JP2007018140A - Communication apparatus, and password changing method and program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a communication apparatus such as a terminal or server for suppressing, to the minimum, the possibility of authentication failure especially due to the processing load of password generation or collation at a server side and the deviation of time between the terminal side and the server side. <P>SOLUTION: The terminal 10 includes a connection time measuring part 111 for measuring its connection time with a server 20, a password generation part 112 for generating a password by using the measured connection time as the parameter of a password to be used in the case of its next connection with the server 20 and a password storage part 113 for storing the generated password. A server 20 includes a connection time measuring part 121 for measuring its connection time with the terminal 10, a password candidate generation part 122 for generating a password candidate by using the measured connection time as the parameter of a password candidate to be used in the case of its next connection with the terminal 10 and a password candidate storage part 123 for storing the generated password candidate. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a method for changing a password, a password authentication system for realizing password change, and a program for executing a password change method in a network system in which a server grants access permission to a terminal by password authentication.

  Conventionally, there is a one-time password system that automatically changes the password each time the user logs in to the terminal in order to prevent the leakage of the password in the network system in which the server permits access to the terminal by password authentication. (For example, refer to Patent Document 1). As an example, Patent Document 1 employs an access synchronization method that calculates a password based on a login start time.

In this method, the case where there is a difference in the current time recognized on the terminal side and the server side is considered. If there is a difference in the current time, even if the password generated on the server side is compared with the password received from the terminal, there is a possibility that the terminal does not match and cannot log in. Therefore, as shown in FIG. 14, the server 20 side calculates a plurality of correct password candidates based on the time when the login start time is shifted back and forth by unit time (for example, see Table 40). Each candidate (each password in the table 40) is compared with the password “P” (password in the table 30) received from the terminal, and if there is a match, the terminal 10 is allowed to access the network. .
JP 11-316740 A

  However, if it is attempted to absorb the difference in current time recognized on the terminal 10 side and the server 20 side by the above method, the server 20 increases the processing load by collating the password received from the terminal 10 with a plurality of password candidates. The log-in completion will be delayed accordingly. In addition, if the current time difference is large, as shown in FIG. 15, in the worst case, the password generated in the terminal 10 may not be included in the password candidates generated in the server, resulting in an authentication failure. (The broken line portion of the table 41).

  Also, if the login start time is used to generate a password, as shown in FIG. 16, the processing load for generating the password is generated during the login request on both the terminal 10 side and the server 20 side. Will be delayed (processing 51, 52, 61, 62).

  The present invention has been made to solve the above-mentioned problems, and in particular, minimizes the possibility of authentication failure due to password generation or verification processing load on the server side and time lag between the terminal side and the server side. An object is to provide a communication device such as a terminal or a server to be suppressed.

  In order to solve the above-described problems, a communication device according to the present invention is (a) a communication device that communicates with another communication device, and (b) a connection start time and a connection end time with the other communication device. From the connection time measuring means for measuring the connection time with the other communication device, (c) using the connection time as a parameter of a password used when next connecting to the other communication device, Password generating means for generating a password and (d) password storage means for storing the password are provided.

  By using the previous connection time for password generation, this eliminates the effect of clock accuracy deviation between communication devices, further reduces login delays due to password generation or verification processing load, and authentication failure. Can also be reduced.

  For example, if a one-time password system that updates network authentication passwords based on time information is configured with a communication device according to the present invention, the processing load on the server side is reduced while maintaining a high authentication success rate, and The required time can be shortened.

  Note that the present invention can be realized not only as a password change function in a communication apparatus, but also as a password change method in a communication apparatus and a password change program for causing a computer system or the like to execute the password change method. Also, it is realized as a password change function in a communication system composed of a plurality of communication devices, a password change method in the communication system, and a password change program group for executing the password change method in cooperation with a plurality of computer systems. Can do.

  According to the communication device (terminal and server) according to the present invention, the password changing method for controlling the communication device, and the password changing program for causing the computer system or the like to execute the password changing method, the previous connection time is used for password generation. In addition, since the server side corrects the difference in the clock accuracy of each terminal and server based on the previous password verification result, login by the processing load of password generation / verification by narrowing down the number of password candidates generated on the server side And the possibility of authentication failure can be reduced.

  In addition, since the password is calculated after the previous logout, the login delay due to the password calculation processing load can be eliminated.

  Also, the connection time can be correctly measured even if the current time setting is changed during connection.

  That is, according to the communication device (terminal and server), password changing method, and password changing program according to the present invention, the terminal and server calculate the password based on the previous connection time measured by each of the terminal and the server. By narrowing down the number of password candidates to be generated on the server side by correcting the clock accuracy deviation of each terminal and server based on the previous password verification result while absorbing the current time difference recognized by each And a means for calculating a password in advance before logging in can reduce the processing load on the server side and shorten the time required for login while maintaining a high authentication success rate. .

(First embodiment)
Hereinafter, a password changing method according to a first embodiment for carrying out the present invention will be described in detail with reference to the drawings.

  The password change method according to the first embodiment is a password change system composed of communication devices such as terminals, servers, etc., and is connected with other communication devices from the connection start time and connection end time with other communication devices. The connection time is measured, and the password is generated using the measured connection time as the password parameter to be used when connecting to another communication device next time, and the generated password is stored. .

  Here, a communication device that communicates with another communication device is a server if the other communication device is a terminal, and a terminal if it is a server.

  Based on the above points, the password changing method according to the first embodiment will be described. First, the configuration of the password change system according to the first embodiment will be described.

  FIG. 1 is a diagram showing a configuration of a password change system according to the first embodiment.

  As shown in FIG. 1, the password change system according to the first embodiment generates a password 110 that is transmitted at the time of login, and a password candidate that is transmitted by the terminal at the time of login. A server 120 that collates with a password received from 110 or the like.

  Here, the terminal 110 stores a connection time measuring unit 111 that measures an elapsed time from login to logout, a password generation unit 112 that generates a password based on the connection time, and the generated password until the login is completed. A password storage unit 113 that reads out the stored password and transmits the stored password to the server, a login detection unit 115 that detects the start of login and starts measuring the connection time, and generates and transmits the password, and logout A logout detection unit 116 that detects completion and stops measuring the connection time.

  On the other hand, the server 120 includes a connection time measuring unit 121 that measures an elapsed time from login to logout, a password candidate generation unit 122 that generates a password candidate based on the connection time, and the generated password candidate when the login is completed. The password candidate storage unit 123 that holds the password, the password reception unit 124 that receives the password from the terminal, the password verification unit 125 that checks the received password against the password candidate generated by the server 120, and detects and starts the login A login detection unit 126 that starts measuring time and generates a password candidate, a logout detection unit 127 that detects completion of logout and stops measuring connection time, and the like.

  An authentication method using the password changing method having the above configuration will be described as follows.

  A password generation procedure in the terminal 110 and a password candidate generation procedure in the server 20 will be described below.

  As shown in FIG. 2, when the login request is started in the terminal 110 (S101: Yes), the login detection unit 115 instructs the connection time measurement unit 111 to start measuring the connection time (S102), and the password generation unit. Instruct 112 to generate a password (S105). When the logout is completed and the connection is disconnected (S108: Yes), the logout detection unit 116 instructs the connection time measurement unit 111 to stop measuring the connection time (S109), and the connection time measurement unit 121 Measurement is stopped (S110). When the login detection unit 115 is instructed to start connection time measurement, the connection time measurement unit 111 starts measurement of the current connection time (S103), and notifies the password generation unit 112 of the previously measured connection time. In step S104, the password generation unit 112 generates a password based on the input previous connection time (S106), and stores the password in the password storage unit 113 (S107).

  On the other hand, in the server 120, as in the authentication process shown in FIG. 2, when the login request is started (S101: Yes), the login detection unit 126 causes the connection time measurement unit 121 to start measuring the connection time. The password is generated (S102), and the password candidate generation unit 122 is instructed to generate a password (S105). When the logout is completed and the connection is disconnected (S108: Yes), the logout detection unit 127 instructs the connection time measurement unit 121 to stop measuring the connection time (S109), and the connection time measurement unit 121 Measurement is stopped (S110). When the login detection unit 126 is instructed to start connection time measurement, the connection time measurement unit 121 starts measurement of the current connection time (S103) and the password candidate generation unit 122 is previously measured for connection time. (S104), the password candidate generation unit 122 generates a password based on the input previous connection time (S106), and stores it in the password candidate storage unit 123 (S107).

  As shown in the above procedure, since the time difference between the current time between the terminal 110 and the server 120 is absorbed by using the previous connection time for password generation, a high authentication success rate is maintained as described later. However, by narrowing down the number of password candidates generated, it is possible to reduce the processing load due to password candidate generation / password verification on the server 120 side (that is, shorten the time required for login).

  A procedure for password transmission / reception and verification in the terminal 110 and the server 120 will be described below.

  As shown in FIG. 3A, when the terminal 110 logs in to the network (S121: Yes), the login detection unit 115 instructs the password transmission unit 114 to transmit a password to the server 120 (S122). At this time, the password transmission unit 114 reads the password generated from the password storage unit 113 and transmits it to the server 120 via the communication path (S123).

  In contrast, as shown in FIG. 3B, on the server 120 side, when the password receiving unit 124 receives a password from the terminal via the communication path (S125), it notifies the password collating unit 125 of it. (S126). At this time, the password verification unit 125 sequentially verifies the password candidates generated from the password candidate storage unit 123 with the notified password (S127).

  Thereafter, the password verification unit 125 notifies the password candidate generation unit 122 of the type of success or failure in authentication as a result of password verification. The password candidate generation unit 122 stores the number of password candidates generated and the maximum and minimum values. When the password verification unit 125 notifies the type of authentication success / failure, the password candidate generation unit 122 changes the number of password candidates generated. When the authentication success is notified, if the number of password candidates generated is larger than the minimum value, it is decreased by 1, and if it reaches the minimum value, the current value is maintained. When the authentication failure is notified, if the number of password candidates generated is smaller than the maximum value, it is incremented by 1, and if it reaches the maximum value, the current value is maintained.

  As the number of password candidates generated decreases, the possibility of authentication failure increases. However, by using the previous connection time for password generation, the current time difference between the terminal 110 and the server 120 is absorbed. Therefore, if the minimum number of password candidates generated is set to an appropriate value, the password candidate generation and password verification on the server 120 side can be reduced by narrowing down the number of password candidates generated while maintaining a high authentication success rate. It is possible to reduce the processing load due to, that is, to shorten the time required for login.

(Second Embodiment)
Hereinafter, a password changing method according to a second embodiment for carrying out the present invention will be described in detail with reference to the drawings.

  The password changing method according to the second embodiment is characterized in that, when connecting to the password changing system in the first embodiment for the first time with another communication device, the password is generated with a connection time of zero. And

  Based on the above points, a password changing method according to the second embodiment will be described. First, the configuration of the password change system according to the second embodiment will be described.

  As illustrated in FIG. 4, the configuration of the password change system according to the second embodiment is different from that of the first embodiment in that a password generation unit 212 is used instead of the password generation unit 112 and the password candidate generation unit 122. , And a password candidate generating unit 222 is different. Then, when the terminal 210 connects to the connection destination server 220 for the first time, the following procedure is added to the password generation unit 212 and the password candidate generation unit 222.

  On the terminal 210 side, when authenticating with the server 220 to be connected for the first time, when the password generation unit 212 instructs the password generation unit 212 to generate a password, the password generation unit 212 regards the connection time as 0 and generates a password. To do. On the server 220 side, when login is requested from the terminal 210 that is connected for the first time, if the login detection unit 126 instructs the password candidate generation unit 222 to generate a password, the password candidate generation unit 222 sets the connection time to 0. Consider and generate one password candidate.

  According to the above procedure, when the terminal 210 is connected to the connection destination server 220 for the first time, that is, when the previous connection time has not been measured, password generation and authentication are performed with the same configuration as in the first embodiment. It can be performed.

(Third embodiment)
Hereinafter, a password changing method according to a third embodiment for carrying out the present invention will be described in detail with reference to the drawings.

  The password change method according to the third embodiment stores the connection time before the change and the connection time after the change when the connection time is changed while being connected to another communication device. Features.

  Based on the above points, a password changing method according to the third embodiment will be described. First, the configuration of the password change system according to the third embodiment will be described.

  As shown in FIG. 5, the configuration of the password change system according to the third embodiment is a connection time measurement instead of the connection time measurement unit 111 and the connection time measurement unit 121 as compared with the first embodiment. The point provided with the part 311 and the connection time measurement part 321 differs. When the connection time is obtained, the following procedure is added to the connection time measurement unit 311 and the connection time measurement unit 321.

  The connection time measurement unit 311 obtains the connection time from the difference between the time when the login detection unit 115 is instructed to start connection time measurement and the time when the logout detection unit 316 is instructed to stop connection time measurement. Similarly, the connection time measuring unit 321 obtains the connection time by the difference between the time when the login detection unit 326 is instructed to start the connection time measurement and the time when the logout detection unit 327 is instructed to stop the connection time measurement.

  However, when the current time setting is changed at the terminal 310 or the server 320 during the connection, the output connection time is incorrect. As a result, the terminal 310 generates an incorrect password or the server 320 generates an incorrect password candidate. Will be generated.

  In order to avoid the above phenomenon, when the current time setting is changed on the terminal 310, the connection time measuring unit 311 sequentially stores the difference between the setting time before the change and the setting time after the change, and detects logout. When the connection time measurement is instructed from the unit 116, the connection time is corrected by the sum of the set time differences stored so far and output to the password generation unit 112. Similarly, when the current time setting is changed in the server 320, the connection time measurement unit 321 sequentially stores the difference between the setting time before the change and the setting time after the change, and stops the connection time measurement from the logout detection unit 327. , The connection time is corrected with the sum of the differences in the set times stored so far, and is output to the password candidate generation unit 322.

  According to the above procedure, the connection time can be correctly measured even if the current time setting is changed at the terminal 310 or the server 320 during connection. That is, it is possible to avoid the possibility that the terminal generates an incorrect password or the server generates an incorrect password candidate due to the setting change of the current time.

(Fourth embodiment)
Hereinafter, a password changing method according to a fourth embodiment for carrying out the present invention will be described in detail with reference to the drawings.

  The password changing method according to the fourth embodiment is characterized in that a password is generated after connection with another communication device is completed.

  Based on the above points, a password changing method according to the fourth embodiment will be described. First, the configuration of the password change system according to the fourth embodiment will be described.

  FIG. 6 is a diagram showing a configuration of a password change system according to the fourth embodiment.

  As shown in FIG. 6, the password change system according to the fourth embodiment is configured based on the first embodiment, and includes a password generation unit 112, a login detection unit 115, a logout detection unit 116, a password. Instead of the candidate generation unit 122, the login detection unit 126, and the login detection unit 127, a password generation unit 412, a login detection unit 415, a logout detection unit 416, a password candidate generation unit 422, a login detection unit 426, and a login detection unit 427 are provided. The point is different. Then, the connection time measurement unit 111 outputs the measured connection time to the password generation unit 412, and the password generation unit 412 generates a password based on the input connection time. This is performed when the connection is disconnected and an instruction is issued from the logout detection unit 416. Similarly, the connection time measuring unit 121 outputs the measured connection time to the password candidate generating unit 422, and the password candidate generating unit 422 generates a password based on the input connection time. Is completed when the connection is disconnected and the logout detection unit 427 instructs.

  Through the above procedure, as shown in FIG. 7, at the terminal 410, when the logout is completed, the logout detection unit 416 issues a password generation instruction to the password generation unit 412 to generate a password (processing 451). At the start of login, the login detection unit 415 issues a password transmission instruction to the password transmission unit 114 without issuing a password generation instruction to the password generation unit 412, and transmits the password generated when the logout is completed ( Process 452).

  On the other hand, when the logout is completed, the server 420 issues a password candidate generation instruction from the logout detection unit 427 to the password candidate generation unit 422 to generate a password candidate (processing 461). When the password transmitted from the terminal 410 at the start of login is received, the login detection unit 426 does not issue a password candidate generation instruction to the password candidate generation unit 422 and collates with the password candidate generated at the time of logout completion (processing 462). . As a result, the load of password generation processing during the login request is reduced, and the time required for login can be shortened accordingly.

(Fifth embodiment)
Hereinafter, a password changing method according to a fifth embodiment for carrying out the present invention will be described in detail with reference to the drawings.

  In the password changing method according to the fifth embodiment, the difference between the previous connection time and the previous connection time is multiplied by the difference between the previous connection time and the time used to generate the password used at the previous connection. The previous connection time is corrected with the corrected value, and a password is generated based on the corrected previous connection time.

  Based on the above points, a password changing method according to the fifth embodiment will be described. First, the configuration of the password change system according to the fifth embodiment will be described.

  FIG. 8 is a diagram showing a configuration of a password change system according to the fifth embodiment.

  As shown in FIG. 8, the password change system according to the fifth embodiment is connected in place of the connection time measurement unit 121, password candidate generation unit 122, and password verification unit 125 compared to the first embodiment. A time measurement unit 521, a password candidate generation unit 522, and a password verification unit 525 are provided. Furthermore, the difference is that a connection time correction value calculation unit 528 is newly provided.

  The connection time correction value calculation unit 28 calculates a correction value for the deviation of the connection time measurement result due to the clock error of each of the terminal 110 and the server 520 based on the previous password verification result. Specifically, an error due to a difference in clock accuracy between the terminal 110 and the server 520, that is, the connection time measured by the connection time measurement unit 111 and the connection time measurement unit 521, when the password candidate generation is performed with respect to the password candidate generation unit 522. Outputs a value that corrects the time error. A procedure for calculating the correction value will be described below.

  The password verification unit 525 determines the measurement error of the connection time between the terminal 110 and the server 520 when the authentication is completed, and notifies the connection time correction value calculation unit 528 of the value. Here, as shown in FIG. 9, the measurement error value “X” matches with the previous connection time “TX” measured on the server 520 side and the password “P” received from the terminal 110. The difference from the connection time “T” that is the origin of the password candidate “P”.

  When the measurement error is notified, the connection time correction value calculation unit 528 notifies the ratio of the connection times for the past two times acquired from the connection time measurement unit 521 as shown in FIG. -X "(connection time 551) and previous connection time" T '? Z "(measurement part of connection time 553) are multiplied by a measurement error" X "to obtain a correction value" for the previous connection time used for password generation " V ″ is obtained and notified to the password candidate generation unit 522. The password candidate generation unit 22 uses the previous connection time “T ′? Z” (measurement time of time 553) notified from the connection time measurement unit 521 as the correction value “V” notified from the connection time correction value calculation unit 528. Replace with the value added to generate a password candidate.

  If the terminal 110 and the server 520 are changing passwords for the first time, since the previous connection time measurement error is not determined, the correction value = 0 is assumed here, and the process for obtaining the correction value is performed for the next and subsequent passwords. Do this at the time of change.

  By correcting the measurement error of the connection time between the terminal and server by the above procedure, while maintaining a high authentication success rate, further narrowing down the number of password candidates generated, processing by password candidate generation and password verification on the server side It is possible to reduce the load (that is, shorten the login time).

(Sixth embodiment)
Hereinafter, software according to a sixth embodiment for carrying out the present invention will be described in detail with reference to the drawings.

  FIG. 11 is a flowchart showing processing of software on the terminal side according to the sixth embodiment. Although not shown in the figure, the terminal 110 includes a memory, a recording medium such as a hard disk, a network adapter, and a CPU that store software in which the processing described in the flowchart of FIG. 11 is implemented.

  FIG. 12 is a flowchart showing the software processing on the server side according to the sixth embodiment. Although not shown in the figure, the server 120 includes a recording medium such as a memory and a hard disk that stores software in which the processing described in the flowchart of FIG. 12 is installed, and a CPU. The password changing method according to the present invention is realized by executing software stored in a recording medium by a CPU provided in each terminal and server.

  The processing on the terminal side will be described with reference to FIG.

  The terminal-side software according to the sixth embodiment generates a password P based on the measured previous connection time T (measurement method will be described later) (S602), and waits for the start of login (S603). Here, F (T) is a function for generating a password based on the measured previous connection time T.

  When first authenticating with the connection destination server, the previous connection time T is regarded as 0 (S601), and a password is generated. According to the above procedure, the password can be generated and authenticated in the sixth embodiment even when the terminal is connected to the connection destination server for the first time, that is, when the previous connection time has not been measured.

  When the login operation from the user is performed, the password is transmitted to the server (S604). If the authentication fails (S606: Yes), the process returns to the login start waiting state (S603).

  If the authentication is successful (S605: Yes), the measurement of the connection time T is started (S607), and the completion of logout is waited (S611). When the logout is completed and the connection is disconnected (S611: Yes), the measurement of the connection time T is stopped (S612), and the process returns to the password generation step (S602).

  Here, when the current time setting is changed on the terminal during connection (S609: present), the difference S between the setting time S2 before the change and the setting time S1 after the change is sequentially calculated, and the integrated value is calculated each time. Store in the variable T ′ (S610). After logout, the connection time T is corrected with the integrated value T ′ of the difference before and after the change of the terminal setting time (S613).

  With the above procedure, the connection time can be correctly measured even if the current time setting is changed at the terminal during connection. That is, it is possible to avoid the possibility that the terminal generates an incorrect password due to a change in the current time setting.

  By generating the password P by the above procedure, as shown in FIG. 7, the load of password generation processing during the login request is reduced, and the time required for login can be shortened accordingly. Also, since the previous connection time T is used for password generation, the current time difference between the terminal and the server is absorbed, so that the number of password candidates generated is maintained while maintaining a high authentication success rate, as will be described later. By narrowing down, it is possible to reduce the processing load due to password candidate generation and password verification on the server side (that is, shorten the time required for login).

  Processing on the server side will be described with reference to FIG.

  As shown in FIG. 12 and FIG. 13, the server-side software according to the sixth embodiment uses the previously measured previous connection time T (specific measurement method will be described later) as a measurement error correction value v (specific A password candidate is generated based on the connection time shifted by unit time centering on the time corrected in the later calculation method (S622, S623), and the reception of the password is awaited (S624). Here, F () is a function for generating a password based on the connection time, P [] is an array for storing each password candidate, n is the number of generated password candidates, and m is the corrected connection time. Indicates the position of the array element that stores the generated password.

  If the connecting terminal is the first to authenticate with the server, the previous connection time T is regarded as 0 (S621), and password candidates are generated. According to the above procedure, the password can be generated and authenticated in the sixth embodiment even when the terminal is connected to the connection destination server for the first time, that is, when the previous connection time has not been measured. In addition, in this step, n is initialized to 1 (that is, a plurality of password candidates are not generated), and v is initialized to 0 (since the previous connection time is not measured).

  When the password is received (S624: Yes) and the verification result (the password verification procedure will be described later) is successful (S626: Yes), the measurement of the connection time T is started (S634) and the logout is completed (S634). S638). When the logout is completed and the connection is disconnected (S638: Yes), the measurement of the connection time is stopped (S639), and the correction value v of the connection time measurement error on the terminal side / server side is obtained (S641 to S644). The process returns to the password candidate generation step (S622, S623).

  Here, when the current time setting is changed on the server during connection (S636: Present), the difference S between the setting time S2 before the change and the setting time S1 after the change is sequentially calculated, and the integrated value is calculated each time. Store in the variable T '(S637). After logout, the connection time T is corrected with the integrated value T ′ of the difference before and after the change of the terminal setting time (S640).

  With the above procedure, the connection time can be correctly measured even if the current time setting is changed on the server during connection. In other words, it is possible to avoid the possibility that the server generates an incorrect password due to a change in the current time setting.

  By generating password candidates in advance from the terminal before the login request by the above procedure, as shown in FIG. 7, the load of password candidate generation processing during the login request is reduced, and the time required for login can be shortened accordingly. Become. In addition, since the previous connection time T is used for password candidate generation, the current time lag between the terminal and the server is absorbed, so the number of password candidate generations is maintained while maintaining a high authentication success rate, as will be described later. By narrowing down n, it is possible to reduce the processing load due to password candidate generation and password verification on the server side (that is, shorten the time required for login).

  The correction value v of the connection time measurement error on the terminal side / server side is obtained as follows. First, the ratio k between the previous connection time T1 and the previous connection time T2 is obtained (S643), and as shown in FIG. 10, the previous connection time measurement error between the terminal side and the server side is determined and multiplied by k to obtain a correction value. It is set as v (S644). As shown in FIG. 9, the value of the measurement error is a difference between the previous connection time measured on the server side and the connection time that is the source of the password candidate that matched in the verification with the password received from the terminal. That is, in step S623, the array element position where the password candidate calculated based on the previous connection time T measured on the server side is stored and the array element position where the password candidate matched by the collation is stored. A difference from a certain cnt is a measurement error (a specific procedure for collation will be described later).

  When the password is changed for the first time with the terminal (S641: first time), only a single initial password is verified in steps S626 to S628, that is, there is no previous connection time measurement error. For the determination, the value of v is not obtained here (it is initialized to 0 in S621), and the process of obtaining v is performed when the password is changed after the next time (S641: after the second time).

  By calculating the correction value v of the connection time measurement error between the terminal and the server by the above procedure and correcting the connection time T measured by the server, the password is maintained while maintaining a high authentication success rate, as will be described later. By narrowing down the number n of candidate generations, it is possible to reduce the processing load due to password candidate generation / password verification on the server side (that is, shorten the time required for login).

  The password verification procedure will be specifically described below. When the password is received (S624: Yes), the received password P is collated in order with the password candidates stored in P [] (S626 to S628). Here, cnt is a counter indicating the position of the array element storing the password candidates to be verified. If a matching password candidate is found as a result of the collation (ST626: Yes), if the password candidate generation number n is larger than the minimum value NMIN (S631: Yes), it is decreased by 1 (S632), and if it is smaller, it is set to NMIN ( S633) Connection time measurement is started (S634). If no matching password candidate is found as a result of the collation (S628: Yes), if the password candidate generation number n is smaller than the maximum value NMAX (S629: Yes), the password candidate is regenerated by incrementing by 1 (S630). (Return to S602 and S603) Wait for the terminal to log in again (S624).

  The number of password candidates generated n decreases as the value decreases, but the possibility of authentication failure increases. However, the time difference between the terminal and the server is absorbed by using the previous connection time T for password generation. In addition, since the measurement error of the connection time due to the clock deviation between the terminal and the server is corrected by v, if the minimum value NMIN of the password candidate generation number n is set to an appropriate value, a high authentication success rate While maintaining the above, it is possible to reduce the processing load due to password candidate generation / password verification on the server side by narrowing down the number n of password candidate generations (that is, shortening the time required for login).

  The password changing method according to the first to fifth embodiments may generate a password for each of a plurality of times obtained by shifting the connection time by unit time and store the generated plurality of passwords. Good.

  Note that a communication device (terminal or server) constituting the password change system according to the first to fifth embodiments includes a CPU (Central Processing Unit), a RAM (Random Access Memory), and a ROM (Read Only Memory). , HDD (Hard Disk Drive), network adapter, etc. Further, an OS (Operating System) and a program that is executed under the operation of the OS are installed in the HDD. And each function as a communication apparatus (terminal or server) which comprises a password change system may be implement | achieved by running a program.

  A program (hereinafter referred to as password change) that is executed in the communication device (terminal or server) constituting the password change system according to the first to fifth embodiments and that realizes one or more functions according to the present invention. An optical recording medium (for example, a CD-ROM) or a magnetic recording medium (for example, a hard disk) so that the program can be read by a hardware system such as a computer system or an embedded system. ), A magneto-optical recording medium (for example, MO, etc.), a semiconductor memory (for example, a memory card, etc.), etc., may be recorded on a computer-readable recording medium. Then, it may be executed in another hardware system via these recording media. Alternatively, the password change program may be held in a hardware system on the network and executed on another hardware system that has downloaded the password change program via the network.

  The password changing method, device, and software according to the present invention have means for correcting the current time of each terminal and server and a deviation in clock accuracy, and by generating a password candidate by narrowing down the number of password candidates generated on the server side. The processing load of verification can be reduced, and the possibility of authentication failure can also be reduced. In addition, since the password is calculated in advance before login, the time required for login due to the processing load of password calculation can be shortened. Therefore, in a one-time password system using time information, it is effective for performing login authentication at high speed and with a high success rate. The password changing method, apparatus, and software according to the present invention can also be applied to applications such as password management in ATMs of financial institutions.

It is a figure which shows the structure of the password change system which concerns on 1st Embodiment for implementing this invention. It is a figure which shows the password production | generation procedure by the side of a terminal, and the password candidate production | generation procedure by the side of a server in the password change system which concerns on 1st Embodiment for implementing this invention. In the password change system which concerns on 1st Embodiment for implementing this invention, it is a figure which shows the procedure of the transmission / reception of the password of the terminal side, (b) The verification process of the password of the server side. It is a figure which shows the structure of the password change system which concerns on 2nd Embodiment for implementing this invention. It is a figure which shows the structure of the password change system which concerns on 3rd Embodiment for implementing this invention. It is a figure which shows the structure of the password change system which concerns on 4th Embodiment for implementing this invention. It is a figure for demonstrating that the processing load during login is reduced and the time required for login is shortened by the password change method which concerns on 4th Embodiment for implementing this invention. It is a figure which shows the structure of the password change system which concerns on 5th Embodiment for implementing this invention. It is a figure for demonstrating the procedure which calculates | requires the connection time measurement error with the terminal side and the server side in the password change method which concerns on 5th Embodiment for implementing this invention. It is a figure for demonstrating the procedure which calculates | requires the correction value of the connection time measurement error with the terminal side and the server side in the password change method which concerns on 5th Embodiment for implementing this invention. It is a flowchart showing the process by the side of the terminal in the software which concerns on 6th Embodiment for implementing this invention. It is a 1st flowchart showing the server side process in the software which concerns on 6th Embodiment for implementing this invention. It is a 2nd flowchart showing the server side process in the software which concerns on 6th Embodiment for implementing this invention. It is a figure for demonstrating the conventional password automatic update method based on the login start time. It is a figure for demonstrating the case where authentication fails by the conventional password automatic update method based on the login start time. It is a figure for demonstrating the login delay by the processing load by the conventional password change method.

Explanation of symbols

10, 110, 210, 310, 410 Terminal 111, 311 Connection time measurement unit 112, 212, 412 Password generation unit 113 Password storage unit 114 Password transmission unit 115, 415 Login detection unit 116, 416 Logout detection unit 20, 120, 220 , 320, 420, 520 Server 121, 321, 521 Connection time measurement unit 122, 222, 422, 522 Password candidate generation unit 123 Password candidate storage unit 124 Password reception unit 125, 525 Password verification unit 126, 426 Login detection unit 127, 427 Logout detection unit 528 Connection time correction value calculation unit

Claims (10)

A communication device that communicates with other communication devices,
From a connection start time and a connection end time with the other communication device, connection time measuring means for measuring a connection time with the other communication device;
Password generation means for generating the password using the connection time as a parameter of a password used when connecting to the other communication device next;
And a password storage means for storing the password. The password generation means includes
The communication device according to claim 1, wherein, when connecting to the other communication device for the first time, the password is generated with the connection time set to zero. The connection time measuring means includes
2. The communication according to claim 1, wherein when the connection time is changed during connection with the other communication device, the connection time before the change and the connection time after the change are stored. apparatus. The password generation means includes
The communication apparatus according to claim 1, wherein the password is generated after the connection with the other communication apparatus is completed. The password generation means includes
A password is generated for each of a plurality of times by shifting the connection time by unit time,
The password storage means is
The communication apparatus according to claim 1, wherein a plurality of passwords are stored. The communication device further includes:
Connection time that corrects the previous connection time by multiplying the difference between the previous connection time and the time used to generate the password used at the previous connection by the ratio of the previous connection time and the previous connection time. A correction value calculating means,
The password generation means includes
The communication apparatus according to claim 5, wherein a password is generated based on the corrected previous connection time. The communication device
The communication apparatus according to claim 1, further comprising: a password transmission unit configured to transmit the password to the other communication apparatus when connecting to the other communication apparatus. The communication device
When connected from the other communication device, password receiving means for receiving the password transmitted from the other communication device;
The communication device according to claim 1, further comprising password verification means for verifying the received password. A password change method for controlling a communication device that communicates with another communication device,
From a connection start time and a connection end time with the other communication device, a connection time measuring step for measuring a connection time with the other communication device;
A password generation step of generating the password by using the connection time as a parameter of a password used in the next connection with the other communication device;
And a password storing step for storing the password. A password change program to be executed by a computer system communicating with a communication device,
A connection time measuring step of measuring a connection time with the communication device from a connection start time and a connection end time with the communication device;
A password generation step of generating the password using the connection time as a parameter of a password used when connecting to the communication device next;
A password change program for causing a computer system to execute a password storage step for storing the password.

Images