときに認証OKと判断し、前記引き続く認証側では前記認証応答暗号データY2’を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY2’と前記認証請求側が予め保存している認証応答識別データY2’を比較し、両値が一致している時に認証応答OKと判断することを特徴とする認証と認証応答システム。
On the authentication request side, for each of the two sets of random number data R 1 and R 2 , the eigenvalue N in which at least one predetermined secret and two or more hexadecimal digits and 1 is assigned to the most significant digit of the binary number Is used as a parameter to execute a predetermined encryption algorithm to obtain two encrypted data y 1 and y 2, and to obtain the exclusive OR of the two obtained encrypted data y 1 and y 2 A sum Y is obtained, a numerical value Y ′ obtained by reducing the number of digits of the obtained exclusive OR value Y by a predetermined method is converted into a binary value, and further divided into two values Y1 ′ and Y2 ′. One of the obtained numerical values Y1 ′ is used as authentication encryption data, the other numerical value Y2 ′ is stored as authentication response identification data, and the two sets of random number data R 1 and R 2 and authentication encryption data Y1 ′ are transmitted to the authentication side. And
On the authentication side, the predetermined encryption algorithm using the two sets of received random number data R 1 and R 2 and the unique value N based on the initial value of the same value as the authentication requesting side previously registered privately from the authentication requesting side as parameters To obtain the two encrypted data y 1 and y 2 , obtain the exclusive OR of the two obtained encrypted data y 1 and y 2 , and obtain the exclusive OR value Y A numerical value Y ′ obtained by reducing the number of digits of the exclusive OR value Y by the same method as that for the authentication requesting side, which has been determined in advance, is converted into a binary value by the same method as the authentication requesting side, and further divided into two values Y1 ′ and Y2 The obtained numerical value Y1 'is stored as authentication identification data, and the other numerical value Y2' is stored as authentication response encryption data. The authentication encrypted data Y1 'received from the authentication request side and the authentication identification data Y1 'is compared, and if both values match, it is determined that the authentication is OK. On the subsequent authentication side, the authentication response encryption data Y2 ′ is transmitted to the authentication requesting side, and on the authentication requesting side, the authentication response encryption data Y2 ′ received from the authentication side and the authentication response identification data stored in advance by the authentication requesting side An authentication and authentication response system characterized by comparing Y2 'and determining that the authentication response is OK when both values match.
認証請求側では、初期状態の2組の乱数データR01、R02のそれぞれについて、予め定めた少なくとも一つの非公開で16進法の2桁以上で2進法の最上位桁に1を割り当てた固有値N0をパラメータとして、所定の暗号化アルゴリズムを実行して2つの暗号化データy01とy02を求め、求められた2つの暗号化データy01とy02の排他的論理和を取って排他的論理和値Y0を求め、求められた排他的論理和値Y0の桁数を予め定めた方法で減らした数値Y0’を2進値に変換し更に2分割した数値Y10’、Y20’を求め、求められた一方の数値Y10’を認証暗号データとし、他方の数値Y20’を認証応答識別データとして保存し前記2組の
乱数データR01、R02と認証暗号データY10’を認証側に送信し、
前記引き続く認証請求側では、前記2つの暗号化データy01とy02のいずれかを予め定めた方法で選択して2進値に変換し、最上位桁が常に1となるようにして割り当てた値を固有値N1として、新たな2組の乱数データR11、R12のそれぞれについて、前記固有値N1をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy11とy12の排他的論理和を取って得られた排他的論理和値Y1を求め、求められた排他的論理和値Y1の桁数を予め定めた方法で減らした数値Y1’を2進値に変換し更に2分割した数値Y11’、Y21’を求め、求められた一方の数値Y11’を認証暗号データとし、他方の数値Y21’を認証応答識別データとして保存し、前記2組の乱数データR11、R12と認証暗号データY11’を認証側に送信し、
認証側では、受信した前記2組の乱数データR01、R02と予め認証請求側から非公開で登録された認証請求側と同じ値の固有値N0をパラメータとして前記
所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy01とy02の排他的論理和を取って得られた排他的論理和値Y0を求め、求められた排他的
論理和値Y0の桁数を予め定めた認証請求側と同一の方法で減らした数値Y0’を前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y10’、Y20’を求め、求められた一方の数値Y10’を認証識別データとし、他方の数値Y20’を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データY10’と前記認証識別データY10’を比較し、両値が一致しているときに認証OKと判断し、前記引き続く認証側では前記認証応答暗号データY20’を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY20’と前記認証請求側が予め保存している認証応答識別データY20’を比較し、両値が一致している時に認証応答OKと判断し、
前記引き続く認証側では、前記2つの暗号化データy01とy02のいずれかを予め定めた認証請求側と同一の方法で選択して2進値に変換し、最上位桁が常に1となるようにして割り当てた値を固有値N1とし、受信した前記新たな2組の乱数データR11、R12のそれぞれについて、前記固有値N1をパラメータとして、前記所定の暗号化アルゴリズムを実行して得られた2つの暗号化データy11とy12の排他的論理和を取って得られた排他的論理和値Y1を求め、求められた排他的論理和値Y1の桁数を予め定めた認証請求側と同一の方法で減らした数値Y1’を前記認証請求側と同じ方法で2進値に変換し更に2分割した数値Y11’、Y2’を求め、求められた一方の数値Y11’を認証識別データとし、他方の数値Y21’を認証応答暗号データとしてそれぞれ保存し、前記認証請求側から受信した認証暗号データ数値Y11’と前記認証識別データY11’を比較し、両値が一致しているときに認証OKと判断し、前記引き続く認証側では前記認証応答暗号データY21’を認証請求側に送信し、認証請求側では前記認証側から受信した認証応答暗号データY21’と前記認証請求側が予め保存している認証応答識別データY21’を比較し、両値が一致している時に認証応答OKと判断する処理をカスケードに実行することを特徴とする認証と認証応答システム。
On the authentication request side, for each of the two sets of initial random number data R 01 and R 02 , 1 is assigned to the most significant digit of the binary system with at least one non-disclosure of 2 or more digits in hexadecimal notation. Using the eigenvalue N 0 as a parameter, a predetermined encryption algorithm is executed to obtain two encrypted data y 01 and y 02, and an exclusive OR of the obtained two encrypted data y 01 and y 02 is obtained. Then, the exclusive OR value Y 0 is obtained, and the numerical value Y 0 'obtained by reducing the number of digits of the obtained exclusive OR value Y 0 by a predetermined method is converted into a binary value and further divided into two values Y 1 0 ', Y2 0 ' is obtained, one of the obtained numerical values Y1 0 'is used as authentication encryption data, and the other numerical value Y2 0 ' is stored as authentication response identification data, and the two sets of random number data R 01 and R 02 are authenticated. Send encrypted data Y1 0 'to the authenticator,
In the subsequent authentication request side, either of the two encrypted data y 01 and y 02 is selected by a predetermined method, converted into a binary value, and assigned so that the most significant digit is always 1. values as eigenvalues N 1, for each of the new two sets of random number data R 11, R 12, the eigenvalues N 1 as a parameter, two encrypted data y obtained by executing the predetermined encryption algorithm obtains an exclusive OR value Y 1 obtained by taking the exclusive OR of 11 and y 12, numerical reduced in the obtained exclusive OR value Y 1 of the digits a predetermined method Y 1 ' Is converted into a binary value and further divided into two numbers Y1 1 ′ and Y2 1 ′. One of the obtained numbers Y1 1 ′ is used as authentication encryption data, and the other number Y2 1 ′ is stored as authentication response identification data Then, the two sets of random number data R 11 and R 12 and the authentication encryption data Y1 1 ′ are transmitted to the authentication side,
On the authentication side, the predetermined encryption algorithm is executed using the received two sets of random number data R 01 and R 02 and the eigenvalue N 0 having the same value as that of the authentication requester registered in advance from the authentication requester as parameters. seeking two exclusive OR value Y 0 to the exclusive OR obtained by taking the enciphered data y 01 and y 02 obtained by, the number of digits of the exclusive-OR value Y 0 obtained The numerical value Y 0 ′ reduced by the same method as the authentication requesting side is converted into a binary value by the same method as the authentication requesting side, and further divided into two values Y1 0 ′ and Y2 0 ′. One numerical value Y1 0 ′ is stored as authentication identification data, and the other numerical value Y2 0 ′ is stored as authentication response encrypted data. The authentication encrypted data Y1 0 ′ received from the authentication requesting side and the authentication identification data Y1 0 ′ are stored. When the two values match, it is determined that the authentication is OK. The authentication response encryption data Y2 0 ′ is transmitted to the authentication requesting side, and the authentication requesting side receives the authentication response encryption data Y2 0 ′ received from the authentication side and the authentication response identification data Y2 0 ′ previously stored by the authentication requesting side. Compare and judge that the authentication response is OK when both values match,
On the subsequent authentication side, one of the two encrypted data y 01 and y 02 is selected in the same way as the predetermined authentication request side and converted into a binary value, and the most significant digit is always 1. The assigned value is set as the eigenvalue N 1, and the predetermined encryption algorithm is obtained by using the eigenvalue N 1 as a parameter for each of the received two new sets of random number data R 11 and R 12. obtains an exclusive OR value Y 1 obtained by taking the two exclusive OR of the encrypted data y 11 and y 12 that is, the predetermined number of digits of the exclusive OR value Y 1 obtained The numerical value Y 1 'reduced by the same method as the certification requesting side is converted into a binary value by the same method as the certification requesting side, and further divided into two numerical values Y1 1 ', Y2 1 ', and one of the obtained numerical values Y1 1 'to the authentication identification data, the other numbers Y2 1' respectively store as the authentication response encrypted data The comparison authentication requesting side received from 'and the authentication identification data Y1 1' authentication encryption data numerical Y1 1 a, it is determined that the authentication OK when both values match, the subsequent said authentication response cryptographic authentication side Data Y2 1 ′ is transmitted to the authentication requesting side, and the authentication requesting side compares the authentication response encrypted data Y2 1 ′ received from the authentication side with the authentication response identification data Y2 1 ′ stored in advance by the authentication requesting side, An authentication and authentication response system characterized in that processing for determining an authentication response OK when both values match is executed in cascade.
JP2004215929A 2004-07-23 2004-07-23 Authentication and authentication response system Pending JP2006041714A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2004215929A JP2006041714A (en) 2004-07-23 2004-07-23 Authentication and authentication response system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2004215929A JP2006041714A (en) 2004-07-23 2004-07-23 Authentication and authentication response system

Publications (1)

Publication Number Publication Date
JP2006041714A true JP2006041714A (en) 2006-02-09

Family

ID=35906261

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2004215929A Pending JP2006041714A (en) 2004-07-23 2004-07-23 Authentication and authentication response system

Country Status (1)

Country Link
JP (1) JP2006041714A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101465337B1 (en) * 2013-05-24 2014-11-25 덕성여자대학교 산학협력단 Method for Authenticating Entity of Thing to Thing Communication Network

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH1168732A (en) * 1997-08-12 1999-03-09 Iryo Joho Syst Kaihatsu Center Device and method for mutual certification for network system
WO2001059728A1 (en) * 2000-02-08 2001-08-16 Infineon Technologies Ag Method and device for mutual authentication of two data processing units
JP2003234734A (en) * 2002-02-07 2003-08-22 Nippon Telegr & Teleph Corp <Ntt> Mutual authentication method, server device, client device, mutual authentication program and storage medium stored with mutual authentication program
JP2005094089A (en) * 2003-09-12 2005-04-07 Mitsubishi Electric Corp Authentication unit, unit to be authenticated, authentication system, authentication method, method to be authenticated, program and computer readable medium recording that program
JP2005235093A (en) * 2004-02-23 2005-09-02 Kyocera Mita Corp License code creating method, electric apparatus, and program
WO2005093594A1 (en) * 2004-03-26 2005-10-06 Sangikyo Corporation Authentication system

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH1168732A (en) * 1997-08-12 1999-03-09 Iryo Joho Syst Kaihatsu Center Device and method for mutual certification for network system
WO2001059728A1 (en) * 2000-02-08 2001-08-16 Infineon Technologies Ag Method and device for mutual authentication of two data processing units
JP2003234734A (en) * 2002-02-07 2003-08-22 Nippon Telegr & Teleph Corp <Ntt> Mutual authentication method, server device, client device, mutual authentication program and storage medium stored with mutual authentication program
JP2005094089A (en) * 2003-09-12 2005-04-07 Mitsubishi Electric Corp Authentication unit, unit to be authenticated, authentication system, authentication method, method to be authenticated, program and computer readable medium recording that program
JP2005235093A (en) * 2004-02-23 2005-09-02 Kyocera Mita Corp License code creating method, electric apparatus, and program
WO2005093594A1 (en) * 2004-03-26 2005-10-06 Sangikyo Corporation Authentication system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101465337B1 (en) * 2013-05-24 2014-11-25 덕성여자대학교 산학협력단 Method for Authenticating Entity of Thing to Thing Communication Network

Similar Documents

Publication Publication Date Title
KR101389100B1 (en) A method and apparatus to provide authentication and privacy with low complexity devices
US20060195402A1 (en) Secure data transmission using undiscoverable or black data
EP1636664B1 (en) Proof of execution using random function
CN113691502B (en) Communication method, device, gateway server, client and storage medium
CN113553574A (en) Internet of things trusted data management method based on block chain technology
JP7259868B2 (en) system and client
US10263782B2 (en) Soft-token authentication system
KR100315387B1 (en) Private Key, Certificate Administration System and Method Thereof
EP1079565A2 (en) Method of securely establishing a secure communication link via an unsecured communication network
US20050141718A1 (en) Method of transmitting and receiving message using encryption/decryption key
CN113225302A (en) Data sharing system and method based on proxy re-encryption
CN106657002A (en) Novel crash-proof base correlation time multi-password identity authentication method
Neuenhofen et al. A secure marketplace for mobile java agents
Chen et al. Privacy-preserving anomaly detection of encrypted smart contract for blockchain-based data trading
Kwon et al. Efficient key exchange and authentication protocols protecting weak secrets
KR102355708B1 (en) Method for processing request based on user authentication using blockchain key and system applying same
JP2003152716A (en) Qualification authentication method employing variable authentication information
JPWO2005093594A1 (en) Authentication system
CN114662073B (en) Verification method and device for LED system, computer equipment and medium
CN111078649A (en) Block chain-based on-cloud file storage method and device and electronic equipment
CN113810178B (en) Key management method, device, system and storage medium
Nishimura et al. Secure authentication key sharing between personal mobile devices based on owner identity
US10979226B1 (en) Soft-token authentication system with token blocking after entering the wrong PIN
JP2006041714A (en) Authentication and authentication response system
CN112788046A (en) Method and system for encrypting transmission information

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20070718

RD13 Notification of appointment of power of sub attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7433

Effective date: 20071114

RD02 Notification of acceptance of power of attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7422

Effective date: 20080616

RD14 Notification of resignation of power of sub attorney

Free format text: JAPANESE INTERMEDIATE CODE: A7434

Effective date: 20080616

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20100726

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20100824

A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20110104