JP2007036501A - Information processing apparatus and method, program, and recording medium - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a technology which respects the privacy of a user and surely performs authentication. <P>SOLUTION: When a reader/writer transmits an IDr being the ID of the reader/writer together with a request command in a step S101, a mobile device generates the encryption key of the reader/writer on the basis of the IDr in authentication data 1 generating processing in a step S202, encrypts its own ID and a random number by using the encryption key to produce data D1 being authentication data 1, and transmits the data D1 to the reader/writer in a step S203. Thereafter, the reader/writer generates data D2 being authentication data 2 on the basis of the authentication data D1 in a step S103, and the mobile device authenticates the reader/writer through reader/writer verification processing in a step S205. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to an information processing device and method, a program, and a recording medium, and more particularly, to an information processing device and method, a program, and a recording medium that respect user privacy and enable reliable authentication. .

  In recent years, wireless communication technology has progressed. For example, it is expected to realize data exchange regardless of devices such as personal computers, peripheral devices, home appliances, mobile phones, etc., by a wireless transmission method (so-called Bluetooth) using the 2.4 GHz band. In addition, a technique for performing communication between a transmitter and a receiver using a conductor different from a normal communication medium such as a human body has been proposed (see, for example, Patent Document 1 or Patent Document 2).

  For example, electronic devices that support new types of wireless communication using the human body as a communication medium are expected to be widely used and spread widely in the future for automatic ticket gate control systems and merchandise payment transactions.

  Further, in order to prevent unauthorized transactions in an automatic ticket gate control system and transaction for payment for goods, a device owned by a user and a device installed by a service provider (for example, an automatic ticket gate) Mutual authentication with vending machines, etc.). In such transactions, it is necessary to perform quick and accurate authentication, and the applicant has proposed a mutual authentication mechanism using a common key encryption algorithm (see, for example, Patent Document 3). .

  FIG. 1 is a diagram illustrating an example of mutual authentication using a conventional common key encryption algorithm. As shown in the figure, a reader / writer (R / W) as a device access device generates a 64-bit random number Rb, and transmits Rb and its ID, IDrw, to the device (Device). Upon receiving this, the device (Device) newly generates a 64-bit random number Ra, and acquires the bidirectional individual key authentication common key Kauth_DEV_A by the DES encryption processing of IDrw using the bidirectional individual key authentication master key MKauth_DEV_A. . Further, using the keys Kauth_DEV_A and Kauth_DEV_B, the data is encrypted in the DES-CBC mode as an encryption algorithm in the order of Ra, Rb, and IDrw. Return to

  Upon receiving this, the reader / writer (R / W) first acquires the bidirectional individual key authentication common key Kauth_DEV_B by the DES encryption processing of IDm using the bidirectional individual key authentication master key MKauth_DEV_B. Further, the received data is decrypted with the keys Kauth_DEV_A and Kauth_DEV_B. It is verified whether Rb and IDrw obtained by decryption match those transmitted by the reader / writer (R / W) as the device access device. If the verification is passed, the reader / writer (R / W) authenticates the device (Device) as valid.

  Next, the reader / writer (R / W) generates a 64-bit random number Kses used as a session key, and uses the two-way individual key authentication common keys Kauth_DEV_A and Kauth_DEV_B in the order of Rb, Ra, and Kses. For example, the data is encrypted in the triple DES mode, and returned to the device (Device).

  The device that has received this decrypts the received data with the two-way individual key authentication common keys Kauth_DEV_A and Kauth_DEV_B. It is verified whether Ra and Rb obtained by decryption match those transmitted by the device (Device). If this verification is passed, the device (Device) authenticates the reader / writer (R / W) as a valid one, and uses the session key Kses as a common key for secret communication after authentication.

  In this way, two keys, the individual key of the communication partner generated by executing the process based on the master key of the communication partner and the individual key of the communication partner, are set as a common key, and the common key is set using the two set keys. If mutual authentication by the method is executed, more secure authentication can be performed as compared with a configuration in which a common key is stored in advance in the device or the access device.

Japanese National Patent Publication No. 11-509380 JP 10-229357 A JP 2002-278838 A

  By the way, according to a new type of wireless communication using a human body as a communication medium, there may be a case where communication is performed regardless of the user's intention. For example, when a user walks on a signal electrode for human body communication, communication may occur between the device owned by the user and the signal electrode without the user's knowledge. It becomes possible to know the destination etc. illegally. Therefore, it is desirable not to provide information (for example, ID) that can identify the device owned by the user until the authenticity of the communication partner is authenticated.

  However, in the technique of Patent Document 3, since the ID of the device or reader / writer is transmitted without being concealed, such as being encrypted, there is a possibility that the user's behavior (destination, etc.) may be illegally known. .

  On the other hand, in the technique of Patent Document 1, since a closed circuit coupled to a transmitter, a human body, a receiver, and an earth ground is configured and a signal is transmitted, the transmitter and the receiver that are far from the human body The connection between the electrode and the earth ground is very sparse and it is practically difficult to form a closed circuit. Further, in the technology of Patent Document 2, a transmitter, a human body, a receiver, and a closed circuit coupled to the atmosphere are configured to transmit a signal. The receiver must be located very close.

  The present invention has been made in view of such a situation, and respects the privacy of the user and makes it possible to perform reliable authentication.

  A first aspect of the present invention is an information processing apparatus that is carried by a user, communicates with an information management apparatus, and performs mutual authentication with the information management apparatus, and is transmitted from the information management apparatus An encryption key generating means for generating an encryption key unique to the information management device based on an ID of the information management device and an authentication key of the information management device; a random number; Authentication data transmission means for transmitting the first authentication data generated by encrypting with the encryption key generated by the means to the information management apparatus, and the information management apparatus includes the first authentication data. Authentication data decrypting means for decrypting the second authentication data generated and transmitted based on the data using its own encryption key, and based on the decryption result of the authentication data decrypting means, Information management device is valid An information processing apparatus including an authentication means for authenticating the information management apparatus by determining whether or not Luke.

  When the information management apparatus is authenticated by the authentication means, a third data generated by encrypting data obtained as a result of the decryption by the authentication data decryption means and a random number with an encryption key unique to itself. The data for authentication may be further provided with a data transmission means for transmitting to the information management apparatus.

  The third authentication data may be received by the information management device and used for own authentication by the information management device.

  The authentication key of the information management device can be assigned to a plurality of information management devices as a common authentication key and stored in advance.

  The communication with the information management apparatus is connected to itself and has a reference electrode for obtaining a reference point for determining an output value of the signal, and electrostatic coupling to the communication medium is stronger than the reference electrode. The signal can be transmitted based on the potential difference generated between the signal electrode and the signal electrode for transmitting or receiving the signal transmitted via the communication medium.

  The communication medium may be a human body.

  A first aspect of the present invention is an information processing method of an information processing apparatus that is carried by a user, communicates with an information management apparatus, and performs mutual authentication with the information management apparatus, the information management apparatus An encryption key unique to the information management device is generated based on the ID of the information management device transmitted from the authentication key of the information management device, and a random number and its own ID are generated. The first authentication data generated by encrypting the first authentication data is transmitted to the information management apparatus, and the information management apparatus generates and transmits the second authentication data based on the first authentication data. Including authenticating the information management device by decrypting the authentication data using an encryption key unique to the device and determining whether the information management device is valid based on a result of the decryption Information processing method.

  A first aspect of the present invention is a program that is carried by a user, communicates with an information management device, and causes an information processing device that performs mutual authentication with the information management device to execute information processing. Controls the generation of an encryption key unique to the information management device based on the ID of the information management device transmitted from the information management device and the authentication key of the information management device. Control transmission of the first authentication data generated by encrypting with the generated encryption key to the information management device, and the information management device generates the first authentication data based on the first authentication data. By controlling the decryption of the second authentication data transmitted by using the encryption key unique to itself, and determining whether or not the information management device is valid based on the result of the decryption Control authentication of the information management device This is a computer-readable program including the following steps.

  In the first aspect of the present invention, an encryption key unique to the information management device is generated based on the ID of the information management device transmitted from the information management device and the authentication key of the information management device. First authentication data generated by encrypting a random number and its own ID with the encryption key is transmitted to the information management device, and the information management device transmits the first authentication data. The second authentication data generated and transmitted based on this is decrypted using its own encryption key, and based on the decryption result, it is determined whether or not the information management device is valid The

  A second aspect of the present invention is an information processing apparatus that performs communication with a terminal carried by a user and performs mutual authentication with the terminal, the terminal encrypted with respect to the terminal Request means for requesting transmission of the first authentication data including the ID of the first authentication data, and the first authentication data transmitted from the terminal in response to the request by the request means Authentication data decrypting means for decrypting using the terminal, and generating the encryption key unique to the terminal by encrypting the terminal ID decrypted by the authentication data decrypting means with the authentication key of the terminal A second authentication key generated by encrypting data and a random number obtained as a result of decryption by the encryption key generating unit and the authentication data decrypting unit with the encryption key generated by the encryption key generating unit; Send data to the terminal Using the encryption key generated by the encryption key generating means, and the authentication data transmitting means for generating the third authentication data generated and transmitted by the terminal based on the second authentication data. An information processing apparatus comprising: a data decrypting unit for decrypting; and an authenticating unit for authenticating the terminal by determining whether or not the terminal is valid based on a decryption result of the data decrypting unit.

  The second authentication data may be received by the terminal and used for own authentication by the terminal.

  The third authentication data may be transmitted from the terminal and received by the data decoding means when the terminal is authenticated by the terminal.

  The authentication key for the terminal can be assigned to a plurality of information management apparatuses as a common authentication key and stored in advance.

  Communication with the terminal is connected to itself, and a reference electrode for obtaining a reference point for determining an output value of the signal, and electrostatic coupling to the communication medium is stronger than the reference electrode It is provided and can be performed based on a potential difference generated between a signal electrode for transmitting or receiving a signal to be transmitted via a communication medium.

  The communication medium may be a human body.

  According to a second aspect of the present invention, there is provided an information processing method for an information processing apparatus that performs communication with a terminal carried by a user and performs mutual authentication with the terminal. Requesting transmission of first authentication data including the received ID of the terminal, and using the encryption key unique to the first authentication data transmitted from the terminal in response to the request The decrypted ID of the terminal is encrypted with the authentication key of the terminal to generate an encryption key unique to the terminal, and the data and random number obtained as a result of the decryption are generated. Second authentication data generated by encrypting with the encrypted encryption key is transmitted to the terminal, and the terminal generates and transmits the second authentication data based on the second authentication data. The authentication data is decrypted using the generated encryption key, and the decryption is performed. The information processing method includes a step of authenticating the terminal by determining whether or not the terminal is valid based on the result.

  According to a second aspect of the present invention, there is provided a program for executing information processing of an information processing apparatus that performs communication with a terminal carried by a user and performs mutual authentication with the terminal. Controlling the request for transmission of the first authentication data including the encrypted ID of the terminal, and unique to the first authentication data transmitted from the terminal in response to the request Control the decryption using the encryption key of the terminal, control the generation of the encryption key unique to the terminal by encrypting the decrypted ID of the terminal with the authentication key of the terminal, and the result of the decryption The second authentication data generated by encrypting the obtained data and the random number with the generated encryption key is controlled to be transmitted to the terminal, and the terminal uses the second authentication data. Third authentication data generated and transmitted based on the data Including: controlling the decryption of the terminal using the generated encryption key, and controlling authentication of the terminal by determining whether the terminal is valid based on the result of the decryption Is a readable program.

  In the second aspect of the present invention, the terminal is requested to transmit the first authentication data including the encrypted ID of the terminal, and transmitted from the terminal in response to the request. The first authentication data is decrypted using an encryption key unique to itself, and the decrypted ID of the terminal is encrypted with the authentication key of the terminal, whereby the encryption key unique to the terminal is encrypted. Is generated, and the second authentication data generated by encrypting the data and the random number obtained as a result of the decryption with the encryption key generated by the processing of the encryption key generation step is transmitted to the terminal. The third authentication data generated and transmitted by the terminal based on the second authentication data is decrypted using the encryption key generated by the processing of the encryption key generation step, and decrypted. Based on the result of It is determined whether or not it is correct.

  According to the first aspect of the present invention, it is possible to encrypt and conceal one's own ID so that the communication partner can authenticate himself / herself. Therefore, the user's privacy can be respected and reliable authentication can be performed.

  According to the second aspect of the present invention, even if the communication partner ID is encrypted and concealed, authentication can be reliably performed. Therefore, the user's privacy can be respected and reliable authentication can be performed.

  Embodiments of the present invention will be described below. Correspondences between the configuration requirements of the present invention and the embodiments described in the detailed description of the present invention are exemplified as follows. This description is to confirm that the embodiments supporting the present invention are described in the detailed description of the invention. Accordingly, although there are embodiments that are described in the detailed description of the invention but are not described here as embodiments corresponding to the constituent elements of the present invention, It does not mean that the embodiment does not correspond to the configuration requirements. Conversely, even if an embodiment is described here as corresponding to a configuration requirement, that means that the embodiment does not correspond to a configuration requirement other than the configuration requirement. It's not something to do.

  The information processing apparatus according to the first aspect of the present invention is carried by a user, communicates with an information management apparatus (for example, reader / writers 1051-1 to 1051-3 in FIG. 10), and communicates with the information management apparatus. An information processing apparatus that performs mutual authentication, based on an ID of the information management apparatus transmitted from the information management apparatus and an authentication key (for example, key Kmr in FIG. 13) of the information management apparatus An encryption key generation unit that generates an encryption key unique to the information management apparatus (for example, the control unit 1155 in FIG. 11 that executes the process of step S301 in FIG. 18), a random number, and its own ID are used as the encryption key generation unit. Authentication data transmitting means (for example, step S302 in FIG. 18 and step 15 in FIG. 15) for transmitting the first authentication data generated by encrypting with the encryption key generated by 11 that executes the process of step S203, and the second authentication data that the information management device generates and transmits based on the first authentication data is an encryption that is unique to itself. Based on the result of decryption by the authentication data decryption means and the authentication data decryption means for decryption using the key (for example, the control unit 1155 in FIG. 11 that executes the processing of step S501 in FIG. 25). Authentication means for authenticating the information management device by determining whether the device is valid (for example, the control unit 1155 in FIG. 11 that executes the processing in step S502 in FIG. 25).

In the information processing apparatus, when the information management apparatus is authenticated by the authentication unit,
Data transmission for transmitting third authentication data generated by encrypting data obtained as a result of decryption by the authentication data decryption means and a random number with a unique encryption key to the information management apparatus Means (for example, the control unit 1155 of FIG. 11 that executes the process of step S601 of FIG. 27) may be further provided.

  This information processing device is connected to the information management device for communication, and a reference electrode for obtaining a reference point for determining the output value of the signal (for example, the reference electrode 1102 in FIG. 11); A signal electrode (for example, the signal electrode 1101 in FIG. 11) is provided so that electrostatic coupling to the communication medium is stronger than the reference electrode, and is used to transmit or receive a signal transmitted through the communication medium. It can be performed based on a potential difference generated therebetween.

  The information processing method according to the first aspect of the present invention is carried by a user, communicates with an information management apparatus (for example, reader / writers 1051-1 to 1051-3 in FIG. 10), and communicates with the information management apparatus. An information processing method for an information processing apparatus that performs mutual authentication, the ID of the information management apparatus transmitted from the information management apparatus, and an authentication key (for example, key Kmr in FIG. 13) of the information management apparatus, Is generated by encrypting the random number and its own ID with the generated encryption key (for example, the process of step S301 in FIG. 18) based on the information management device. 1 authentication data is transmitted to the information management apparatus (for example, the processing of step S302 in FIG. 18 and step S203 in FIG. 15), and the information management apparatus generates the authentication data based on the first authentication data. Send The received second authentication data is decrypted using its own encryption key (for example, the process in step S501 in FIG. 25), and whether the information management apparatus is valid based on the result of the decryption It includes the step of authenticating the information management apparatus by determining whether or not (for example, the process of step S502 of FIG. 25).

  The information processing apparatus according to the second aspect of the present invention is an information processing apparatus that communicates with a terminal carried by a user (for example, the portable device 1002 in FIG. 10) and performs mutual authentication with the terminal. Request means for requesting the terminal to transmit the first authentication data including the encrypted ID of the terminal (for example, the control unit 1255 in FIG. 12 that executes the processing in step S101 in FIG. 15). ) And authentication data decryption means (for example, FIG. 21) for decrypting the first authentication data transmitted from the terminal in response to the request by the request means, using an encryption key unique to the terminal. The control unit 1255 in FIG. 12 that executes the process of step S401) and the ID of the terminal decrypted by the authentication data decrypting means are encrypted with the authentication key of the terminal (for example, the key Kmd in FIG. 14). As a result, an encryption key generation unit that generates an encryption key unique to the terminal (for example, the control unit 1255 in FIG. 12 that executes the process of step S402 in FIG. 21) and the decryption result of the authentication data decryption unit are obtained. Authentication data transmitting means (for example, FIG. 21) for transmitting the second authentication data generated by encrypting the data and the random number with the encryption key generated by the encryption key generating means to the terminal. The control unit 1255 of FIG. 12 that executes the processing of step S403 of FIG. 15 and step S104 of FIG. 15), and third authentication data that the terminal generates and transmits based on the second authentication data. A data decrypting means for decrypting using the encryption key generated by the encryption key generating means (for example, the control unit 1255 in FIG. 12 for executing the processing in step S701 in FIG. 29), Authentication means for authenticating the terminal by determining whether or not the terminal is valid based on the decryption result of the data decryption means (for example, the control of FIG. 12 for executing the processing of step S702 of FIG. 29) Part 1255).

  The information processing apparatus includes a reference electrode (for example, a reference electrode 1022 in FIG. 12) for obtaining a reference point for determining an output value of the signal, which is connected to the terminal and communicating with the terminal. Between the electrode and the signal electrode (for example, the signal electrode 1021 in FIG. 12) that is provided so that electrostatic coupling is stronger than the electrode and is transmitted or received via the communication medium. It can be performed based on the generated potential difference.

  The information processing method according to the second aspect of the present invention is information on an information processing apparatus that communicates with a terminal carried by a user (for example, the portable device 1002 in FIG. 10) and performs mutual authentication with the terminal. A processing method that requests the terminal to transmit first authentication data including the encrypted ID of the terminal (for example, the process of step S101 in FIG. 15), and responds to the request. The first authentication data transmitted from the terminal is decrypted using its own encryption key (for example, the process of step S401 in FIG. 21), and the decrypted ID of the terminal is Data encrypted as a result of the decryption by generating an encryption key unique to the terminal by encrypting with the authentication key of the terminal (for example, the key Kmd in FIG. 14) (for example, the process in step S402 in FIG. 21) And a random number generated The second authentication data generated by encrypting with the encryption key is transmitted to the terminal (for example, the process of step S403 in FIG. 21 and step S104 in FIG. 15), and the terminal The third authentication data generated and transmitted based on the authentication data is decrypted using the generated encryption key (for example, the process of step S701 in FIG. 29), and based on the result of the decryption, It includes the step of authenticating the terminal by determining whether or not the terminal is valid (for example, the process of step S702 in FIG. 29).

  Embodiments of the present invention will be described below with reference to the drawings. First, wireless communication used in the present invention will be described in detail with reference to FIGS.

  FIG. 2 is a diagram illustrating a configuration example according to an embodiment of a communication system to which the present invention is applied.

  In FIG. 2, the communication system 100 includes a transmission device 110, a reception device 120, and a communication medium 130, and the transmission device 110 and the reception device 120 transmit and receive signals via the communication medium 130. That is, in the communication system 100, the signal transmitted from the transmission device 110 is transmitted via the communication medium 130 and received by the reception device 120.

  The transmission device 110 includes a transmission signal electrode 111, a transmission reference electrode 112, and a transmission unit 113. The transmission signal electrode 111 is an electrode for transmitting a signal to be transmitted via the communication medium 130, and is more communication medium than the transmission reference electrode 112 which is an electrode for obtaining a reference point for determining a difference in level of the signal. 130 is provided so that electrostatic coupling is strong. The transmission unit 113 is provided between the transmission signal electrode 111 and the transmission reference electrode 112, and gives an electric signal (potential difference) to be transmitted to the reception device 120 between these electrodes.

  The reception device 120 includes a reception signal electrode 121, a reception reference electrode 122, and a reception unit 123. The reception signal electrode 121 is an electrode for receiving a signal transmitted via the communication medium 130 and is more communicated than the reception reference electrode 122 which is an electrode for obtaining a reference point for determining a difference in level of the signal. It is provided so that electrostatic coupling is strong with respect to the medium 130. The reception unit 123 is provided between the reception signal electrode 121 and the reception reference electrode 122, converts an electric signal (potential difference) generated between these electrodes into a desired electric signal, and is transmitted by the transmission unit 113 of the transmission device 110. Restore the generated electrical signal.

  The communication medium 130 is made of a substance having physical characteristics capable of transmitting an electrical signal, such as a conductor or a dielectric. For example, the communication medium 130 is composed of a conductor represented by metal (for example, copper, iron, aluminum, or the like). Further, for example, the communication medium 130 is composed of an electrolytic solution such as pure water, rubber, glass, or saline, or a dielectric such as a living body that is a complex thereof. The communication medium 130 may have any shape, for example, an arbitrary shape such as a linear shape, a plate shape, a spherical shape, a prismatic shape, or a cylindrical shape.

  In such a communication system 100, first, the relationship between each electrode and the communication medium or the space around the apparatus will be described. In the following, for convenience of explanation, it is assumed that the communication medium 130 is a complete conductor. Further, it is assumed that there is a space between the transmission signal electrode 111 and the communication medium 130 and between the reception signal electrode 121 and the communication medium 130 and there is no electrical coupling. That is, a capacitance is formed between the transmission signal electrode 111 or the reception signal electrode 121 and the communication medium 130.

  The transmission reference electrode 112 is provided so as to face the space around the transmission device 110, and the reception reference electrode 122 is provided so as to face the space around the reception device 120. Generally, when a conductor exists in a space, a capacitance is formed in a space near the surface of the conductor. For example, when the shape of the conductor is a sphere having a radius of r [m], the capacitance C is obtained as in the following formula (1).

  In the formula (1), π represents a circumference ratio. Further, ε represents a dielectric constant of a medium surrounding the conductor, and is obtained as in the following formula (2).

  However, in Formula (2), ε0 indicates a dielectric constant in a vacuum and is 8.854 × 10 −12 [F / m]. Further, εr represents a relative dielectric constant, and represents a ratio to a vacuum dielectric constant ε0.

  As shown in the above formula (1), the larger the radius r, the larger the capacitance C. In addition, although the magnitude | size of the electrostatic capacitance C of a conductor of complicated shape other than a sphere cannot be expressed simply like Formula (1) mentioned above, it changes according to the magnitude | size of the surface area of the conductor. It is clear to do.

  As described above, the transmission reference electrode 112 forms a capacitance with respect to the space around the transmission device 110, and the reception reference electrode 122 forms a capacitance with respect to the space around the reception device 120. That is, when viewed from the virtual infinity point outside the transmission device 110 and the reception device 120, the potentials of the transmission reference electrode 112 and the reception reference electrode 122 are fixed and hardly change.

  Next, the principle of the communication mechanism in the communication system 100 will be described. In the following description, a capacitor may be simply expressed as a capacitance for convenience of explanation or from the context, etc., but these are consents.

  In the following description, it is assumed that the transmission device 110 and the reception device 120 in FIG. 2 are arranged so as to maintain a sufficient distance between the devices, and the influence of each other can be ignored. Further, in the transmission device 110, the transmission signal electrode 111 is electrostatically coupled only to the communication medium 130, and the transmission reference electrode 112 is placed at a sufficient distance from the transmission signal electrode 111, and the mutual influence can be ignored (electrostatic). Shall not be combined). Similarly, in the receiving device 120, the reception signal electrode 121 is electrostatically coupled only with the communication medium 130, and the reception reference electrode 122 is sufficiently spaced from the reception signal electrode 121, and the mutual influence can be ignored (static). Shall not be electrocoupled). Furthermore, in practice, the transmission signal electrode 111, the reception signal electrode 121, and the communication medium 130 also have capacitance to the space as long as they are arranged in the space, but here, for convenience of explanation. , They can be ignored.

  FIG. 3 is a diagram showing the communication system 100 of FIG. 2 as an equivalent circuit. The communication system 200 is an equivalent circuit of the communication system 100 and is substantially equivalent to the communication system 100.

  That is, the communication system 200 includes a transmission device 210, a reception device 220, and a connection line 2230. The transmission device 210 corresponds to the transmission device 110 of the communication system 100 shown in FIG. Corresponds to the receiving device 120 of the communication system 100 shown in FIG. 2, and the connection line 230 corresponds to the communication medium 130 of the communication system 100 shown in FIG.

  In the transmission apparatus 210 of FIG. 3, the signal source 213-1 and the ground point 213-2 correspond to the transmission unit 113 of FIG. The signal source 213-1 generates a sine wave having a specific period ω × t [rad] as a transmission signal. Here, t [s] indicates time. Further, ω [rad / s] represents an angular frequency and can be expressed as the following equation (3).

  In Expression (3), π represents a circular ratio, and f [Hz] represents a frequency of a signal generated by the signal source 213-1. The ground point 213-2 is a point connected to the circuit ground in the transmission device 210. That is, one of the terminals of the signal source 213 is set to a predetermined reference potential of a circuit in the transmission device 210.

  Cte 214 is a capacitor and represents the capacitance between the transmission signal electrode 111 and the communication medium 130 of FIG. That is, the Cte 214 is provided between the terminal on the opposite side of the ground point 213-2 of the signal source 213-1 and the connection line 230. Ctg 215 is a capacitor and represents the capacitance with respect to the space of the transmission reference electrode 112 in FIG. The Ctg 215 is provided between a terminal on the installation point 213-2 side of the signal source 213-1 and a grounding point 216 indicating a point at infinity (virtual point) with respect to the transmitter 110 in space. .

  In the receiving device 220 of FIG. 3, Rr 223-1, detector 223-2, and ground point 223-3 correspond to the receiving unit 123 of FIG. Rr 223-1 is a load resistor (reception load) for extracting a received signal, and a detector 223-2 configured by an amplifier detects and amplifies the potential difference between the terminals on both sides of the Rr 223-1. The ground point 223-3 is a point connected to the circuit ground in the receiving device 220. That is, one of the terminals of Rr 223-1 (one of the input terminals of the detector 223-2) is set to a predetermined reference potential of the circuit in the receiving device 220.

  The detector 223-2 may further have other functions such as demodulating the detected modulated signal and decoding encoded information included in the detected signal. Good.

  Cre 224 is a capacitor and represents the capacitance between the reception signal electrode 121 and the communication medium 130 of FIG. That is, Cre 224 is provided between the terminal of Rr 223-1 opposite to the ground point 223-3 and the connection line 230. Crg 225 is a capacitor and represents the capacitance with respect to the space of the reception reference electrode 122 in FIG. Crg 225 is provided between a terminal on the installation point 223-3 side of Rr 223-1 and a ground point 226 indicating a point at infinity (virtual point) on the basis of the receiving device 120 in space.

  The connection line 230 represents the communication medium 130 that is a perfect conductor. In the communication system 200 of FIG. 3, Ctg 215 and Crg 225 are expressed as being electrically connected to each other via a grounding point 216 and a grounding point 226 on an equivalent circuit. These do not need to be electrically connected to each other, and each of them only needs to form a capacitance with respect to the space around the transmitter 210 or the receiver 220. That is, the ground point 216 and the ground point 226 do not need to be electrically connected, and may be independent from each other.

  If there is a conductor, a capacitance proportional to the size of the surface area is always formed in the surrounding space. That is, for example, the transmission device 210 and the reception device 220 may be any distance from each other. For example, when the communication medium 130 of FIG. 2 is a perfect conductor, the conductivity of the connection line 230 can be regarded as infinite, so the length of the connection line 230 does not affect communication. If the communication medium 130 is a conductor having sufficient conductivity, the distance between the transmission device and the reception device does not affect the stability of communication in practice.

  In the communication system 200, a circuit including a signal source 213-1, Rr 223-1, Cte 214, Ctg 215, a Cre capacitor 224, and Crg 225 is formed. The combined capacitance Cx of the four capacitors (Cte 214, Ctg 215, Cre capacitor 224, and Crg 225) connected in series can be expressed by the following equation (4).

  Further, the sine wave vt (t) generated by the signal source 213-1 is expressed as the following equation (5).

  Here, Vm [V] represents the maximum amplitude voltage of the signal source voltage, and θ [rad] represents the initial phase angle. That is, the effective value Vtrms [V] of the voltage from the signal source 213-1 can be obtained as in the following equation (6).

  The synthetic impedance Z in the entire circuit can be obtained as in the following equation (7).

  That is, the effective value Vrrms of the voltage generated at both ends of Rr 223-1 can be obtained as shown in Expression (8).

  Therefore, as shown in the equation (8), as the resistance value of Rr 223-1 is larger, the capacitance Cx is larger, and the frequency f [Hz] of the signal source 213-1 is higher, 1 / (( 2 × π × f × Cx) 2) is reduced, and a larger signal can be generated at both ends of Rr 223-1.

  For example, the effective value Vtrms of the voltage by the signal source 213-1 of the transmission apparatus 210 is fixed to 2 [V], and the frequency f of the signal generated by the signal source 213-1 is 1 [MHz], 10 [MHz], or 100 [MHz], the resistance value of Rr 223-1 is 10 K [Ω], 100 K [Ω], or 1 M [Ω], and the capacitance Cx of the entire circuit is 0.1 [pF], 1 [pF], Alternatively, the calculation result of the effective value Vrrms of the voltage generated at both ends of Rr 223-1 when 10 [pF] is as shown in a table 250 shown in FIG.

  As shown in Table 250, when the other conditions are the same, the calculation result of the effective value Vrrms is larger when the frequency f is 10 [MHz] than when the frequency f is 1 [MHz], and is a reception load. The resistance value of Rr223-1 is larger when it is 1M [Ω] than when it is 10K [Ω], and is larger when the capacitance Cx is 10 [pF] than when it is 0.1 [pF]. Takes a value. That is, the larger the value of the frequency f, the resistance value of Rr 223-1, and the capacitance Cx, the larger effective value Vrrms can be obtained.

  Further, it can be seen from Table 250 that an electrical signal is generated in Rr 223-1 even with a capacitance of picofarad or less. That is, when the signal level of the transmitted signal is very small, communication can be performed by amplifying the signal detected by the detector 223-2 of the receiving device 220.

  From the above results, as a basic principle, it is possible to transfer a signal from the transmission device to the reception device by using the capacitance formed with the space.

  The capacitance with respect to the space of the transmission reference electrode and the reception reference electrode described above can be formed if there is a space at the position of each electrode. Therefore, if the transmission signal electrode and the reception signal electrode described above are coupled by a communication medium, the transmission device and the reception device described above can obtain communication stability without depending on the distance between each other.

  Next, the influence on communication due to the distance between the transmission device and the reception device will be described. As described above, according to the principle of the present invention, if a sufficient capacitance can be formed in the space between the transmission reference electrode and the reception reference electrode, a path by the ground in the vicinity between the transmission / reception device and other electrical It does not require a path and does not depend on the distance between the transmission signal electrode and the reception signal electrode. Accordingly, for example, as in the communication system 700 shown in FIG. 5, the transmission device 710 and the reception device 720 are placed at a long distance, and the transmission signal electrode 711 and the reception signal are transmitted by the communication medium 730 having sufficient conductivity or dielectric properties. Communication is possible by electrostatically coupling the electrode 721. At this time, the transmission reference electrode 712 is electrostatically coupled to a space outside the transmission device 710, and the reception reference electrode 722 is electrostatically coupled to a space outside the reception device 720. Therefore, the transmission reference electrode 712 and the reception reference electrode 722 do not need to be electrostatically coupled to each other. However, as the communication medium 730 becomes longer and larger, the capacitance with respect to the space also increases. Therefore, it is necessary to consider these when determining each parameter.

  5 is a system corresponding to the communication system 100 of FIG. 2, the transmission device 710 corresponds to the transmission device 110, the reception device 720 corresponds to the reception device 120, and the communication medium 730 corresponds to the communication. This corresponds to the medium 130.

  In the transmission device 710, the transmission signal electrode 711, the transmission reference electrode 712, and the signal source 713-1 correspond to the transmission signal electrode 111, the transmission reference electrode 112, and the transmission unit 113 (or a part thereof), respectively. Similarly, in the reception device 720, the reception signal electrode 721, the reception reference electrode 722, and Rr723-1 correspond to the reception signal electrode 121, the reception reference electrode 122, and the reception unit 123 (or a part thereof), respectively.

  Therefore, the description about each of these parts is omitted.

  As described above, the communication system 700 does not require a physical reference point path, and can realize communication using only the communication signal transmission path.

  In the above description, the transmission signal electrode and the reception signal electrode are described as being in non-contact with the communication medium. However, the present invention is not limited thereto, and the transmission reference electrode and the reception reference electrode are sufficient between the surrounding spaces of the respective devices. If a sufficient electrostatic capacity can be obtained, the transmission signal electrode and the reception signal electrode may be connected by a conductive communication medium.

  Next, a specific application example of the communication system as described above will be described. For example, the communication system as described above can use a living body as a communication medium. FIG. 6 is a schematic diagram illustrating an example of a communication system when communication is performed via a human body. In FIG. 6, a communication system 750 transmits music data from a transmission device 760 attached to the arm of the human body, receives the music data by a reception device 770 attached to the head of the human body, and converts the music data into speech. This is a system for outputting and allowing the user to view. The communication system 750 is a system corresponding to the above-described communication system (for example, the communication system 100), and the transmission device 760 and the reception device 770 correspond to the transmission device 110 and the reception device 120, respectively. In the communication system 750, the human body 780 is a communication medium and corresponds to the communication medium 130 of FIG.

  That is, the transmission device 760 includes a transmission signal electrode 761, a transmission reference electrode 762, and a transmission unit 763, and corresponds to the transmission signal electrode 111, the transmission reference electrode 112, and the transmission unit 113 in FIG. The reception device 770 includes a reception signal electrode 771, a reception reference electrode 772, and a reception unit 773, and corresponds to the reception signal electrode 121, the reception reference electrode 122, and the reception unit 123 of FIG.

  Therefore, the transmission device 760 and the reception device 770 are installed so that the transmission signal electrode 761 and the reception signal electrode 771 are in contact with or close to the human body 780 that is a communication medium. Since the transmission reference electrode 762 and the reception reference electrode 772 only need to have a capacitance with respect to the space, it is not necessary to couple with the ground in the periphery or between the transmission / reception devices (or electrodes).

  FIG. 7 is a diagram for explaining another example for realizing the communication system 750. In FIG. 7, the receiving device 770 contacts (or approaches) the human body 780 at the sole, and communicates with the transmitting device 760 attached to the arm of the human body 780. Also in this case, the transmission signal electrode 761 and the reception signal electrode 771 are provided so as to be in contact with (or close to) the human body 780 that is a communication medium, and the transmission reference electrode 762 and the reception reference electrode 772 are provided toward the space. ing. In particular, this is an application example that cannot be realized by the conventional technology in which the earth is one of the communication paths.

  As described above, according to the present invention, it is possible to perform wireless communication using a human body or the like as a communication medium without providing a wired facility such as a cable.

  In the communication system as described above, there is no particular limitation on the modulation method of the signal flowing in the communication medium as long as it can be handled by both the transmission device and the reception device. Based on the characteristics of the entire communication system, , The most suitable method can be selected. Specifically, the modulation method includes any one of a baseband, amplitude-modulated, or frequency-modulated analog signal, a baseband, amplitude-modulated, frequency-modulated, or phase-modulated digital signal, Alternatively, a plurality of mixtures may be used.

  Further, in the communication system as described above, a plurality of communications can be established by using one communication medium, and full-duplex communication or communication between a plurality of devices using a single communication medium can be executed. You may be able to do it.

  An example of a method for realizing such multiplex communication will be described. The first is a method of applying a spread spectrum method. In this case, a frequency bandwidth and a specific time series code are negotiated between the transmission device and the reception device. Then, the transmission apparatus changes the frequency of the original signal in accordance with the time-series code within this frequency bandwidth, spreads it over the entire frequency band, and transmits it. After receiving the spread component, the receiving device decodes the received signal by integrating the received signal.

  The effect obtained by frequency spreading will be described. According to the channel capacity theorem of Shannon and Hartley, the following equation holds.

  Here, C [bps] indicates the channel capacity, and indicates the theoretical maximum data rate that can be sent to the communication path. B [Hz] indicates the channel bandwidth. S / N indicates a signal-to-noise power ratio (SN ratio). Further, if the above equation is expanded by Macrolin and the S / N is low, the above equation (9) can be approximated as the following equation (10).

  Thus, for example, if S / N is a level below the noise floor, S / N << 1, but by increasing the channel bandwidth B, the channel capacity C can be raised to a desired level.

  If the time-series code is different for each communication channel and the frequency spread behavior is different, the frequency spreads without interfering with each other and mutual interference is eliminated, so that multiple communications can be performed simultaneously. it can.

  The second is a method of applying a frequency division method in which a frequency bandwidth is determined between a transmission device and a reception device and is further divided into a plurality of regions. In this case, the transmission device (or the reception device) follows a specific frequency band allocation rule or detects a free frequency band at the start of communication, and performs frequency band allocation based on the detection result.

  In other words, by using different frequency bands for each communication path, mutual interference can be suppressed and a plurality of communications can be performed simultaneously on one communication medium. Further, by using the frequency division method, many-to-one communication or many-to-many communication can be performed.

  The third is a method of applying a time division method in which the communication time is divided into a plurality of times between the transmission device and the reception device. In this case, the transmission device (or the reception device) follows a specific time division rule or detects a free time region at the start of communication, and divides the communication time based on the detection result.

  That is, by performing communication in a different time band for each communication path, mutual interference can be suppressed and a plurality of communications can be performed simultaneously on one communication medium. Further, by using the time division method, many-to-one communication and many-to-many communication can be performed.

  Furthermore, as a method other than those described above, two or more of the first to third communication methods may be combined.

  The ability of a transmitting device and a receiving device to communicate with multiple other devices at the same time is particularly important in certain applications. For example, assuming application to a ticket for transportation facilities, when a user who possesses both a device A having commuter pass information and a device B having an electronic money function uses an automatic ticket gate, By using the method, communication is performed simultaneously with the devices A and B. For example, when the use section includes a section other than the commuter pass, the shortage amount is deducted from the electronic money of the apparatus B. It can be used for various purposes.

  The flow of communication processing executed in the communication between the transmission apparatus and the reception apparatus as described above will be described with reference to the case of communication between the transmission apparatus 110 and the reception apparatus 120 of the communication system 100 in FIG. This will be described with reference to a flowchart.

  The transmitter 113 of the transmitter 110 generates a signal to be transmitted in step S11, and transmits the generated signal onto the communication medium 130 via the transmission signal electrode 111 in step S12. When the signal is transmitted, the transmission unit 113 of the transmission device ends the communication process. A signal transmitted from the transmission device 110 is supplied to the reception device 120 via the communication medium 130. The reception unit 123 of the reception device 120 receives the signal via the reception signal electrode 121 in step S21, and outputs the received signal in step S22. The receiving unit 123 that has output the received signal ends the communication process.

  As described above, the transmission device 110 and the reception device 120 can perform basic communication through a simple process without requiring complicated processing via the communication medium 130. In other words, the transmitting device 110 and the receiving device 120 do not need to construct a closed circuit using the reference electrode, and therefore perform transmission / reception via the signal electrode, and easily perform stable communication processing without being affected by the environment. be able to. Thereby, the transmission apparatus 110 and the reception apparatus 120 (communication system 100) can reduce the load of communication processing for performing stable communication without being influenced by the environment, and can also reduce the manufacturing cost. Further, by simplifying the structure of communication processing, the communication system 100 can easily use various communication methods such as modulation, encoding, encryption, or multiplexing.

  In the above communication system, the transmission device and the reception device are described as separate units. However, the present invention is not limited to this, and communication is performed using the transmission / reception device having the functions of both the transmission device and the reception device described above. A system may be constructed.

  FIG. 9 is a diagram showing another configuration example of the communication system to which the present invention is applied.

  In FIG. 9, the communication system 950 includes a transmission / reception device 961, a transmission / reception device 962, and a communication medium 130. The communication system 950 is a system in which the transmission / reception device 961 and the transmission / reception device 962 transmit and receive signals bidirectionally via the communication medium 130.

  The transmission / reception device 961 has both the configuration of the transmission unit 110 similar to the transmission device 110 in FIG. 2 and the reception unit 120 similar to the reception device 120. That is, the transmission / reception device 961 includes a transmission signal electrode 111, a transmission reference electrode 112, a transmission unit 113, a reception signal electrode 121, a reception reference electrode 122, and a reception unit 123.

  That is, the transmission / reception device 961 transmits a signal via the communication medium 130 using the transmission unit 110 and receives a signal supplied via the communication medium 130 using the reception unit 120. At this time, the transmission / reception device 961 is configured such that communication by the transmission unit 110 and communication by the reception unit 120 do not interfere with each other.

  The transmission / reception device 962 has the same configuration as that of the transmission / reception device 961 and operates in the same manner, and thus the description thereof is omitted. That is, the transmission / reception device 961 and the transmission / reception device 962 perform bidirectional communication via the communication medium 130 in the same manner.

  Thus, the communication system 950 (the transmission / reception device 961 and the transmission / reception device 962) can easily realize bidirectional wireless communication without providing a wired facility such as a cable.

  In the example of FIG. 9, different electrodes are used for transmission and reception, but only one set of signal electrode and reference electrode may be provided to switch transmission and reception.

  FIG. 10 is a diagram illustrating an example of a data communication system using the wireless communication described above with reference to FIGS. In this example, a user 1001 holds a portable device 1002 that can perform the wireless communication described above with reference to FIGS.

  A service provider of a service using the mobile device 1002 embeds signal electrodes 1021 to 1021-3 for communicating with the mobile device 1002 in advance on a road surface, a floor surface, or the like. When walking on 1021-1 through 1021-3, the signal electrode provided in the portable device 1002 and the signal electrodes 1021-1 through 1021-3 are respectively connected to the human body of the user 1001 as a communication medium. The wireless communication described above is performed with reference to FIG.

  Reader electrodes / writers 1051-1 to 1051-3 are connected to the signal electrodes 1021-1 to 1021-3, respectively. The reader / writers 1051-1 to 1051-3 communicate with the portable device 1002 to obtain predetermined data. By transmitting and receiving, the user 1001 is provided with services such as information provision and billing.

  In the data communication system of FIG. 10, for example, the portable device 1002 corresponds to the transmission / reception device 961 of FIG. 9, and each of the reader / writers 1051-1 to 1051-3 corresponds to the transmission / reception device 962 of FIG. . Note that the signal electrodes 1021-1 to 1021-3 or the reader / writers 1051-1 to 1051-3 are simply referred to as the signal electrode 1021 or the reader / writer 1051 when it is not necessary to distinguish them individually.

  In this data communication system, when the user 1001 walks on the signal electrode 1021, communication between the portable device 1002 and the reader / writer 1051 is automatically performed without any instruction from the user 1001.

  FIG. 11 is a block diagram illustrating an internal configuration example of the portable device 1002. In the figure, when the signal generator 1151 transmits information to, for example, the reader / writer 1051 compatible with the wireless communication described above with reference to FIGS. 2 to 9, the signal generator 1151 is controlled based on the control of the controller 1155. Generate a signal corresponding to the information. When receiving information (a signal corresponding to the information) from the above-described reader / writer 1051 or the like, the signal demodulation unit 1152 demodulates the signal and supplies the demodulated signal to the control unit 1155.

  The transmission / reception switching unit 1153 switches the connection with the signal electrode 1101 to either the signal generation unit 1151 or the signal demodulation unit 1152 based on, for example, control from the control unit 1155.

  The memory 1154 includes, for example, an EEPROM (Electrically Erasable Programmable Read Only Memory) and stores necessary information based on the control of the control unit 1155. The memory 1154 stores an ID unique to the mobile device 1002 (individual mobile device).

  The reference electrode 1102 and the signal electrode 1101 are the reference electrode and the signal electrode used in the wireless communication described above with reference to FIGS. 2 to 9, and the signal electrode 1101 is close to a communication medium (for example, a human body). The reference electrode 1102 is provided to face the space. For example, the reference electrode 1102 corresponds to the transmission reference electrode 112 or the reception reference electrode 122 in FIG. 9, and the signal electrode 1101 corresponds to the transmission signal electrode 111 or the reception signal electrode 121 in FIG.

  The control unit 1155 includes, for example, a CPU, a ROM, a RAM, and the like, and controls the operation of the signal generation unit 1151 or the signal demodulation unit 1152 by executing various programs. For example, the control unit 1155 controls the signal generation unit 1151 or the signal demodulation unit 1152 to generate or demodulate a signal to be transmitted / received to / from a portable device that supports a new type of wireless communication. Further, the control unit 1155 stores various data in the memory 1154 as necessary, and reads out data stored in the memory 1154.

  The control unit 1155 executes data encryption or decryption processing using a predetermined key in accordance with a preset encryption algorithm such as DES (Data Encryption Standard) or Triple DES.

  FIG. 12 is a block diagram illustrating an example of the internal configuration of the reader / writer 1051. In the figure, signal generators 1251 to 1255 are functional blocks corresponding to the signal generators 1151 to 1155 of FIG. 11, respectively, and detailed description thereof is omitted. Further, the signal electrode 1021 is embedded and attached to a road surface or a floor surface as shown in FIG. The reference electrode 1022 and the signal electrode 1021 are the reference electrode and the signal electrode used in the wireless communication described above with reference to FIGS. 2 to 9, and the signal electrode 1021 is close to a communication medium (for example, a human body). The reference electrode 1022 is provided so as to face the space. For example, the reference electrode 1022 corresponds to the transmission reference electrode 112 or the reception reference electrode 122 in FIG. 9, and the signal electrode 1021 corresponds to the transmission signal electrode 111 or the reception signal electrode 121 in FIG.

  FIG. 13 is a diagram illustrating an example of information stored in the memory 1154 of the portable device 1002. In this example, as data for authentication processing (referred to as mutual authentication as appropriate) performed between the portable device 1002 and the reader / writer 1051 to confirm each other's validity, “your ID (IDd)” ”,“ Own key (Kd) ”, and“ Reader / writer authentication key (Kmr) ”are stored.

  FIG. 14 is a diagram illustrating an example of information stored in the memory 1254 of the reader / writer 1051. In this example, “my ID (IDr)”, “my key (Kr)”, and “mobile device authentication key (Kmd)” are stored as data for mutual authentication.

  13 and 14, IDd and IDr, which are their own IDs, and key Kd and key Kr, which are their own keys, are IDs and keys unique to one portable device 1002 and one reader / writer 1051, respectively. Yes, different IDs and keys are assigned to other portable devices or reader / writers.

  On the other hand, a key Kmr or Kmd, which is a reader / writer authentication key or a portable device authentication key, is stored as the same key in a plurality of portable devices or reader / writers. The key Kr is obtained when the IDr is encrypted with the key Kmr, and the key Kd is obtained when the IDd is encrypted with the key Kmd. In other words, each reader / writer or portable device is encrypted by encrypting the IDr or IDd assigned to each reader / writer or portable device using a predetermined key Kmr or Kmd. A key (own key) Kr or Kd given to the device is generated.

  The keys Kmd and Kmr are determined in advance by a provider that provides the portable device 1002 and a service provider of a service that uses the portable device 1002 (a supplier that installs the reader / writer 1005).

  Next, mutual authentication performed between the portable device 1002 and the reader / writer 1051 will be described with reference to the flowchart of FIG. The mutual authentication is executed, for example, when the user 1001 holding the portable device 1002 is on the signal electrode 1021.

  First, in step S101, the reader / writer 1051 transmits a request command and IDr, which is its own ID, to the portable device 1002, and the portable device 1002 receives the request command in step S201. Here, the request command is a command for requesting transmission of authentication data (described later) necessary for mutual authentication, and is a signal determined in advance between the portable device 1002 and the reader / writer 1051.

  In step S202, the portable device 1002 executes authentication data 1 generation processing, which will be described later with reference to FIG. 18, based on the request command and IDr (ID of the reader / writer 1051) received in step S201. As a result, the key Kr of the reader / writer 1051 is generated, and IDd, which is the ID of the portable device 1002, is encrypted with the key Kr together with the random number R1 generated (generated) by the portable device 1002, and used for authentication for mutual authentication. Data D1 is generated as data 1.

  In step S203, the portable device 1002 transmits the data D1 generated by the processing in step S202 to the reader / writer 1051, and the reader / writer 1051 receives the data D1 in step S102.

  In step S103, the reader / writer 1051 executes authentication data 2 generation processing, which will be described later with reference to FIG. 21, based on the data D1 received in step S102. Thereby, the data D1 is decrypted, the random number R1 and the IDd of the portable device 1002 are acquired, and the key Kd of the portable device 1002 is generated. Further, the random number R2 generated (generated) by the reader / writer 1051 is encrypted with the random number R1 together with the key Kd, and data D2 is generated as authentication data 2 for mutual authentication.

  In step S104, the reader / writer 1051 transmits the data D2 generated by the processing in step S103 to the portable device 1002, and the portable device 1002 receives the data D2 in step S204.

  In step S205, the portable device 1002 executes reader / writer verification processing described later with reference to FIG. 25 based on the data D2 received in step S204. As a result, the data D2 is decrypted to obtain the random numbers R1 and R2, and the value of the obtained random number R1 is verified to verify the validity of the reader / writer 1051 (whether the reader / writer 1051 is a valid reader / writer). ) Is verified. If it is determined in step S205 that the reader / writer 1051 is not a valid reader / writer, an error occurs and the process ends.

  If it is determined in step S205 that the reader / writer 1051 is a valid reader / writer, the process proceeds to step S206, and the portable device 1002 executes an authentication data 3 generation process to be described later with reference to FIG. To do. Thereby, the random number R3 generated (generated) by the portable device 1002 is encrypted together with the random number R2 with the key Kd, and data D3 is generated as authentication data 3 for mutual authentication.

  In step S207, the portable device 1002 transmits the data D3 generated by the processing in step S206 to the reader / writer 1051, and the reader / writer 1051 receives the data D3 in step S105.

  In step S106, the reader / writer 1051 executes portable device verification processing described later with reference to FIG. 29 based on the data D3 received in step S105. As a result, the data D3 is decrypted to obtain the random numbers R3 and R2, and by verifying the value of the obtained random number R2, the validity of the portable device 1002 (whether the portable device 1002 is a valid portable device or not) ) Is verified. If it is determined in step S106 that the portable device 1002 is not a valid portable device, an error occurs and the process ends. Further, the random number R3 obtained here is used as a session key which is a key for encrypting data transmitted / received between the reader / writer 1051 and the portable device 1002 thereafter (in this session). It may be.

  In this way, mutual authentication is performed.

  When communication is performed using the human body of the user 1001 as a communication medium, such as the portable device 1002 and the reader / writer 1051, when the user 1001 walks on the signal electrode 1021, the portable device 1002 and the signal electrode 1021 held by the user In some cases, communication is performed without the user's knowledge, and for example, it becomes possible to know the user's 1001 behavior (destination, etc.) illegally.

  In order to suppress such injustices, for example, in communication with the reader / writer 1051, a method of using an address that dynamically changes each time communication is performed instead of an ID that can identify the portable device 1002 is also considered. It is done. However, the reader / writer 1051 installed in a crowded area such as a downtown area or a station frequently communicates with a plurality of portable devices 1002 at the same time, and avoids collision when communicating with the plurality of portable devices 1002 at the same time. Therefore, it has been studied to allocate a band, a channel, and the like based on the ID of the mobile device. If an address that dynamically changes every time communication is performed instead of the ID, a plurality of portable devices 1002 may have the same address, and collision cannot be completely avoided.

  Therefore, the portable device 1002 and the reader / writer 1051 avoid collision by the following method, for example.

  FIGS. 16 and 17 are diagrams for explaining an example of a collision avoidance mechanism by the portable device 1002 and the reader / writer 1051. Now, as shown in FIG. 16, the reader / writer 1051 includes a reference electrode 1022 and a signal electrode 1021, and communicates with portable devices 1002 owned by a plurality of users on the signal electrode 1021.

  In FIG. 16, the portable device 1002-1 is owned by the user 1001-1, the portable device 1002-2 is owned by the user 1001-2, and the portable device 1002-3 is owned by the user 1001-3. is doing. Note that each of the portable devices 1002-1 to 1002-3 has an ID that is unique identification information, and the reader / writer 1051 uses the identification information (ID) to communicate with a communication partner (a partner that transmits and receives signals). ). In this example, the ID is 4-bit binary information, the ID of the portable device 1002-1 is “0001”, the ID of the portable device 1002-2 is “1111”, and the ID of the portable device 1002-3 is The ID is “1010”.

  As described above, the reader / writer 1051 communicates with each other independently using the IDs of the portable devices 1002-1 to 1002-3. For this reason, first, the portable device existing in a communicable range is used. You need to identify the device. That is, for example, in the case of FIG. 16, in order to communicate with the reader / writer 1051, the portable device needs to be held (contacted or approached) by the user located on the signal electrode 1021, but the user can arbitrarily Since the position can be moved, the portable device that can communicate with the reader / writer 1051 is not fixed. Therefore, the reader / writer 1051 searches for a portable device that is currently in a communicable state (acquires the portable device ID) in order to communicate with the portable device.

  FIG. 17 is a timing chart for explaining an example of the flow of processing when the reader / writer 1051 acquires the ID of the portable device.

  As shown in step S251 in FIG. 17, the reader / writer 1051 first waits for a predetermined time in order to distinguish between the previous process and the current process. Thereafter, in step S252, the reader / writer 1051 broadcasts an ID request for requesting an ID to the portable device on the signal electrode 1021 (transmits it to an unspecified number). The mobile devices 1002-1 to 1002-3 acquire the broadcast ID request as shown in Step S261, Step S271, and Step S281, respectively.

  When acquiring the ID request, each of the mobile devices 1002-1 to 1002-3 transmits its ID to the reader / writer 1051 bit by bit. In this ID transmission process, no time slot is provided, and as shown in FIG. 17, the transmission timing of each bit by the portable devices 1002-1 to 1002-3 is substantially the same. That is, as shown in step S262, step S272, and step S282, the portable devices 1002-1 to 1002-3 transmit the first bit (1st bit) of the ID to the reader / writer 1051 at substantially the same timing.

  At this time, as shown in FIG. 17, the portable device 1002-1 transmits the value “0”, and the portable device 1002-2 and the portable device 1002-3 transmit the value “1”. Is supplied to the reader / writer 1001, and a signal collision (Collision) occurs.

  Each of the portable devices 1002-1 to 1002-3 transmits 1-bit information, detects a signal flowing on the communication medium at that time (in this case, the user's human body), and detects a collision from the value. Detect outbreaks. That is, when a value different from the value of the signal transmitted by itself is detected, the portable device 1002-1 to the portable device 1002-3 determine that a collision has occurred. Then, for example, the portable device that has transmitted the value “0” when a collision occurs stops transmitting the next and subsequent bits. In the case of the example of FIG. 17, a collision has occurred in “1st bit”, and the value “0” is transmitted at that time (step S <b> 262). The portable device 1002-1 transmits bits after “2nd bit” Cancel.

  Similarly, the reader / writer 1051 detects a signal flowing on the communication medium at that time, and detects the occurrence of collision from the value. If it is determined that a collision has occurred, it is assumed that the value “1” has been received, as shown in step S253 of FIG. 17, regardless of the value of the actually received signal.

  Next, the portable device 1002-2 and the portable device 1002-3 transmit “2nd bit” of ID, respectively, as shown in Step S273 and Step S283. At this time, since different values are transmitted, collision occurs. Accordingly, the portable device 1002-3 that has transmitted the value “0” stops transmission after the ID “3rd bit”. Further, since a signal collision has occurred, the reader / writer 1051 receives the value “1” as shown in step S254 regardless of the value of the actually received signal.

  Subsequently, the portable device 1002-2 that has not stopped transmitting IDs so far transmits IDs “3rd bit” and “4th bit” in order, as shown in step S274 and step S275 in FIG. At this time, since no other portable device transmits a signal, no collision occurs. Accordingly, the reader / writer 1051 receives the value transmitted by the portable device 1002-2 (step S255 and step S256).

  That is, in the case of FIG. 17, the reader / writer 1051 can receive the ID of the portable device 1002-2. Therefore, for example, since unnecessary waiting time that occurs when a time slot is provided can be suppressed, the reader / writer 1051 can acquire the ID of the portable device at a higher speed.

  Note that the reader / writer 1051 notifies the portable device 1002-2 that the ID has been acquired and does not respond to the ID request, and then makes the ID request again. The ID of 1002-1 or portable device 1002-3 can also be acquired.

  In FIG. 17, the output of the subsequent bits of the portable device that outputs the value “0” when the collision occurs is described as being stopped, but of course, the portable device that outputs the value “1” when the collision occurs. The output of the subsequent bits may be stopped. Further, the portable device may detect a signal transmitted on the communication medium at the same time while transmitting one bit of ID, or detect a signal transmitted on the communication medium after transmitting one bit of ID. You may do it.

  The determination of collision occurrence is performed based on whether or not the received signal includes both a feature indicating the value “0” and a feature indicating the value “1” (including a feature indicating the occurrence of collision). Its characteristics vary depending on the modulation schemes supported by each device. For example, when the ID is modulated by the FM modulation method and transmitted, the reader / writer 1051 and the portable devices 1002-1 to 1002-3 have both the frequency component indicating the value “0” and the frequency component indicating the value “1”. Is included in the received signal, it is determined that a collision has occurred.

  At this time, for example, when the portable devices 1002-1 to 1002-3 all transmit “0”, the received signal includes only the feature indicating the value “0”. On the other hand, when the portable devices 1002-1 to 1002-3 all transmit “1”, the received signal includes only the feature indicating the value “1”. That is, when all portable devices transmit the same value, the reader / writer 1051 and the portable devices 1002-1 to 1002-3 do not determine that a collision has occurred.

  As described above, the portable devices 1002-1 to 1002-3 and the reader / writer 1051 detect the collision by detecting the occurrence of the collision based on the different IDs transmitted from the portable devices 1002-1 to 1002-3. In other words, if a plurality of portable devices transmit the same ID (identification information), a collision cannot be detected and a collision cannot be avoided.

  In the present invention, IDd which is the ID of the portable device 1002 is encrypted as data D1 and transmitted to the reader / writer 1051. For example, the identification information of the portable devices 1002-1 to 1002-3 is different because each of the data encrypted with the same encryption algorithm and key with the same ID of each of the different portable devices 1002-1 to 1002-3 is also individually different. Can be used as Therefore, collision is avoided by detecting the occurrence of a collision by the method described above with reference to FIG. 17 based on an ID unique to each portable device 1002 (in this case, an encrypted ID). The reader / writer 1051 can acquire the IDs of the portable devices 1002-1 to 1002-3. After the ID is acquired, if a band, a channel, or the like is allocated for each ID, even if a plurality of portable devices 1002 are simultaneously communicating with one reader / writer 1051, It is possible to communicate with each other.

  Furthermore, IDd, which is the ID of the portable device 1002, is encrypted as data D1 and transmitted to the reader / writer 1051, so that information (ID) that can identify the portable device 1002 of the user 1001 with respect to an unauthorized reader / writer is obtained. It is possible to keep it secret. As a result, it is possible to respect the user's privacy and perform reliable mutual authentication.

  Next, details of the authentication data 1 generation process in step S202 of FIG. 15 will be described with reference to the flowchart of FIG.

  In step S301, the control unit 1155 of the portable device 1002 executes a Kr generation process which will be described later with reference to FIG. Thereby, the key Kr of the reader / writer 1051 is generated.

  Here, with reference to the flowchart of FIG. 19, the details of the step S301Kr generation process of FIG. 18 will be described.

  In step S321, the control unit 1155 acquires IDr. Here, IDr which is the ID of the reader / writer 1051 is received in step S201 (FIG. 15) and stored in the memory 1154, for example.

  In step S322, the control unit 1155 encrypts the IDr acquired in the process of step S321 with a key Kmr that is a reader / writer authentication key. As described above, when IDr, which is a unique ID of the reader / writer 1051, is encrypted with the key Kmr, a unique key Kr of the reader / writer 1051 is generated.

  In step S323, the control unit 1155 generates data of the processing result of step S322 as the key Kr, and stores the data in the memory 1154, for example.

  Returning to FIG. 18, in step S <b> 302, the control unit 1155 executes a D1 generation process which will be described later with reference to FIG. 20. Thereby, data D1 is generated.

  Here, the details of the D1 generation processing in step S302 in FIG. 18 will be described with reference to the flowchart in FIG.

  In step S341, the control unit 1155 generates (generates) a random number R1. Here, for example, the random number R1 is generated as data having the same bit length (for example, 64 bits) as IDd which is the ID of the portable device 1002, and stored in the memory 1154 or the like. The random number may be generated as software as a pseudo-random number, or may be a dedicated random number using dedicated hardware, thermal noise, or other external input. Furthermore, using the encryption engine that is already held (either hardware or software), for example, the previous output value held in the memory is also held in the memory. The ciphertext may be encrypted as a new random value. The new random value is overwritten and updated on the previous output value in the memory.

  In step S342, the control unit 1155 encrypts the random number R1 with the key Kr.

  In step S343, the control unit 1155 stores the data obtained as a result of the process in step S342 in the memory 1154 or the like as data D1u, which is upper 64 bits of data D1. As a result, data D1u, which is the upper 64 bits of data D1, is generated.

  In step S344, the control unit 1155 calculates an exclusive OR of the data D1u and IDd. Here, the exclusive OR is the exclusive OR of the 1st to 64th bits of IDd and the 1st to 64th bits of the data D1u, and the result of the operation is 64 bits. Data will be obtained.

  In step S345, the control unit 1155 encrypts the calculation result (64-bit data) by the process in step S344 with the key Kr.

  In step S346, the control unit 1155 stores the data obtained as a result of the process in step S345 in the memory 1154 or the like as data D1w that is lower-order 64-bit data of the data D1. As a result, data D1w, which is lower 64 bits of data D1, is generated.

  In step S347, the control unit 1155 generates data D1 that is 128-bit data as authentication data 1 from the data D1u generated by the process of step S343 and the data D1w generated by the process of step S346. .

  In addition, what was shown here is an example of the production | generation of data D1, and the production | generation method of data D1 is not restricted to this. The data D1 may be generated by another method if it is data generated by encrypting the random number R1 and IDd with the key Kr (the random number R1 and IDd can be obtained by decrypting the data D1 with the key Kr). May be.

  In this way, the data D1 is generated as the authentication data 1.

  Next, details of the authentication data 2 generation process in step S103 of FIG. 15 will be described with reference to the flowchart of FIG.

  In step S401, the control unit 1255 of the reader / writer 1051 executes a D1 decoding process to be described later with reference to FIG. Thereby, the data D1 is decrypted, and the random numbers R1 and IDd are acquired.

  Here, the details of the D1 decoding process in step S401 in FIG. 21 will be described with reference to the flowchart in FIG.

  In step S421, the control unit 1255 decomposes the data D1 into upper 64 bits of data D1u and lower 64 bits of data D1w.

  In step S422, the control unit 1255 decrypts the data D1u with the key Kr, and in step S423, obtains data as a random number R1 as a result of the process in step S422.

  In step S424, the control unit 1255 decrypts the data D1w with the key Kr.

  In step S425, the control unit 1255 calculates an exclusive OR of the data of the processing result (decoding result) in step S424 and the data D1u. Here, the exclusive OR is an exclusive OR of the first to 64th bits of the data obtained as a result of the processing in step S424 and the first to 64th bits of the data D1u. As a result of the calculation, 64-bit data is obtained.

  In step S426, the control unit 1255 acquires the calculation result data obtained by the process in step S425 as IDd and stores the data in the memory 1254, for example.

  Returning to FIG. 21, after the process of step S <b> 401, in step S <b> 402, the control unit 1255 executes a Kd generation process which will be described later with reference to FIG. 23. Thereby, the key Kd is generated.

  Here, the details of the Kd generation processing in step S402 in FIG. 21 will be described with reference to the flowchart in FIG.

  In step S441, the control unit 1255 encrypts the IDd acquired in the process of step S426 with the key Kmd that is a portable device authentication key. As described above, when IDd, which is a unique ID of portable device 1002, is encrypted with key Kmd, unique key Kd of portable device 1002 is generated.

  In step S442, the control unit 1255 generates the data of the processing result in step S441 as the key Kd, and stores it in the memory 1254, for example.

  Returning to FIG. 21, after step S <b> 402, in step S <b> 403, the control unit 1255 executes D2 generation processing described later with reference to FIG. 24. Thereby, data D2 is generated.

  Here, the details of the data D2 generation processing in step S403 in FIG. 21 will be described with reference to the flowchart in FIG.

  In step S461, the control unit 1255 generates (generates) a random number R2. Here, for example, the random number R2 is generated as data having the same bit length (for example, 64 bits) as the random number R1, and is stored in the memory 1254 or the like.

  In step S462, the control unit 1255 encrypts the random number R2 with the key Kd.

  In step S463, the control unit 1255 holds the data obtained as a result of the process in step S462 in the memory 1254 or the like as data D2u which is data of the upper 64 bits of the data D2. As a result, data D2u, which is the upper 64 bits of data D2, is generated.

  In step S464, the control unit 1255 calculates an exclusive OR of the data D2u and the random number R1. Here, the exclusive OR is an exclusive OR of the 1st to 64th bits of the random number R1 and the 1st to 64th bits of the data D2u. Bit data can be obtained.

  In step S465, the control unit 1255 encrypts the calculation result (64-bit data) by the process in step S464 with the key Kd.

  In step S466, the control unit 1255 holds the data obtained as a result of the process in step S465 in the memory 1254 or the like as data D2w which is data of lower 64 bits of the data D2. As a result, data D2w, which is lower 64 bits of data D2, is generated.

  In step S467, the control unit 1255 generates data D2 which is 128-bit data as authentication data 2 from the data D2u generated by the process of step S463 and the data D2w generated by the process of step S466. .

  In addition, what was shown here is an example of the production | generation of data D2, and the production | generation method of data D2 is not restricted to this. The data D2 is generated by another method if it is data generated by encrypting the random numbers R1 and R2 with the key Kd (the random numbers R1 and R2 can be obtained by decrypting the data D2 with the key Kd). May be.

  Here, an example in which the data D2 is generated using only the key Kd has been described, but the data D2 may be generated using both the key Kd and the key Kr. This is because the reader / writer 1051 and the portable device 1002 already share both keys (key Kd and key Kr), and this can further increase the security level.

  In this way, data D2 is generated as the authentication data 2.

  Next, the reader / writer verification process in step S205 of FIG. 15 will be described in detail with reference to the flowchart of FIG.

  In step S501, the control unit 1155 performs a D2 decoding process to be described later with reference to FIG. As a result, data D2 is decrypted, and random numbers R1 and R2 are obtained.

  Here, the details of the D2 decoding process in step S501 in FIG. 25 will be described with reference to the flowchart in FIG.

  In step S521, the control unit 1155 decomposes the data D2 into upper 64 bits of data D2u and lower 64 bits of data D2w.

  In step S522, the control unit 1155 decrypts the data D2u with the key Kd, and in step S523, obtains data as a random number R2 as a result of the process in step S522.

  In step S524, the control unit 1155 decrypts the data D2w with the key Kd.

  In step S525, the control unit 1155 calculates an exclusive OR of the data of the processing result (decoding result) of step S524 and the data D2u. Here, the exclusive OR is an exclusive OR of the first to 64th bits of the data of the processing result of step S524 and the first to 64th bits of the data D2u. As a result of the calculation, 64-bit data is obtained.

  In step S526, the control unit 1155 acquires the data of the calculation result obtained in step S525 as the random number R1, and stores it in the memory 1154, for example.

  Returning to FIG. 25, after the process of step S501, in step S502, the control unit 1155 determines whether or not the random number R1 has been correctly decoded. That is, it is determined whether or not the value of the random number R1 obtained by the process of step S526 (FIG. 26) is equal to the value of the random number R1 generated by the process of step S341 (FIG. 20). If both values are equal, it is determined that the random number R1 has been correctly decoded, and the process proceeds to step S503.

  When the random number R1 is correctly decrypted, the reader / writer 1051 which is the communication partner of the portable device 1002 can confirm that the data D2 is generated as described above using the key Kr and the key Kmd. Since the writer 1051 is considered to be a valid reader / writer, in step S503, the control unit 1155 sets the authentication flag to ON to indicate that the communication partner has been successfully authenticated.

  On the other hand, if it is determined in step S502 that the random number R1 has not been correctly decoded, the process proceeds to step S504.

  If the random number R1 is not correctly decrypted, the reader / writer 1051 that is the communication partner of the portable device 1002 can confirm that the data D2 has not been generated using the key Kr and the key Kmd as described above. Since the writer 1051 is considered to be an unauthorized reader / writer, in step S504, the control unit 1155 sets the authentication flag to OFF to indicate that authentication of the communication partner has failed.

  In this way, the reader / writer 1051 is authenticated by the portable device 1002.

  Next, details of the authentication data 3 generation process in step S206 of FIG. 15 will be described with reference to the flowchart of FIG. That is, in step S601, the D3 generation process described later with reference to FIG. 28 is executed.

  Here, the details of the D3 generation process in step S601 in FIG. 27 will be described with reference to the flowchart in FIG.

  In step S621, the control unit 1155 generates (generates) a random number R3. Here, for example, the random number R3 is generated as data having the same bit length (for example, 64 bits) as the random number R1, and stored in the memory 1154 or the like.

  In step S622, the control unit 1155 encrypts the random number R3 with the key Kd.

  In step S623, the control unit 1155 stores the data obtained as a result of the process in step S622 in the memory 1154 or the like as data D3u, which is upper 64 bits of data D3. As a result, data D3u, which is the upper 64 bits of data D3, is generated.

  In step S624, the control unit 1155 calculates an exclusive OR of the data D3u and the random number R2. Here, the exclusive OR is the exclusive OR of the 1st to 64th bits of the random number R2 and the 1st to 64th bits of the data D3u. Bit data can be obtained.

  In step S625, the control unit 1155 encrypts the calculation result (64-bit data) by the process in step S624 with the key Kd.

  In step S626, the control unit 1155 stores the data obtained as a result of the process in step S625 in the memory 1154 or the like as data D3w that is lower-order 64-bit data of the data D3. As a result, data D3w, which is lower 64 bits of data D3, is generated.

  In step S627, the control unit 1155 generates data D3, which is 128-bit data, as authentication data 3 from the data D3u generated by the process of step S623 and the data D3w generated by the process of step S626. .

  In addition, what was shown here is an example of the production | generation of data D3, and the production | generation method of data D3 is not restricted to this. The data D3 is generated by another method if it is data generated by encrypting the random numbers R2 and R3 with the key Kd (the random numbers R2 and R3 can be obtained by decrypting the data D3 with the key Kd). May be.

  Here, an example in which the data D2 is generated using only the key Kd has been described, but the data D2 may be generated using both the key Kd and the key Kr. This is because the reader / writer 1051 and the portable device 1002 already share both keys (key Kd and key Kr), and this can further increase the security level.

  In this way, data D3 is generated as the authentication data 3.

  Next, the details of the portable device verification process in step S106 in FIG. 15 will be described with reference to the flowchart in FIG.

  In step S701, the control unit 1255 performs a D3 decoding process to be described later with reference to FIG. As a result, the data D3 is decrypted, and random numbers R2 and R3 are obtained.

  Here, the details of the D3 decoding process in step S701 in FIG. 29 will be described with reference to the flowchart in FIG.

  In step S721, the control unit 1255 breaks down the data D3 into upper 64 bits of data D3u and lower 64 bits of data D3w.

  In step S722, the control unit 1255 decrypts the data D3u with the key Kd, and in step S723, obtains data as a random number R3 as a result of the process in step S722.

  In step S724, the control unit 1255 decrypts the data D3w with the key Kd.

  In step S725, the control unit 1255 calculates the exclusive OR of the data of the processing result (decoding result) in step S724 and the data D3u. Here, the exclusive OR is an exclusive OR of the first to 64th bits of the data of the processing result of step S724 and the first to 64th bits of the data D3u. As a result of the calculation, 64-bit data is obtained.

  In step S726, the control unit 1255 acquires the data of the calculation result obtained in step S725 as the random number R2, and stores it in the memory 1254, for example.

  Returning to FIG. 29, after step S701, in step S702, the control unit 1255 determines whether or not the random number R2 has been correctly decoded. That is, it is determined whether or not the value of the random number R2 obtained by the process of step S726 (FIG. 30) is equal to the value of the random number R2 generated by the process of step S461 (FIG. 24). If both values are equal, it is determined that the random number R2 has been correctly decoded, and the process proceeds to step S703.

  When the random number R2 is correctly decrypted, the portable device 1002 that is the communication partner of the reader / writer 1051 can confirm that the data D3 is generated using the key Kd and the key Kmr as described above. Since the device 1002 is considered to be a legitimate portable device, in step S703, the control unit 1255 sets the authentication flag to ON to indicate that the communication partner has been successfully authenticated.

  On the other hand, if it is determined in step S702 that the random number R2 has not been correctly decoded, the process proceeds to step S704.

  If the random number R2 is not correctly decrypted, it can be confirmed that the portable device 1002 that is the communication partner of the reader / writer 1051 has not generated the data D3 using the key Kd and the key Kmr as described above. Since the device 1002 is considered to be an unauthorized mobile device, in step S704, the control unit 1255 sets the authentication flag to OFF in order to indicate that the authentication of the communication partner has failed.

  In this way, the portable device 1002 is authenticated by the reader / writer 1051.

  As described above, the mutual authentication performed between the portable device 1002 and the reader / writer 1051 is performed using the common key encryption algorithm with a relatively light processing load. For example, the processing load is relatively heavy. Compared with the case of mutual authentication using a public key encryption algorithm, the time required for processing can be shortened, and the configuration of the portable device 1002 (or reader / writer 1051) can be simplified and reduced in size.

  Since the authentication data 1 to the authentication data 3 are encrypted and transmitted / received, it is possible to perform safe and reliable mutual authentication. Furthermore, since IDd, which is a unique ID of the portable device 1002, is transmitted after being encrypted (because it is not transmitted as plain text), there is an act of illegally knowing the action (destination) of the user 1001 and the like. As a result, it is possible to provide a data communication system that respects user privacy.

  In the above, the memory of the portable device 1002 (or reader / writer 1051) stores only one type of key Kmr that is a reader / writer authentication key (or key Kmd that is a portable device authentication key). For example, when a plurality of service providers use a data communication system, a key Kmr (or a portable device authentication key) that is a plurality of types of reader / writer authentication keys corresponding to the service providers. It is also possible to store the key Kmd). In this case, for example, in step S101 of FIG. 15, a code specifying the type of service provider is transmitted together with the request command, and a reader / writer authentication key (or a key used in mutual authentication) corresponding to the code (or The portable device authentication key may be specified.

  In the above description, an example in which the mobile device 1002 and the reader / writer 1051 perform wireless communication with reference to FIGS. 2 to 9 has been described. However, the mobile device 1002 and the reader / writer 1051 are other devices. The present invention can also be applied to the case of performing communication of this type.

  Furthermore, in the above, an example of mutual authentication performed between the portable device 1002 and the reader / writer 1051 has been described. However, the present invention can also be applied to mutual authentication between devices different from this.

  The series of processes described above can be executed by hardware, or can be executed by software. When the above-described series of processing is executed by software, a program constituting the software executes various functions by installing a computer incorporated in dedicated hardware or various programs. For example, a general-purpose personal computer is installed from a network or a recording medium.

  When the above-described series of processing is executed by software, a program constituting the software is installed from a network such as the Internet or a recording medium such as a removable medium.

  This recording medium is distributed to distribute the program to the user, and includes a magnetic disk (including a floppy disk (registered trademark)) on which the program is recorded, an optical disk (CD-ROM (Compact Disk-Read Only Memory). ), DVD (including Digital Versatile Disk)), magneto-optical disk (including MD (Mini-Disk) (registered trademark)), or removable media consisting of semiconductor memory, etc. Also included are those composed of a ROM in which a program is recorded, a hard disk included in a storage unit, and the like that are distributed to the user in a preinstalled state.

  The steps of executing the series of processes described above in this specification are performed in parallel or individually even if they are not necessarily processed in time series, as well as processes performed in time series in the order described. It also includes processing.

It is a figure explaining the example of the conventional mutual authentication. It is a figure which shows the structural example which concerns on one Embodiment of the communication system to which this invention is applied. It is a figure which shows the example of the equivalent circuit of the communication system of FIG. 2 in an ideal state. 4 is a diagram illustrating an example of a calculation result of an effective value of a voltage generated at both ends of a reception load resistor in the model of FIG. It is a figure which shows the example of arrangement | positioning of the communication system of FIG. It is a figure which shows the actual usage example which concerns on one Embodiment of the communication system to which this invention is applied. It is a figure which shows the other usage example which concerns on one Embodiment of the communication system to which this invention is applied. It is a flowchart which shows the example of the flow of a communication process. It is a figure which shows the further another structural example of the communication system to which this invention is applied. It is a figure which shows the structural example which concerns on one Embodiment of the data communication system to which this invention is applied. It is a block diagram which shows the example of an internal structure of the portable device of FIG. It is a block diagram which shows the example of an internal structure of the reader / writer of FIG. It is a figure which shows the example of the information memorize | stored in memory of a portable device. It is a figure which shows the example of the information memorize | stored in the memory of a reader / writer. It is a flowchart explaining the example of the mutual authentication of this invention. It is a figure which shows the example in the case of communicating with the some portable device on a signal electrode. It is a timing chart explaining the example of the flow of a process when a reader / writer acquires ID of a portable device. It is a flowchart explaining the example of the data for authentication 1 production | generation processing. It is a flowchart explaining the example of a Kr production | generation process. It is a flowchart explaining the example of a D1 production | generation process. It is a flowchart explaining the example of the data for authentication 2 production | generation processing. It is a flowchart explaining the example of D1 decoding process. It is a flowchart explaining the example of a Kd production | generation process. It is a flowchart explaining the example of D2 production | generation processing. It is a flowchart explaining the example of a reader / writer verification process. It is a flowchart explaining the example of D2 decoding process. It is a flowchart explaining the example of the data for authentication 3 production | generation processing. It is a flowchart explaining the example of D3 production | generation processing. It is a flowchart explaining the example of a portable device verification process. It is a flowchart explaining the example of D3 decoding process.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 100 Communication system, 110 Transmission apparatus, 111 Transmission signal electrode, 112 Transmission reference electrode, 113 Transmission part, 120 Reception apparatus, 121 Reception signal electrode, 122 Reception reference electrode, 123 Reception part, 130 Communication medium, 961 and 962 Transmission / reception apparatus, 1001 User 1002 Portable device 1021 Signal electrode, 1022 Reference electrode, 1051 Reader / writer, 1101 Signal electrode, 1102 Reference electrode, 1154 Memory, 1155 Control unit, 1254 Memory, 1255 Control unit

Claims (18)

An information processing apparatus that is carried by a user, communicates with an information management apparatus, and performs mutual authentication with the information management apparatus,
An encryption key generating means for generating an encryption key unique to the information management device based on an ID of the information management device transmitted from the information management device and an authentication key of the information management device;
Authentication data transmitting means for transmitting the first authentication data generated by encrypting the random number and its own ID with the encryption key generated by the encryption key generating means to the information management device;
Authentication data decrypting means for decrypting the second authentication data generated and transmitted by the information management device based on the first authentication data by using a unique encryption key;
An information processing apparatus comprising: authentication means for authenticating the information management apparatus by determining whether the information management apparatus is valid based on a result of decryption by the authentication data decryption means. When the information management apparatus is authenticated by the authentication unit,
Data transmission for transmitting third authentication data generated by encrypting data obtained as a result of decryption by the authentication data decryption means and a random number with a unique encryption key to the information management apparatus The information processing apparatus according to claim 1, further comprising means. The information processing apparatus according to claim 2, wherein the third authentication data is received by the information management apparatus and used for own authentication by the information management apparatus. The information processing apparatus according to claim 1, wherein the authentication key of the information management apparatus is assigned as a common authentication key to a plurality of information management apparatuses and stored in advance. Communication with the information management device
A reference electrode connected to itself for obtaining a reference point for determining an output value of the signal;
It is provided based on a potential difference generated between the reference electrode and a signal electrode for transmitting or receiving a signal to be transmitted via the communication medium. The information processing apparatus according to claim 1. The information processing apparatus according to claim 5, wherein the communication medium is a human body. An information processing method of an information processing apparatus that is carried by a user, communicates with an information management apparatus, and performs mutual authentication with the information management apparatus,
Based on the ID of the information management device transmitted from the information management device and the authentication key of the information management device, an encryption key unique to the information management device is generated,
Transmitting the first authentication data generated by encrypting the random number and own ID with the generated encryption key to the information management device;
The information management device decrypts the second authentication data generated and transmitted based on the first authentication data using its own encryption key,
An information processing method comprising: authenticating the information management device by determining whether the information management device is valid based on a result of the decryption. A program that is carried by a user, communicates with an information management device, and causes an information processing device that performs mutual authentication with the information management device to execute information processing,
Control generation of an encryption key unique to the information management device based on the ID of the information management device transmitted from the information management device and the authentication key of the information management device,
Controlling transmission of the first authentication data generated by encrypting the random number and own ID with the generated encryption key to the information management device;
The information management device controls the decryption of the second authentication data generated and transmitted based on the first authentication data using an encryption key unique to the information management device;
A computer-readable program including a step of controlling authentication of the information management device by determining whether or not the information management device is valid based on a result of the decryption.   A recording medium on which the program according to claim 8 is recorded. An information processing apparatus that communicates with a terminal carried by a user and performs mutual authentication with the terminal,
Request means for requesting the terminal to transmit first authentication data including the encrypted ID of the terminal;
Authentication data decryption means for decrypting the first authentication data transmitted from the terminal in response to a request by the request means, using an encryption key unique to the terminal;
An encryption key generating means for generating an encryption key unique to the terminal by encrypting the ID of the terminal decrypted by the authentication data decrypting means with the authentication key of the terminal;
Second authentication data generated by encrypting the data and the random number obtained as a result of the decryption by the authentication data decryption means with the encryption key generated by the encryption key generation means is sent to the terminal. Authentication data transmission means for transmitting,
Data decrypting means for decrypting the third authentication data generated and transmitted by the terminal based on the second authentication data using the encryption key generated by the encryption key generating means;
An information processing apparatus comprising: authentication means for authenticating the terminal by determining whether or not the terminal is valid based on a result of decryption by the data decryption means. The information processing apparatus according to claim 10, wherein the second authentication data is received by the terminal and used for own authentication by the terminal. The information processing apparatus according to claim 11, wherein when the terminal is authenticated by the terminal, the third authentication data is transmitted from the terminal and received by the data decoding unit. The information processing apparatus according to claim 10, wherein the authentication key of the terminal is assigned as a common authentication key to a plurality of information management apparatuses and stored in advance. Communication with the terminal
A reference electrode connected to itself for obtaining a reference point for determining an output value of the signal;
It is provided based on a potential difference generated between the reference electrode and a signal electrode for transmitting or receiving a signal to be transmitted via the communication medium. The information processing apparatus according to claim 10. The information processing apparatus according to claim 14, wherein the communication medium is a human body. An information processing method of an information processing apparatus that performs communication with a terminal carried by a user and performs mutual authentication with the terminal,
Requesting the terminal to transmit the first authentication data including the encrypted ID of the terminal;
Decrypting the first authentication data transmitted from the terminal in response to the request using an encryption key unique to the terminal;
The decrypted ID of the terminal is encrypted with the authentication key of the terminal to generate an encryption key unique to the terminal,
Sending the second authentication data generated by encrypting the data and random number obtained as a result of the decryption with the generated encryption key to the terminal,
The terminal decrypts the third authentication data generated and transmitted based on the second authentication data using the generated encryption key,
An information processing method including a step of authenticating the terminal by determining whether or not the terminal is valid based on a result of the decryption. A program for performing information processing of an information processing apparatus that communicates with a terminal carried by a user and performs mutual authentication with the terminal,
Controlling the request for transmission of the first authentication data including the encrypted ID of the terminal to the terminal;
Controlling the decryption of the first authentication data transmitted from the terminal in response to the request using an encryption key unique to the terminal;
Control the generation of the encryption key unique to the terminal by encrypting the decrypted ID of the terminal with the authentication key of the terminal,
Controlling the transmission of the second authentication data generated by encrypting the data obtained as a result of the decryption and the random number with the generated encryption key to the terminal;
The terminal controls the decryption of the third authentication data generated and transmitted based on the second authentication data using the generated encryption key;
A computer-readable program including a step of controlling authentication of the terminal by determining whether or not the terminal is valid based on a result of the decryption.   A recording medium on which the program according to claim 17 is recorded.

Images