JP2007072794A - Portable electronic device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To prevent authentication data in an IC card 2 from being easily decoded to obtain a highly secure tamperproof IC card. <P>SOLUTION: In collation processing between authentication data held inside the IC card 2 and collation data given from the outside as to the authentication data, collation between data about respective bytes constituting the authentication data and corresponding bytes of the collation data is carried out in an arbitrary sequence for each of the respective bytes. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention includes, for example, a portable electronic device such as an IC card that includes a communication unit with an external device and a storage unit that stores authentication data, and performs verification processing of the authentication data in response to a verification command from the external device. Relates to the device.

  2. Description of the Related Art Conventionally, in portable electronic devices such as IC cards, authentication information is stored in a nonvolatile memory, and user authentication is performed using the authentication information. That is, in the conventional IC card, the user is authenticated by collating the information input by the user and the authentication information stored in the non-volatile memory, thereby preventing unauthorized use of the IC card. In the normal operation mode, a verification command is transmitted as verification information (data to be verified) transmitted from the IC card processing device to the IC card and stored in the IC card processing device. The IC card verifies the authentication data as authentication information stored in advance in the IC card, thereby authenticating the user.

In such a conventional IC card, the verification processing between the authentication data and the verification data is performed in order from the top of each byte data constituting the authentication data and each byte data constituting the verification data. Collation is performed for each byte. However, if data is collated for each byte in order from the top as described above, a third party may be able to predict a portion where the collation does not match. For example, when a malicious third party observes the power supply current waveform of the IC card that is being verified, there is a possibility that a portion where the verification results do not match is predicted. In other words, with the conventional IC card, there is a possibility that the authentication information in the IC card obtained illegally by a malicious third party is specified and the IC card may be illegally used. There is.
ISO-7816

  An object of the present invention is to provide a portable electronic device that can improve the security of authentication by a verification process of authentication information and has high reliability and safety.

  A portable electronic device according to one aspect of the present invention includes a storage unit that stores authentication data, a reception unit that receives verification data for the authentication data stored in the storage unit, and a reception unit that receives the verification data. Setting means for setting an arbitrary verification procedure as a verification procedure between the verification data and the authentication data stored in the storage means, and the verification received by the receiving means in accordance with the verification procedure set by the setting means And a verification unit for verifying the authentication data stored in the storage unit, and a housing in which the module is embedded.

  A portable electronic device according to an aspect of the present invention includes a storage unit that stores authentication data composed of a plurality of data in a predetermined data unit, and data for verification with respect to the authentication data stored in the storage unit Receiving means, each data in a predetermined data unit constituting the data for verification received by this receiving means, and each data in a predetermined data unit constituting the authentication data stored in the storage means, Setting means for setting an arbitrary collation order as the collation order, and data in each data unit of the data for collation received by the receiving means according to the collation order set by the setting means and stored in the storage means A module having collation means for collating data in each data unit of the authentication data; and a housing in which the module is embedded; A.

  According to the present invention, it is possible to improve the security of authentication by the verification process of authentication information, and to provide a portable electronic device with high reliability and safety.

The best mode for carrying out the present invention will be described below in detail with reference to the drawings.
FIG. 1 is a block diagram schematically showing a configuration example of an IC card processing device 1 as an external device having a communication function with an IC card 2 as a portable electronic device according to an embodiment of the present invention.
As shown in FIG. 1, the IC card processing apparatus 1 includes a terminal device 11, a display device 12, a keyboard 13, a card reader / writer 14, and the like.

  The terminal device 11 is constituted by a device having a CPU, various memories, various interfaces, and the like, and controls the operation of the entire IC card processing device 1. The terminal device 11 has a function of controlling a command transmitted to the IC card 2 by the card reader / writer 14, a function of performing various processes based on data received from the IC card 2, and the like.

  For example, the terminal device 11 sends a data write command to the IC card 2 via the card reader / writer 14 to write data to the memory in the IC card 2 or sends a read command to the IC card 2. Data is read from the IC card 2 by transmitting.

  The display device 12 is a display device that displays various information under the control of the terminal device 11. The keyboard 13 functions as an operation unit operated by an operator of the IC card processing apparatus 1, and various operation instructions and data are input by the operator. The card reader / writer 14 is an interface device for communicating with the IC card 2. The card reader / writer 14 performs power supply, clock supply, reset control, and data transmission / reception with respect to the IC card 2. With such a function, the card reader / writer 14 activates (activates) the IC card 2 based on the control by the terminal device 11, and transmits various commands to the activated IC card 2. A response to the transmitted command is received.

  The IC card 2 is activated (becomes operable) when receiving power or the like from a host device such as the IC card processing device 1. For example, when the IC card 2 is connected to the IC card processing device 1 by contact communication, that is, when the IC card 2 is configured by a contact IC card, the IC card 2 is used as a communication interface. The operation power supply and the operation clock are supplied from the IC card processing apparatus 1 through the contact portion 21 and activated.

  Further, when the IC card 2 is connected to the IC card processing apparatus 1 by a non-contact communication method, that is, when the IC card 2 is constituted by a non-contact IC card, the above-mentioned IC card 2 The contact unit 21 includes an antenna as a communication interface, a communication control unit, and the like. In this case, the IC card 2 receives a radio wave from the IC card processing device 1 via the antenna of the contact unit 21 as a communication interface, a communication control unit, and the like, and from the radio wave, an operating power source and an operation A clock is generated and activated.

Next, a configuration example of the IC card 2 will be described.
FIG. 2 is a block diagram schematically showing an internal configuration example of the IC card 2. As shown in FIG. 2, the IC card 2 includes a contact unit 21, a control unit 22, a RAM 23, a ROM 24, a nonvolatile memory 25, a random number generation unit 26, and the like. The control unit 22, RAM 23, ROM 24, nonvolatile memory 25, and random number generation unit 26 are constituted by, for example, an IC chip 2a. Further, the IC chip 2a and the contact portion 21 are constituted by a module 2b formed integrally. The module 2b is embedded in the housing 2c of the IC card 2. That is, the IC card 2 is constituted by a housing 2c in which a module 2b having an IC chip 2a is embedded.

  The contact portion 21 functions as an interface for communication with the card reader / writer 14 of the IC card processing apparatus 1. When the IC card 2 is realized as a contact-type IC card, the contact unit 21 is configured as an interface that contacts the card reader / writer 14 of the IC card processing apparatus 1 and transmits and receives signals. When the IC card 2 is realized as a non-contact type IC card, the contact portion 21 is configured as an interface for transmitting and receiving radio waves to and from the card reader / writer 14 of the IC card processing device 1.

The control unit 22 controls the entire IC card 2. The control unit 22 functions as a determination unit and various processing units by operating based on a control program stored in the ROM 24 or the nonvolatile memory 25.
The RAM 23 is a volatile memory that functions as a working memory. The RAM 23 functions as a buffer for temporarily storing data being processed by the control unit 22. For example, the RAM 23 temporarily stores data received from the IC card processing device 1 via the contact unit 21. Yes.

The ROM 24 is a non-volatile memory in which a control program and control data are stored in advance. The ROM 24 is incorporated into the IC card 2 at the manufacturing stage, and the control program stored in the ROM 24 is incorporated according to the specifications of the IC card 2 in advance.
The non-volatile memory 25 is constituted by a non-volatile memory capable of writing and rewriting data, such as an EEPROM or a flash ROM. In the nonvolatile memory 25, a program file, a data file, and the like are defined according to the operation application of the IC card 2, and data is written in these files.

In the nonvolatile memory 25, there is provided an authentication data table 25a for storing authentication information and information related to verification processing for the authentication information. When a plurality of authentication information is set, the non-volatile memory 25 is provided with an authentication data table 25a for each authentication information, and stores each authentication information and information related to a verification process using each authentication information.
The random number generator 26 generates random numbers. The random number generation unit 26 generates a random number in response to a request from the control unit 22, and returns the generated random number to the control unit 22.

Next, the authentication data table 25a provided in the nonvolatile memory 25 will be described.
FIG. 3 is a diagram showing a configuration example of the authentication data table 25a.
In the configuration example shown in FIG. 3, the authentication data table 25a includes an authentication data (PIN data) storage area 251 as authentication information, a verification count storage area (matching trial counter) 252, an allowable verification count storage area 253, It has a verification pattern byte storage area 254 and the like.

  The storage area 251 functions as a storage unit. The storage area 251 stores authentication data (PIN data) as authentication information. The authentication data stored in the storage area 251 is information that only a legitimate user can know and is information stored in advance. For example, when the IC card is used, whether or not the user is a valid user of the IC card by collating the authentication data stored in the storage area 251 with information specified by the user. Is authenticated. In the example shown in FIG. 3, the length of the entire authentication data and the authentication data for each byte (the 1st to nth bytes of authentication data) are stored in the storage areas 251 in the respective storage areas. It has become.

  The collation count storage area 252 functions as a counter (collation trial counter) in which the accumulated number of collation processes is stored. Hereinafter, the storage area 252 is referred to as a verification trial counter. The matching trial counter 252 stores the allowable number of matching times stored in the storage area 253 in the initial state (reset state) (this value is set as an initial value). Or when the collation by collation processing fails, the counter value as a value which shows the frequency | count of integration which tried collation processing is counted down. Further, the verification trial counter 252 is rewritten (reset) to an initial value (allowable verification count) when the verification processing is successful.

  In the storage area 253 for the allowable collation count, a value indicating the allowable count for the number of collation processes executed continuously is stored. The value stored in the storage area 253 indicates a permissible value of the number of times of collation processing that is continuously executed as the number of times to be retried due to a collation failure (hereinafter referred to as the allowable number of collations). The allowable value for the value counted by the verification trial counter 252 is shown. Further, the allowable collation count stored in the storage area 253 is information set in advance.

  The collation pattern byte storage area 254 functions as a second storage unit and stores collation pattern bytes used for collation processing. As will be described later, the collation pattern byte uses a random number generated by the random number generation unit 26 for each collation process. Therefore, the random number generated by the random number generator 26 is stored in the verification pattern byte storage area 254 every time the verification process is performed.

Next, collation processing in the IC card 2 configured as described above will be described.
FIG. 4 is a flowchart for schematically explaining the flow of collation processing in the IC card 2 in response to the collation command from the IC card processing apparatus 1.
First, it is assumed that the IC card 2 is activated by receiving power supply, an operation clock signal, a reset signal, and the like from the IC card processing apparatus 1. In this state, it is assumed that a verification command is transmitted from the IC card processing apparatus 1 to the IC card 2. In the verification command, the verification data with the authentication data stored in the storage area 251 and the data to be verified as data for verification with respect to the authentication data (for example, used on the keyboard of the IC card processing device) Information entered by the user as authentication information).

  In the IC card 2, the contact unit 21 receives a verification command from the IC card processing device 1. When the verification command as described above is received, the control unit 22 of the IC card 2 performs processing such as a parameter check of the received verification command and a check of the status of the target authentication data as pre-verification processing for the verification command. It performs (step S11). If it is determined that the collation command received in the pre-collation process is invalid, the control unit 22 transmits a status word indicating that the collation command is invalid to the IC card processing apparatus 1. The process is terminated.

  When it is determined that the collation command is valid by the collation preprocessing as described above, the control unit 22 performs the collation trial counter of the authentication data table 25a corresponding to the authentication data to be collated by the collation command. It is determined whether or not the counter value of 252 is a value that allows execution of collation processing (step S12).

  In the verification trial counter 252, an allowable verification count is set as an initial value, and the count value counted down before verification processing is held when verification fails. Accordingly, in step S12, it is determined whether or not the verification process for the authentication data to be verified can be executed based on whether or not the count value of the verification trial counter 252 is “0”.

  When it is determined that the collation process cannot be performed by the above determination, that is, when the count value of the collation trial counter 252 is determined to be “0” (step S12, NO), the control unit 22 Without performing verification processing of authentication information according to the verification command, information (status word) indicating that the target authentication data is locked (the authentication data cannot be used) is processed by the IC card processing. It transmits to the apparatus 1 (step S13), and the process for the collation command is terminated.

  When it is determined that the collation process can be executed by the above determination, that is, when it is determined that the count value of the collation trial counter 252 is not “0” (step S12, YES), the control unit 22 Then, verification processing is performed between the authentication data stored in the storage area 251 of the authentication data table 25a to be verified and the data to be verified given by the received verification command (step S14). This verification process will be described later in detail.

  When the verification data stored in the storage area 251 matches the verification data given by the verification command by this verification process (step S15, match), the control unit 22 counts the verification trial counter 252. The verification trial counter 252 is reset by rewriting the value to the value of the allowable verification count stored in the storage area 253 (step S17). Further, the control unit 22 outputs information (status word) indicating that the collation with respect to the collation command is successful to the IC card processing apparatus 1 (step S17), and ends the collation process with respect to the collation command.

  Therefore, when the verification of the authentication data with respect to the verification command received from the IC card processing device is successful, the verification trial counter 252 is reset so that the count value of the verification trial counter 252 is the initial value (this embodiment). Is held at the value of the allowable number of collations).

  When the verification data stored in the storage area 251 and the data to be verified provided by the verification command do not match by the verification process (step S15, mismatch), the control unit 22 performs the verification trial. The count value of the counter 252 is decremented by 1 and counted down (step S18). Accordingly, in step S14, the count value of the verification trial counter 252 is rewritten to “count value−1”.

  When the count value of the collation trial counter 252 is counted down, the control unit 22 retains the count value of the collation trial counter 252 rewritten in step S18 and indicates that the collation with respect to the received collation command has failed. (Status word) is output to the IC card processing apparatus 1 that is the transmission source of the verification command (step S19), and the processing for the verification command is terminated.

  Therefore, when the verification of the authentication data with respect to the verification command received from the IC card processing device fails, the count value of the verification trial counter 252 is a value rewritten before the verification processing (the value obtained by counting the verification processing failure). Held in.

  Next, the collation process in step S14 will be described in detail.

  FIG. 5 is a flowchart for explaining an example of the processing procedure of the collation processing.

  First, the collation pattern byte storage area 254 stores the collation pattern byte value (previous collation pattern byte value) used in the previous collation process. In this state, it is assumed that the IC card 2 has received from the IC card processing device 1 a verification command for requesting verification with authentication data (PIN data) stored in the storage area 251. Then, the control unit 22 saves the previous collation pattern byte value stored in the storage area 254 in a register such as the internal memory of the control unit 22 or the RAM 23 (step S21). The collated data given together with the collation command is stored in a reception buffer provided in the RAM 23, for example.

  When the previous collation pattern byte value is stored in the register, the control unit 22 generates a random number as the collation pattern byte value (current collation pattern byte value) used for the current collation processing in the random number generation unit 26. (Step S22). The random number generation unit 26 generates a random number in response to a request from the control unit 22, and returns the generated random number to the control unit 22. Thereby, the control unit 22 acquires a random number as the value of the collation pattern byte used for the current collation process. When the random number generated by the random number generation unit 26 is acquired, the control unit 22 stores the random number generated by the random number generation unit 26 in the storage area 254 as the value of the current collation pattern byte (step S23).

  When the random number generated by the random number generation unit 26 is stored in the storage area 254 as the value of the current verification pattern byte, the control unit 22 uses the previous verification pattern used in the previous verification process stored in the register. The byte value is compared with the current collation pattern byte value used for the current collation process generated by the random number generator 26 (step S24).

  When it is determined by this comparison that the value of the previous collation pattern byte matches the value of the current collation pattern byte (step S25, coincidence), the control unit 22 returns to step S22 and again performs the current collation process. A process of generating a random number as the value of the collation pattern byte used in the above is performed. As a result, the previous collation pattern byte and the current collation pattern byte can be prevented from having the same value.

  If it is determined by the comparison that the value of the previous collation pattern byte does not match the value of the current collation pattern byte (step S25, mismatch), the control unit 22 stores the current collation pattern byte stored in the storage area 254. Processing for setting a collation method according to the value of the collation pattern byte is performed (step S26). In step S26, an arbitrary collation process procedure (collation pattern) based on the value of the collation pattern byte is set as a collation method so that it is difficult for a third party to predict the authentication data.

  In this embodiment, for example, in step S26, the collation method for collating the data of each byte constituting the authentication data in the collation order corresponding to the value of the collation pattern byte as a random number (that is, any collation order) Shall be set. According to such a collation method, it is difficult to predict the collation order for the data of each byte constituting the authentication data, so it is difficult to predict a byte in which collation has failed or a byte in which collation has succeeded. As a result, it can be difficult for a third party to predict the authentication data in the IC card 2. The setting of the collation order for each byte of data constituting authentication data as an example of the collation method will be described later in detail.

When an arbitrary collation method is set in step S26, the control unit 22 performs collation processing between the authentication data in the storage area 251 and the collated data given together with the collation command based on the set collation method (step) S27).
In the present embodiment, for example, it is set to collate the data of each byte constituting the authentication data in a collation order (that is, an arbitrary collation order) according to the value of the collation pattern byte as a random number. In this case, the control unit 22 collates the data of each byte in the set order. When the collation of all the bytes of data is successful, the control unit 22 determines that the collation for the entire authentication data is successful (the authentication data and the data to be collated match). If the verification of any byte data fails, the control unit 22 determines that the verification of the entire authentication data has failed (the authentication data and the data to be verified do not match).

Next, a setting example of the collation method in step S26 will be described.
As described above, in the present embodiment, authentication data (PIN data) stored in the storage area 251 of the nonvolatile memory 25 in the IC card is stored in the storage area 251 in order to make it difficult to predict. A collation method is set between authentication data and collation data (data to be collated) given together with a collation command from the IC card processing apparatus 1 as an external apparatus. In addition, as a collation method, for example, setting of a process for collating each byte in the authentication data with each byte in the data to be collated in a collation order according to the value of the collation pattern byte as a random number generated for each collation process. Do. In this case, as the setting of the verification method, processing for setting the verification order of each byte in the authentication data is performed.

Hereinafter, an example of setting the collation order for each byte in the authentication data will be described.
That is, when the value of the current collation pattern byte is stored in the storage area 254, the control unit 22 performs processing for setting the collation order of each byte according to the value of the current collation pattern byte. Here, description will be made assuming that the authentication data is data composed of n bytes. Further, it is assumed that the value of the collation pattern byte is a value of at least n. In the present embodiment, the control unit 22 checks the number of each byte of data constituting the authentication data (or what number of bytes is the first to nth data to be checked). Set. For example, it is assumed that the control unit 22 sequentially determines from the first collation data to the n th collation data.

In this case, in the process of setting the collation order, the control unit 22 first sets data to be collated first.
The data to be collated first is determined according to the value of the collation pattern byte. That is, when determining data to be collated first, the control unit 22 calculates a quotient (integer) and a remainder (integer) of (value of collation pattern byte) / n (note that only the remainder is calculated). You may do it). When the remainder value of the collation pattern byte / n is calculated, the control unit 22 sets “collation pattern byte value / n remainder value + 1” as the collation order. This collation order (the value of collation pattern byte / the remainder value of n + 1) corresponds to the serial number for each byte in the authentication data.

  Here, the serial number is a number assigned to each byte in order from the first byte in the authentication data. That is, it is assumed that a serial number is assigned to each byte in the authentication data at the stage of determining data to be collated first.

When the first matching data is set, the control unit 22 sets the second matching data.
The data to be collated second is determined from any byte except the first collating byte based on the value of the collation pattern byte. That is, when determining the second data to be collated, the control unit 22 calculates the quotient (integer) and the remainder (integer) of the value of collation pattern byte (value of collation pattern byte) / (n-1). To do. When the remainder value (integer) of the collation pattern byte value (collation pattern byte value) / (n-1) is calculated, the control unit 22 calculates the collation pattern byte value / (n-1) remainder value. +1 is set as the collation order. This collation order (the value of collation pattern byte / the remainder value of (n−1) +1) corresponds to the serial number for each remaining byte (the remaining bytes excluding the first collating byte).

  Here, the serial number is a number assigned to each byte in order from the first byte except for the first matching byte in the authentication data. That is, at the stage of determining the second data to be collated, it is assumed that a serial number is assigned to each of n−1 bytes in the authentication data excluding the first collated byte.

When the second matching data is set, the control unit 22 sets the third matching data.
The third data to be collated is determined from any byte except the first and second collated bytes based on the value of the collation pattern byte. That is, when determining the third data to be collated, the control unit 22 calculates the quotient (integer) and remainder (integer) of the value of collation pattern byte / (n-2). When the collation pattern byte value / (n−2) remainder value (integer) is calculated, the control unit 22 sets the collation pattern byte value / (n−2) remainder value + 1 as the collation order. . This collation order (the value of collation pattern byte / the remainder value of (n−2) +1) corresponds to the serial number for each remaining byte (the remaining bytes excluding the first and second collation bytes).

  Here, the serial number is a number assigned to each byte in order from the first byte except for the first and second bytes to be verified in the authentication data. That is, at the stage of determining the third data to be collated, it is assumed that serial numbers are assigned to each of n-2 bytes in the authentication data excluding the first and second bytes to be collated.

  Similarly to the above, the data to be collated after the fourth is also determined from any one of the bytes excluding the set bytes to be collated immediately before based on the value of the collation pattern byte. That is, when n ′ is 3 <n ′ <n, the control unit 22 determines the quotient of the value of collation pattern byte / (n− (n′−1)) when determining the n′th data to be collated. (Integer) and remainder (integer) are calculated. When the remainder value (integer) of the collation pattern byte / (n− (n′−1)) is calculated, the control unit 22 calculates the collation pattern byte value / (n− (n′−1)). The remainder value +1 is set as the collation order. This collation order (the value of collation pattern byte / the remainder value of (n− (n′−1)) + 1) is the serial number for the remaining bytes (the remaining bytes excluding the bytes collated up to the n′th). Corresponding to

  Here, the serial number is a number assigned to each byte in order from the first byte except for the first to (n′−1) th collated bytes in the authentication data. That is, at the stage of determining the n′th collation data, for the n− (n′−1) bytes in the authentication data excluding the 1st to (n′−1) th collation bytes. It is assumed that a serial number is assigned.

  When the data to be collated n-1 is set by the above processing, the data for which the collation order is not set in the authentication data is only one byte. Therefore, when the data to be collated n-1 is set, the control unit 22 sets the data of the last remaining byte as data to be collated nth (last).

Next, a specific example of the collation order setting process as described above will be described.
FIG. 6 is a diagram showing one specific example of the setting of the collation order as described above. FIG. 7 is a diagram illustrating a collation order setting example as a result of the setting process illustrated in FIG. 6. FIG. 6 shows an example of setting the collation order when the authentication data is 8 bytes and the value of the collation pattern byte is “C3” in hexadecimal (“195” in decimal).

  As shown in FIG. 6, when the authentication data is 8 bytes and the value of the collation pattern byte is “C3” in hexadecimal (“195” in decimal), first, the quotient is “24” The remainder is “3”. Therefore, the data of the “3 + 1 = 4” byte is set as the first collation data. As a result, as shown in FIG. 7, the fourth byte of the authentication data is set in the first collation order.

Next, a serial number is assigned to each byte of the authentication data excluding the byte data to be collated first. As a result, as shown in FIG. 6, serial numbers from 1 to 7 are assigned to each byte of the authentication data excluding the fourth byte of data in the column where the collation order is “2”. That is, in FIG. 6, the data of each byte shifted to the fifth byte is shifted to the left by one and a new serial number is assigned.
In 195 / (8-1), the quotient is “27” and the remainder is “6”. Therefore, the data with the serial number “6 + 1” is set as the second collation data. In the example illustrated in FIG. 6, the data having the serial number “7” in the column “2” in the collation order is the eighth byte of the authentication data. As a result, as shown in FIG. 7, the eighth byte of the authentication data is set in the second collation order.

Next, a serial number is assigned to each byte of the authentication data excluding the byte data to be collated first and second. As a result, as shown in FIG. 6, serial numbers from 1 to 6 are assigned to each byte except for the 4th byte data and the 8th byte data in the column where the collation order is “3”.
In 195 / (8-2), the quotient is “32” and the remainder is “3”. Therefore, the data with the serial number “3 + 1” is set as the third collation data. In the example shown in FIG. 6, the data with the serial number “4” in the column “3” for the collation order is the fifth byte of the authentication data. As a result, as shown in FIG. 7, the fifth byte of the authentication data is set in the third collation order.

Next, a serial number is assigned to each byte of the authentication data excluding the data of the first, second, and third collating bytes. As a result, as shown in FIG. 6, serial numbers from 1 to 5 are assigned to each byte except for the fourth, eighth and fifth byte data in the column where the collation order is “4”.
In 195 / (8-3), the quotient is “39” and the remainder is “0”. Accordingly, the data with the serial number “0 + 1” is set as the fourth collation data. In the example illustrated in FIG. 6, the data with the serial number “1” in the column of the collation order “4” is the first byte data in the authentication data. As a result, as shown in FIG. 7, the first byte of the authentication data is set in the fourth collation order.

Next, a serial number is assigned to each byte of the authentication data excluding the byte data to be checked for 1, 2, 3, and 4th. As a result, as shown in FIG. 6, serial numbers from 1 to 4 are assigned to each byte excluding the fourth, eighth, fifth, and first byte data in the column where the collation order is “5”.
In 195 / (8-4), the quotient is “48” and the remainder is “3”. Therefore, the data with the serial number “3 + 1” is set as the fifth collation data. In the example illustrated in FIG. 6, in the column where the collation order is “5”, the data with the serial number “4” is the seventh byte data in the authentication data. As a result, as shown in FIG. 7, the seventh byte of the authentication data is set in the fifth collation order.

Next, a serial number is assigned to each byte of the authentication data excluding the data of the first, second, third, fourth and fifth collating data. As a result, as shown in FIG. 6, the serial number from 1 to 3 is assigned to each byte except the data of the fourth, eighth, fifth, first and seventh bytes in the column where the collation order is “6”. .
In 195 / (8-5), the quotient is “65” and the remainder is “0”. Therefore, the data with the serial number “0 + 1” is set as the data to be collated sixth. In the example illustrated in FIG. 6, the data with the serial number “1” in the column of the collation order “6” is the second byte of the authentication data. As a result, as shown in FIG. 7, the second byte of the authentication data is set in the sixth collation order.

Next, a serial number is assigned to each byte of the authentication data excluding the first, second, third, fourth, fifth and sixth collating data. As a result, as shown in FIG. 6, in the column where the collation order is “7”, serial numbers of 1 to 2 are assigned to each byte excluding the fourth, fifth, first, seventh and second byte data. The
In 195 / (8-6), the quotient is “97” and the remainder is “1”. Therefore, the data with the serial number “1 + 1” is set as the data to be collated seventh. In the example illustrated in FIG. 6, in the column where the collation order is “7”, the data with the serial number “2” is the sixth byte of the authentication data. As a result, as shown in FIG. 7, the sixth byte of the authentication data is set in the seventh collation order.

  Finally, when there is one remaining byte, the remaining byte data is set as the last collation data. That is, when the authentication data is 8 bytes, the remaining byte data is set as the eighth collation byte. In the example illustrated in FIG. 6, in the column where the collation order is “8”, the remaining data (data having the serial number “1”) is the third byte data in the authentication data. As a result, as shown in FIG. 7, the third byte of the authentication data is set in the eighth collation order.

  As described above, in the present embodiment, in the verification process between the authentication data held in the IC card and the verification data for the authentication data given from the outside, verification is performed with the data of each byte constituting the authentication data. The collation with the data of the corresponding byte in the data for use is performed by an arbitrary collation procedure for each byte. As a result, it is possible to make it difficult to decode the authentication information (collation data) in the IC card, and it is possible to realize an IC card with high security and tamper resistance.

  Moreover, in the example of the collation process described above, when a collation command is received, a random number is generated by the random number generation unit, and the collation order for each byte constituting the authentication data is arbitrarily set based on the collation pattern byte as the generated random number. It is set as a verification procedure. This makes it difficult for a third party to predict a part where the verification result does not match the authentication data, and an IC card with high security and tamper resistance can be realized. Become.

Next, a modified example of the collation process in step S14 will be described.
In the above-described collation process (for example, the collation process shown in FIG. 5), the collation order for each byte as a collation method is set based on one random number (value of collation pattern byte) in one collation process for authentication data. ing. In this modification, a random number is generated every time the collation order for one byte is determined, and a byte that becomes the next collation order is set based on the generated random number.

FIG. 8 is a flowchart for explaining a processing procedure as a modified example of the collation processing in step S14.
First, when the IC card 2 receives a verification command from the IC card processing device 1 for requesting verification with authentication data (PIN data) stored in the storage area 251, the control unit 22 sets the variable a. As an initial value, a = 1 is set (step S31), and the random number generator 26 generates a random number (step S32). When a random number is generated by the random number generation unit 26, the control unit 22 sets the a-th collation byte according to the random number generated by the random number generation unit 26 (step S33). For example, the above-described method described with reference to FIGS. 6 and 7 can be applied to the setting of the a-th collation byte corresponding to the random number generated by the random number generation unit 26.

When the a-th collation byte is set, the control unit 22 sets the value of the variable a to a = a + 1 (step S34), and determines whether a exceeds the number of bytes constituting the authentication data (step S34). S35). This determination is performed to determine whether or not the collation order for all bytes constituting the authentication data is set. For example, when the authentication data is n bytes, the control unit 22 satisfies a> n. Whether or not.
When the variable a does not exceed the number of bytes constituting the authentication data by this determination, that is, when there is a byte of authentication data for which the collation order is not set (step S35, NO), the control unit 22 Returning to step S32, the random number generator 26 generates a random number, and sets the a-th collation byte based on the generated random number.

  Further, when the variable a exceeds the number of bytes constituting the authentication data by the above determination, that is, when the collation order for all bytes constituting the authentication data is set (step S35, YES), the control unit 22 Is a collation process between the authentication data in the storage area 251 and the collated data given together with the collation command, and the data of each byte constituting the authentication data and each byte constituting the collated data given together with the collation command Collation with data is sequentially executed in accordance with the set collation order (step S27).

  In the above-described modification of the collation process, a random number is generated each time a collation order for one byte is set, and a byte that becomes the next collation order is set based on the generated random number. This makes it difficult to specify a random number for setting the collation order of each byte or to specify a collation order setting method based on the random number, and realizes an IC card with high security and tamper resistance. It becomes possible.

The block diagram which shows schematically the structural example of the IC card processing apparatus as an external apparatus which communicates with the IC card and IC card as a portable electronic device which concerns on embodiment of this invention. The block diagram which shows the structural example of an IC card. The figure which shows the structural example of the authentication data table provided in the non-volatile memory of an IC card. The flowchart for demonstrating the collation process with respect to the collation command in an IC card. The flowchart for demonstrating the example of the process sequence of a collation process. The figure for demonstrating the specific example of the setting process of the collation order for every byte. The figure which shows the example of a setting of the collation order set by the collation order setting process shown in FIG. The flowchart for demonstrating the modification of collation processing.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 ... IC card processing apparatus (external device), 2 ... IC card (portable electronic device), 11 ... Terminal device, 12 ... Display device, 13 ... Keyboard, 14 ... Card reader / writer, 21 ... Contact part, 22 ... Control , 23 ... RAM, 24 ... ROM, 25 ... nonvolatile memory, 25a ... authentication data table, 251 ... storage area (authentication data storage area), 252 ... storage area (collation trial counter), 253 ... storage area (allowable) Storage area for the number of verifications), 254... Storage area (storage area for verification pattern bytes)

Claims (6)

Storage means for storing authentication data;
Receiving means for receiving verification data for the authentication data stored in the storage means;
A setting means for setting an arbitrary collation procedure as a collation procedure between the verification data received by the receiving means and the authentication data stored in the storage means; and
A module having collation means for collating the verification data received by the receiving means and the authentication data stored in the storage means in accordance with the collation procedure set by the setting means;
A housing in which the module is embedded;
A portable electronic device comprising: The module further includes random number generation means for generating a random number,
The setting means sets a matching procedure according to the random number generated by the random number generating means as a matching procedure between the verification data received by the receiving means and the authentication data stored in the storage means;
The portable electronic device according to claim 1, wherein the portable electronic device is a portable electronic device. Storage means for storing authentication data composed of a plurality of data in a predetermined data unit;
Receiving means for receiving verification data for the authentication data stored in the storage means;
Arbitrary collation as a collation order between each data of a predetermined data unit constituting the data for collation received by the receiving means and each data of the predetermined data unit constituting the authentication data stored in the storage means Setting means for setting the order;
Collation means for collating the data units of the data for collation received by the receiving means with the data units of the authentication data stored in the storage means in accordance with the collation order set by the setting means And a module having
A housing in which the module is embedded;
A portable electronic device comprising: The module further includes random number generation means for generating a random number,
The setting means collates each data in a predetermined data unit constituting the data for collation received by the receiving means and each data in a predetermined data unit constituting the authentication data stored in the storage means. Setting the collation order according to the random number generated by the random number generation means as the order;
The portable electronic device according to claim 3, wherein: The module further includes second storage means for storing a random number generated by the random number generation means;
If the random number generated by the random number generation means when the verification means for the authentication data is received by the reception means is the same value as the random number stored in the second storage means, the random number generation is performed again. Processing means for generating random numbers by means,
The portable electronic device according to claim 4, wherein: The setting means causes the random number generation means to generate a random number each time a collation order for one data unit among the data of the predetermined data unit constituting the authentication data is set, and Set the collation order according to the random number generated by the random number generation means for each
The portable electronic device according to claim 4, wherein:

Images