JP2007094940A - Communication system, communication device, and communication method - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To construct a communication system using a communication device that is hard to fake. <P>SOLUTION: In a reader terminal device 11, on the basis of a service individual ID returned in response to a sent service ID, a plurality of random numbers is fetched from a database 28, and sent to an RFID tag 12. The reader terminal device 11 receives a plurality of return random numbers returned in response to the plurality of random numbers, and confirms that the received plurality of return random numbers matches with a plurality of return random numbers, received from the RFID tag 12 during a member registration process and stored in the database 28. The present invention can be applied for example, to a communication device of an RFID system carrying out communication without contact. <P>COPYRIGHT: (C)2007,JPO&INPIT

Description

  The present invention relates to a communication system, a communication device, and a communication method, and more particularly, to a communication system, a communication device, and a communication method for constructing a communication system using a communication device that is difficult to forge.

  The RFID (Radio Frequency IDentification) system includes an RFID tag and a reader terminal device. The reader terminal device reads a unique number (unique ID) stored in the RFID tag and identifies the RFID tag. Communication methods between the RFID tag and the reader terminal device include, for example, an electromagnetic coupling method, an electromagnetic induction method, a microwave method, and an optical method. For example, in the electromagnetic induction method, a 13.56 MHz radio wave (electromagnetic wave) is used. Data is sent and received.

  A non-contact communication system using a non-contact IC (Integrated Circuit) card basically adopts the same technology as the RFID system.

  Conventionally, a technology for preventing falsification of a unique ID by storing the unique ID (ID number) in an IC card that stores the unique ID in an unrewritable manner has been disclosed (see, for example, Patent Document 1).

JP 2002-109503 A

  However, although the unique ID stored in the IC card (communication device) cannot be rewritten (tampered), it can be read, so it has the same unique ID as the read unique ID. There was a risk of creating a (duplicate) device. That is, the RFID tag and the IC card may be forged. Therefore, a communication system using a communication device that is difficult to forge is demanded.

  The present invention has been made in view of such a situation, and constructs a communication system using a communication device that is difficult to forge.

  A communication system according to a first aspect of the present invention is a communication system including a first communication device having tamper resistance and a second communication device that exchanges data with the first communication device. The communication apparatus includes: a first storage unit that stores a unique ID that identifies the first communication apparatus as a common key; and the second communication apparatus that is transmitted from the second communication apparatus. First receiving means for receiving recognition data for recognizing the first communication device and a plurality of fixed data, and encryption for encrypting each of the received recognition data and the plurality of fixed data with the common key And first transmitting means for transmitting the encrypted recognition data and the plurality of fixed data to the second communication device as reply recognition data and a plurality of reply fixed data, respectively, A second transmission device configured to transmit the recognition data and the plurality of fixed data to the first communication device; and the second communication device according to the transmitted recognition data and the plurality of fixed data. A second receiving means for receiving the reply recognition data and the plurality of reply fixed data returned from one communication device; and the plurality of fixed data and the plurality of reply fixed in association with the reply recognition data. A second storage means for storing data; and a determination means for making a determination using the reply recognition data, the plurality of fixed data, and the plurality of reply fixed data stored in the second storage means, When the second communication device authenticates the first communication device, the second transmission means transmits the recognition data again to the first communication device, and the second reception means First The reply recognition data transmitted from the communication device is received again, and the second transmission means is associated with the received reply recognition data and stored in the second storage means. The data is transmitted again to the first communication device, the second receiving means receives the plurality of return fixed data transmitted from the first communication device again, and the determining means again It is determined whether or not the received plurality of reply fixed data matches the plurality of reply fixed data associated with the reply recognition data in the second storage means.

  According to a first aspect of the present invention, in the communication system comprising the first communication device having tamper resistance and the second communication device exchanging data with the first communication device, the first communication is performed. In the apparatus, a unique ID that identifies the first communication apparatus is stored as a common key in a first storage unit, and is transmitted from the second communication apparatus. The second communication apparatus is the first communication apparatus. Recognition data for recognizing the communication device and a plurality of fixed data are received, and each of the received recognition data and the plurality of fixed data is encrypted with the common key, and the encrypted recognition data and Each of the plurality of fixed data is transmitted to the second communication device as reply recognition data and a plurality of reply fixed data. Further, in the second communication device, the recognition data and the plurality of fixed data are transmitted to the first communication device, and the first data is transmitted according to the transmitted recognition data and the plurality of fixed data. The reply recognition data and the plurality of reply fixed data returned from the communication device are received, and the plurality of fixed data and the plurality of reply fixed data are associated with the reply recognition data in the second storage means. Remembered. When the second communication device authenticates the first communication device, the recognition data is transmitted again to the first communication device, and the reply recognition data transmitted from the first communication device is The plurality of fixed data received again by the second communication device and stored in the second storage means in association with the received reply recognition data are transmitted again to the first communication device, The plurality of reply fixed data transmitted from the first communication device is received again by the second communication device, and the plurality of reply fixed data received again are associated with the reply recognition data. It is determined whether or not the plurality of return fixed data stored in the second storage means match.

  A communication device according to a second aspect of the present invention is a communication device for exchanging data with another tamper-resistant communication device, wherein the recognition data for recognizing the other communication device and a plurality of fixed data are stored in the communication device. Transmission means for transmitting to another communication device, and reception for receiving the reply recognition data and the plurality of return fixed data returned from the other communication device in response to the transmitted recognition data and the plurality of fixed data Means, storage means for storing the plurality of fixed data and the plurality of reply fixed data in association with the reply recognition data, the reply recognition data stored in the storage means, the plurality of fixed data and the A determination unit configured to perform determination using a plurality of fixed reply data, and when the communication device authenticates the other communication device, the transmission unit stores the recognition data The data is transmitted again to the other communication device, the reception means receives the reply recognition data transmitted from the other communication device again, and the transmission means is associated with the received reply recognition data. The plurality of fixed data stored in the storage unit is transmitted again to the other communication device, and the reception unit receives the plurality of return fixed data transmitted from the other communication device again. The determination unit determines whether or not the plurality of reply fixed data received again matches the plurality of reply fixed data associated with the reply recognition data in the storage unit.

  A random number generating means for generating a random number as each of the plurality of fixed data can be further provided.

  The other communication device is a device carried by a user who enjoys a predetermined service, the communication device is a device that manages information for a user who provides the service, and the recognition data includes the service. The service ID can be specified.

  An acquisition means for acquiring the user's personal information is further provided, and the storage means can also store the user's personal information in association with the reply recognition data.

  When the receiving means receives the reply recognition data, a display means for displaying the user's personal information stored in the storage means in association with the received reply recognition data can be further provided. .

  A communication method according to a second aspect of the present invention is a communication method of a communication device for exchanging data with another tamper-resistant communication device, and recognition data for recognizing the other communication device, and a plurality of fixed data. Sending data to the other communication device, receiving the reply recognition data and the plurality of return fixed data returned from the other communication device according to the transmitted recognition data and the plurality of fixed data, In association with the reply recognition data, the plurality of fixed data and the plurality of reply fixed data are stored in a storage unit, and when the communication device authenticates the other communication device, the recognition data is Retransmitting to another communication device, receiving again the reply recognition data transmitted from the other communication device, and associating with the received reply recognition data, the memory The plurality of fixed data stored in the communication device is transmitted again to the other communication device, the plurality of reply fixed data transmitted from the other communication device is received again, and the plurality of received fixed data is received again. Determining whether each of the fixed reply data matches the plurality of fixed reply data associated with the reply recognition data in the storage means.

  In the second aspect of the present invention, recognition data for recognizing another communication device having tamper resistance, a plurality of fixed data is transmitted to the other communication device, and the transmitted recognition data and the The reply recognition data and the plurality of reply fixed data that are returned from the other communication device in response to the plurality of fixed data are received, and the plurality of fixed data and the plurality of the plurality of reply fixed data are associated with the reply recognition data. Reply fixed data is stored in the storage means. When the communication device authenticates the other communication device, the recognition data is transmitted again to the other communication device, and the reply recognition data transmitted from the other communication device is received again and received. The plurality of fixed data stored in the storage unit in association with the received reply recognition data is transmitted again to the other communication device, and the plurality of reply fixed data transmitted from the other communication device. Data is received again, and it is determined whether or not each of the plurality of reply fixed data received again matches the plurality of reply fixed data associated with the reply recognition data in the storage means.

  According to the first aspect of the present invention, it is possible to construct a communication system using a communication device that is difficult to forge. In addition, according to the first aspect of the present invention, it is difficult to forge a communication device, and the communication device can be easily identified.

  According to the second aspect of the present invention, it is possible to construct a communication system using a communication device that is difficult to forge. Further, according to the second aspect of the present invention, it is possible to easily identify a communication device that is difficult to forge.

  Embodiments of the present invention will be described below. Correspondences between the constituent elements of the present invention and the embodiments described in the specification or the drawings are exemplified as follows. This description is intended to confirm that the embodiments supporting the present invention are described in the specification or the drawings. Therefore, even if there is an embodiment which is described in the specification or the drawings but is not described here as an embodiment corresponding to the constituent elements of the present invention, that is not the case. It does not mean that the form does not correspond to the constituent requirements. Conversely, even if an embodiment is described here as corresponding to a configuration requirement, that means that the embodiment does not correspond to a configuration requirement other than the configuration requirement. It's not something to do.

The communication system according to the first aspect of the present invention includes:
A first communication device having tamper resistance (for example, the RFID tag 12 in FIG. 1), and a second communication device (for example, the reader terminal device 11 in FIG. 1) that exchanges data with the first communication device. In a communication system comprising:
The first communication device is:
A first storage unit (for example, the storage unit 33 in FIG. 1) that stores a unique ID that identifies the first communication device as a common key;
First receiving means (for example, FIG. 1) that receives recognition data and a plurality of fixed data transmitted from the second communication device for the second communication device to recognize the first communication device. Receiver unit 31),
Encryption means (for example, the encryption unit 32 in FIG. 1) that encrypts each of the received recognition data and the plurality of fixed data with the common key;
First transmitting means for transmitting the encrypted recognition data and the plurality of fixed data to the second communication device as reply recognition data and a plurality of reply fixed data (for example, the transmitting unit 34 in FIG. 1). And
The second communication device is:
A second transmission unit (for example, the transmission unit 26 in FIG. 1) that transmits the recognition data and the plurality of fixed data to the first communication device;
Second receiving means for receiving the reply recognition data and the plurality of reply fixed data returned from the first communication device according to the transmitted recognition data and the plurality of fixed data (for example, FIG. 1) Receiving unit 27);
Second storage means (for example, the database 28 in FIG. 1) for storing the plurality of fixed data and the plurality of reply fixed data in association with the reply recognition data;
Determination means (for example, the controller 24 in FIG. 1) for making a determination using the reply recognition data stored in the second storage means, the plurality of fixed data, and the plurality of reply fixed data;
When the second communication device authenticates the first communication device,
The second transmission means transmits the recognition data to the first communication device again (for example, step S101 in FIG. 9),
The second receiving means receives the reply recognition data transmitted from the first communication device again (for example, step S102 in FIG. 9),
The second transmission means transmits again the plurality of fixed data stored in the second storage means in association with the received reply recognition data to the first communication device (for example, Step S104 in FIG.
The second receiving means receives the plurality of return fixed data transmitted from the first communication device again (for example, step S105 in FIG. 9),
The determination means determines whether or not the plurality of reply fixed data received again matches the plurality of reply fixed data associated with the reply recognition data in the second storage means ( For example, step S106 in FIG.

The communication device according to the second aspect of the present invention is, firstly,
In a communication device (for example, the reader terminal device 11 in FIG. 1) that exchanges data with other communication devices having tamper resistance,
Recognizing data for recognizing the other communication device, and transmission means for transmitting a plurality of fixed data to the other communication device (for example, the transmission unit 26 in FIG. 1);
Receiving means for receiving the reply recognition data and the plurality of reply fixed data returned from the other communication device in response to the transmitted recognition data and the plurality of fixed data (for example, the receiving unit 27 in FIG. 1) When,
Storage means (for example, the database 28 in FIG. 1) for storing the plurality of fixed data and the plurality of reply fixed data in association with the reply recognition data;
Determination means (for example, the controller 24 in FIG. 1) that performs determination using the reply recognition data stored in the storage means, the plurality of fixed data, and the plurality of reply fixed data;
When the communication device authenticates the other communication device,
The transmission means transmits the recognition data again to the other communication device (for example, step S101 in FIG. 9),
The receiving means receives again the reply recognition data transmitted from the other communication device (for example, step S102 in FIG. 9),
The transmission unit transmits the plurality of fixed data stored in the storage unit in association with the received reply recognition data again to the other communication device (for example, step S104 in FIG. 9).
The receiving means receives again the plurality of reply fixed data transmitted from the other communication device (for example, step S105 in FIG. 9),
The determination means determines whether or not the plurality of reply fixed data received again matches the plurality of reply fixed data associated with the reply recognition data in the storage means (for example, FIG. 9 step S106).

Secondly, the communication device according to the second aspect of the present invention includes:
Random number generating means (for example, the random number generating unit 25 in FIG. 1) for generating a random number as each of the plurality of fixed data is further provided.

Thirdly, the communication device according to the second aspect of the present invention includes:
It further comprises an acquisition means (for example, the input unit 21 in FIG. 1) for acquiring the personal information of the user,
The storage means also stores personal information of the user in association with the reply recognition data.

Fourthly, the communication device according to the second aspect of the present invention includes:
When the receiving means receives the reply recognition data, display means for displaying the user's personal information stored in the storage means in association with the received reply recognition data (for example, FIG. 1) A display unit 22) is further provided.

The communication method according to the second aspect of the present invention includes:
In a communication method of a communication device for exchanging data with another communication device having tamper resistance,
The recognition data for recognizing the other communication device and a plurality of fixed data are transmitted to the other communication device (for example, steps S51 and S56 in FIG. 7),
The reply recognition data and the plurality of reply fixed data received from the other communication device in response to the transmitted recognition data and the plurality of fixed data are received (for example, steps S52 and S57 in FIG. 7),
In association with the reply recognition data, the plurality of fixed data and the plurality of reply fixed data are stored in a storage unit (for example, step S58 in FIG. 7).
When the communication device authenticates the other communication device,
The recognition data is transmitted again to the other communication device (for example, step S101 in FIG. 9),
The reply recognition data transmitted from the other communication device is received again (for example, step S102 in FIG. 9),
The plurality of fixed data stored in the storage means in association with the received reply recognition data is transmitted again to the other communication device (for example, step S104 in FIG. 9),
The plurality of reply fixed data transmitted from the other communication device is received again (for example, step S105 in FIG. 9),
It is determined whether each of the plurality of reply fixed data received again matches the plurality of reply fixed data associated with the reply recognition data in the storage means (for example, step S106 in FIG. 9). )
Includes steps.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

  FIG. 1 shows a configuration example of an embodiment of an RFID system (communication system) to which the present invention is applied.

  The RFID system in FIG. 1 includes two communication devices, a reader terminal device 11 and an RFID tag 12.

  The reader terminal device 11 is a device held by a service provider that provides a predetermined service (hereinafter referred to as a predetermined service), and manages information for a user (member) who provides the predetermined service. When a user becomes a new member of a predetermined service, a terminal operator who is a member of a service provider causes the RFID tag 12 provided to the user to communicate with the reader terminal device 11 and is obtained from the RFID tag 12 The information is stored in the reader terminal device 11.

  The reader terminal device 11 and the RFID tag 12 perform non-contact communication via electromagnetic waves. That is, when the reader terminal device 11 and the RFID tag 12 communicate, the RFID tag 12 is put on the reader terminal device 11. The RFID tag 12 becomes operable when a predetermined power or higher is detected from electromagnetic waves (radio waves) emitted from the reader terminal device 11 (a power higher than a predetermined power is obtained), and communicates with the reader terminal device 11.

  After the information obtained from the RFID tag 12 is stored in the reader terminal device 11, the RFID tag 12 is used as a membership card for a user who has become a new member (a user who enjoys a predetermined service provided by a service provider). Provided (or loaned) and carried by the user.

  The reader terminal device 11 includes an input unit 21, a display unit 22, a ROM 23, a controller 24, a random number generation unit 25, a transmission unit 26, a reception unit 27, and a database 28.

  The input unit 21 includes a keyboard, a mouse, an input button, a touch panel, and the like, receives predetermined information input by the terminal operator, and supplies the information to the controller 24. For example, the input unit 21 supplies the controller 24 with personal information such as the address, name, and date of birth of a member of a predetermined service, which is input by the terminal operator.

  The display unit 22 includes a CRT (Cathode Ray Tube), an LCD (Liquid Crystal Display), and the like, and displays predetermined information based on a video signal supplied from the controller 24. For example, the display unit 22 displays the personal information of the user who owns (provides) the RFID tag 12 with which the reader terminal device 11 is communicating.

  A ROM (Read Only Memory) 23 is a member registration process for registering personal information of a user who has become a new member of a predetermined service in the database 24, and a member confirmation process for confirming whether the user is a regular member. A program for executing processing is stored. The ROM 23 also stores a service ID (Identification) that identifies a predetermined service. This service ID is used as recognition data for recognizing the RFID 12. The program and service ID stored in the ROM 23 are read by the controller 24.

  The controller 24 executes various processes according to the program read from the ROM 23 and controls each unit in the reader terminal device 11.

  For example, the controller 24 supplies the service ID read from the ROM 23 and a plurality of random numbers supplied from the random number generation unit 25 to the transmission unit 26 and causes the RFID tag 12 to transmit the service ID. Also, the service ID transmitted from the transmitting unit 26 and a plurality of random numbers are returned to the controller 24 from the RFID tag 12 and received by the receiving unit 27, and the service individual ID (reply data corresponding to the service ID) is received. A plurality of reply random numbers (reply data corresponding to the plurality of random numbers) are supplied from the receiving unit 27.

  The controller 24 stores a plurality of random numbers transmitted to the RFID tag 12 and a plurality of reply random numbers corresponding thereto in the database 28 in association with the service individual ID returned from the RFID tag 12.

  The random number generation unit 25 generates a predetermined random number (fixed data) based on a command from the controller 24 and supplies it to the controller 24.

  The transmission unit 26 transmits the service ID and a plurality of random numbers supplied from the controller 24 to the RFID tag 12. The receiving unit 27 receives the service individual ID and a plurality of return random numbers transmitted from the RFID tag 12 and supplies them to the controller 24.

  The database 28 stores data for each RFID tag provided to each user (member) based on the control of the controller 24. Specifically, the database 28 associates RFID tags with service individual IDs corresponding one-to-one, and includes a plurality of random numbers transmitted to the RFID tags and several reply random numbers returned from the multiple RFID tags. Remember.

  On the other hand, the RFID tag 12 includes a reception unit 31, an encryption unit 32, a storage unit 33, and a transmission unit 34.

  The receiving unit 31 receives the service ID and the plurality of random numbers transmitted from the reader terminal device 11 (the transmitting unit 26 thereof) and supplies the received service ID to the encryption unit 32.

  The encryption unit 32 encrypts each of the service ID and the plurality of random numbers supplied from the reception unit 31 with the common key stored in the storage unit 33 and supplies the encrypted data to the transmission unit 34. The storage unit 33 stores a unique ID that uniquely identifies the RFID tag 12 as a common key.

  The transmitting unit 34 supplies the service ID encrypted with the common key and the plurality of random numbers encrypted with the common key supplied from the encryption unit 32 as a service individual ID and a plurality of return random numbers as a reader terminal. It transmits to the apparatus 11 (the receiving part 27).

  In the reader terminal device 11 and the RFID tag 12 configured as described above, when a user becomes a new member of a predetermined service, the RFID tag 12 provided to the user is trapped by the reader terminal device 11, and the reader terminal device 11 The service ID and a plurality of random numbers are transmitted to the RFID tag 12. Then, a service individual ID and a plurality of reply random numbers respectively corresponding to the service ID and a plurality of random numbers are returned to the reader terminal device 11, and the reader terminal device 11 is transmitted to the RFID tag 12 in association with the service individual ID. The database 28 stores the plurality of random numbers, the plurality of reply random numbers returned from the RFID tag 12, and the user's personal information input through the input unit 21. Accordingly, the RFID tag 12 is handed over (provided) to a user who becomes a new member of the predetermined service.

  Next, hardware for realizing the reader terminal device 11 and the RFID tag 12 of FIG. 1 will be described with reference to FIGS.

  FIG. 2 is a block diagram illustrating a hardware configuration example of the reader terminal device 11.

  A CPU (Central Processing Unit) 51 executes various processes according to a program stored in the ROM 52 or a program loaded from the storage unit 58 to a RAM (Random Access Memory) 53. The RAM 53 also appropriately stores data necessary for the CPU 51 to execute various processes. The CPU 51, ROM 52, and RAM 53 are connected to each other via a bus 54. An input / output interface 55 is also connected to the bus 54.

  The input / output interface 55 includes an input unit 56 including a keyboard and a mouse, a display unit 57 including a CRT (Cathode Ray Tube) and an LCD (Liquid Crystal Display), a storage unit 58 including a hard disk, and an RFID tag. 12 and an RFID reader 59 for transmitting / receiving predetermined data and a communication unit 60 are connected.

  The storage unit 58 stores data, programs, and the like for executing various processes, and is controlled by the CPU 51 to supply these data and programs to the RAM 53. In addition, the storage unit 58 stores information (such as the above-described service individual ID, a plurality of random numbers, a return random number, and the like) related to the RFID tag 12 acquired via the RFID reader 59.

  The communication unit 60 communicates with an external device connected directly or via a network such as the Internet or a local area network. Note that the communication unit 60 may perform wireless or wired communication, or may be capable of both wireless and wired communication. Further, the communication method is not particularly limited. For example, in the case of wireless, wireless LAN (Local Area Network) such as IEEE (The Institute of Electrical and Electronic Engineers) 802.11a, 802.11b, and 802.11g, or various types such as Bluetooth Wireless communication systems can be used. Similarly, various wired communication systems such as IEEE1394, Ethernet (registered trademark), and USB (Universal Serial Bus) can be used for wired communication.

  A drive 61 is connected to the input / output interface 55 as necessary, and a removable medium 62 such as a magnetic disk, an optical disk, a magneto-optical disk, or a semiconductor memory is appropriately mounted, and a computer program or data read from the medium is read. Are supplied (installed) to the storage unit 58 as necessary.

  The input unit 56 in FIG. 2 corresponds to the input unit 21 in FIG. 1, and the display unit 57 corresponds to the display unit 22 in FIG. The data stored in the ROM 23 in FIG. 1 is stored in the ROM 52 or the storage unit 58 in FIG. Further, the functions of the controller 24 and the random number generation unit 25 in FIG. 1 are executed by the CPU 51 in FIG. 2, and the transmission / reception functions of the transmission unit 26 and the reception unit 27 in FIG. 1 are executed by the RFID reader 59 in FIG.

  FIG. 3 is a block diagram showing a detailed configuration example of the RFID reader 59 of FIG.

  An IC (Integrated Circuit) 71 includes a CPU 81, a ROM 82, a RAM 83, an SCC (Serial Communication Controller) 84, an SPU (Signal Processing Unit) 86, a bus 85 that interconnects these CPUs 81 to SPU 86, a demodulator 87, and a modulator 88. And a transmission circuit 89.

  The CPU 81 expands the control program stored in the ROM 82 in the RAM 83, and executes various processes based on the control signal supplied from the CPU 51 in FIG. For example, the CPU 81 generates a command (data) to be transmitted to the RFID tag 12 and outputs it to the SPU 86 via the bus 85 or supplies data from the RFID tag 12 received from the SPU 86 to the SCC 84.

  The SCC 84 supplies the data supplied from the CPU 51 of FIG. 2 to the CPU 81 via the bus 85, and the data supplied from the CPU 81 via the bus 85 to the CPU 51 (FIG. 2) of the reader terminal device 11. Output.

  When the data from the RFID tag 12 is supplied from the demodulator 87, the SPU 86 performs, for example, BPSK (Binary Phase Shift Keying) demodulation (Manchester code decoding) on the data and obtains the result. Reply data is supplied to the CPU 81. Further, when a command to be transmitted to the RFID tag 12 is supplied via the bus 85, the SPU 86 performs BPSK modulation (coding to Manchester code) on the command, and sends the transmission data obtained as a result to the modulation unit 88. Output.

  The demodulator 87 receives the ASK modulated wave that has been load-modulated by the RFID tag 12 via the antenna 72, and supplies data obtained by ASK demodulation to the SPU 86. The modulation unit 88 generates a carrier wave based on the clock signal from the oscillation circuit 89 and performs ASK modulation on the carrier wave, thereby transmitting a command (transmission data) to the RFID tag 12 via the antenna 72. The oscillation circuit 89 generates a clock signal having a predetermined frequency (for example, 13.56 MHz) serving as a carrier wave and supplies the clock signal to the modulation unit 88.

  The antenna 72 radiates radio waves (electromagnetic waves) that are data to be transmitted and received.

  FIG. 4 is a block diagram illustrating a hardware configuration example of the RFID tag 12.

  The RFID tag 12 is composed of, for example, an antenna (loop antenna) 101 and an IC 102 in which the other components are stored in one chip. The RFID reader 59 of the reader terminal device 11 (FIG. 2) uses electromagnetic induction. Communicate with.

  The IC 102 includes a CPU 121, ROM 122, RAM 123, EEPROM 124, bus 125, SPU 126, demodulator 127, modulator 128, oscillation circuit 129, and power supply generator 130. Here, the IC 102 has tamper resistance, and it is difficult to read and tamper with data stored in the IC 102.

  The CPU 121 develops a control program stored in the ROM 122 in the RAM 123 and controls the overall operation of the RFID tag 12. For example, when the service ID is received by electromagnetic waves radiated from the RFID reader 59, the CPU 121 encrypts the service ID with a unique ID stored in an EEPROM (Electrically Erasable and Programmable Read Only Memory) 124.

  When the data demodulated by the demodulator 127 is BPSK-modulated, the SPU 126 demodulates the data (decodes Manchester code) based on a clock signal supplied from a PLL unit (not shown) and demodulates the data Are appropriately output to the CPU 121 and the like via the bus 125. In addition, the SPU 126 performs BPSK modulation (coding into Manchester code) on the data supplied via the bus 125, and outputs it to the modulation unit 128.

  Demodulation section 127 detects and demodulates the modulated wave (ASK modulated wave) received via antenna 101, and outputs the demodulated data to SPU 126. In the antenna 101, for example, resonance is generated by an electromagnetic wave having a predetermined frequency radiated from the RFID reader 59.

  The modulation unit 128 ASK-modulates, for example, a modulated wave from the RFID reader 59 received by the antenna 101 due to a change in the load of the antenna 101, and transmits the modulation component to the RFID reader 59 via the antenna 101. (The terminal voltage of the antenna 72 of the RFID reader 59 is changed).

  The power generation unit 130 rectifies and stabilizes the AC magnetic field excited in the antenna 101 and supplies the DC magnetic power to each unit as DC power. For example, the power of the electromagnetic wave radiated from the RFID reader 59 of the reader terminal device 11 is adjusted so as to generate a magnetic field that covers the power necessary for the RFID tag 12.

  The reader terminal device 11 and the RFID tag 12 shown in FIG. 1 can be realized by the hardware configuration described above with reference to FIGS.

  Next, a process performed between the RFID tag 12 provided to a user and the reader terminal device 11 when a user becomes a new member of the predetermined service will be described with reference to FIG.

  First, in step S11, the reader terminal device 11 transmits a service ID of a predetermined service to the RFID tag 12, and the RFID tag 12 receives this in step S31.

  In step S32, the RFID tag 12 encrypts the received service ID with a common key (unique ID), and transmits the service individual ID obtained as a result to the reader terminal device 11 in step S33.

  In step S12, the reader terminal device 11 receives the service individual ID transmitted from the RFID tag 12, and in step S13, acquires the personal information of the user input by the terminal operator using the input unit 21. In step S <b> 14, the reader terminal device 11 stores the acquired personal information of the user in the database 28 in association with the service individual ID.

  In step S15, the reader terminal device 11 transmits a plurality of random numbers generated by the random number generation unit 25 to the RFID tag 12, and the RFID tag 12 receives this in step S34.

  In step S35, the RFID tag 12 encrypts the received plurality of random numbers with the common key, and transmits the plurality of return random numbers obtained as a result to the reader terminal device 11 in step S36.

  In step S16, the reader terminal device 11 receives a plurality of return random numbers transmitted from the RFID tag 12, proceeds to step S17, and performs individual service for the RFID tag 12 stored in the database 28 in step S14 described above. A plurality of random numbers and reply random numbers are stored in the database 28 in further association with the ID, and the process ends.

  FIG. 6 shows an example of data stored in the database 28.

  For example, “service individual ID_a” in FIG. 6 is a service individual ID obtained from the RFID tag 12 in FIG. In the database 28, “personal information_a” that is personal information of the user carrying the RFID tag 12 and three random numbers Ra are associated with “service individual ID_a” that is the service individual ID obtained from the RFID tag 12. , Ra ′, Ra ″ and three random numbers Ra, Ra ′, Ra ″, the three reply random numbers En (Ra), En (Ra) returned from the RFID tag 12 when the RFID tag 12 is transmitted. '), En (Ra ”) is stored.

  Further, in the database 28, three pieces of “personal information_b” are associated with “service individual ID_b”, which is the service individual ID obtained from the RFID tag, as data for the RFID carried by another user. Random numbers Rb, Rb ′, Rb ″ and three return random numbers En (Rb), En (Rb ′), En (Rb ″) are stored.

  Further, in the database 28, “personal information_c” and 3 are associated with “service individual ID_c”, which is the service individual ID obtained from the RFID tag, as data for the RFID carried by another user. Random numbers Rc, Rc ′, Rc ″ and three return random numbers En (Rc), En (Rc ′), En (Rc ″) are stored.

  Here, En (X) represents data obtained by encrypting data X with a predetermined common key.

  Next, the member registration process of the reader terminal device 11 will be described with reference to the flowchart of FIG. In this process, when a user becomes a member of a predetermined service, the terminal operator brings the RFID tag 12 provided to the user close to the reader terminal device 11, and the RFID tag 12 has sufficient power to perform communication. Started when it occurs.

  First, in step S51, the transmission unit 26 transmits the service ID of the predetermined service stored in the ROM 23 to the RFID tag 12, and the process proceeds to step S52.

  In step S52, the reception unit 27 receives the service individual ID returned from the RFID tag 12 in response to the service ID transmitted from the transmission unit 26, and proceeds to step S53.

  In step S53, the input unit 21 acquires the user's personal information input by the terminal operator, and proceeds to step S54.

  In step S54, the controller 24 stores the service individual ID and the user's personal information in the database 28. That is, the controller 24 stores the personal information of the user who provides the RFID tag 12 in the database 28 in a form corresponding to the service individual ID.

  In step S55, the controller 24 causes the random number generator 25 to generate a plurality of random numbers. The random number generator 25 generates a plurality of random numbers according to the control of the controller 24 and supplies the generated random numbers to the controller 24.

  In step S56, the transmission unit 26 transmits the plurality of random numbers supplied from the controller 24 to the RFID tag 12, and proceeds to step S57.

  In step S57, the reception unit 27 receives a plurality of return random numbers returned from the RFID tag 12 in response to the plurality of random numbers transmitted from the transmission unit 26, and proceeds to step S58.

  In step S <b> 58, the controller 24 stores the plurality of random numbers transmitted to the RFID tag 12 and the plurality of return random numbers received from the RFID tag 12 in the database 28. That is, the controller 24 stores a plurality of random numbers and reply random numbers in the database 28 in a form further associated with the service individual ID, and ends the process.

  FIG. 8 illustrates a service ID response process performed by the RFID tag 12 in accordance with the member registration process of the reader terminal device 11 shown in FIG.

  First, in step S71, the receiving unit 31 determines whether or not a service ID has been received from the reader terminal device 11, and waits until it is determined that a service ID has been received.

  If it is determined in step S71 that the service ID has been received from the reader terminal device 11, the process proceeds to step S72, and the reception unit 31 supplies the received service ID to the encryption unit 32. In step S72, the encryption unit 32 encrypts the supplied service ID with the common key (unique ID) stored in the storage unit 33, and supplies the service individual ID obtained as a result to the transmission unit 34. The process proceeds to step S73.

  In step S73, the transmission unit 34 transmits the service individual ID to the reader terminal device 11, and proceeds to step S74.

  Thereafter, in step S74, the reception unit 31 receives a plurality of random numbers transmitted from the reader terminal device 11 next, supplies the random numbers to the encryption unit 32, and proceeds to step S75.

  In step S <b> 75, the encryption unit 32 encrypts a plurality of random numbers with a common key, and supplies the plurality of return random numbers obtained as a result to the transmission unit 34.

  In step S76, the transmission unit 34 transmits a plurality of reply random numbers to the reader terminal device 11, and ends the process.

  7 and 8, the service ID is transmitted (received) first and then a plurality of random numbers are transmitted (received). However, the service ID and the plurality of random numbers are transmitted simultaneously. It may be.

  As described above, the reader terminal device 11 communicates with the RFID tag 12 provided to the user who becomes a member of the predetermined service, and associates the personal information of the user with a plurality of service individual IDs obtained as a result. The random number and the reply random number are stored in the database 28.

  When the user uses a predetermined service, the operating terminal has the user present an RFID tag 12 as a membership card. Then, the operation terminal person causes the reader terminal device 11 to perform the member confirmation process shown in FIG. 9, and whether or not the RFID tag 12 is legitimate, that is, the user who presents the RFID tag 12 is a legitimate member. It is determined whether or not.

  In the member confirmation process of FIG. 9, first, in step S101, the transmission unit 26 transmits the service ID of a predetermined service stored in the ROM 23 to the RFID tag 12, and the process proceeds to step S102.

  In step S102, the reception unit 27 receives the service individual ID returned from the RFID tag 12 in response to the service ID transmitted from the transmission unit 26, and proceeds to step S103.

  In step S103, the controller 24 acquires a plurality of random numbers from the database 28 based on the received service individual ID.

  In step S104, the transmission unit 26 transmits the plurality of random numbers supplied from the controller 24 to the RFID tag 12, and proceeds to step S105.

  In step S105, the reception unit 27 receives a plurality of reply random numbers returned from the RFID tag 12 in response to the plurality of random numbers transmitted from the transmission unit 26, and proceeds to step S106.

  In step S106, the controller 24 determines whether or not the received plurality of reply random numbers match the plurality of reply random numbers stored in the database 28 in association with the service individual ID received in step S102. judge.

  If it is determined in step S106 that the plurality of reply random numbers stored in the database 28 do not match, the process proceeds to step S107, and the RFID tag 12 currently communicating with the reader terminal device 11 is not genuine. A display to that effect (error message) is displayed on the display unit 22, and the process is terminated.

  On the other hand, if it is determined in step S106 that it matches the plurality of reply random numbers stored in the database 28, the process proceeds to step S108, where the controller 24 stores the personal information of the user associated with the service individual ID in the database. 28, and proceeds to step S109.

  In step S109, the controller 24 causes the display unit 22 to display the acquired personal information of the user. The display unit 22 displays the user's personal information by the video signal supplied from the controller 24, and ends the process.

  As described above, in the member confirmation process, the reader terminal device 11 is stored in the database 28 based on the service individual ID (reply recognition data) returned in response to the transmitted service ID (recognition data). A plurality of random numbers (a plurality of fixed data) are extracted and transmitted to the RFID tag 12. The reader terminal device 11 receives a plurality of reply random numbers (a plurality of reply fixed data) returned in response to the plurality of random numbers, and the plurality of received reply random numbers are stored in the database 28. It is determined whether or not it matches the stored reply random number. That is, it is confirmed that the received plurality of reply random numbers match the plurality of reply random numbers received from the RFID tag 12 and stored in the database 28 during the member registration process.

  Thereby, it can be confirmed that the plurality of random numbers transmitted to the RFID tag 12 during the member confirmation process are encrypted with the same common key as during the member registration process. That is, the RFID tag 12 can be confirmed to be the same as that provided to the user at the time of member registration, and the RFID tag 12 (providing user) can be authenticated.

  In the RFID system of FIG. 1, the RFID tag 12 encrypts data (service ID or a plurality of random numbers) transmitted from the reader terminal device 11 using the unique ID stored in the storage unit 33 as a common key. Replies. Accordingly, in order to forge the RFID tag 12, it is necessary to read the unique ID, but the unique ID cannot be read due to the tamper resistance of the RFID tag 12 (it is difficult). It is also very difficult to analyze a unique ID from the combination of data input to the RFID tag 12 and output data. That is, it is possible to make it difficult to forge the RFID tag 12 (communication device) storing the unique ID (unique information).

  Furthermore, since the data output by changing the data input to the RFID tag 12 changes, it becomes more difficult to assume a unique ID by keeping the input data secret, and the same card generally called name identification is used. The usage of multiple services cannot be tabulated.

  Generally, in a communication system using an IC card, the same common key is stored in each of the IC card and the reader terminal device, and authentication of the IC card is realized by, for example, a challenge response method. In this case, if the common key is leaked, the reliability of the system is remarkably lowered, so that strict management is required for concealing the common key. In the RFID system of FIG. 1, it is possible to easily confirm (identify) whether or not the RFID tag 12 as a member card is the same as that at the time of member registration, without requiring such security.

  Therefore, a communication system using the RFID tag 12 (communication device) that is difficult to forge can be constructed by the reader terminal device 11 and the RFID tag 12.

  The database 28 can also store additional data other than a plurality of random numbers and return random numbers in association with the individual service IDs that correspond one-to-one with the RFID tags of the members.

  For example, when the RFID tag 12 has a function as a point card issued by a certain store, the database 28 is associated with the service individual ID of the RFID tag 12 as shown in FIG. Issued points can also be stored.

  In FIG. 10, “personal information_a”, three random numbers Ra, Ra ′, Ra ”, three return random numbers En (Ra) are associated with the service individual ID“ service individual ID_a ”corresponding to the RFID tag 12. ), En (Ra ′), En (Ra ”) and the point (number)“ 3 ”are stored.

  Similarly, points “1” and “10” are stored in association with “service individual ID_b” and “service individual ID_c”, respectively.

  FIG. 11 is a flowchart of the member confirmation process when the points possessed by each member (user) are also stored in the database 28 as shown in FIG.

  The processing in steps S121 to S129 in FIG. 11 is the same as the processing in steps S101 to S109 in FIG. 9 described above, and a description thereof will be omitted.

  In step S130, the controller 24 stores the points in association with the service individual ID received in step S122. If points have already been stored for the service individual ID received in step S122, the controller 24 adds new points to the stored points and stores the points after the addition. Let Then, the controller 24 ends the member confirmation process.

  By storing the additional data in the database 28 as described above, the additional data can be managed for each user who provided the RFID tag.

  In this specification, the steps described in the flowcharts include processes that are executed in parallel or individually even if they are not necessarily processed in time series, as well as processes that are executed in time series in the described order. Is also included.

  Further, in this specification, the system represents the entire apparatus constituted by a plurality of apparatuses.

  The embodiment of the present invention is not limited to the above-described embodiment, and various modifications can be made without departing from the gist of the present invention.

It is a block diagram which shows the structural example of one Embodiment of the RFID system to which this invention is applied. FIG. 3 is a block diagram illustrating a hardware configuration example of a reader terminal device 11. FIG. 3 is a block diagram illustrating a more detailed configuration example of the RFID reader 59 of FIG. 2. 2 is a block diagram illustrating a hardware configuration example of an RFID tag 12. FIG. 6 is a flowchart for explaining processing performed between the RFID tag 12 and the reader terminal device 11. 4 is a diagram illustrating an example of data stored in a database 28. FIG. 5 is a flowchart for explaining member registration processing of the reader terminal device 11; It is a flowchart explaining a service ID response process. It is a flowchart explaining a member confirmation process. It is a figure which shows the other example of data memorize | stored in the database. It is a flowchart explaining the other member confirmation processing.

Explanation of symbols

  11 reader terminal device, 12 RFID tag, 21 input unit, 22 display unit, 23 ROM, 24 controller, 25 random number generation unit, 26 transmission unit, 27 reception unit, 31 reception unit, 32 encryption unit, 33 storage unit, 34 Transmitter

Claims (7)

In a communication system comprising a first communication device having tamper resistance and a second communication device that exchanges data with the first communication device,
The first communication device is:
First storage means for storing a unique ID that identifies the first communication device as a common key;
First receiving means for receiving recognition data and a plurality of fixed data transmitted from the second communication device for the second communication device to recognize the first communication device;
Encryption means for encrypting each of the received recognition data and the plurality of fixed data with the common key;
First transmission means for transmitting the encrypted recognition data and the plurality of fixed data to the second communication device as reply recognition data and a plurality of reply fixed data, respectively.
The second communication device is:
Second recognition means for transmitting the recognition data and the plurality of fixed data to the first communication device;
Second receiving means for receiving the reply recognition data and the plurality of reply fixed data returned from the first communication device in response to the transmitted recognition data and the plurality of fixed data;
Second storage means for storing the plurality of fixed data and the plurality of reply fixed data in association with the reply recognition data;
Determination means for performing determination using the reply recognition data stored in the second storage means, the plurality of fixed data, and the plurality of reply fixed data;
When the second communication device authenticates the first communication device,
The second transmission means transmits the recognition data to the first communication device again,
The second receiving means receives again the reply recognition data transmitted from the first communication device,
The second transmission means transmits again the plurality of fixed data stored in the second storage means in association with the received reply recognition data to the first communication device,
The second receiving means receives again the plurality of return fixed data transmitted from the first communication device,
The determination means determines whether or not the plurality of reply fixed data received again matches the plurality of reply fixed data associated with the reply recognition data in the second storage means. system. In a communication device that exchanges data with other communication devices having tamper resistance,
Recognition data for recognizing the other communication device, and transmission means for transmitting a plurality of fixed data to the other communication device;
Receiving means for receiving the reply recognition data and the plurality of reply fixed data, which are returned from the other communication device in response to the transmitted recognition data and the plurality of fixed data;
Storage means for storing the plurality of fixed data and the plurality of reply fixed data in association with the reply recognition data;
Determination means for performing determination using the reply recognition data stored in the storage means, the plurality of fixed data, and the plurality of reply fixed data;
When the communication device authenticates the other communication device,
The transmission means transmits the recognition data to the other communication device again,
The receiving means receives the reply recognition data transmitted from the other communication device again,
The transmission means transmits the plurality of fixed data stored in the storage means in association with the received reply recognition data again to the other communication device,
The receiving means receives the plurality of reply fixed data transmitted from the other communication device again,
The communication device determines whether or not the plurality of reply fixed data received again match the plurality of reply fixed data associated with the reply recognition data in the storage unit. The communication apparatus according to claim 2, further comprising random number generation means for generating a random number as each of the plurality of fixed data. The other communication device is a device carried by a user who enjoys a predetermined service,
The communication device is a device that manages information for a user who provides the service,
The communication apparatus according to claim 2, wherein the recognition data is a service ID that identifies the service. An acquisition means for acquiring the personal information of the user;
The communication device according to claim 4, wherein the storage unit also stores personal information of the user in association with the reply recognition data. 6. The apparatus according to claim 5, further comprising: a display unit that displays personal information of the user stored in the storage unit in association with the received reply recognition data when the receiving unit receives the reply recognition data. The communication apparatus as described in. In a communication method of a communication device for exchanging data with another communication device having tamper resistance,
Transmitting recognition data for recognizing the other communication device and a plurality of fixed data to the other communication device;
In response to the transmitted recognition data and the plurality of fixed data, the reply communication data and the plurality of reply fixed data received from the other communication device are received,
In association with the reply recognition data, the storage means stores the plurality of fixed data and the plurality of reply fixed data,
When the communication device authenticates the other communication device,
Retransmit the recognition data to the other communication device;
The reply recognition data transmitted from the other communication device is received again,
The plurality of fixed data stored in the storage means in association with the received reply recognition data is transmitted again to the other communication device,
Receiving the plurality of return fixed data transmitted from the other communication device again,
A communication method comprising: determining whether each of the plurality of reply fixed data received again matches the plurality of reply fixed data associated with the reply recognition data in the storage unit.

Images