JP2008152737A - Service provision server, authentication server, and authentication system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a service provision server, an authentication server and an authentication system which can prevent a phishing and a middle operator attack, and provide a user an online service with a high safety verification, while a communication terminal without authentication also uses other communication terminals together. <P>SOLUTION: The authentication system has a service provision server (SP)100 which offers a service, a communication terminal 1 which generates a session code in connection with the service, and a communication terminal 2 which requires service. The communication terminal 1 transmits the generated session code to the SP100. The communication terminal 2 enciphers the session code generated by the communication terminal 1 with an IBE key based on a SP100 identifier, and transmits it to the SP100. The SP100 compares and collates the session code received from the communication terminal 1 and a decoded session code received from the communication terminal 2, and composes so that an offer of the service may be permitted to a user of the communication terminal 2 when the mutual session codes are matched. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a user who uses a service on a network via a communication terminal, a service providing server that authenticates the communication terminal, an authentication server, and an authentication system.

  Conventionally, a user tries to use a service providing site (service providing server) on a network from a low-reliability communication terminal such as a shared terminal (personal computer) installed in an Internet cafe or the like. In this case, as shown in FIG. 1, there is known an authentication system that can provide a secure service by using a highly reliable communication terminal such as a mobile phone owned by the user.

Specifically, an identifier that uniquely represents a session together with a user ID in a browser of a shared terminal (hereinafter, this “identifier that uniquely represents a session” is referred to as a “session code”). An authentication server that inputs information and can perform secure communication with the service providing server or the service providing server performs temporary authentication of the shared terminal according to the input information, and further, the service providing server or authentication A server is known that permits a service by performing confirmation and authentication of a mobile phone in accordance with a session code input to the mobile phone (see, for example, Patent Document 1).
JP 2004-213315 A

  However, in the above-described conventional authentication system, communication between the service providing server or the authentication server and the low-reliability communication terminal is not encrypted, or simply PKI (Public Key Infrastructure) -based encryption (SSL, etc.) Therefore, if you simply use a session code, you can use phishing as shown in FIG. 2 to obtain a fake service providing server or authentication server by using unauthorized software installed on a low-reliable communication terminal. There is a risk that the contents of communication may be eavesdropped or tampered with as a result of a man-in-the-middle attack as shown in FIG. At this time, the user rarely scrutinizes the contents of the PKI certificate, and rewriting the hosts file or DNS poisoning may lead to a fake site even if the input URL is correct.

  The present invention has been made to solve such a conventional problem, and as shown in FIG. 4, between the server and the unreliable communication terminal based on the identifier of the service providing server or the authentication server. By sharing the key securely and performing cryptographic communication using the key, it is possible to prevent phishing and man-in-the-middle attacks, and even a communication terminal without authentication information can be used together with other communication terminals for highly secure authentication It is an object of the present invention to provide a service providing server, an authentication server, and an authentication system that can provide an online service with a user.

  The service providing server according to claim 1, wherein a session code receiving unit that receives a session code generated and transmitted by a first communication terminal, and a session that stores the session code received by the session code receiving unit in a storage unit Code storage means, service request reception means for receiving a service request from the second communication terminal and receiving / decrypting a session code encrypted with an encryption key based on the identifier of the server, and saving in the storage section The session code comparing means for comparing / collating the received session code with the session code received / decoded by the service request receiving means, and confirmation if the session codes compared / verified by the session code comparing means match. State information of the session code to be stored in the storage unit A state update unit that stores in the storage unit state information of a session code that is unconfirmed if it does not match, and when the state information of the session code in the storage unit has been confirmed, the second communication terminal A service provision availability determination unit for permitting the user to provide a service, and encryption for encrypting the contents of the service provided to the user of the second communication terminal with an encryption key based on the identifier of the server And means.

  With this configuration, the session code generated by the first communication terminal is compared with the session code sent from the second communication terminal by being encrypted with the encryption key based on the identifier of the service providing server. If the session codes match each other, the user of the second communication terminal is permitted to provide the service, and the content of the service provided to the user of the second communication terminal is also based on the identifier of the service providing server. Since the encryption key is used for encryption, communication terminals that do not have authentication information can be used in combination with other communication terminals without phishing or man-in-the-middle attacks on communication between the service providing server and the second communication terminal. However, it is possible to provide users with a highly secure online service.

  Here, IBE (Identity Based Enctyption) can be cited as a key sharing technique based on a server identifier (URL or the like), but is not limited thereto. IBE is a technique for securely sharing a key between a sender and a receiver based on an arbitrary character string such as a URL or an email address. The first idea was published by Shamir (A. Shamir, " Identity-Based cryptosystems and signature schemes ", in Advances in Cryptology Crypto '84, Lecture Notes in Computer Science, Vol. 196, Springer-Verlag, 1984, pp. 47-53). Regarding the specific algorithm of IBE, Kiyoshi Ohgishi, Ryuichi Sakai and Masao Kasahara, "Notes on ID-based Key Sharing Systems over Elliptic Curve", Technical Report of IEICE, ISEC99-57, Nov. 1999, D.Boneh and M. Franklin, “Identity-based encryption from the Weil pairing”, In Proc. Crypto '01, LNCS 2139, 2001, pp.213-229.

  The service providing server according to claim 2, wherein the service providing server according to claim 1 is an encryption based on an identifier of the server when the encrypted session code is received from the second communication terminal. Confirmation information receiving means for receiving and decrypting confirmation information for confirming a user of the second communication terminal encrypted with a key; and confirmation information received and decrypted by the confirmation information receiving means Confirmation information transmitting means for transmitting to the communication terminal, confirmation result receiving means for receiving a confirmation result indicating whether or not the confirmation information is valid from the first communication terminal, and comparison / collation by the session code comparison means If the confirmed session codes match and the confirmation result received by the confirmation result receiving means indicates validity, the status information of the session code to be confirmed Stored in 憶部, if unmatched or confirmation result does not indicate the correctness has a configuration in which a state updating means for storing the state information of the session codes to unconfirmed in the storage unit.

  With this configuration, in preparation for the case where the session code is stolen, providing the service to the user of the second communication terminal while allowing the user of the first communication terminal to confirm that the confirmation information is valid Therefore, it is possible to provide a user with a safer online service.

  A service request receiving means for receiving a service request from the second communication terminal and receiving / decrypting a session code encrypted with an encryption key based on an identifier of the server; A session code storage unit that stores the session code received / decoded by the service request reception unit in a storage unit; a session code transmission unit that transmits the session code stored in the storage unit to an authentication server; If the session code from the first communication terminal matches the session code from the second communication terminal, the status information of the session code that has been confirmed is received, and if not, the status information of the session code that has not been confirmed is received. Status information receiving means and status information received by the status information receiving means in the storage unit A state update unit for storing; a service provision availability determination unit for permitting a user of the second communication terminal to provide a service when the state information of the session code in the storage unit has been confirmed; And encryption means for encrypting the contents of the service provided to the user of the communication terminal with an encryption key based on the identifier of the server.

  With this configuration, when the status information of the session code received from the authentication server has been confirmed to indicate that the session code from the first communication terminal matches the session code from the second communication terminal, the second Service is provided to the user of the communication terminal, and the content of the service provided to the user of the second communication terminal is encrypted with the encryption key based on the identifier of the service providing server. Providing users with highly secure online services without using phishing or man-in-the-middle attacks on the communication between the server and the second communication terminal, while using other communication terminals in combination with other communication terminals. can do.

  The service providing server according to claim 4 is an encryption based on an identifier of the server when the encrypted session code is received from the second communication terminal in the service providing server according to claim 3. Confirmation information receiving means for receiving and decrypting confirmation information for confirming the user of the second communication terminal encrypted with the key, and transmitting the confirmation information received and decrypted by the confirmation information receiving means to the authentication server And a confirmation information transmitting means.

  With this configuration, in preparation for the case where the session code is stolen, providing the service to the user of the second communication terminal while allowing the user of the first communication terminal to confirm that the confirmation information is valid Therefore, it is possible to provide a user with a safer online service.

  When the service providing server according to claim 5 receives status information of the session code from the authentication server in the service providing server according to claim 3 or 4, the service providing server receives the common key generated and transmitted by the authentication server. A common key receiving unit for receiving, and a common key storing unit for storing the common key received and decrypted by the common key receiving unit in the storage unit, wherein the encryption unit is a user of the second communication terminal. The content of the service to be provided is encrypted with a common key stored in the storage unit.

  With this configuration, the content of the service provided from the service providing server to the user of the second communication terminal is encrypted with the common key generated by the authentication server and requiring a small amount of calculation required for encryption and decryption. Therefore, the processing load on the service providing server and the second communication terminal can be reduced.

  The service providing server according to claim 6 is the service providing server according to any one of claims 1 to 4, wherein an encryption key generating unit that generates an encryption key based on a session code stored in the storage unit; Encryption key storage means for storing the encryption key generated by the encryption key generation means in the storage unit, and the encryption means provides the contents of the service provided to the user of the second communication terminal, It has the structure which encrypts with the encryption key preserve | saved at the memory | storage part.

  With this configuration, the content of the service provided from the service providing server to the user of the second communication terminal is generated based on the session code, which is different from when the session code is sent from the second communication terminal to the service providing server. Since the encryption is performed using the encryption key, a more secure online service can be provided to the user.

  When the encrypted session code is received from the second communication terminal in the service providing server according to any one of claims 1 to 4, the service providing server according to claim 7 is an identifier of the server. A common key receiving means for receiving / decrypting a common key generated by the second communication terminal encrypted with an encryption key based on the common key and a common key received / decrypted by the common key receiving means Common key storage means for storing the content of the service provided to the user of the second communication terminal using the common key stored in the storage unit. is doing.

  With this configuration, the content of the service provided from the service providing server to the user of the second communication terminal is generated by the common key that is generated by the second communication terminal and requires a small amount of calculation required for encryption and decryption. Since encryption is performed, the processing load on the service providing server and the second communication terminal can be reduced.

  9. The authentication server according to claim 8, wherein a session code receiving unit that receives a session code generated and transmitted by the first communication terminal, and a session code that stores the session code received by the session code receiving unit in a storage unit. The storage means, the session code stored in the storage unit and the encryption key based on the service providing server identifier from the second communication terminal are encrypted and transmitted to the service providing server and received by the service providing server The state of the session code that is confirmed when the session code comparison means that compares and collates the session code that has been decrypted and transferred and the session code that is compared and collated by the session code comparison means match. The information is stored in the storage unit. And state updating means for storing the state information of Nkodo in the storage unit, the status information of the session codes in the storage unit has a configuration in which a status information transmitting means for transmitting to the service providing server.

  With this configuration, the session code generated by the first communication terminal and the session code encrypted and transferred from the service providing server by the encryption key based on the identifier of the service providing server in the second communication terminal When the session codes that have been compared and matched match each other, the status information of the session code that has been confirmed is transmitted to the service providing server, so that communication between the service providing server and the second communication terminal is performed. Without receiving phishing or man-in-the-middle attacks, a communication terminal without authentication information can provide a highly secure online service to a user while using another communication terminal together.

  The authentication server according to claim 9 is configured to confirm the validity of the service providing server when the session codes compared and verified by the session code comparison unit match in the authentication server according to claim 8. Service providing server confirmation information generating means for generating the service providing server confirmation information, and service providing server confirmation information transmission for transmitting the service providing server confirmation information generated by the service providing server confirmation information generating means to the first communication terminal. A confirmation result receiving means for receiving a confirmation result indicating whether or not the service providing server confirmation information is valid from the first communication terminal; and a mutual session compared and collated by the session code comparison means If the codes match and the confirmation result received by the confirmation result receiving means indicates validity, State update means for storing state information of a session code to be completed in the storage unit, and storing state information of a session code to be unconfirmed in the storage unit if they do not match or the confirmation result does not indicate validity It has a configuration.

  With this configuration, in preparation for the case where the session code is stolen, the user of the first communication terminal confirms that the confirmation information for confirming the validity of the service providing server is valid. Since the code status is confirmed, a more secure online service can be provided to the user.

  An authentication server according to claim 10 is the authentication server according to claim 8, wherein when the session code is received from the service providing server, an encryption key based on an identifier of the service providing server from the second communication terminal. Confirmation information receiving means for receiving confirmation information for confirming the user of the second communication terminal that has been encrypted and transmitted to the service providing server and received and decrypted by the service providing server Confirmation information transmitting means for transmitting the confirmation information received by the confirmation information receiving means to the first communication terminal, and a confirmation result indicating whether or not the confirmation information is valid from the first communication terminal. The received confirmation result receiving means and the session code compared and collated by the session code comparing means match each other and received by the confirmation result receiving means If the authentication result indicates validity, the state information of the session code to be confirmed is stored in the storage unit, and if it does not match or the confirmation result does not indicate validity, the state information of the session code to be unconfirmed is stored in the storage unit. And a state update means for storing in the storage unit.

  With this configuration, in preparation for the case where the session code is stolen, the user of the first communication terminal confirms that the confirmation information for confirming the user of the second communication terminal is valid. Since the session code status is confirmed, a more secure online service can be provided to the user.

  The authentication server according to claim 11, comprising: a session code receiving unit that receives a session code generated and transmitted by the first communication terminal; and a session code that stores the session code received by the session code receiving unit in a storage unit. Storage means, session code reception / decryption means for receiving / decrypting a session code encrypted and transmitted from the second communication terminal with an encryption key based on the identifier of the server, and a session stored in the storage unit A session code comparison means for comparing / collating the code with the session code from the second communication terminal, and a session code to be confirmed when the session codes compared and collated by the session code comparison means match Store the status information in the storage unit. Status update means for storing the status information of the session code in the storage section, and status information transmission means for returning the status information of the session code in the storage section in response to an inquiry about the status of the session code from the service providing server. It has the composition provided.

  With this configuration, the session code generated by the first communication terminal and the session code encrypted with the encryption key based on the identifier of the service providing server from the second communication terminal are compared and verified. When the session codes match each other, the status information of the confirmed session code is returned to the service providing server in response to the session code status inquiry from the service providing server. Without being subject to phishing or man-in-the-middle attacks on communication with a terminal, a highly secure online service can be provided to a user while using another communication terminal even with a communication terminal having no authentication information.

  An authentication server according to a twelfth aspect is the authentication server according to the eleventh aspect, in which when the session codes compared and verified by the session code comparison means match, the user of the second communication terminal is notified. A common key generating unit that generates a common key for encrypting the contents of the service to be provided; a common key storing unit that stores the common key generated by the common key generating unit in the storage unit; and A common key transmitting unit that encrypts the stored common key with an encryption key based on an identifier of the server and transmits the encrypted common key to the second communication terminal, and the state information transmitting unit includes: In response to an inquiry about the status of the session code, the common key is returned together with the status information of the session code in the storage unit.

  With this configuration, the content of the service provided from the service providing server to the user of the second communication terminal is encrypted with the common key generated by the authentication server and requiring a small amount of calculation required for encryption and decryption. Therefore, the processing load on the service providing server and the second communication terminal can be reduced.

  The authentication system according to claim 13, comprising a service providing server that provides a service, a first communication terminal that generates a session code related to the service, and a second communication terminal that requests the service, The first communication terminal transmits the generated session code to the service providing server, and the second communication terminal uses the session code generated by the first communication terminal based on the identifier of the service providing server. The service providing server compares the session code received from the first communication terminal with the session code received / decrypted from the second communication terminal. If the session codes match, the second communication terminal user is allowed to provide the service. It has a configuration.

  With this configuration, the service providing server includes a session code generated by the first communication terminal and a session code encrypted and transmitted from the second communication terminal with an encryption key based on the identifier of the server. If the session codes match, the user of the second communication terminal is allowed to provide the service, and the content of the service provided to the user of the second communication terminal also uses the identifier of the server. Since encryption is performed using the encryption key based on the communication terminal, it does not suffer from phishing or man-in-the-middle attacks on the communication between the service providing server and the second communication terminal. However, it is possible to provide users with a highly secure online service.

  The authentication system according to claim 14 is the authentication system according to claim 13, wherein the second communication terminal encrypts confirmation information for confirming a user of the second communication terminal together with the session code. Transmitted to the service providing server, the service providing server transmits confirmation information received / decoded from the second communication terminal to the first communication terminal, and the first communication terminal transmits the service information to the service providing server. A confirmation result indicating whether or not the confirmation information transmitted from the providing server is valid is transmitted to the service providing server, and the service providing server includes the session code received from the first communication terminal and the second When the session code received / decoded from the communication terminal matches and the confirmation result indicates validity, the service of the second communication terminal is given to the user. It has a configuration that permits provided.

  With this configuration, in preparation for the case where the session code is stolen, providing the service to the user of the second communication terminal while allowing the user of the first communication terminal to confirm that the confirmation information is valid Therefore, it is possible to provide a user with a safer online service.

  The authentication system according to claim 15, a service providing server that provides a service, a first communication terminal that generates a session code related to the service, a second communication terminal that requests the service, and the first An authentication server for authenticating a user of the communication terminal, wherein the first communication terminal transmits the generated session code to the authentication server, and the second communication terminal is transmitted by the first communication terminal. The generated session code is encrypted with an encryption key based on the identifier of the service providing server and transmitted to the service providing server. The service providing server receives the session code received and decrypted from the second communication terminal. The authentication server receives the session code received from the first communication terminal and the service providing server. The session code that has been decrypted and transferred is compared and checked, and if it matches, the status information of the session code that has been confirmed is sent to the service providing server. It has the composition to do.

  With this configuration, the authentication server has been encrypted and transferred by the encryption key based on the session code generated by the first communication terminal and the identifier of the service providing server in the second communication terminal from the service providing server. When the session codes are compared and collated, and the collated session codes match, the status information of the session code to be confirmed is transmitted to the service providing server, so that the service providing server and the second communication terminal Without being subjected to phishing or man-in-the-middle attacks on inter-communication, a communication terminal having no authentication information can provide a highly secure online service to a user while using another communication terminal together.

  An authentication system according to claim 16 is the authentication system according to claim 15, wherein the authentication server is received and decrypted by the session code received from the first communication terminal and the service providing server and transferred. Compares and collates with the session code, and if it does not match, sends the status information of the unconfirmed session code to the service providing server, and if it matches, confirms the service providing server to confirm the validity of the service providing server Information is generated and transmitted to the first communication terminal, and the first communication terminal sends a confirmation result indicating whether or not the service providing server confirmation information transmitted from the authentication server is valid. And the authentication server sends the status information of the session code to be confirmed when the confirmation result indicates validity. It has a configuration for transmitting the serial service providing server.

  With this configuration, in preparation for the case where the session code is stolen, the user of the first communication terminal confirms that the confirmation information for confirming the validity of the service providing server is valid. Since the code status is confirmed, a more secure online service can be provided to the user.

  The authentication system according to claim 17 is the authentication system according to claim 15, wherein the second communication terminal encrypts confirmation information for confirming a user of the second communication terminal together with the session code. Transmitted to the service providing server, and the service providing server transfers the confirmation information received and decrypted from the second communication terminal together with the session code to the authentication server. The session code received from the communication terminal is compared and collated with the session code received / decoded and transferred by the service providing server. If they do not match, the status information of the unconfirmed session code is transmitted to the service providing server. If there is a match, the confirmation information received and decrypted by the service providing server is transferred to the first information. Transmitted to the communication terminal, the first communication terminal transmits a confirmation result indicating whether or not the confirmation information transmitted from the authentication server is valid, to the authentication server, the authentication server Is valid, the session code status information to be confirmed is transmitted to the service providing server.

  With this configuration, in preparation for the case where the session code is stolen, the user of the first communication terminal confirms that the confirmation information for confirming the user of the second communication terminal is valid. Since the session code status is confirmed, a more secure online service can be provided to the user.

  The authentication system according to claim 18, wherein a service providing server that provides a service, a first communication terminal that generates a session code related to the service, a second communication terminal that requests the service, and the first An authentication server for authenticating a user of the communication terminal, wherein the first communication terminal transmits the generated session code to the authentication server, and the second communication terminal is transmitted by the first communication terminal. The generated session code is encrypted with an encryption key based on the identifier of the authentication server and transmitted to the authentication server, and the second communication terminal transmits the session code generated by the first communication terminal to the authentication server. Encrypted with an encryption key based on the identifier of the service providing server and transmitted to the service providing server, and the service providing server sends the second communication terminal The session code received and decrypted is sent to the authentication server, and the authentication server receives the session code received from the first communication terminal and the session code received and decrypted from the second communication terminal. In response to an inquiry about the status of the session code from the service providing server, the status information of the session code that has been confirmed if they match, the status information of the session code that has not been confirmed if they do not match, It has the structure which returns to the said service provision server.

  With this configuration, the session code generated by the first communication terminal and the session code encrypted by the encryption key based on the identifier of the authentication server from the second communication terminal are compared and verified, and the verified mutual codes are compared. If the session codes match, the status confirmation information indicating that the session code status has been confirmed is returned to the service providing server in response to the session code status inquiry from the service providing server. Without being subject to phishing or man-in-the-middle attacks on communications with other communication terminals, it is possible to provide users with highly secure online services while using other communication terminals even on communication terminals that do not have authentication information. .

  According to the present invention, by using a key shared based on an identifier of a service providing server or an authentication server, it is guaranteed that communication is performed with a true server. Further, since encrypted communication is performed using a securely shared key, wiretapping and tampering can be prevented. Furthermore, a PKI certificate for server authentication is not required, and the user only needs to confirm that there is no error in the server identifier, and the certificate confirmation is not necessary.

  Hereinafter, an authentication system according to an embodiment of the present invention will be described with reference to the drawings.

<First embodiment of the present invention>
FIG. 5 shows a system configuration diagram of the authentication system according to the first embodiment of the present invention. The authentication system illustrated in FIG. 5 includes a service providing server 100, a highly reliable first communication terminal 1, and a low reliability second communication terminal 2. When using the IBE as a key sharing method based on an identifier, a key server that generates and issues a secret key corresponding to an encryption key (public key) based on the identifier is necessary, and provides a service. The server and the second communication terminal also need to obtain the corresponding private key from the key server in order to decrypt the data encrypted with the encryption key, but this point is not directly related to the present invention and is omitted. To do. The service providing server 100 provides, for example, an EC (Electronic Commerce) site, and is configured by a general-purpose computer or the like.

  The service providing server 100 and the communication terminal 2 can communicate with each other via the network 3, and the service providing server 100 and the communication terminal 1 can communicate with each other via the network 4 and the network 3. In the embodiment of the present invention, the mobile terminal that the user contracts and owns the communication terminal 1 and the personal computer that the communication terminal 2 is owned by the user of the personal computer installed in the Internet cafe or the like. A computer, network 3 will be described as the Internet, and network 4 will be described as a mobile phone network. However, the communication terminal 1, the communication terminal 2, the network 3, and the network 4 are not limited to those described above.

  In the first embodiment of the present invention, the IBE is used as a key sharing method, and the communication terminal 1 is used when receiving an online service requiring authentication, for example, a service such as electronic commerce. A mode in which the communication terminal 2 having no authentication information such as an electronic certificate succeeds in authentication performed by the service providing server 100 is described.

  FIG. 6 shows an outline of the operation of the authentication system according to the present embodiment.

  First, when the user of the communication terminal 2 makes an electronic payment for an article to be purchased in the service providing server (SP) 100, for example, the user of the communication terminal 2 owns the user when making a request for the electronic payment service to the service providing server 100. By operating the communication terminal (mobile phone) 1 to be operated, the communication terminal 1 generates a session code (1.) and displays it on the screen, and the generated session code is transmitted to the service providing server 100 via the networks 4 and 3. (2.).

  The session code may be any character string or QR code (registered trademark) as long as it can identify the business transaction of the service. The session code is a code uniquely identified by the authentication system, and does not overlap with a session code generated by another communication terminal 1 (mobile phone). For example, the session code may include a mobile phone number.

  Further, before transmitting the session code, the communication terminal 1 establishes a session with the service providing server 100 in accordance with SSL (Secure Sockets Layer) or the like, and transmits the session code to the service providing server 100 through the established session. You may make it transmit.

  Next, the user of the communication terminal 2 looks at the session code displayed on the screen of the communication terminal 1 and inputs it to the communication terminal 2 using an input device such as a keyboard of the communication terminal 2 (2.). When the session code is input, the communication terminal 2 encrypts the input session code together with the service request with an IBE key based on the identifier (URL or the like) of the service providing server 100, and the service providing server via the network 3. To 100 (3.).

  Although the session code has been described as being input to the communication terminal 2 using an input device, Bluetooth (registered trademark), infrared, or other various methods are used between the communication terminal 1 and the communication terminal 2. The communication terminal 2 may input the session code from the communication terminal 1 by communicating with the communication terminal 1. If the session code is a QR code, a QR code reader is connected to the communication terminal 2, and the reader reads the QR code displayed on the screen of the communication terminal 1 to obtain the session code. You may make it input into the communication terminal 2. FIG.

  Next, the service providing server 100 decrypts the session code received from the communication terminal 2 with the secret key corresponding to the IBE key (obtained in advance from the key server), and the session code received from the communication terminal 1 Compare and verify (4.), and if the session codes match each other, the session code status is confirmed and the user of the communication terminal 2 is allowed to provide an electronic payment service, and is encrypted with the IBE key. Is provided via the network 3 (5.). Note that the electronic settlement service described here is merely an example, and the service referred to in the present invention may be any service as long as it can be performed on the network.

  FIG. 7 shows a device configuration diagram of the service providing server according to the first embodiment of the present invention.

  The service providing server 100 shown in FIG. 7 includes a communication interface 110 that communicates with the network 3 and each means configured by a processor such as a CPU and a storage device such as a hard disk, that is, a storage unit 120, Session code processing unit 130 comprising code receiving means 131, session code storing means 132, session code comparing means 133, state updating means 134 and terminal 1 authentication means 135, service request receiving means 141, service provision availability judging means 142, encryption A service providing unit 140 including an converting unit 143 and a transmitting unit 144; an IBE key processing unit 150 including an IBE key part information acquiring unit 151; an IBE key generating unit 152; and an IBE key storing unit 153; and a request processing unit 160. .

  The storage unit 120 stores and saves information related to the session code and the IBE key.

  The session code receiving unit 131 receives the session code generated and transmitted by the communication terminal 1. The session code storage unit 132 stores the session code received by the session code reception unit 131 in the storage unit 120. Further, the session code storage unit 132 stores state information indicating whether or not the validity of the session code has been confirmed (“confirmed” / “unconfirmed”) in association with the received session code in the storage unit 120. (Initially save “unconfirmed”). In addition, the session code storage unit 132 determines whether or not the time from the reception / storage of the session code from the communication terminal 1 to the reception of the session code from the communication terminal 2 is within a predetermined specified time, if necessary. If the specified time is exceeded, a timer (timeout timer) (not shown) for deleting the session code from the storage unit 120 is set. The validity of the session code is determined by comparison / collation between session codes, various confirmation information, and the like, as will be described later.

  The service request receiving unit 141 receives a service request from the communication terminal 2 and receives a session code encrypted with the IBE key based on the identifier of the server 100, and corresponds to the IBE key (from the key server in advance). Decrypt with the obtained private key.

  The session code comparison unit 133 compares and collates the session code from the communication terminal 1 stored in the storage unit 120 with the session code from the communication terminal 2 received and decoded by the service request reception unit 141. When the session codes compared and verified by the session code comparison unit 133 match, the state update unit 134 updates the state information of the session code stored in the storage unit 120 to “confirmed”, and does not match In this case, the state is left as it is (“unconfirmed”). Further, the state update means 134 is set with the above-described timeout timer, and when the specified time has passed with the state information “unconfirmed”, the corresponding session code and other information stored corresponding to this Are deleted from the storage unit 120 (time-out process).

  When the status information of the session code in the storage unit 120 is “confirmed”, the service provision availability determination unit 142 permits the user of the communication terminal 2 corresponding to the communication terminal 1 to provide the service. The encryption unit 143 encrypts the content of the service provided to the user of the communication terminal 2 with the IBE key stored in the storage unit 120. The transmission unit 144 transmits the service content encrypted by the encryption unit 143 to the communication terminal 2.

  The IBE key part information acquisition unit 151 acquires information serving as a basis for generating an IBE key, that is, the identifier and session code of the server 100 from the storage unit 120 and the like, and the IBE public parameters from the key server. The IBE key generation unit 152 generates an IBE key based on the information acquired by the IBE key partial information acquisition unit 151, for example, the identifier of the server 100. The IBE key storage unit 153 stores the IBE key generated by the IBE key generation unit 152 in the storage unit 120.

  The request processing unit 160 transmits the information output from each means to the network 3 via the communication interface 110, distributes the information received from the network 3 via the communication interface 110, and outputs the information to the target means. It has become.

  The terminal 1 authentication unit 135 is a unit for performing authentication between the communication terminal 1 and the service providing server 100 as necessary before transmitting a session code from the communication terminal 1. Authentication information for authenticating a user of the communication terminal 1, for example, an authentication request including a user identifier and a password, an electronic certificate, or information for biometric authentication, and authentication information stored in advance in a storage device The user of the communication terminal 1 is authenticated based on the above.

  The session code processing unit 130, the service providing processing unit 140, the IBE key processing unit 150, and the request processing unit 160 may be configured by program modules processed by a processor such as a CPU.

  The operation of the service providing server 100 according to the first embodiment of the present invention configured as described above will be described with reference to the drawings together with the operation of the entire system. FIG. 8 is an operation sequence diagram of the authentication system according to the first embodiment of the present invention.

  First, when the session code receiving unit 131 receives the session code generated and transmitted by the communication terminal 1, the session code storing unit 132 stores the session code received by the session code receiving unit 131 in the storage unit 120. Further, the session code storage unit 132 stores “unconfirmed” status information in the storage unit 120 in association with the received session code. Furthermore, the session code storage means 132 sets a timeout timer as necessary.

  Prior to receiving the session code from the communication terminal 1, the terminal 1 authentication unit 135 may authenticate the user of the communication terminal 1 between the service providing server 100 and the communication terminal 1. .

  Next, the service request receiving unit 141 receives a service request from the communication terminal 2 and receives a session code encrypted with an IBE key based on the identifier of the server 100, and uses a secret key corresponding to the IBE key. When decrypted, the session code comparison unit 133 compares and collates the session code stored in the storage unit 120 with the session code received / decoded by the service request reception unit 141.

  As a result of the comparison / collation by the session code comparison unit 133, when the session codes match each other, the state update unit 134 updates the state information of the corresponding session code stored in the storage unit 120 to “confirmed”, If they do not match, they are left as they are (“unconfirmed”).

  When the above-described timeout timer is set, when a predetermined designated time has passed with the status information “unconfirmed”, the status update unit 134 stores the corresponding session code and the corresponding session code. The other information is deleted from the storage unit 120.

  When the status information of the session code in the storage unit 120 is “confirmed”, the service provision availability determination unit 142 permits the user of the communication terminal 2 corresponding to the communication terminal 1 to provide the service. The content of the service provided to the user of the communication terminal 2 is encrypted with the IBE key stored in the storage unit 120 by the encryption unit 143 and transmitted from the transmission unit 144 to the communication terminal 2.

  As described above, the service providing server and the authentication system according to the first embodiment of the present invention are transmitted by the communication terminal 1 such as a mobile phone via the secure network 4 such as the mobile phone network. The session code is compared and collated with a session code encrypted with an IBE key based on the identifier of the service providing server when a service request is received from the communication terminal 2, and the session codes are mutually compared. If the two match, the user of the communication terminal 2 is allowed to provide the service, and the content of the service provided to the user of the communication terminal 2 is also encrypted with the IBE key based on the identifier of the service providing server. Therefore, there is no phishing for the communication between the service providing server and the communication terminal 2 or a man-in-the-middle attack. While a combination of communication terminal 1 even terminal 2 can be provided a secure online service to the user.

<Second embodiment of the present invention>
FIG. 9 shows an outline of the operation of the authentication system according to the second embodiment of the present invention.

  In the second embodiment of the present invention, in providing the service to the user of the communication terminal 2 in the first embodiment described above, the service content is encrypted with the common key generated by the communication terminal 2. It is a form like this.

  In the second embodiment of the present invention, the IBE is used as a key sharing method, and the communication terminal 1 is used when receiving an online service requiring authentication, for example, a service such as electronic commerce. A mode in which the communication terminal 2 having no authentication information such as an electronic certificate succeeds in authentication performed by the service providing server 100 is described.

  The configuration of the authentication system according to the present embodiment is the same as that in the first embodiment.

  First, when the user of the communication terminal 2 makes an electronic payment for an article to be purchased in the service providing server (SP) 100, for example, the user of the communication terminal 2 owns the user when making a request for the electronic payment service to the service providing server 100. By operating the communication terminal (mobile phone) 1 to be operated, the communication terminal 1 generates a session code (1.) and displays it on the screen, and the generated session code is transmitted to the service providing server 100 via the networks 4 and 3. (2.).

  Next, the user of the communication terminal 2 looks at the session code displayed on the screen of the communication terminal 1 and inputs it to the communication terminal 2 using an input device such as a keyboard of the communication terminal 2 (2.). When the session code is input, the communication terminal 2 generates a common key including, for example, a random number of a predetermined number of bits (3.), and the service providing server sends the input session code together with the service request and the common key described above. It is encrypted with an IBE key based on the identifier (URL etc.) of 100 and transmitted to the service providing server 100 (4.).

  Next, the service providing server 100 decrypts the session code received from the communication terminal 2 with the secret key corresponding to the IBE key (obtained in advance from the key server), and the session code received from the communication terminal 1 Compare and collate (5.). If the session codes match each other, the state of the session code is confirmed and the user of the communication terminal 2 is allowed to provide an electronic payment service, and is received and decrypted together with the session code. The service content is encrypted with the common key and provided via the network 3 (6.).

  FIG. 10 shows an apparatus configuration diagram of a service providing server according to the second embodiment of the present invention. The service providing server 100 illustrated in FIG. 10 includes a common key processing unit 170 including a common key receiving unit 171 and a common key storing unit 172 in addition to the configuration of the service providing server 100 according to the first embodiment.

  When the common key receiving unit 171 receives a session code encrypted with the IBE key based on the identifier of the service providing server 100 from the communication terminal 2, the common key receiving unit 171 generates the same with the similar IBE key. The received common key is received and decrypted with the secret key (previously obtained from the key server) corresponding to the IBE key. The common key storage unit 172 stores the common key received / decrypted by the common key reception unit 171 in the storage unit 120 in association with the session code.

  The common key processing unit 170 may be configured by a module of a program processed by a processor such as a CPU.

  The encryption unit 143 encrypts the content of the service provided to the user of the communication terminal 2 with the common key stored in the storage unit 120 in association with the session code.

  The operation of the service providing server according to the second embodiment of the present invention configured as described above will be described with reference to the drawings together with the operation of the entire system. FIG. 11 is an operation sequence diagram of the authentication system according to the second embodiment of the present invention.

  First, when the session code receiving unit 131 receives the session code generated and transmitted by the communication terminal 1, the session code storing unit 132 stores the session code received by the session code receiving unit 131 in the storage unit 120. Further, the session code storage unit 132 stores “unconfirmed” status information in the storage unit 120 in association with the received session code. Furthermore, the session code storage means 132 sets a timeout timer as necessary.

  Prior to receiving the session code from the communication terminal 1, the terminal 1 authentication unit 135 may authenticate the user of the communication terminal 1 between the service providing server 100 and the communication terminal 1. .

  Next, the service request receiving unit 141 receives a service request from the communication terminal 2 and receives a session code encrypted with an IBE key based on the identifier of the server 100, and uses a secret key corresponding to the IBE key. When decrypted, the session code comparison unit 133 compares and collates the session code stored in the storage unit 120 with the session code received / decoded by the service request reception unit 141. At this time, the common key receiving means 171 encrypts the common key sent from the communication terminal 2 together with the service request and the session code, that is, the IBE key generated by the communication terminal 2 and based on the identifier of the server 100. The received common key is received and decrypted with the secret key corresponding to the IBE key. Further, the common key storage unit 172 stores the common key received / decrypted by the common key reception unit 171 in the storage unit 120 in association with the session code.

  As a result of the comparison / collation by the session code comparison unit 133, when the session codes match each other, the state update unit 134 updates the state information of the corresponding session code stored in the storage unit 120 to “confirmed”, If they do not match, they are left as they are (“unconfirmed”).

  When the above-described timeout timer is set, when a predetermined designated time has passed with the status information “unconfirmed”, the status update unit 134 stores the corresponding session code and the corresponding session code. The other information is deleted from the storage unit 120.

  When the status information of the session code in the storage unit 120 is “confirmed”, the service provision availability determination unit 142 permits the user of the communication terminal 2 corresponding to the communication terminal 1 to provide the service. The contents of the service provided to the user of the communication terminal 2 are encrypted by the encryption unit 143 with the common key stored in the storage unit 120 in association with the session code, and transmitted from the transmission unit 144 to the communication terminal 2. Sent.

  As described above, the service providing server and the authentication system according to the second embodiment of the present invention are transmitted by the communication terminal 1 such as a mobile phone via the secure network 4 such as the mobile phone network. The session code is compared and collated with a session code encrypted with an IBE key based on the identifier of the service providing server when a service request is received from the communication terminal 2, and the session codes are mutually compared. If the two match, the service of the user of the communication terminal 2 is allowed to be provided, and the contents of the service provided to the user of the communication terminal 2 are encrypted with the common key created by the communication terminal 2. The communication terminal 2 that does not have authentication information without receiving phishing or man-in-the-middle attacks on communication between the providing server and the communication terminal 2 It is possible to provide the user a secure online service with a combination of 1, can reduce the processing load required for encryption and decryption of service content in the service providing server and the communication terminal 2.

<Third embodiment of the present invention>
An outline of the operation of the authentication system according to the third embodiment of the present invention is shown in FIG.

  The third embodiment of the present invention provides terminal 2 confirmation information for confirming the user of the communication terminal 2 together with a service request and a session code from the communication terminal 2 in the first embodiment described above. It is a form which transmits to a server.

  In the third embodiment of the present invention, the IBE is used as a key sharing method, and the communication terminal 1 is used when receiving an online service requiring authentication, for example, a service such as electronic commerce. A mode in which the communication terminal 2 having no authentication information such as an electronic certificate succeeds in authentication performed by the service providing server 100 is described.

  The configuration of the authentication system according to the present embodiment is the same as that in the first embodiment.

  First, when the user of the communication terminal 2 makes an electronic payment for an article to be purchased in the service providing server (SP) 100, for example, the user possesses the electronic payment service request to the service providing server 100. By operating the communication terminal (mobile phone) 1 to be operated, the communication terminal 1 generates a session code (1.) and displays it on the screen, and the generated session code is transmitted to the service providing server 100 via the networks 4 and 3. (2.).

  Next, the user of the communication terminal 2 looks at the session code displayed on the screen of the communication terminal 1 and inputs it to the communication terminal 2 using an input device such as a keyboard of the communication terminal 2. When the session code is input, the communication terminal 2 generates terminal 2 confirmation information for confirming the user of the communication terminal 2 (3.), displays this on the screen, and further inputs the session. The code is encrypted with the IBE key based on the service request server 100 and the above-described terminal 2 confirmation information and the identifier (URL, etc.) of the service providing server 100, and transmitted to the service providing server 100 via the network 3 (4.).

  Note that the terminal 2 confirmation information described above may be text information arbitrarily input by a user using an input device of the communication terminal 2, or image information representing an image arbitrarily input or selected.

  Next, the service providing server 100 decrypts the session code received from the communication terminal 2 with the secret key corresponding to the IBE key (obtained in advance from the key server), and the session code received from the communication terminal 1 Compare and collate (5.), and if the session codes match each other, the same user uses the communication terminal 1 and the communication terminal 2 using the terminal 2 confirmation information received and decoded from the communication terminal 2 together with the session code. In this situation, in order to make the user confirm that this is not information input or selected by a third party, the information is transmitted to the communication terminal 1 via the networks 3 and 4 (6.).

  When the same terminal 2 confirmation information as the terminal 2 confirmation information generated on the screen of the communication terminal 1 and displayed on the screen is displayed on the screen of the communication terminal 1, the user has the right terminal 2 confirmation information, It can be confirmed that there is no third party.

  When the user confirms the valid terminal 2 confirmation information, when the user operates the communication terminal 1, the communication terminal 1 sends a confirmation result indicating that the terminal 2 confirmation information is valid to the service providing server 100 on the networks 4, 3 Send via (7.).

  When the service providing server 100 receives the confirmation result indicating that the terminal 2 confirmation information is valid from the communication terminal 1, the service providing server 100 confirms the state of the session code and permits the user of the communication terminal 2 to provide the electronic payment service. The service encrypted with the IBE key is provided via the network 3 (8.).

  FIG. 13 shows an apparatus configuration diagram of a service providing server according to the third embodiment of the present invention. The service providing server 100 shown in FIG. 13 includes a terminal 2 confirmation information receiving unit 181, a terminal 2 confirmation information transmitting unit 182, and a confirmation result receiving unit 183 in addition to the configuration of the service providing server 100 according to the first embodiment. And a terminal 2 confirmation information processing unit 180 including a state update unit 184.

  When the terminal 2 confirmation information receiving unit 181 receives a session code encrypted with the IBE key based on the identifier of the service providing server 100 from the communication terminal 2, the terminal 2 confirmation information receiving unit 181 generates the same with the same IBE key. The terminal 2 confirmation information for confirming the user of the communication terminal 2 sent after being encrypted is received and decrypted with a secret key corresponding to the IBE key (obtained in advance from the key server). The terminal 2 confirmation information transmitting means 182 sends the terminal 2 confirmation information received and decoded by the terminal 2 confirmation information receiving means 181 to the communication terminal 1 when the session codes compared and collated by the session code comparison means 133 match. Send.

  The confirmation result receiving unit 183 receives a confirmation result indicating whether or not the terminal 2 confirmation information is valid from the communication terminal 1. The status update unit 184 updates the status information of the session code in the storage unit 120 to “confirmed” when the confirmation result received by the confirmation result reception unit 183 indicates validity, and when the confirmation result does not indicate validity. The state is kept as it is (“unconfirmed”).

  The terminal 2 confirmation information processing unit 180 may be configured by a module of a program processed by a processor such as a CPU.

  Further, when the state update unit 134 of the session code processing unit 130 receives the terminal 2 confirmation information from the communication terminal 2, even if the session codes compared and verified by the session code comparison unit 133 match, It is assumed that the state information in the storage unit 120 is not updated.

  The operation of the service providing server according to the third embodiment of the present invention configured as described above will be described with reference to the drawings together with the operation of the entire system. FIG. 14 is an operation sequence diagram of the authentication system according to the third embodiment of the present invention.

  First, when the session code receiving unit 131 receives the session code generated and transmitted by the communication terminal 1, the session code storing unit 132 stores the session code received by the session code receiving unit 131 in the storage unit 120. Further, the session code storage unit 132 stores “unconfirmed” status information in the storage unit 120 in association with the received session code. Furthermore, the session code storage means 132 sets a timeout timer as necessary.

  Prior to receiving the session code from the communication terminal 1, the terminal 1 authentication unit 135 may authenticate the user of the communication terminal 1 between the service providing server 100 and the communication terminal 1. .

  Next, the service request receiving unit 141 receives a service request from the communication terminal 2 and receives a session code encrypted with an IBE key based on the identifier of the server 100, and uses a secret key corresponding to the IBE key. When decrypted, the session code comparison unit 133 compares and collates the session code stored in the storage unit 120 with the session code received / decoded by the service request reception unit 141. At this time, the terminal 2 confirmation information receiving means 181 also sends the terminal 2 confirmation information sent from the communication terminal 2 together with the service request and the session code, that is, the IBE generated by the communication terminal 2 and based on the identifier of the server 100. The terminal 2 confirmation information encrypted with the key is received and decrypted with the secret key corresponding to the IBE key.

  As a result of the comparison / collation by the session code comparison unit 133, when the session codes match each other, the confirmation information transmission unit 182 transmits the terminal 2 confirmation information received and decoded by the terminal 2 confirmation information reception unit 181 to the communication terminal 1. To do.

  Next, when the confirmation result receiving unit 183 receives a confirmation result indicating whether or not the terminal 2 confirmation information is valid from the communication terminal 1, the state update unit 184 receives the confirmation result received by the confirmation result receiving unit 183. If it shows validity, the status information of the session code in the storage unit 120 is updated to “confirmed”, and if it does not show validity, it remains as it is (“unconfirmed”).

  When the above-described timeout timer is set, when a predetermined designated time has passed with the status information “unconfirmed”, the status update unit 134 stores the corresponding session code and the corresponding session code. The other information is deleted from the storage unit 120.

  When the status information of the session code in the storage unit 120 is “confirmed”, the service provision availability determination unit 142 permits the user of the communication terminal 2 corresponding to the communication terminal 1 to provide the service. The content of the service provided to the user of the communication terminal 2 is encrypted with the IBE key stored in the storage unit 120 by the encryption unit 143 and transmitted from the transmission unit 144 to the communication terminal 2.

  As in the case of the second embodiment, the common key generated by the communication terminal 2 is transmitted from the communication terminal 2 together with the session code, and the content of the service provided to the user of the communication terminal 2 is the common key. You may make it encrypt with.

  As described above, the service providing server and the authentication system according to the third embodiment of the present invention are transmitted by the communication terminal 1 such as a mobile phone via the secure network 4 such as the mobile phone network. The session code is compared and collated with a session code encrypted with an IBE key based on the identifier of the service providing server when a service request is received from the communication terminal 2, and the session codes are mutually compared. If the two match, the terminal 2 confirmation information received together with the session code from the communication terminal 2 is transmitted to the communication terminal 1 to make the user of the communication terminal 1 confirm that the terminal 2 confirmation information is valid. Thus, the user of the communication terminal 2 is allowed to provide the service, and the contents of the service provided to the user of the communication terminal 2 are also stored Since encryption is performed using an IBE key based on a bespoke child, even if the session code is stolen, authentication information is retained without being subject to phishing or man-in-the-middle attacks on communication between the service providing server and the communication terminal 2. Even if there is no communication terminal 2, a highly secure online service can be provided to the user while using the communication terminal 1 together.

<Fourth embodiment of the present invention>
FIG. 15 shows a system configuration diagram of an authentication system according to the fourth embodiment of the present invention. Of the constituent elements constituting the authentication system according to the fourth embodiment of the present invention, the same constituent elements as those constituting the authentication system according to the first to third embodiments of the present invention are used. Are denoted by the same reference numerals, and description thereof is omitted.

  The authentication system shown in FIG. 15 includes a service providing server 200, an authentication server 300, a highly reliable communication terminal 1 such as a mobile phone, and a low reliability communication terminal 2 such as a personal computer related to a user of the communication terminal 1. It consists of and. When using the IBE as a key sharing method based on an identifier, a key server that generates and issues a secret key corresponding to an encryption key (public key) based on the identifier is necessary, and provides a service. The server, the authentication server, and the second communication terminal also need to obtain the corresponding secret key from the key server in order to decrypt the data encrypted with the encryption key. This point is directly related to the present invention. Because it does not do, omit. The service providing server 200 provides, for example, an EC (Electronic Commerce) site, and is configured by a general-purpose computer or the like.

  The service providing server 200, the authentication server 300 and the communication terminal 2 can communicate with each other via the network 3, and the service providing server 200, the authentication server 300 and the communication terminal 1 are mutually connected via the network 4 and the network 3. Communication is possible.

  In the fourth embodiment of the present invention, the IBE is used as a key sharing technique, and the communication terminal 1 is used when receiving an online service requiring authentication, for example, a service such as electronic commerce. A mode is described in which a communication terminal 2 that does not have authentication information such as an electronic certificate can receive a service provided by the service providing server 200 if it is authenticated by the authentication server 300.

  FIG. 16 shows an outline of the operation of the authentication system according to the present embodiment.

  First, when the user of the communication terminal 2 makes a request for the electronic payment service to the service providing server 200, the communication terminal 1 generates the session code described in the first embodiment of the present invention (1.. And the generated session code is transmitted to the authentication server 300 via the networks 4 and 3 (2.).

  It is assumed that a known mutual authentication process is performed in advance between the service providing server 200 and the authentication server 300 (0.). Also, authentication processing may be performed between the communication terminal 1 and the authentication server 300 before transmitting a session code as necessary.

  Next, the user of the communication terminal 2 inputs the session code displayed on the screen of the communication terminal 1 to the communication terminal 2 (2.). When the session code is input, the communication terminal 2 encrypts the input session code together with the service request with an IBE key based on the identifier (URL or the like) of the service providing server 200, and the service providing server via the network 3 200 (3.).

  Next, the service providing server 200 decrypts the session code received from the communication terminal 2 with the secret key corresponding to the IBE key (obtained in advance from the key server), and sends the session code to the authentication server 300 via the network 3. Transmit (4.).

  Next, the authentication server 300 is encrypted with an encryption key based on the session code received from the communication terminal 1 and the identifier of the service providing server 200 from the communication terminal 2, and transmitted to the service providing server 200. The server 200 compares and collates the session code received / decoded and transferred by the server 200 (5.), and if the session codes match each other, the status information of the confirmed session code is provided via the network 3 It transmits to the server 200 (6.).

  Next, if the status information of the session code received from the authentication server 300 has been confirmed, the service providing server 200 permits the user of the communication terminal 2 to provide an electronic payment service and encrypts it with the IBE key. A service is provided via the network 3 (7.). Note that the electronic settlement service described here is merely an example, and the service referred to in the present invention may be any service as long as it can be performed on the network.

  FIG. 17 shows an apparatus configuration diagram of a service providing server according to the fourth embodiment of the present invention.

  The service providing server 200 shown in FIG. 17 includes a communication interface 210 that communicates with the network 3 and each means including a processor such as a CPU and a storage device such as a hard disk, that is, a storage unit 220, a session Session code processing unit 230 comprising code transmission means 231, status inquiry means 232, status information reception means 233 and status update means 234, service request reception means 241, session code storage means 242, service provision availability determination means 243, encryption The service providing unit 240 includes a unit 244 and a transmission unit 245, the IBE key processing unit 250 includes an IBE key partial information acquisition unit 251, an IBE key generation unit 252, and an IBE key storage unit 253, and a request processing unit 260.

  The storage unit 220 stores and saves information related to the session code and the IBE key.

  The service request receiving unit 241 receives a service request from the communication terminal 2 and receives a session code encrypted with the IBE key based on the identifier of the server 100, and corresponds to the IBE key (from the key server in advance). Decrypt with the obtained private key.

  The session code storage unit 242 stores the session code received / decoded by the service request reception unit 241 in the storage unit 220. Further, the session code storage unit 242 stores state information indicating whether or not the validity of the session code has been confirmed (“confirmed” / “unconfirmed”) in association with the received session code in the storage unit 220. (Initially save “unconfirmed”).

  The service provision availability determination unit 243, the encryption unit 244, and the transmission unit 245 have the same functions as the service provision availability determination unit 142, the encryption unit 143, and the transmission unit 144, respectively, in the first embodiment.

  The session code transmission unit 231 transmits the session code stored in the storage unit 220 to the authentication server 300. The state inquiry unit 232 transmits an inquiry of a state indicating whether or not the validity of the session code stored in the storage unit 220 has been confirmed (“confirmed” / “unconfirmed”) to the authentication server 300.

  The status information receiving means 233 receives from the authentication server 300 the status information of the session code as a result of comparing and collating the session code from the communication terminal 1 and the session code from the communication terminal 2, that is, if they match, it is confirmed. If the session code status information does not match, the session code status information that is not confirmed is received.

  The state updating unit 234 stores the state information received by the state information receiving unit 233 in the storage unit 220, that is, updates the state information of the session code stored in the storage unit 220.

  The IBE key part information acquisition unit 251, the IBE key generation unit 252 and the IBE key storage unit 253 are the same as the IBE key part information acquisition unit 151, the IBE key generation unit 152, and the IBE key storage unit 153, respectively, in the first embodiment. It has the function of.

  The request processing unit 260 transmits the information output from each means to the network 3 via the communication interface 210, distributes the information received from the network 3 via the communication interface 210, and outputs the information to the target means. It has become.

  The session code processing unit 230, the service providing processing unit 240, the IBE key processing unit 250, and the request processing unit 260 may be configured by program modules processed by a processor such as a CPU.

  FIG. 18 shows a device configuration diagram of an authentication server according to the fourth embodiment of the present invention.

  The authentication server 300 shown in FIG. 18 includes a communication interface 310 that communicates with the network 3 and each means including a processor such as a CPU and a storage device such as a hard disk, that is, a storage unit 320, a session code, and the like. Session code processing unit comprising receiving means 331, session code storage means 332, session code comparison means 333, status update means 334, terminal 1 authentication means 335, service providing server authentication means 336, inquiry reception means 337, and status information transmission means 338 330, an IBE key processing unit 340 including an IBE key partial information acquisition unit 341, an IBE key generation unit 342, and an IBE key storage unit 343, and a request processing unit 350.

  The storage unit 320 stores and saves information related to the session code and the IBE key.

  The session code receiving unit 331 receives the session code generated and transmitted by the communication terminal 1. The session code storage unit 332 stores the session code received by the session code reception unit 331 in the storage unit 320. In addition, the session code storage unit 332 stores, in the storage unit 320, state information indicating whether or not the validity of the session code has been confirmed (“confirmed” / “unconfirmed”) in association with the received session code. (Initially save “unconfirmed”). In addition, the session code storage means 332 receives and stores the session code from the communication terminal 1 as necessary, and then receives the session code from the communication terminal 2 (directly from the communication terminal 2 or via the service providing server 200). ) It is determined whether or not the time until reception is within a predetermined designated time. When the designated time is exceeded, a timer (timeout timer) (not shown) for deleting the session code from the storage unit 320 is set.

  The session code comparison means 333 is encrypted with an encryption key based on the session code stored in the storage unit 320 from the communication terminal 1 and the identifier of the service providing server 200 from the communication terminal 2 and transmitted to the service providing server 200. The service providing server 200 compares and collates the session code received / decoded and transferred. When the session code compared / verified by the session code comparison unit 333 matches, the state update unit 334 updates the state information of the session code stored in the storage unit 320 to “confirmed” and does not match In this case, the state is left as it is (“unconfirmed”). Further, the state update means 334 has the above-described timeout timer set, and when the specified time has passed while the state information is “unconfirmed”, the corresponding session code and other information stored corresponding thereto Are deleted from the storage unit 320 (time-out process).

  The inquiry receiving unit 337 receives an inquiry about a session code or a session code state from the service providing server 200. When the inquiry receiving unit 337 receives a session code or session code status inquiry from the service providing server 200, the status information transmitting unit 338 transmits the session code status information in the storage unit 320 to the service providing server 200. .

  The terminal 1 authentication unit 335 has the same function as the terminal 1 authentication unit 135 in the first embodiment. The service providing server authentication unit 336 has a function of performing a known mutual authentication process with the service providing server 200.

  The IBE key part information acquisition unit 341, the IBE key generation unit 342, and the IBE key storage unit 343 are the same as the IBE key part information acquisition unit 151, the IBE key generation unit 152, and the IBE key storage unit 153, respectively, in the first embodiment. It has the function of.

  The request processing unit 350 transmits the information output from each means to the network 3 via the communication interface 310, sorts the information received from the network 3 via the communication interface 310, and outputs the information to the target means. It has become.

  The session code processing unit 330, the IBE key processing unit 340, and the request processing unit 350 may be configured by program modules processed by a processor such as a CPU.

  Operations of the service providing server 200 and the authentication server 300 according to the fourth embodiment of the present invention configured as described above will be described with reference to the drawings together with operations of the entire system. FIG. 19 is an operation sequence diagram of the authentication system according to the fourth embodiment of the present invention.

  First, a known mutual authentication process is performed between the service providing server 200 and the authentication server 300.

  Next, in the authentication server 300, when the session code receiving unit 331 receives the session code generated and transmitted by the communication terminal 1, the session code storage unit 332 stores the session code received by the session code receiving unit 331 in the storage unit 320. Save to. In addition, the session code storage unit 332 stores “unconfirmed” status information in the storage unit 320 in association with the received session code. Furthermore, the session code storage unit 332 sets a timeout timer as necessary.

  Prior to receiving the session code from the communication terminal 1, the user of the communication terminal 1 may be authenticated between the authentication server 300 and the communication terminal 1 by the terminal 1 authentication unit 335.

  Next, in the service providing server 200, the service request receiving unit 241 receives a service request from the communication terminal 2, receives the session code encrypted with the IBE key based on the identifier of the server 200, and receives the IBE key. The session code storage unit 242 stores the session code received / decrypted by the service request reception unit 241 in the storage unit 220. In addition, the session code storage unit 242 stores “unconfirmed” status information in the storage unit 220 in association with the received session code.

  In the service providing server 200, the session code transmission unit 231 transmits the session code stored in the storage unit 220 to the authentication server 300.

  Next, in the authentication server 300, the inquiry receiving means 337 is encrypted from the communication terminal 2 with the encryption key based on the identifier of the service providing server 200, transmitted to the service providing server 200, and received by the service providing server 200. When the session code that has been decrypted and transferred is received, the session code comparison unit 333 compares and collates the session code stored in the storage unit 320 with the session code received by the inquiry reception unit 337.

  In the authentication server 300, when the session codes match each other as a result of the comparison / collation by the session code comparison unit 333, the state update unit 334 displays the state information of the corresponding session code stored in the storage unit 320 as “ It is updated to “confirmed”, and if it does not match, it is left as it is (“unconfirmed”).

  When the above-described timeout timer is set, when a predetermined designated time has passed with the status information “unconfirmed”, the status update unit 334 stores the corresponding session code and the corresponding session code. The other information is deleted from the storage unit 320.

  Further, in the authentication server 300, when the state update unit 334 updates the session code state information in the storage unit 320, the state information transmission unit 338 transmits the session code state information to the service providing server 200.

  Next, in the service providing server 200, when the status information receiving unit 233 receives the status information of the session code from the authentication server 300, the status update unit 234 displays the status information of the corresponding session code stored in the storage unit 220. Update with the received status information, that is, update to be the same status as the status information of the session code in the storage unit 320 of the authentication server 300.

  Further, in the service providing server 200, when the status information of the session code in the storage unit 220 is “confirmed”, the service providing availability determination unit 243 notifies the user of the communication terminal 2 corresponding to the communication terminal 1 of the service. Allow offer. The content of the service provided to the user of the communication terminal 2 is encrypted by the encryption unit 244 with the IBE key stored in the storage unit 220 and transmitted from the transmission unit 245 to the communication terminal 2.

  As in the case of the second embodiment, the common key generated by the communication terminal 2 is transmitted from the communication terminal 2 together with the session code, and the content of the service provided to the user of the communication terminal 2 is the common key. You may make it encrypt with.

  As described above, the service providing server, the authentication server, and the authentication system according to the fourth embodiment of the present invention can be used in a secure network 4 such as a cellular phone network even when the service providing server and the authentication server are different. And encrypted with an IBE key based on the session code transmitted by the communication terminal 1 such as a mobile phone and the identifier of the service providing server when the service request is received from the communication terminal 2. The session code is compared and verified, and if the session codes match each other, the user of the communication terminal 2 is permitted to provide the service, and the contents of the service provided to the user of the communication terminal 2 are also Since encryption is performed using an IBE key based on the identifier of the service providing server, communication between the service providing server and the communication terminal 2 is performed. Without receiving the phishing and man-in-the-middle attacks, it is possible to provide a highly secure online service to a user while a combination of communication terminal 1 even communication terminal 2, which does not have the authentication information.

<Fifth embodiment of the present invention>
An outline of the operation of the authentication system according to the fifth embodiment of the present invention is shown in FIG.

  In the fifth embodiment of the present invention, service providing server (SP) confirmation information for confirming the service providing server is exchanged between the communication terminal 1 and the authentication server in the fourth embodiment described above. It is a form to do.

  Further, in the fifth embodiment of the present invention, the IBE is used as a key sharing technique, and the communication terminal 1 is used when receiving an online service requiring authentication, for example, a service such as electronic commerce. A mode is described in which the communication terminal 2 that does not have authentication information such as an electronic certificate succeeds in the authentication performed by the service providing server 200 when the authentication of the authentication server 300 is received.

  The configuration of the authentication system according to the present embodiment is the same as that of the fourth embodiment.

  First, when the user of the communication terminal 2 makes a request for the electronic payment service to the service providing server 200, the communication terminal 1 generates the session code described in the first embodiment of the present invention (1.. And the generated session code is transmitted to the authentication server 300 via the networks 4 and 3 (2.).

  It is assumed that a known mutual authentication process is performed in advance between the service providing server 200 and the authentication server 300 (0.). Also, authentication processing may be performed between the communication terminal 1 and the authentication server 300 before transmitting a session code as necessary.

  Next, the user of the communication terminal 2 inputs the session code displayed on the screen of the communication terminal 1 to the communication terminal 2 (2.). When the session code is input, the communication terminal 2 encrypts the input session code together with the service request with an IBE key based on the identifier (URL or the like) of the service providing server 200, and the service providing server via the network 3 200 (3.).

  Next, the service providing server 200 decrypts the session code received from the communication terminal 2 with the secret key corresponding to the IBE key (obtained in advance from the key server), and sends the session code to the authentication server 300 via the network 3. Transmit (4.).

  Next, the authentication server 300 is encrypted with an encryption key based on the session code received from the communication terminal 1 and the identifier of the service providing server 200 from the communication terminal 2, and transmitted to the service providing server 200. The server 200 compares and collates the session code received / decoded and transferred by the server 200 (5.). When the session codes match each other, SP confirmation information is generated, and the communication terminal 1 and the communication terminal 2 are identical. In order to make the user confirm that the connection destination of the communication terminal 2 is not a fake server in the situation used by the user, the data is transmitted to the communication terminal 1 via the networks 3 and 4 (6.).

  As the SP confirmation information described above, any identifier (URL or the like) of the service providing server 200 can be used.

  When the SP confirmation information generated by the authentication server 300 is displayed on the screen of the communication terminal 1, the user can confirm that the connection destination of the communication terminal 2 is valid and no third party is present. .

  When valid SP confirmation information is confirmed, when the user operates the communication terminal 1, the communication terminal 1 transmits a confirmation result indicating that the SP confirmation information is valid to the authentication server 300 via the networks 4 and 3. (7.)

  When the authentication server 300 receives the confirmation result indicating that the SP confirmation information is valid from the communication terminal 1, the authentication server 300 transmits the status information of the confirmed session code to the service providing server 200 via the network 3 (8.). .

  Next, if the status information of the session code received from the authentication server 300 has been confirmed, the service providing server 200 permits the user of the communication terminal 2 to provide an electronic payment service and encrypts it with the IBE key. A service is provided via the network 3 (9.). Note that the electronic settlement service described here is merely an example, and the service referred to in the present invention may be any service as long as it can be performed on the network.

  FIG. 21 shows a device configuration diagram of an authentication server according to the fifth embodiment of the present invention. In addition to the configuration of the authentication server 300 according to the fourth embodiment, the authentication server 300 illustrated in FIG. 21 includes an SP confirmation information generation unit 361, an SP confirmation information transmission unit 362, a confirmation result reception unit 363, and a state update unit. The SP confirmation information processing unit 360 is composed of 364.

  The SP confirmation information generation unit 361 generates SP confirmation information using some identifier of the service providing server 200 when the session codes compared and collated by the session code comparison unit 333 match. The SP confirmation information transmission unit 362 transmits the SP confirmation information generated by the SP confirmation information generation unit 361 to the communication terminal 1.

  The confirmation result receiving unit 363 receives a confirmation result indicating whether or not the SP confirmation information is valid from the communication terminal 1. The status update unit 364 updates the status information of the session code in the storage unit 320 to “confirmed” when the confirmation result received by the confirmation result receiving unit 363 indicates validity, and when the confirmation result does not indicate validity. The state is kept as it is (“unconfirmed”).

  The SP confirmation information processing unit 360 may be configured by a module of a program processed by a processor such as a CPU.

  Further, when the state update unit 334 of the session code processing unit 330 generates the SP confirmation information and transmits it to the communication terminal 1, even if the session codes compared and verified by the session code comparison unit 333 match, It is assumed that the state information in the storage unit 320 is not updated.

  Note that the configuration of the service providing server according to the present embodiment is the same as that of the fourth embodiment.

  Operations of the service providing server 200 and the authentication server 300 according to the fifth embodiment of the present invention configured as described above will be described with reference to the drawings together with operations of the entire system. FIG. 22 is an operation sequence diagram of the authentication system according to the fifth embodiment of the present invention.

  First, a known mutual authentication process is performed between the service providing server 200 and the authentication server 300.

  Next, in the authentication server 300, when the session code receiving unit 331 receives the session code generated and transmitted by the communication terminal 1, the session code storage unit 332 stores the session code received by the session code receiving unit 331 in the storage unit 320. Save to. In addition, the session code storage unit 332 stores “unconfirmed” status information in the storage unit 320 in association with the received session code. Furthermore, the session code storage unit 332 sets a timeout timer as necessary.

  Prior to receiving the session code from the communication terminal 1, the user of the communication terminal 1 may be authenticated between the authentication server 300 and the communication terminal 1 by the terminal 1 authentication unit 335.

  Next, in the service providing server 200, the service request receiving unit 241 receives a service request from the communication terminal 2, receives the session code encrypted with the IBE key based on the identifier of the server 200, and receives the IBE key. The session code storage unit 242 stores the session code received / decrypted by the service request reception unit 241 in the storage unit 220. In addition, the session code storage unit 242 stores “unconfirmed” status information in the storage unit 220 in association with the received session code.

  In the service providing server 200, the session code transmission unit 231 transmits the session code stored in the storage unit 220 to the authentication server 300.

  Next, in the authentication server 300, the inquiry receiving means 337 is encrypted from the communication terminal 2 with the encryption key based on the identifier of the service providing server 200, transmitted to the service providing server 200, and received by the service providing server 200. When the session code that has been decrypted and transferred is received, the session code comparison unit 333 compares and collates the session code stored in the storage unit 320 with the session code received by the inquiry reception unit 337.

  In the authentication server 300, if the session codes match as a result of the comparison / collation by the session code comparison unit 333, the SP confirmation information generation unit 361 generates SP confirmation information, and the SP confirmation information transmission unit 362 The SP confirmation information generated by the SP confirmation information generation unit 361 is transmitted to the communication terminal 1.

  In the authentication server 300, when the confirmation result receiving unit 363 receives a confirmation result indicating whether the SP confirmation information is valid from the communication terminal 1, the state update unit 364 receives the confirmation result receiving unit 363. When the confirmation result indicates validity, the session code state information in the storage unit 320 is updated to “confirmed”, and when the confirmation result does not indicate validity, the state is left as it is (“unconfirmed”).

  When the above-described timeout timer is set, when a predetermined designated time has passed with the status information “unconfirmed”, the status update unit 334 stores the corresponding session code and the corresponding session code. The other information is deleted from the storage unit 320.

  Further, in the authentication server 300, when the state update unit 364 updates the session code state information in the storage unit 320, the state information transmission unit 338 transmits the session code state information to the service providing server 200.

  Next, in the service providing server 200, when the status information receiving unit 233 receives the status information of the session code from the authentication server 300, the status update unit 234 displays the status information of the corresponding session code stored in the storage unit 220. Update with the received status information, that is, update to be the same status as the status information of the session code in the storage unit 320 of the authentication server 300.

  Further, in the service providing server 200, when the status information of the session code in the storage unit 220 is “confirmed”, the service providing availability determination unit 243 notifies the user of the communication terminal 2 corresponding to the communication terminal 1 of the service. Allow offer. The content of the service provided to the user of the communication terminal 2 is encrypted by the encryption unit 244 with the IBE key stored in the storage unit 220 and transmitted from the transmission unit 245 to the communication terminal 2.

  As in the case of the second embodiment, the common key generated by the communication terminal 2 is transmitted from the communication terminal 2 together with the session code, and the content of the service provided to the user of the communication terminal 2 is the common key. You may make it encrypt with.

  As described above, the service providing server, the authentication server, and the authentication system according to the fifth embodiment of the present invention can be used in a secure network 4 such as a cellular phone network even when the service providing server and the authentication server are different. And encrypted with an IBE key based on the session code transmitted by the communication terminal 1 such as a mobile phone and the identifier of the service providing server when the service request is received from the communication terminal 2. If the session codes match, the SP confirmation information is further transmitted to the communication terminal 1 to confirm that the connection destination of the communication terminal 2 is not a fake server. The content of the service provided to the user of the communication terminal 2 after allowing the user of the communication terminal 2 to permit the service to be provided Since encryption is performed using the IBE key based on the identifier of the service providing server, communication is possible even with the communication terminal 2 having no authentication information without being subjected to phishing or man-in-the-middle attacks on communication between the service providing server and the communication terminal 2. A highly secure online service can be provided to the user while using the terminal 1 together.

<Sixth Embodiment of the Present Invention>
FIG. 23 shows an outline of the operation of the authentication system according to the sixth embodiment of the present invention.

  The sixth embodiment of the present invention provides terminal 2 confirmation information for confirming the user of the communication terminal 2 together with a service request and a session code from the communication terminal 2 in the fourth embodiment described above. It is a form which transmits to a server.

  In the sixth embodiment of the present invention, the IBE is used as a key sharing technique, and the communication terminal 1 is used when receiving an online service requiring authentication, for example, a service such as electronic commerce. A mode is described in which the communication terminal 2 that does not have authentication information such as an electronic certificate succeeds in the authentication performed by the service providing server 200 when the authentication of the authentication server 300 is received.

  The configuration of the authentication system according to the present embodiment is the same as that of the fourth embodiment.

  First, when the user of the communication terminal 2 makes a request for the electronic payment service to the service providing server 200, the communication terminal 1 generates the session code described in the first embodiment of the present invention (1.. And the generated session code is transmitted to the authentication server 300 via the networks 4 and 3 (2.).

  It is assumed that a known mutual authentication process is performed in advance between the service providing server 200 and the authentication server 300 (0.). Also, authentication processing may be performed between the communication terminal 1 and the authentication server 300 before transmitting a session code as necessary.

  Next, the user of the communication terminal 2 inputs the session code displayed on the screen of the communication terminal 1 to the communication terminal 2 (2.). When the session code is input, the communication terminal 2 generates terminal 2 confirmation information for confirming the user of the communication terminal 2 (3.), displays this on the screen, and further inputs the session. The code is encrypted with an IBE key based on the service request and the above-described terminal 2 confirmation information together with the identifier (URL or the like) of the service providing server 200 and transmitted to the service providing server 200 via the network 3 (4.). The terminal 2 confirmation information described above is the same as that described in the third embodiment.

  Next, the service providing server 200 decrypts the session code and terminal 2 confirmation information received from the communication terminal 2 with a secret key (previously acquired from the key server) corresponding to the IBE key, and the session code and terminal confirmation information. Is transmitted to the authentication server 300 via the network 3 (5.).

  Next, the authentication server 300 is encrypted with an encryption key based on the session code received from the communication terminal 1 and the identifier of the service providing server 200 from the communication terminal 2, and transmitted to the service providing server 200. The server 200 compares and collates the session code received and decoded by the server 200 and transferred (6.). When the session codes match each other, the terminal 2 confirmation transferred from the service providing server 200 together with the session code is confirmed. In order to make the user confirm that the information is not information input or selected by a third party in the situation where the same user uses the communication terminal 1 and the communication terminal 2, the communication terminal 1 causes the network 3, 4 is transmitted (7.).

  When the same terminal 2 confirmation information as the terminal 2 confirmation information generated on the screen of the communication terminal 1 and displayed on the screen is displayed on the screen of the communication terminal 1, the user has the right terminal 2 confirmation information, It can be confirmed that there is no third party.

  When the user confirms the valid terminal 2 confirmation information, when the user operates the communication terminal 1, the communication terminal 1 sends a confirmation result indicating that the terminal 2 confirmation information is valid to the authentication server 300 via the networks 4 and 3. (8.).

  When the authentication server 300 receives the confirmation result indicating that the terminal 2 confirmation information is valid from the communication terminal 1, the authentication server 300 transmits the status information of the confirmed session code to the service providing server 200 via the network 3 (9. ).

  Next, if the status information of the session code received from the authentication server 300 has been confirmed, the service providing server 200 permits the user of the communication terminal 2 to provide an electronic payment service and encrypts it with the IBE key. A service is provided via the network 3 (10.). Note that the electronic settlement service described here is merely an example, and the service referred to in the present invention may be any service as long as it can be performed on the network.

  The apparatus block diagram of the service provision server which concerns on the 6th Embodiment of this invention is shown in FIG. 24 provides terminal 2 confirmation information including terminal 2 confirmation information receiving means 271 and terminal 2 confirmation information transmitting means 272 in addition to the configuration of service provision server 200 according to the fourth embodiment. A processing unit 270 is included.

  When the terminal 2 confirmation information receiving unit 271 receives from the communication terminal 2 a session code encrypted with the IBE key based on the identifier of the service providing server 200, the terminal 2 confirmation information receiving unit 271 generates the communication code with the same IBE key. The terminal 2 confirmation information for confirming the user of the communication terminal 2 sent after being encrypted is received and decrypted with a secret key corresponding to the IBE key (obtained in advance from the key server). The terminal 2 confirmation information transmitting unit 272 transmits the terminal 2 confirmation information received / decoded by the terminal 2 confirmation information receiving unit 271 to the authentication server 300 together with the session code stored in the storage unit 220.

  The terminal 2 confirmation information processing unit 270 may be configured by a program module processed by a processor such as a CPU.

  FIG. 25 shows a device configuration diagram of an authentication server according to the sixth embodiment of the present invention. 25, in addition to the configuration of the authentication server 300 according to the fourth embodiment, the terminal 2 confirmation information receiving unit 371, the terminal 2 confirmation information transmitting unit 372, the confirmation result receiving unit 373, and the state A terminal 2 confirmation information processing unit 370 including the updating unit 374 is included.

  When the terminal 2 confirmation information receiving means 371 receives the session code from the service providing server 200, the terminal 2 confirmation information receiving means 371 is generated by the communication terminal 2, encrypted with an encryption key based on the identifier of the service providing server 200, and the service providing server 200. The terminal 2 confirmation information for confirming the user of the communication terminal 2 transmitted to and received by the service providing server 200 and transferred is received. The terminal 2 confirmation information transmitting unit 372 transmits the terminal 2 confirmation information received by the terminal 2 confirmation information receiving unit 371 to the communication terminal 1.

  The confirmation result receiving unit 373 receives a confirmation result indicating whether or not the terminal 2 confirmation information is valid from the communication terminal 1. The state update unit 374 updates the state information of the session code in the storage unit 320 to “confirmed” when the confirmation result received by the confirmation result reception unit 373 indicates validity, and when the confirmation result does not indicate validity. The state is kept as it is (“unconfirmed”).

  The terminal 2 confirmation information processing unit 370 may be configured by a program module processed by a processor such as a CPU.

  In addition, when the terminal 2 confirmation information is transferred from the service providing server 200, the state update unit 334 of the session code processing unit 330 may match the session codes compared and verified by the session code comparison unit 333. The state information in the storage unit 320 is not updated.

  Operations of the service providing server 200 and the authentication server 300 according to the sixth embodiment of the present invention configured as described above will be described with reference to the drawings together with operations of the entire system. FIG. 26 is an operation sequence diagram of the authentication system according to the sixth embodiment of the present invention.

  First, a known mutual authentication process is performed between the service providing server 200 and the authentication server 300.

  Next, in the authentication server 300, when the session code receiving unit 331 receives the session code generated and transmitted by the communication terminal 1, the session code storage unit 332 stores the session code received by the session code receiving unit 331 in the storage unit 320. Save to. In addition, the session code storage unit 332 stores “unconfirmed” status information in the storage unit 320 in association with the received session code. Furthermore, the session code storage unit 332 sets a timeout timer as necessary.

  Prior to receiving the session code from the communication terminal 1, the user of the communication terminal 1 may be authenticated between the authentication server 300 and the communication terminal 1 by the terminal 1 authentication unit 335.

  Next, in the service providing server 200, the service request receiving unit 241 receives a service request from the communication terminal 2, receives the session code encrypted with the IBE key based on the identifier of the server 200, and receives the IBE key. The session code storage unit 242 stores the session code received / decrypted by the service request reception unit 241 in the storage unit 220. In addition, the session code storage unit 242 stores “unconfirmed” status information in the storage unit 220 in association with the received session code. At this time, the terminal 2 confirmation information receiving means 271 also sends the terminal 2 confirmation information sent from the communication terminal 2 together with the service request and the session code, that is, the IBE generated by the communication terminal 2 and based on the identifier of the server 200. The terminal 2 confirmation information encrypted with the key is received and decrypted with the secret key corresponding to the IBE key.

  In the service providing server 200, the session code transmission unit 231 transmits the session code stored in the storage unit 220 to the authentication server 300, and the terminal 2 confirmation information transmission unit 272 receives and receives the terminal 2 confirmation information reception unit 271. The decrypted terminal 2 confirmation information is transmitted to the authentication server 300.

  Next, in the authentication server 300, the inquiry receiving means 337 is encrypted from the communication terminal 2 with the encryption key based on the identifier of the service providing server 200, transmitted to the service providing server 200, and received by the service providing server 200. When the session code that has been decrypted and transferred is received, the session code comparison unit 333 compares and collates the session code stored in the storage unit 320 with the session code received by the inquiry reception unit 337. At this time, the terminal 2 confirmation information receiving unit 371 receives the terminal 2 confirmation information transmitted together with the session code from the service providing server 200.

  Further, in the authentication server 300, if the session codes match each other as a result of the comparison / collation by the session code comparison unit 333, the terminal 2 confirmation information transmission unit 372 receives the terminal 2 confirmation information received by the terminal 2 confirmation information reception unit 371. Information is transmitted to the communication terminal 1.

  In the authentication server 300, when the confirmation result receiving unit 373 receives a confirmation result indicating whether the terminal 2 confirmation information is valid from the communication terminal 1, the state update unit 374 receives the confirmation result receiving unit 373. If the confirmation result indicates that it is valid, the status information of the session code in the storage unit 320 is updated to “confirmed”, and if it is not valid, it is left as it is (“unconfirmed”).

  When the above-described timeout timer is set, when a predetermined designated time has passed with the status information “unconfirmed”, the status update unit 334 stores the corresponding session code and the corresponding session code. The other information is deleted from the storage unit 320.

  Further, in the authentication server 300, when the state update unit 374 updates the state information of the session code in the storage unit 320, the state information transmission unit 338 transmits the state information of the session code to the service providing server 200.

  Next, in the service providing server 200, when the status information receiving unit 233 receives the status information of the session code from the authentication server 300, the status update unit 234 displays the status information of the corresponding session code stored in the storage unit 220. Update with the received status information, that is, update to be the same status as the status information of the session code in the storage unit 320 of the authentication server 300.

  Further, in the service providing server 200, when the status information of the session code in the storage unit 220 is “confirmed”, the service providing availability determination unit 243 notifies the user of the communication terminal 2 corresponding to the communication terminal 1 of the service. Allow offer. The content of the service provided to the user of the communication terminal 2 is encrypted by the encryption unit 244 with the IBE key stored in the storage unit 220 and transmitted from the transmission unit 245 to the communication terminal 2.

  As in the case of the second embodiment, the communication terminal 2 transmits the common key generated by the communication terminal 2 together with the session code and the terminal 2 confirmation information, and provides the service provided to the user of the communication terminal 2. The contents may be encrypted with the common key.

  As described above, the service providing server, the authentication server, and the authentication system according to the sixth embodiment of the present invention can be used in a secure network 4 such as a cellular phone network even when the service providing server and the authentication server are different. And encrypted with an IBE key based on the session code transmitted by the communication terminal 1 such as a mobile phone and the identifier of the service providing server when the service request is received from the communication terminal 2. If the session codes match each other and the session codes match each other, the terminal 2 confirmation information transmitted together with the session code from the communication terminal 2 is further transmitted to the communication terminal 1, and the terminal 2 confirmation information is transmitted. After confirming that the user of the communication terminal 1 is valid, the user of the communication terminal 2 is permitted to provide the service. Since the contents of the service provided to the user of the communication terminal 2 are also encrypted with the IBE key based on the identifier of the service providing server, phishing and man-in-the-middle attacks on communication between the service providing server and the communication terminal 2 are performed. Without receiving, even the communication terminal 2 having no authentication information can provide the user with a highly secure online service while using the communication terminal 1 together.

<Seventh embodiment of the present invention>
FIG. 27 shows an outline of the operation of the authentication system according to the seventh embodiment of the present invention.

  In the seventh embodiment of the present invention, the communication terminal 2 transmits a session code to the authentication server 300 before the communication terminal 2 requests a service from the service providing server 200 in the fourth embodiment described above. Authentication.

  Further, in the seventh embodiment of the present invention, the IBE is used as a key sharing method, and the communication terminal 1 is used when receiving an online service requiring authentication, for example, a service such as electronic commerce. A mode is described in which the communication terminal 2 that does not have authentication information such as an electronic certificate succeeds in the authentication performed by the service providing server 200 when the authentication of the authentication server 300 is received.

  The configuration of the authentication system according to the present embodiment is the same as that of the fourth embodiment.

  First, when the user of the communication terminal 2 makes a request for the electronic payment service to the service providing server 200, the communication terminal 1 generates the session code described in the first embodiment of the present invention (1.. And the generated session code is transmitted to the authentication server 300 via the networks 4 and 3 (2.).

  It is assumed that a known mutual authentication process is performed in advance between the service providing server 200 and the authentication server 300 (0.). Also, authentication processing may be performed between the communication terminal 1 and the authentication server 300 before transmitting a session code as necessary.

  Next, the user of the communication terminal 2 inputs the session code displayed on the screen of the communication terminal 1 to the communication terminal 2 (2.). When the session code is input, the communication terminal 2 encrypts the input session code with an IBE key based on the identifier (URL or the like) of the authentication server 300 and transmits it to the authentication server 300 via the network 3 ( 3.).

  Next, the authentication server 300 decrypts the session code received from the communication terminal 2 with a secret key corresponding to the IBE key (obtained in advance from the key server) and compares it with the session code received from the communication terminal 1. If the session codes match each other, the status of the session code is confirmed (4.).

  Further, the communication terminal 2 encrypts the input session code together with the service request with an IBE key based on the identifier (URL or the like) of the service providing server 200 and transmits it to the service providing server 200 via the network 3 (5 .).

  Next, the service providing server 200 decrypts the session code received from the communication terminal 2 with a secret key corresponding to the IBE key (obtained in advance from the key server), and sends an inquiry about the status of the session code via the network 3. It transmits to the authentication server 300 (6.).

  Next, in response to the session code status inquiry from the service providing server 300, the authentication server 300 sends the session code status information, here the session code status information to be confirmed, via the network 3. 200 (7.).

  Next, if the status information of the session code received from the authentication server 300 has been confirmed, the service providing server 200 permits the user of the communication terminal 2 to provide an electronic payment service and encrypts it with the IBE key. A service is provided via the network 3 (8). Note that the electronic settlement service described here is merely an example, and the service referred to in the present invention may be any service as long as it can be performed on the network.

  The device configurations of the service providing server 200 and the authentication server 300 according to the seventh embodiment of the present invention are basically the same as those of the fourth embodiment.

  However, the session code transmission unit 231 of the service providing server 200 does not operate. In addition, the session code receiving unit 331 of the authentication server 300 receives the session code generated and transmitted by the communication terminal 1, and is encrypted and transmitted from the communication terminal 2 with the encryption key based on the identifier of the authentication server 300. The received session code is received / decoded. The session code storage unit 332 of the authentication server 300 stores only the session code transmitted from the communication terminal 1 in the storage unit 320 among the session codes received by the session code reception unit 131. Furthermore, the session code comparison means 333 of the authentication server 300 is encrypted and transmitted by the encryption key based on the session code from the communication terminal 1 stored in the storage unit 320 and the identifier of the authentication server 300 from the communication terminal 2. It is assumed that the received session code is compared and verified.

  Operations of the service providing server 200 and the authentication server 300 according to the seventh embodiment of the present invention configured as described above will be described with reference to the drawings together with operations of the entire system. FIG. 28 is an operation sequence diagram of the authentication system according to the seventh embodiment of the present invention.

  First, a known mutual authentication process is performed between the service providing server 200 and the authentication server 300.

  Next, in the authentication server 300, when the session code receiving unit 331 receives the session code generated and transmitted by the communication terminal 1, the session code storage unit 332 stores the session code received by the session code receiving unit 331 in the storage unit 320. Save to. In addition, the session code storage unit 332 stores “unconfirmed” status information in the storage unit 320 in association with the received session code. Furthermore, the session code storage unit 332 sets a timeout timer as necessary.

  Prior to receiving the session code from the communication terminal 1, the user of the communication terminal 1 may be authenticated between the authentication server 300 and the communication terminal 1 by the terminal 1 authentication unit 335.

  Next, in the authentication server 300, when the session code receiving unit 331 receives and decrypts the session code encrypted and transmitted by the communication terminal 2 using the IBE key based on the identifier of the authentication server 300, the session code comparing unit 333. Compares and collates the session code stored in the storage unit 320 with the session code received and decoded by the session code receiving unit 331.

  In the authentication server 300, when the session codes match each other as a result of the comparison / collation by the session code comparison unit 333, the state update unit 334 displays the state information of the corresponding session code stored in the storage unit 320 as “ It is updated to “confirmed”, and if it does not match, it is left as it is (“unconfirmed”).

  When the above-described timeout timer is set, when a predetermined designated time has passed with the status information “unconfirmed”, the status update unit 334 stores the corresponding session code and the corresponding session code. The other information is deleted from the storage unit 320.

  Next, in the service providing server 200, the service request receiving unit 241 receives a service request from the communication terminal 2, receives the session code encrypted with the IBE key based on the identifier of the server 200, and receives the IBE key. The session code storage unit 242 stores the session code received / decrypted by the service request reception unit 241 in the storage unit 220. In addition, the session code storage unit 242 stores “unconfirmed” status information in the storage unit 220 in association with the received session code.

  In the service providing server 200, the status inquiry unit 232 transmits an inquiry about the status of the session code stored in the storage unit 220 to the authentication server 300.

  Next, in the authentication server 300, the inquiry receiving means 337 is encrypted from the communication terminal 2 with the encryption key based on the identifier of the service providing server 200, transmitted to the service providing server 200, and received by the service providing server 200. When receiving the inquiry about the state of the session code that has been decrypted and transferred, the state information transmitting unit 338 transmits the state information of the session code to the service providing server 200.

  Next, in the service providing server 200, when the status information receiving unit 233 receives the status information of the session code from the authentication server 300, the status update unit 234 displays the status information of the corresponding session code stored in the storage unit 220. Update with the received status information, that is, update to be the same status as the status information of the session code in the storage unit 320 of the authentication server 300.

  Further, in the service providing server 200, when the status information of the session code in the storage unit 220 is “confirmed”, the service providing availability determination unit 243 notifies the user of the communication terminal 2 corresponding to the communication terminal 1 of the service. Allow offer. The content of the service provided to the user of the communication terminal 2 is encrypted by the encryption unit 244 with the IBE key stored in the storage unit 220 and transmitted from the transmission unit 245 to the communication terminal 2.

  As in the case of the second embodiment, the common key generated by the communication terminal 2 is transmitted from the communication terminal 2 together with the session code, and the content of the service provided to the user of the communication terminal 2 is the common key. You may make it encrypt with. Further, as in the case of the fifth or sixth embodiment, it may be confirmed that a third party has not intervened using the SP confirmation information or the terminal 2 confirmation information.

  As described above, the service providing server, the authentication server, and the authentication system according to the seventh embodiment of the present invention have a secure network 4 such as a cellular phone network even in a configuration in which the service providing server and the authentication server are different. The session code transmitted by the communication terminal 1 such as a mobile phone and the session code encrypted by the IBE key based on the identifier of the authentication server and transmitted from the communication terminal 2 to the authentication server. If the session codes match each other, the user of the communication terminal 2 is allowed to provide the service on the service providing server, and the content of the service provided to the user of the communication terminal 2 is also a service. Since encryption is performed using an IBE key based on the identifier of the providing server, communication between the service providing server and the communication terminal 2 is performed. Without receiving the phishing and man-in-the-middle attacks, it is possible to provide a highly secure online service to a user while a combination of communication terminal 1 even communication terminal 2, which does not have the authentication information.

<Eighth Embodiment of the Present Invention>
FIG. 29 shows an outline of the operation of the authentication system according to the eighth embodiment of the present invention.

  In the eighth embodiment of the present invention, when providing a service to the user of the communication terminal 2 in the seventh embodiment, the service content is encrypted with the common key generated by the authentication server. It is a form.

  Further, in the eighth embodiment of the present invention, the IBE is used as a key sharing method, and the communication terminal 1 is used when receiving an online service requiring authentication, for example, a service such as electronic commerce. A mode is described in which the communication terminal 2 that does not have authentication information such as an electronic certificate succeeds in the authentication performed by the service providing server 200 when the authentication of the authentication server 300 is received.

  The configuration of the authentication system according to the present embodiment is the same as that of the fourth embodiment.

  First, when the user of the communication terminal 2 makes a request for the electronic payment service to the service providing server 200, the communication terminal 1 generates the session code described in the first embodiment of the present invention (1.. And the generated session code is transmitted to the authentication server 300 via the networks 4 and 3 (2.).

  It is assumed that a known mutual authentication process is performed in advance between the service providing server 200 and the authentication server 300 (0.). Also, authentication processing may be performed between the communication terminal 1 and the authentication server 300 before transmitting a session code as necessary.

  Next, the user of the communication terminal 2 inputs the session code displayed on the screen of the communication terminal 1 to the communication terminal 2 (2.). When the session code is input, the communication terminal 2 encrypts the input session code with an IBE key based on the identifier (URL or the like) of the authentication server 300 and transmits it to the authentication server 300 via the network 3 ( 3.).

  Next, the authentication server 300 decrypts the session code received from the communication terminal 2 with a secret key corresponding to the IBE key (obtained in advance from the key server) and compares it with the session code received from the communication terminal 1. If the session codes match each other, the status of the session code is confirmed (4.).

  Further, when the session codes match each other, the authentication server 300 generates a common key consisting of a random number of a predetermined number of bits (5.), and encrypts it with an IBE key based on the identifier of the server 300. Then, the data is transmitted to the communication terminal 2 via the network 3 (6.).

  Further, the communication terminal 2 encrypts the input session code together with the service request with an IBE key based on the identifier (URL or the like) of the service providing server 200, and transmits it to the service providing server 200 via the network 3 (7). .).

  Next, the service providing server 200 decrypts the session code received from the communication terminal 2 with a secret key corresponding to the IBE key (obtained in advance from the key server), and sends an inquiry about the status of the session code via the network 3. It transmits to the authentication server 300 (8.).

  Next, in response to the session code status inquiry from the service providing server 300, the authentication server 300 displays the status information of the session code, here the status information of the session code that has been confirmed, together with the generated common key. 3 to the service providing server 200 (9.).

  Next, if the status information of the session code received from the authentication server 300 has been confirmed, the service providing server 200 permits the user of the communication terminal 2 to provide an electronic payment service and encrypts it using the received common key. The converted service is provided via the network 3 (810). Note that the electronic settlement service described here is merely an example, and the service referred to in the present invention may be any service as long as it can be performed on the network.

  FIG. 30 shows a device configuration diagram of a service providing server according to the eighth embodiment of the present invention. The service providing server 200 illustrated in FIG. 30 includes a common key processing unit 280 including a common key receiving unit 281 and a common key storing unit 282 in addition to the configuration of the service providing server 200 according to the seventh embodiment.

  When receiving the session code status information from the authentication server, the common key receiving unit 281 receives the common key generated and transmitted by the authentication server. The common key storage unit 282 stores the common key received by the common key reception unit in the storage unit 220 in association with the session code in the storage unit 220.

  The common key processing unit 280 may be configured by a module of a program processed by a processor such as a CPU.

  The encryption unit 244 encrypts the content of the service provided to the user of the communication terminal 2 with the common key stored in the storage unit 220 in association with the session code.

  FIG. 31 shows a device configuration diagram of an authentication server according to the eighth embodiment of the present invention. The authentication server 300 illustrated in FIG. 31 includes a common key processing unit including a common key generation unit 381, a common key storage unit 382, and a common key transmission unit 383 in addition to the configuration of the authentication server 300 according to the seventh embodiment. 380.

  The common key generation unit 381 generates a common key for encrypting the contents of the service provided to the user of the communication terminal 2 when the session codes compared and verified by the session code comparison unit 333 match. . The common key storage unit 382 stores the common key generated by the common key generation unit 381 in association with the session code in the storage unit 320. The common key transmission unit 383 encrypts the common key stored in the storage unit 320 by the common key storage unit 382 with an encryption key based on the identifier of the server 300 and transmits the encrypted key to the communication terminal 2.

  The common key processing unit 380 may be configured by a program module processed by a processor such as a CPU.

  Further, in response to the session code status inquiry from the service providing server 200, the status information transmission unit 338 returns the common key stored in association with the session code status information in the storage unit 320. It shall be.

  Operations of the service providing server 200 and the authentication server 300 according to the eighth embodiment of the present invention configured as described above will be described with reference to the drawings together with operations of the entire system. FIG. 32 is an operation sequence diagram of the authentication system according to the eighth embodiment of the present invention.

  First, a known mutual authentication process is performed between the service providing server 200 and the authentication server 300.

  Next, in the authentication server 300, when the session code receiving unit 331 receives the session code generated and transmitted by the communication terminal 1, the session code storage unit 332 stores the session code received by the session code receiving unit 331 in the storage unit 320. Save to. In addition, the session code storage unit 332 stores “unconfirmed” status information in the storage unit 320 in association with the received session code. Furthermore, the session code storage unit 332 sets a timeout timer as necessary.

  Prior to receiving the session code from the communication terminal 1, the user of the communication terminal 1 may be authenticated between the authentication server 300 and the communication terminal 1 by the terminal 1 authentication unit 335.

  Next, in the authentication server 300, when the session code receiving unit 331 receives and decrypts the session code encrypted and transmitted by the communication terminal 2 using the IBE key based on the identifier of the authentication server 300, the session code comparing unit 333. Compares and collates the session code stored in the storage unit 320 with the session code received and decoded by the session code receiving unit 331.

  In the authentication server 300, when the session codes match each other as a result of the comparison / collation by the session code comparison unit 333, the state update unit 334 displays the state information of the corresponding session code stored in the storage unit 320 as “ It is updated to “confirmed”, and if it does not match, it is left as it is (“unconfirmed”).

  When the above-described timeout timer is set, when a predetermined designated time has passed with the status information “unconfirmed”, the status update unit 334 stores the corresponding session code and the corresponding session code. The other information is deleted from the storage unit 320.

  Further, in the authentication server 300, if the session codes match each other as a result of the comparison / collation by the session code comparison unit 333, the common key generation unit 381 encrypts the contents of the service provided to the user of the communication terminal 2. Generate a common key to The common key generated by the common key generation unit 381 is stored in the storage unit 320 in association with the session code by the common key storage unit 382, and further based on the identifier of the server 300 by the common key transmission unit 383. The encrypted IBE key is encrypted and transmitted to the communication terminal 2.

  The common key sent to the communication terminal 2 is stored in the storage device of the communication terminal 2 in order to decrypt the content of the service provided by the service providing server 200.

  Next, in the service providing server 200, the service request receiving unit 241 receives a service request from the communication terminal 2, receives the session code encrypted with the IBE key based on the identifier of the server 200, and receives the IBE key. The session code storage unit 242 stores the session code received / decrypted by the service request reception unit 241 in the storage unit 220. In addition, the session code storage unit 242 stores “unconfirmed” status information in the storage unit 220 in association with the received session code.

  In the service providing server 200, the status inquiry unit 232 transmits an inquiry about the status of the session code stored in the storage unit 220 to the authentication server 300.

  Next, in the authentication server 300, the inquiry receiving means 337 is encrypted from the communication terminal 2 with the encryption key based on the identifier of the service providing server 200, transmitted to the service providing server 200, and received by the service providing server 200. Upon receiving an inquiry about the state of the session code that has been decrypted and transferred, the state information transmitting unit 338 transmits the state information of the session code to the service providing server 200 together with the associated common key and stored. .

  Next, in the service providing server 200, when the status information receiving unit 233 receives the status information of the session code from the authentication server 300, the status update unit 234 displays the status information of the corresponding session code stored in the storage unit 220. Update with the received status information, that is, update to be the same status as the status information of the session code in the storage unit 320 of the authentication server 300.

  In the service providing server 200, when the common key receiving unit 281 receives the common key transmitted simultaneously with the session code status information, the common key storage unit 282 associates the common key with the session code. And stored in the storage unit 220.

  Further, in the service providing server 200, when the status information of the session code in the storage unit 220 is “confirmed”, the service providing availability determination unit 243 notifies the user of the communication terminal 2 corresponding to the communication terminal 1 of the service. Allow offer. The contents of the service provided to the user of the communication terminal 2 are encrypted by the encryption unit 244 with the common key stored in the storage unit 220 in association with the session code, and transmitted from the transmission unit 245 to the communication terminal 2. Sent.

  As in the case of the fifth or sixth embodiment, it may be confirmed that a third party has not intervened using the SP confirmation information or the terminal 2 confirmation information.

  As described above, the service providing server, the authentication server, and the authentication system according to the eighth embodiment of the present invention can be used in a secure network 4 such as a cellular phone network even when the service providing server and the authentication server are different. The session code transmitted by the communication terminal 1 such as a mobile phone and the session code encrypted by the IBE key based on the identifier of the authentication server and transmitted from the communication terminal 2 to the authentication server. When the session codes match each other, the user of the communication terminal 2 is allowed to provide the service in the service providing server, and the common key generated by the authentication server is used for the communication terminal 2 and the service. Since the contents of the service sent to the providing server and provided to the user of the communication terminal 2 are encrypted with the common key, the service offer Providing users with highly secure online services while using the communication terminal 1 together with the communication terminal 2 without authentication information, without phishing or man-in-the-middle attacks on the communication between the server and the communication terminal 2 In addition, it is possible to reduce the processing load required for encryption and decryption of service contents in the service providing server and the communication terminal 2.

  As described above, the service providing server, the authentication server, and the authentication system according to the present invention can prevent phishing and man-in-the-middle attacks, and even a communication terminal that does not have authentication information is highly safe while using other communication terminals in combination. This has the effect of providing an online service with authentication to a user, and is useful as a user using a communication terminal, an authentication server for authenticating the communication terminal, a system using the authentication server, and the like.

Explanatory drawing showing an overview of a conventional authentication system Explanatory drawing showing the state of unauthorized access by phishing in a conventional authentication system Explanatory drawing showing the state of unauthorized access due to man-in-the-middle attacks in conventional authentication systems Explanatory drawing which shows the unauthorized access prevention technique in the authentication system of this invention The system block diagram of the authentication system which concerns on the 1st thru | or 3rd embodiment of this invention. Explanatory drawing which shows the outline | summary of operation | movement of the authentication system which concerns on the 1st Embodiment of this invention. Device configuration diagram of service providing server according to the first embodiment of the present invention The operation | movement sequence diagram of the authentication system which concerns on the 1st Embodiment of this invention Explanatory drawing which shows the outline | summary of operation | movement of the authentication system which concerns on the 2nd Embodiment of this invention. Device configuration diagram of service providing server according to second embodiment of the present invention The operation | movement sequence diagram of the authentication system which concerns on the 2nd Embodiment of this invention Explanatory drawing which shows the outline | summary of operation | movement of the authentication system which concerns on the 3rd Embodiment of this invention. The apparatus block diagram of the service provision server which concerns on the 3rd Embodiment of this invention The operation | movement sequence diagram of the authentication system which concerns on the 3rd Embodiment of this invention System configuration diagram of an authentication system according to fourth to eighth embodiments of the present invention Explanatory drawing which shows the outline | summary of operation | movement of the authentication system which concerns on the 4th Embodiment of this invention. The apparatus block diagram of the service provision server which concerns on the 4th Embodiment of this invention Device configuration diagram of authentication server according to the fourth embodiment of the present invention The operation | movement sequence diagram of the authentication system which concerns on the 4th Embodiment of this invention Explanatory drawing which shows the outline | summary of operation | movement of the authentication system which concerns on the 5th Embodiment of this invention. Device configuration diagram of authentication server according to fifth embodiment of the present invention The operation | movement sequence diagram of the authentication system which concerns on the 5th Embodiment of this invention Explanatory drawing which shows the outline | summary of operation | movement of the authentication system which concerns on the 6th Embodiment of this invention. Device configuration diagram of service providing server according to sixth embodiment of the present invention Device configuration diagram of an authentication server according to the sixth embodiment of the present invention The operation | movement sequence diagram of the authentication system which concerns on the 6th Embodiment of this invention Explanatory drawing which shows the outline | summary of operation | movement of the authentication system which concerns on the 7th Embodiment of this invention. The operation | movement sequence diagram of the authentication system which concerns on the 7th Embodiment of this invention Explanatory drawing which shows the outline | summary of operation | movement of the authentication system which concerns on the 8th Embodiment of this invention. The apparatus block diagram of the service provision server which concerns on the 8th Embodiment of this invention Device configuration diagram of authentication server according to the eighth embodiment of the present invention The operation | movement sequence diagram of the authentication system which concerns on the 8th Embodiment of this invention

Explanation of symbols

1, 2: Communication terminal 3: Internet 4: Mobile phone network 100, 200: Service providing server 300: Authentication server 110, 210, 310: Communication interface 120, 220, 320: Storage units 130, 230, 330: Session code processing Units 131, 331: Session code receiving means 132, 332: Session code storage means 133, 333: Session code comparison means 134, 234, 334: Status update means 135, 335: Terminal 1 authentication means 231: Session code transmission means 232: Status inquiry means 233: Status information reception means 336: Service provision server (SP) confirmation means 337: Inquiry reception means 338: Status information transmission means 140, 240: Service provision processing units 141, 241: Service request reception means 142, 243: Service offer Acceptability judging means 143, 244: encryption means 144, 245: transmission means 242: session code storage means 150, 250, 340: IBE processing units 151, 251 and 341: IBE key part information acquisition means 152, 252, 342: IBE Key generation means 153, 253, 343: IBE key storage means 160, 260, 350: Request processing sections 170, 280, 380: Common key processing sections 171, 281: Common key reception means 172, 282, 382: Common key storage means 381: Common key generation means 383: Common key transmission means 180, 270, 370: Terminal 2 confirmation information processing units 181, 271, 371: Terminal 2 confirmation information reception means 182, 272, 372: Terminal 2 confirmation information transmission means 183 373: Confirmation result receiving means 184, 374: State updating means 360: SP confirmation information processing unit 3 1: SP confirmation information generating means 362: SP confirmation information transmitting unit 363: check result receiving means 364: the state updating means

Claims (18)

Session code receiving means for receiving a session code generated and transmitted by the first communication terminal;
Session code storing means for storing the session code received by the session code receiving means in a storage unit;
Service request receiving means for receiving a service request from the second communication terminal and receiving and decrypting a session code encrypted with an encryption key based on the identifier of the server;
Session code comparing means for comparing and collating the session code stored in the storage unit with the session code received and decoded by the service request receiving means;
If the session codes compared and collated by the session code comparison means match, state information of the session code to be confirmed is stored in the storage unit, and if they do not match, state information of the session code to be unconfirmed is stored. State update means for storing in the storage unit;
A service provision availability determination unit for permitting a user of the second communication terminal to provide a service when the status information of the session code in the storage unit has been confirmed;
A service providing server comprising: encryption means for encrypting the contents of the service provided to the user of the second communication terminal with an encryption key based on the identifier of the server. Confirmation information for confirming the user of the second communication terminal encrypted with the encryption key based on the identifier of the server when the encrypted session code is received from the second communication terminal Confirmation information receiving means for receiving and decoding
Confirmation information transmitting means for transmitting confirmation information received / decoded by the confirmation information receiving means to the first communication terminal;
Confirmation result receiving means for receiving a confirmation result indicating whether or not the confirmation information is valid from the first communication terminal;
If the session codes compared and collated by the session code comparing means match and the confirmation result received by the confirmation result receiving means is valid, the stored state information of the session code is confirmed. 2. State update means for storing in the storage unit state information of a session code that is stored in the storage unit and is unconfirmed if the results do not match or the confirmation result does not indicate correctness. Service providing server. Service request receiving means for receiving a service request from the second communication terminal and receiving and decrypting a session code encrypted with an encryption key based on the identifier of the server;
Session code storage means for storing the session code received / decoded by the service request reception means in a storage unit;
Session code transmitting means for transmitting the session code stored in the storage unit to an authentication server;
When the session code from the first communication terminal and the session code from the second communication terminal match from the authentication server, the status information of the session code to be confirmed is confirmed. Status information receiving means for receiving status information;
State updating means for storing the state information received by the state information receiving means in the storage unit;
A service provision availability determination unit for permitting a user of the second communication terminal to provide a service when the status information of the session code in the storage unit has been confirmed;
A service providing server comprising: encryption means for encrypting the contents of the service provided to the user of the second communication terminal with an encryption key based on the identifier of the server. Confirmation information for confirming the user of the second communication terminal encrypted with the encryption key based on the identifier of the server when the encrypted session code is received from the second communication terminal Confirmation information receiving means for receiving and decoding
The service providing server according to claim 3, further comprising confirmation information transmitting means for transmitting confirmation information received and decrypted by the confirmation information receiving means to an authentication server. A common key receiving means for receiving a common key generated and transmitted by the authentication server when the status information of the session code is received from the authentication server;
A common key storage unit that stores the common key received by the common key reception unit in the storage unit;
The service according to claim 3 or 4, wherein the encryption means encrypts the content of the service provided to the user of the second communication terminal with a common key stored in the storage unit. Provision server. Encryption key generation means for generating an encryption key based on the session code stored in the storage unit;
An encryption key storage means for storing the encryption key generated by the encryption key generation means in the storage unit;
The said encryption means encrypts the content of the service provided to the user of said 2nd communication terminal with the encryption key preserve | saved at the said memory | storage part. The service providing server described. When the encrypted session code is received from the second communication terminal, the common key generated by the second communication terminal encrypted with the encryption key based on the identifier of the server is received and decrypted. A common key receiving means to
A common key storing means for storing the common key received / decrypted by the common key receiving means in the storage unit,
The said encryption means encrypts the content of the service provided to the user of said 2nd communication terminal with the common key preserve | saved at the said memory | storage part. The service providing server described. Session code receiving means for receiving a session code generated and transmitted by the first communication terminal;
Session code storing means for storing the session code received by the session code receiving means in a storage unit;
The session code stored in the storage unit and the encryption key based on the service providing server identifier are encrypted from the second communication terminal, transmitted to the service providing server, and received and decrypted by the service providing server. Session code comparison means for comparing and collating the transferred session code,
If the session codes compared and collated by the session code comparison means match, state information of the session code to be confirmed is stored in the storage unit, and if they do not match, state information of the session code to be unconfirmed is stored. State update means for storing in the storage unit;
An authentication server, comprising: status information transmitting means for transmitting status information of the session code in the storage unit to the service providing server. Service providing server confirmation information generating means for generating service providing server confirmation information for confirming the validity of the service providing server when the session codes compared and verified by the session code comparing means match;
Service providing server confirmation information transmitting means for transmitting the service providing server confirmation information generated by the service providing server confirmation information generating means to the first communication terminal;
Confirmation result receiving means for receiving a confirmation result indicating whether or not the service providing server confirmation information is valid from the first communication terminal;
If the session codes compared and collated by the session code comparing means match and the confirmation result received by the confirmation result receiving means is valid, the stored state information of the session code is confirmed. 9. A state updating unit for storing in the storage unit state information of a session code that is stored in the storage unit and is unconfirmed if they do not match or the confirmation result does not indicate validity. Authentication server. When the session code is received from the service providing server, it is encrypted from the second communication terminal with an encryption key based on the identifier of the service providing server, transmitted to the service providing server, and received by the service providing server. Confirmation information receiving means for receiving confirmation information for confirming a user of the second communication terminal that has been decrypted and transferred;
Confirmation information transmitting means for transmitting the confirmation information received by the confirmation information receiving means to the first communication terminal;
Confirmation result receiving means for receiving a confirmation result indicating whether or not the confirmation information is valid from the first communication terminal;
If the session codes compared and collated by the session code comparing means match and the confirmation result received by the confirmation result receiving means is valid, the stored state information of the session code is confirmed. 9. A state updating unit for storing in the storage unit state information of a session code that is stored in the storage unit and is unconfirmed if they do not match or the confirmation result does not indicate validity. Authentication server. Session code receiving means for receiving a session code generated and transmitted by the first communication terminal;
Session code storing means for storing the session code received by the session code receiving means in a storage unit;
Session code reception / decryption means for receiving / decrypting a session code encrypted and transmitted from the second communication terminal with an encryption key based on the identifier of the server;
Session code comparison means for comparing and collating the session code stored in the storage unit with the session code from the second communication terminal;
If the session codes compared and collated by the session code comparison means match, state information of the session code to be confirmed is stored in the storage unit, and if they do not match, state information of the session code to be unconfirmed is stored. State update means for storing in the storage unit;
An authentication server, comprising: status information transmitting means for returning status information of the session code in the storage unit in response to an inquiry about a status of a session code from a service providing server. Common key generation means for generating a common key for encrypting the contents of the service provided to the user of the second communication terminal when the session codes compared and verified by the session code comparison means match When,
Common key storage means for storing the common key generated by the common key generation means in the storage unit;
A common key transmitting means for encrypting the common key stored in the storage unit with an encryption key based on an identifier of the server and transmitting the encrypted key to the second communication terminal;
The authentication according to claim 11, wherein the state information transmitting unit returns the common key together with the session code state information in the storage unit in response to a session code state inquiry from a service providing server. server. A service providing server that provides a service; a first communication terminal that generates a session code related to the service; and a second communication terminal that requests the service;
The first communication terminal transmits the generated session code to the service providing server,
The second communication terminal encrypts the session code generated by the first communication terminal with an encryption key based on the identifier of the service providing server, and transmits the encrypted code to the service providing server.
The service providing server compares and collates the session code received from the first communication terminal with the session code received / decoded from the second communication terminal, and if the session codes match each other, An authentication system that allows a user of a communication terminal to provide the service. The second communication terminal encrypts confirmation information for confirming a user of the second communication terminal together with the session code, and transmits the encrypted information to the service providing server.
The service providing server transmits confirmation information received / decoded from the second communication terminal to the first communication terminal,
The first communication terminal transmits a confirmation result indicating whether or not the confirmation information transmitted from the service providing server is valid, to the service providing server,
The service providing server, when the session code received from the first communication terminal matches the session code received / decoded from the second communication terminal, and the confirmation result indicates validity, The authentication system according to claim 13, wherein a user of the second communication terminal is allowed to provide the service. A service providing server that provides a service, a first communication terminal that generates a session code related to the service, a second communication terminal that requests the service, and authentication that authenticates a user of the first communication terminal With a server,
The first communication terminal transmits the generated session code to the authentication server,
The second communication terminal encrypts the session code generated by the first communication terminal with an encryption key based on the identifier of the service providing server, and transmits the encrypted code to the service providing server.
The service providing server transfers the session code received / decrypted from the second communication terminal to the authentication server,
The authentication server compares and collates the session code received from the first communication terminal with the session code received / decoded and transferred by the service providing server. The status information of the session code that is unconfirmed when the status information does not match is transmitted to the service providing server. The authentication server compares and collates the session code received from the first communication terminal with the session code received / decoded and transferred by the service providing server. Send status information to the service providing server, and if it matches, generate service providing server confirmation information for confirming the validity of the service providing server and send it to the first communication terminal,
The first communication terminal transmits a confirmation result indicating whether or not the service providing server confirmation information transmitted from the authentication server is valid to the authentication server,
The authentication system according to claim 15, wherein the authentication server transmits status information of a session code to be confirmed to the service providing server when the confirmation result indicates validity. The second communication terminal encrypts confirmation information for confirming a user of the second communication terminal together with the session code, and transmits the encrypted confirmation information to the service providing server.
The service providing server transfers confirmation information received / decrypted from the second communication terminal together with the session code to the authentication server,
The authentication server compares and collates the session code received from the first communication terminal with the session code received / decoded and transferred by the service providing server. Send status information to the service providing server, and if it matches, send confirmation information received and decoded by the service providing server and transferred to the first communication terminal,
The first communication terminal transmits a confirmation result indicating whether or not the confirmation information transmitted from the authentication server is valid, to the authentication server,
The authentication system according to claim 15, wherein the authentication server transmits status information of a session code to be confirmed to the service providing server when the confirmation result indicates validity. A service providing server that provides a service, a first communication terminal that generates a session code related to the service, a second communication terminal that requests the service, and authentication that authenticates a user of the first communication terminal With a server,
The first communication terminal transmits the generated session code to the authentication server,
The second communication terminal encrypts the session code generated by the first communication terminal with an encryption key based on the identifier of the authentication server, and transmits the encrypted code to the authentication server.
The second communication terminal encrypts the session code generated by the first communication terminal with an encryption key based on the identifier of the service providing server, and transmits the encrypted code to the service providing server.
The service providing server sends an inquiry about the state of the session code received / decoded from the second communication terminal to the authentication server,
The authentication server compares and collates the session code received from the first communication terminal with the session code received / decoded from the second communication terminal, and if it matches, the session code status information to be confirmed Is returned to the service providing server in response to an inquiry about the state of the session code from the service providing server.

Images