JP2017060147A - Image processing device, control method therefor, and program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a control method for an image processing device for performing path encryption communication with high security while preventing spoofing of the image processing device when a mobile terminal performs user authentication for the image processing device.SOLUTION: When an image processing device receives an initial connection request from a mobile terminal S504 YES, it displays a generated PIN code on an operation unit S524. Upon receiving information corresponding to the PIN code from the mobile terminal S55, it compares the information received from the mobile terminal with the generated PIN code and thereby performs authentication S527. If the authentication is a success S528 YES, the image processing device generates a public key and a secret key S521, and transmits the generated public key to the mobile terminal S522.SELECTED DRAWING: Figure 5

Description

  The present invention relates to an image processing apparatus connectable from a mobile terminal, a control method thereof, and a program.

  In recent years, a multifunction device, which is one of information communication processes having various wireless communication functions, has been provided with a cooperation function with a mobile terminal. For example, a multifunction machine equipped with a wireless LAN, Bluetooth (registered trademark), or the like is known. Japanese Patent Application Laid-Open No. 2004-228867 proposes a technique for controlling printing of a multifunction peripheral from a mobile terminal using Bluetooth.

  As a multifunction device, not only the print control by Bluetooth, but also a user authentication function via communication from a mobile terminal via Bluetooth can be considered. In this case, it is necessary for the mobile terminal to transmit confidential information such as a user ID and a password to the multifunction device. The password input range is generally 8 or more alphanumeric symbols. In order to handle confidential information on the communication path, path encrypted communication must be performed between the mobile terminal and the multifunction peripheral.

  Conventionally, when performing route encryption communication using Bluetooth, the device receiving the connection displays the PIN code, the device requesting the connection inputs the PIN code, and if it matches, the key is exchanged. Encryption is performed with a key. The PIN code handled by this Bluetooth is 6 digits.

Japanese Patent Application No. 2014-230178

  However, the above prior art has the following problems. The PIN code handled by Bluetooth is six digits, but the password input range is generally set in a wider range. Therefore, there is a security threat that password information is acquired if a brute force attack or the like is performed when a PIN code is input. Usually, when path encryption is performed, a method of exchanging an LTK (Long Term Key) with a mobile terminal after verifying a PIN code is used. However, there is a threat that it cannot be determined whether the mobile terminal has acquired the LTK from the correct multifunction peripheral, and a malicious third party impersonates the multifunction peripheral and obtains the user ID and password sent from the mobile terminal. is there. Therefore, it is necessary to realize the path encryption of the user authentication information by performing encryption from a correct multifunction machine without impersonation while maintaining higher complexity and encryption strength than the PIN code.

  The present invention has been made in view of the above-described problems, and when performing user authentication from a mobile terminal to an image processing apparatus, high-security path encryption communication while preventing impersonation of the image processing apparatus. The purpose is to provide a mechanism for

  The present invention is an image processing apparatus capable of communicating from an external terminal, a receiving unit that receives a connection request from the external terminal, and a first allocation request that is assigned to the external terminal when receiving the first connection request by the receiving unit. Generating means for generating an identifier of the number of digits; display means for displaying the identifier generated by the generating means; and receiving information corresponding to the identifier from the external terminal after displaying the identifier by the display means And a control means for generating a public key and a secret key, and transmitting the generated public key to the external terminal.

  ADVANTAGE OF THE INVENTION According to this invention, when performing user authentication with respect to an image processing apparatus from a mobile terminal, highly secure path | route encryption communication can be performed, preventing the impersonation of an image processing apparatus.

1 is a block diagram of a multifunction machine 100 and a mobile terminal 21 according to an embodiment. 6 is a diagram showing an example of an authentication setting screen of a mobile terminal of the multifunction machine 100. FIG. 3 is a diagram illustrating an example of an initial connection setting screen of a mobile terminal of the multifunction machine 100. FIG. The figure which shows the example of the device connection setting screen of the mobile terminal. 6 is a flowchart showing a flow of processing for accepting an initial connection setting from a mobile terminal of the multifunction peripheral 100 according to an embodiment. FIG. 3 is a diagram illustrating an example of a main menu screen of the multifunction machine 100. 6 is a flowchart showing a flow of user authentication processing with the mobile terminal of the multifunction peripheral 100 according to an embodiment. The figure which shows the example of the user authentication setting screen of the mobile terminal. 6 is a flowchart showing a flow of processing for accepting an initial connection setting from a mobile terminal of the multifunction peripheral 100 according to an embodiment. 6 is a diagram showing an example of an authentication setting screen of a mobile terminal of the multifunction peripheral 100 according to an embodiment. FIG. FIG. 3 is a diagram illustrating an example of a PIN code initial setting screen of a mobile terminal of the multi-function peripheral. 6 is a flowchart showing a flow of processing for accepting an initial connection setting from a mobile terminal of the multifunction peripheral 100 according to an embodiment. The flowchart which shows the flow of a process of the mobile terminal which concerns on one Embodiment. 6 is a flowchart showing a flow of processing for accepting an initial connection setting from a mobile terminal of the multifunction peripheral 100 according to an embodiment. The flowchart which shows the flow of a process of the mobile terminal which concerns on one Embodiment.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings. The following embodiments do not limit the present invention according to the claims, and all combinations of features described in the present embodiments are not necessarily essential to the solution means of the present invention. .

<First Embodiment>
<Configuration of image processing apparatus and mobile terminal>
Hereinafter, a first embodiment of the present invention will be described. First, with reference to FIG. 1, a schematic configuration of a multifunction peripheral 100 that is an image processing apparatus according to the present embodiment and a mobile terminal 21 that is an external terminal will be described. The lower part of FIG. 1 shows a schematic configuration of the multifunction peripheral 100 and the upper part of the mobile terminal 21. The multifunction device 100 and the mobile terminal 21 are communicably connected. In the present embodiment, the communication will be described by taking an example of communication by Bluetooth connection.

  First, the configuration of the multifunction device 100 will be described. The multifunction machine 100 includes a control unit 200, a scanner unit 201, a printer unit 202, and an operation unit 210. The control unit 200 is connected to the scanner unit 201 that is an image input device and the printer unit 202 that is an image output device, and on the other hand, is connected to the network 101 and the public line 204 to input and output image information and device information. . The control unit 200 includes a CPU 205, a RAM 206, a ROM 207, an HDD 208, an operation unit I / F 209, a network I / F 211, a wireless communication unit 212, an SRAM 213, an RTC 214, and an image bus I / F 216. The control unit 200 further includes a RIP unit 218, a device I / F 219, a scanner image processing unit 220, a printer image processing unit 221, an encryption processing unit 222, and a decryption processing unit 223.

  A CPU 205 is a processor that comprehensively controls the entire multifunction peripheral 100. A RAM 206 is a system work memory for the CPU 205 to operate, and is also a memory for temporarily storing image data, user information, a password, and the like. A ROM 207 is a boot ROM, and stores a system boot program. An HDD 208 is a hard disk drive that stores system software, applications, and image data. A program for executing a flowchart described later according to the present embodiment is also stored in the HDD 208.

  Each step of the flowchart according to the present embodiment is realized by the CPU 205 reading out the program stored in the HDD 208 to the RAM 206 and executing the program. However, a processor other than the CPU 205 may execute the steps of the flowchart, or the CPU 205 and another processor may cooperate to execute the processing of the flowchart.

  An operation unit interface (I / F) 209 is an interface unit with the operation unit 210 having a touch panel, and outputs image data to be displayed on the operation unit 210 to the operation unit 210. In addition, information input by the user of the system from the operation unit 210 is transmitted to the CPU 205. The operation unit 210 also serves as a display unit as a user interface.

  A network interface (I / F) 211 is connected to the network 101 and inputs / outputs information. The wireless communication unit 212 is connected to the wireless network 102 and inputs / outputs information. Wireless communication with the mobile terminal 21 is performed via the wireless communication unit 212.

  The SRAM 213 is a non-volatile storage medium that can operate at high speed. The RTC 214 is a real-time clock, and performs a process of continuously counting the current time even when the control unit 200 is not powered. The above devices are arranged on the system bus 215.

  The image bus I / F 216 is a bus bridge that connects the system bus 215 and an image bus 217 that transfers image data at high speed, and converts the data structure. The image bus 217 is configured by a PCI bus or IEEE1394. The following devices are arranged on the image bus 217. The RIP unit 218 is a raster image processor and develops a PDL code into a bitmap image. A device I / F 219 connects the scanner unit 201 and the printer unit 202, which are image input / output devices, and the control unit 200, and performs synchronous / asynchronous conversion of image data.

  The scanner image processing unit 220 corrects, processes, and edits input image data. The printer image processing unit 221 performs printer correction, resolution conversion, and the like on the print output image data. The encryption processing unit 222 performs encryption processing of input data including image data. The decryption processing unit 223 performs decryption processing of encrypted data.

  Next, the configuration of the mobile terminal 21 will be described. The mobile terminal includes a control unit 20 and a mobile terminal operation unit 23. The control unit 20 includes a mobile terminal operation unit I / F 22, a CPU 24, an internal memory 25, a RAM 26, an encryption processing unit 27, a decryption processing unit 28, and a wireless communication unit 29.

  The CPU 24 is a processor that comprehensively controls the entire mobile terminal 21. The RAM 26 is a system work memory for the CPU 24 to operate, and is also a memory for temporarily storing user information, passwords, and the like. In the internal memory 25, the system boot program stores system software, applications, and image data. A program for executing a flowchart described later in the present embodiment is also stored in the internal memory 25. The encryption processing unit 27 performs encryption processing of input data and random number generation. The decryption processing unit 28 performs decryption processing of the encrypted data.

  The mobile terminal operation unit interface (I / F) 22 is an interface unit with the mobile terminal operation unit 23 having a touch panel, and outputs image data to be displayed on the mobile terminal operation unit 23 to the mobile terminal operation unit 23. In addition, information input by the user of the system from the mobile terminal operation unit 23 is transmitted to the CPU 24. The mobile terminal operation unit 23 also serves as a display unit as a user interface. The wireless communication unit 29 is connected to the wireless network 102 and inputs / outputs information. Wireless communication with the multifunction peripheral 100 is performed via the wireless communication unit 29.

  Each step of the flowchart of the present embodiment is realized by the CPU 24 reading out the program stored in the internal memory 25 to the RAM 26 and executing it. However, a processor other than the CPU 24 may execute the steps of the flowchart, or the CPU 24 and another processor may cooperate to execute the processing of the flowchart.

<Screen example>
Next, an authentication setting screen 231 of the mobile terminal included in the multifunction machine 100 will be described with reference to FIG. The authentication setting screen 231 is displayed by the operation unit 210. The authentication setting screen 231 of the mobile terminal enables switching between valid 232 and invalid 233 settings of Bluetooth user authentication settings. When the Bluetooth user authentication setting is valid 232, the multi-function device 100 accepts a connection request for Bluetooth communication with the mobile terminal 21. If the Bluetooth user authentication setting is invalid 233, the multi-function device 100 does not make a Bluetooth communication connection with the mobile terminal 21. Also, when the Bluetooth user authentication setting is valid 232, the Bluetooth security communication setting (security mode) can be switched.

  In the present embodiment, there are two types of settings: “Bluetooth standard mode 234 (first mode)” and “enhanced security mode 235 (second mode)”. The “Bluetooth standard mode” is an encrypted communication mode using a conventional Bluetooth PIN code. The PIN code described in the present embodiment indicates a personal identification number within 6 digits that is normally used. The “security enhanced mode” is a setting for realizing high-security route encrypted communication while preventing spoofing, and detailed control will be described later. When the Bluetooth security communication setting is in the enhanced security mode 235, the PIN code input setting can be switched between valid 236 and invalid 237.

  According to the present embodiment, these settings are input by the operation unit 210, and the setting values are held in the SRAM 213. In the example of FIG. 2, the Bluetooth user authentication setting is enabled 232, the enhanced security mode 235 is selected, and the PIN code input setting is set to disabled 237. When an OK button 238 is selected after these settings are selected, the settings are determined and held in the SRAM 213. On the other hand, when the cancel button 239 is selected, the setting is not settled but cancelled.

  Next, a mobile terminal initial connection setting screen 311 included in the multifunction peripheral 100 will be described with reference to FIG. The initial connection setting screen 311 is displayed by the operation unit 210. The initial connection setting screen 311 displays a message 312 necessary for the mobile terminal 21 to perform Bluetooth communication with the multifunction peripheral 100. After confirming the screen, the user can return to the previously displayed screen by operating the cancel button 313. Details of the initial connection setting screens 321 and 331 will be described later.

  Next, the device connection setting screen 411 that the mobile terminal 21 has will be described with reference to FIG. The device connection setting screen 411 is displayed by the mobile terminal operation unit 23. The device connection setting screen 411 displays a connection device list 412 to which the mobile terminal 21 can issue a Bluetooth connection request. After confirming the screen, the user can return to the previously displayed screen by operating the cancel button 413. Details of the device connection setting screens 421, 431, and 441 will be described later.

<Processing procedure>
Next, with reference to FIG. 5, a processing procedure of the MFP 100 that transmits information on public keys necessary for user authentication when an initial connection request is received from the mobile terminal according to the present embodiment will be described. . Processing of the multifunction device 100 described below is controlled by the control unit 200 in the multifunction device 100. Specifically, the processing described below is realized by the CPU 205 reading out the control program stored in the HDD 208 to the RAM 206 and executing it. This flowchart is executed when the CPU 205 functions as an accepting unit and accepts a connection request from a mobile terminal.

  In step S <b> 501, the CPU 205 acquires the Bluetooth user authentication setting that is set on the authentication setting screen 231 illustrated in FIG. 2 and saved in the SRAM 213. In step S502, the CPU 205 determines whether or not the acquired Bluetooth user authentication setting is valid. That is, it is determined whether the Bluetooth user authentication setting is set to valid 232 or invalid 233 on the authentication setting screen 231 in FIG. If the CPU 205 determines in step S502 that the acquired Bluetooth user authentication setting is invalid, the process ends.

  On the other hand, if it is determined in step S502 that the Bluetooth user authentication setting is valid, the process advances to step S503, and the CPU 205 receives a mobile terminal initial connection setting request from the operation unit 210. In step S <b> 504, the CPU 205 determines whether a mobile terminal initial connection setting request is received from the mobile terminal 21. If received, the process proceeds to S505, and if not received, the process returns to S503. The initial connection setting request is transmitted from the mobile terminal 21 to the multifunction device 100 when the multifunction device 100 is selected from the device list 412 on the device connection setting screen 411 in FIG. The

  In step S505, the CPU 205 establishes a Bluetooth connection with the mobile terminal 21 in accordance with the received initial connection setting request. In step S <b> 506, the CPU 205 acquires the Bluetooth security communication setting from the SRAM 213. In step S <b> 507, the CPU 205 determines whether the acquired Bluetooth security communication setting is in the Bluetooth standard mode or the enhanced security mode. If it is the Bluetooth standard mode, the process proceeds to S508, and if it is the enhanced security mode, the process proceeds to S515.

  In step S <b> 508, the CPU 205 displays the PIN code on the operation unit 210 of the multifunction device 100. As shown in the initial connection setting screen 321 in FIG. 3, a PIN code 324 is displayed together with the message 322. The first connection setting screen 321 shows an example in which “265862” is displayed as the PIN code. According to the present embodiment, this PIN code is randomly generated every time an initial connection setting request is received from the mobile terminal 21. The multifunction peripheral 100 according to the present embodiment has a specification in which the screen returns to the multifunction peripheral main menu 601 shown in FIG. 6 when a certain time such as 60 seconds elapses. The MFP main menu 601 is displayed so that each of the function buttons 602 to 605 can be selected.

  In step S <b> 509, the CPU 205 receives a PIN code input from the mobile terminal 21. In step S <b> 510, the CPU 205 determines whether a PIN code has been received from the mobile terminal 21. If received, the process proceeds to S511, and if not received, the determination is repeated periodically. As shown in the device connection setting screen 421 in FIG. 4, the PIN code is input via the screen displayed on the mobile terminal operation unit 23 of the mobile terminal 21. This device connection setting screen 421 has a PIN code input field 423. The user inputs a PIN code from the mobile terminal operation unit 23 to the PIN code input field 423. When the PIN code input OK button 425 is pressed, the CPU 24 of the mobile terminal 21 is connected to the wireless network 102 by the wireless communication unit 29 and transmits the input PIN code to the multifunction device 100. The transmitted PIN code is received by the multi-function device 100 in S509.

  In step S <b> 511, the CPU 205 verifies whether the PIN code received from the mobile terminal 21 matches the PIN code displayed on the operation unit 210. In step S512, the CPU 205 determines whether the PIN code received from the mobile terminal 21 matches the PIN code displayed on the operation unit 210 based on the verification result. If they do not match, the process returns to S509, and if they match, the process proceeds to S513.

  In step S513, the CPU 205 exchanges the mobile terminal 21 with an LTK (Long Term Key). In step S514, the CPU 205 stores the replaced LTK in the SRAM 213, and ends this process. The processing from S508 to S514 is a function of a conventional Bluetooth PIN code, and when the mobile terminal side does not support the enhanced security mode, it can be used by the multifunction device 100 as a setting that emphasizes connectivity. However, there may be a case where only the later-described security enhancement mode can be selected as an emphasis on security, and there is no particular limitation.

  If it is determined in S507 that the acquired Bluetooth user authentication setting is the enhanced security mode, the process proceeds to S515. In step S <b> 515, the CPU 205 acquires a PIN code input setting from the SRAM 213. In step S516, the CPU 205 determines whether the acquired PIN code input setting is valid or invalid. That is, it is determined whether the setting in FIG. 2 is valid 236 or invalid 237. If valid, the process proceeds to S524, and if invalid, the process proceeds to S517.

  In step S517, the CPU 205 generates a random number and displays it on the operation unit 210. As shown in the initial connection setting screen 331 of FIG. 3, a random number 334 is displayed on the screen together with a message 332. In the example of FIG. 3, a random number “16164126” is displayed. According to the present embodiment, this random number is regenerated every time an initial connection setting request is received from the mobile terminal 21. The random number is an 8-digit number (second digit number), and has a larger number of digits than the 6-digit (first digit number) PIN code. The number of digits of the random number is an example, and is not intended to limit the present invention, and may be a larger number of digits. Note that the MFP 100 according to the present embodiment has a specification in which the screen returns to the MFP main menu 601 in FIG. 6 when a certain time such as 60 seconds elapses.

  In step S <b> 518, the CPU 205 transmits a random number to the mobile terminal 21. A device connection setting screen 431 in FIG. 4 is a screen that displays a message 432 and a random number 434 received by the mobile terminal 21 from the multifunction peripheral 100, and is displayed on the mobile terminal operation unit 23.

  The user compares the random number 334 displayed on the operation unit 210 of the multi-function device 100 with the random number 434 displayed on the mobile terminal operation unit 23 of the mobile terminal 21, and determines whether the correct multi-function device 100 determines whether they match. Whether or not a public key has been received can be confirmed. As a result, spoofing of the multifunction device 100 can be prevented. If the user determines that the random numbers match, the user presses the confirmation OK button 435 via the mobile terminal operation unit 23. The CPU 24 of the mobile terminal 21 determines that the confirmation OK button 435 is pressed, and transmits confirmation OK information to the multifunction device 100. On the other hand, when the random numbers do not match, the user determines that there is a possibility of impersonation, and presses the cancel button 433, thereby the connection setting can be terminated.

  Next, in step S519, the CPU 205 receives confirmation OK information from the mobile terminal 21. Here, the confirmation OK information is confirmation information indicating that the mobile terminal 21 has received a random number. In step S520, the CPU 205 determines whether confirmation OK information is received from the mobile terminal 21. If received, the process proceeds to S521, and if not received, the process returns to S519.

  In step S <b> 521, the CPU 205 generates a private key / public key pair and stores the key pair in the SRAM 213. Subsequently, in step S <b> 522, the CPU 205 transmits a public key to the mobile terminal 21. Here, after receiving the public key from the MFP 100, the mobile terminal 21 displays the device connection setting screen 441 shown in FIG. 4 on the mobile terminal operation unit 23, and notifies the user of the completion of the initial connection setting. Next, in step S523, the CPU 205 disconnects the connection with the mobile terminal 21, and ends this process. In the processing from S517 to S522 described above, the multi-function device 100 can transmit a public key used for user authentication to the mobile terminal 21 while preventing impersonation.

  If it is determined in S516 that the obtained PIN code input setting is valid, the process proceeds to S524. In step S <b> 524, the CPU 205 displays a PIN code on the operation unit 210. The screen displayed on the operation unit 210 by the CPU 205 is the same as the initial connection setting screen 321 of FIG. Subsequently, in S525, the CPU 205 receives an input of a PIN code from the mobile terminal 21. Here, the mobile terminal 21 accepts the input of the PIN code via the device connection setting screen 421 and transmits the accepted PIN code to the multifunction device 100. In step S526, the CPU 205 determines whether a PIN code is received from the mobile terminal 21. If received, the process proceeds to S527, and if not received, the process is periodically repeated.

  In step S <b> 527, the CPU 205 verifies whether the PIN code received from the mobile terminal 21 matches the PIN code displayed on the operation unit 210. In step S528, the CPU 205 determines whether the PIN code received from the mobile terminal 21 matches the PIN code displayed on the operation unit 210 based on the verification result. If it is determined that they do not match, the process returns to S525, and if they match, the process proceeds to S521. Since the processing after S521 has been described above, a description thereof will be omitted.

  In contrast to the above-described S517 to S522, the PIN code is input to the user in the processing from S524 to S528. This is a function provided assuming a user who wants to perform more strictly, although spoofing can be prevented by the processing of S517 to S522. The above is the control of the MFP 100 when an initial connection request is received from the mobile terminal in the present embodiment.

  Next, with reference to FIG. 7, a processing procedure in which the multi-function device 100 accepts user authentication by the second and subsequent Bluetooth communications from the mobile terminal 21 and executes user authentication will be described. That is, when the above-described initial connection request process shown in FIG. 5 has already been performed, the process of this flowchart is executed. Processing of the multifunction device 100 described below is controlled by the control unit 200 in the multifunction device 100. Specifically, the processing described below is realized by the CPU 205 reading out the control program stored in the HDD 208 to the RAM 206 and executing it.

  In step S <b> 701, the CPU 205 acquires the Bluetooth user authentication setting set on the authentication setting screen 231 illustrated in FIG. 2 and stored in the SRAM 213. In step S <b> 702, the CPU 205 determines whether the acquired Bluetooth user authentication setting is valid. If it is valid, the process proceeds to S703, and if invalid, the process is terminated. In the case of invalidity, the multi-function device 100 is in a state where it does not accept user authentication through Bluetooth communication.

  In step S <b> 703, the CPU 205 acquires a Bluetooth security communication setting from the SRAM 213. In step S <b> 704, the CPU 205 determines whether the acquired Bluetooth security communication setting setting is the Bluetooth standard mode or the enhanced security mode. If it is the Bluetooth standard mode, the process proceeds to S705, and if it is the enhanced security mode, the process proceeds to S713.

  In step S <b> 705, the CPU 205 receives a user authentication request from the mobile terminal 21 in the Bluetooth standard mode. In step S <b> 706, the CPU 205 determines whether a user authentication request in the Bluetooth standard mode has been received from the mobile terminal 21. If accepted, the process proceeds to S707, and if not accepted, the process returns to S705.

  In step S707, the CPU 205 receives the encrypted user ID and password from the mobile terminal 21, and proceeds to step S708. FIG. 8 shows a user authentication setting screen 801 for setting a user ID and password transmitted from the mobile terminal 21 to the multifunction peripheral 100. In the present embodiment, when the user authenticates the MFP 100 from the mobile terminal 21, the user ID 802 and the password 803 are input in advance from the operation unit 23 and stored in association with the MFP 100. To do. The user can confirm and save the input by pressing the OK button 804 in a state where the user ID 802 and the password 803 are input, and cancel the setting by pressing the cancel button 805. be able to. This user ID 802 and password 803 are retained unless the setting of the mobile terminal 21 is reset. By holding this, the multi-function device 100 detects that the mobile terminal 21 is approaching, and the user authentication process is automatically performed by Bluetooth communication.

  In step S708, the CPU 205 decrypts the encrypted user ID and password using the LTK previously stored in the SRAM 213 described above with reference to FIG. In step S <b> 709, the CPU 205 verifies whether the decrypted user ID and password are correct by comparing them with information registered in the multifunction peripheral 100. In step S710, the CPU 205 determines whether the user ID and the password are correct based on the verification result. If it is correct, the process proceeds to S711, and if not correct, the process proceeds to S712.

  In step S711, the CPU 205 transmits user authentication OK information to the mobile terminal 21, and ends this process. On the other hand, in step S712, the CPU 205 transmits user authentication NG information to the mobile terminal 21, and ends this process. The processing from S705 to S711 is a conventional Bluetooth path encryption communication function. This assumes that when the mobile terminal side does not support the enhanced security mode, it is used in the multifunction device 100 as a setting that emphasizes connectivity.

  On the other hand, if the Bluetooth user authentication setting acquired in S704 is the enhanced security mode, the process proceeds to S713. In step S713, the CPU 205 receives a user authentication request from the mobile terminal 21 in the security enhancement mode. In step S <b> 714, the CPU 205 determines whether a user authentication request in the enhanced security mode has been received from the mobile terminal 21. If accepted, the process proceeds to “S715. If not accepted, the process returns to S713.

  In step S <b> 715, the CPU 205 establishes a Bluetooth connection with the mobile terminal 21. Subsequently, in S716, the CPU 205 generates challenge data. Here, the challenge data according to the present embodiment is a random value expressed by a 16-digit alphanumeric symbol, and is generated every time a connection is made. The generation method is not particularly limited as long as it is a value that cannot be predicted in advance.

  In step S <b> 717, the CPU 205 transmits the generated challenge data to the mobile terminal 21. In step S718, the CPU 205 receives the common key encrypted with the public key and the challenge data from the mobile terminal 21, and proceeds to step S719. Between S717 and S718, the mobile terminal 21 encrypts the received challenge data and the common key generated by the mobile terminal 21 with the public key previously held by the control described above with reference to FIG. Send to.

  In step S <b> 719, the CPU 205 decrypts the received encrypted common key and challenge data using the private key held in the SRAM 213. In S720, the CPU 205 compares the decrypted challenge data with the challenge data generated in S716. In step S721, the CPU 205 determines from the comparison result whether the decrypted challenge data matches the challenge data generated in step S716. If they match, the process proceeds to S722, and if they do not match, the process proceeds to S731. In step S731, the CPU 205 transmits authentication NG to the mobile terminal 21, and ends this process.

  On the other hand, in step S722, the CPU 205 stores the decrypted common key in the SRAM 213, transmits OK information to the mobile terminal 21 in step S723, and proceeds to step S724. After the processing of S723, that is, after the mobile terminal 21 receives the OK information from the multifunction device 100, the mobile terminal 21 encrypts the user ID and password encrypted using the common key, and Send information.

  In step S724, the CPU 205 receives the user ID and password encrypted with the common key from the mobile terminal 21. In step S725, the CPU 205 determines whether a user ID and a password have been received. If received, the process proceeds to S726, and if not received, the process returns to S724.

  In step S <b> 726, the CPU 205 decrypts the received user ID and password using the common key stored in the SRAM 213. In step S <b> 727, the CPU 205 verifies whether the decrypted user ID and password match information registered in the MFP 100. In step S728, the CPU 205 determines whether the user ID and the password match as a result of the verification. If they match, the process proceeds to S729, and if they do not match, the process proceeds to sS730.

  In step S729, the CPU 205 transmits user authentication OK information to the mobile terminal 21, and ends this process. On the other hand, in S730, the CPU 205 transmits user authentication NG information to the mobile terminal 21, and ends this processing. The above is the description of the control in which the MFP 100 accepts user authentication by Bluetooth communication from the mobile terminal 21 and executes user authentication.

  As described above, when the image processing apparatus according to the present embodiment receives the first connection request from a mobile terminal (external terminal), the identifier (for example, within 6 digits) assigned to the mobile terminal ( PIN code) is generated. Further, the image processing apparatus displays the generated identifier on the operation unit 210, and when information corresponding to the identifier is received from the mobile terminal, the information is compared with the generated identifier and authentication is performed. If the authentication is successful, a public key and a secret key are generated, and the generated public key is transmitted to the mobile terminal. As a result, when user authentication is performed from the mobile terminal 21 to the image processing apparatus, high-security path encryption communication can be realized while preventing impersonation of the image processing apparatus, and confidential information such as a user ID and a password can be realized. It becomes possible to prevent leakage.

  In the image processing apparatus according to the present invention, it is possible to set whether the use of the PIN code is valid or invalid. When the PIN code is invalidated, the first digit number which is the number of digits of the PIN code is set. A random number having a larger second digit number is generated and transmitted to the mobile terminal. In this case, if confirmation information indicating that a random number has been received is received from the mobile terminal, a public key and a secret key are generated, and the public key is transmitted to the mobile terminal. As a result, it is possible to omit the input of the PIN code by the user, and even if a brute force attack or the like is performed when the PIN code is input, it is possible to prevent password impersonation by preventing impersonation of the image processing apparatus. Can avoid the threat.

  In addition, when accepting a second or subsequent connection request, the image processing apparatus generates challenge data each time, transmits it to the mobile terminal, and encrypts with the public key generated at the time of the first connection request as a response. The encrypted challenge data and common key are received from the mobile terminal. When received, the challenge data and the common key are decrypted with the secret key generated at the time of the first connection request, and if the generated challenge data matches the challenge data received as a response, encryption is performed using the common key. Communicate.

<Second Embodiment>
Hereinafter, a second embodiment of the present invention will be described. In the first embodiment, when the enhanced security mode and the PIN input setting are invalid, the MFP 100 transmits the public key to the mobile terminal 21 on the condition that the confirmation OK information is received from the mobile terminal 10. However, in Bluetooth communication, the number of simultaneous connections may be limited depending on the specifications on the device side. For example, when the number of simultaneous connections in which the MFP 100 can establish a Bluetooth connection is “1”, connection from another mobile terminal becomes impossible while the user is setting the initial connection to the mobile terminal 21. At this time, when another mobile terminal searches for the Bluetooth terminal, the MFP 100 itself may not be visible. Therefore, when the connection between the multifunction device and the mobile terminal is as short as possible, connectivity with other mobile terminals can be secured, and convenience can be improved.

  Therefore, in the present embodiment, in the multifunction device 100 having the Bluetooth communication function with the mobile terminal, the multifunction device 100 receives a connection request from the mobile terminal and transmits a public key necessary for user authentication, and immediately after that, Control for disconnecting the connection will be described. With reference to FIG. 9, a processing procedure according to the present embodiment will be described. Processing of the multifunction device 100 described below is controlled by the control unit 200 in the multifunction device 100. Specifically, the processing described below is realized by the CPU 205 reading out the control program stored in the HDD 208 to the RAM 206 and executing it. The process of FIG. 9 is obtained by adding the processes of S929 to S933 to the process of FIG. 5 according to the first embodiment. That is, in the present embodiment, the processing of S901 to S928 in the flowchart shown in FIG. 9 is the same as the processing of S501 to S528 described in the flowchart of FIG.

  If it is determined in S916 that the acquired PIN code input setting is invalid, the process proceeds to S929. In step S <b> 929, the CPU 205 acquires the connection time reduction setting (setting of the shortening function) at the first connection from the SRAM 213. Thereafter, the process proceeds to S930.

  FIG. 10 shows an authentication setting screen 1001 of the mobile terminal that can set the connection time reduction setting 1010 at the first connection, and is displayed on the operation unit 210. The settings other than the connection time reduction setting 1010 at the time of the initial connection are the same as those described with reference to FIG. 2 of the first embodiment. The connection time reduction setting 1010 at the first connection can be set only when the PIN code input setting is invalid 1007. When the user wants to validate the setting, the user activates the check box via the operation unit 210. The example of FIG. 10 shows an example of a screen in which the check box is activated and the connection time reduction setting 1010 at the first connection is activated. This set value is held in the SRAM 213 like the other settings.

  Returning to the description of FIG. In step S930, the CPU 205 determines whether the connection time reduction setting at the first connection is valid. If invalid, the process proceeds to S917. Subsequent control is the same as in the first embodiment, and a description thereof will be omitted.

  On the other hand, if it is valid, the process advances to step S931, and the CPU 205 generates a random number and a public / private key pair. Subsequently, in S932, the CPU 205 displays a random number on the operation unit 210. In step S933, the CPU 205 transmits the generated random number and public key to the mobile terminal 21. Subsequently, in step S923, the CPU 205 disconnects the connection with the mobile terminal and ends the process.

  If the connection time reduction setting at the time of the initial connection is valid by the control of S929 to S933 and S923 described above, the connection is disconnected without waiting for reception of confirmation OK information from the mobile terminal. As a result, the connection time between the multifunction device 100 and the mobile terminal 21 can be shortened, and even when the number of simultaneously connectable multifunction devices 100 is small, the influence on other mobile terminals can be reduced and the convenience can be improved. .

<Third Embodiment>
Hereinafter, a third embodiment of the present invention will be described. In this embodiment, the image processing apparatus that has received the PIN code from the mobile terminal determines whether the PIN code used in the first connection is a fixed PIN code or a one-time PIN code. Furthermore, only when it is determined that the PIN code is a fixed PIN code, the image processing apparatus according to the present embodiment issues a random number. In addition, description is abbreviate | omitted about the structure and control similar to the said embodiment.

<Screen example>
First, a PIN code initial setting screen 1101 displayed on the operation unit 210 of the multifunction peripheral 100 will be described with reference to FIG. The PIN code initial setting screen 1101 is used to set in advance whether the PIN code issued by the multi-function peripheral 100 is a fixed PIN code or a one-time PIN code.

  Reference numeral 1102 denotes an input field for setting when a PIN code is issued. Reference numeral 1103 denotes a radio button for changing the issued PIN code to a fixed PIN code. Reference numeral 1104 denotes a radio button for changing the issued PIN code to a one-time PIN code. Further, it is assumed that 1103 and 1104 are in an exclusive relationship, and both cannot be enabled at the same time. Normally, this is set by the system administrator when installing the multi-function peripheral, and cannot be set by a general user. The fixed PIN code is a PIN code registered in advance in the multifunction peripheral and the mobile terminal, and a value that does not overlap with the one-time PIN code is used. In the present embodiment, the fixed PIN code is stored in advance in the storage unit (HDD 208) of the multifunction peripheral 100 and the storage unit (RAM 26) of the mobile terminal 21.

<Processing procedure>
Next, with reference to FIG. 12, a processing procedure in which the MFP 100 receives a connection request from the mobile terminal and connects in the MFP 100 having a Bluetooth communication function with the mobile terminal will be described. Processing of the multifunction device 100 described below is controlled by the control unit 200 in the multifunction device 100. Specifically, the processing described below is realized by the CPU 205 reading out the control program stored in the HDD 208 to the RAM 206 and executing it.

  In step S <b> 1201, the CPU 205 displays the initial connection setting screen 311 of the mobile terminal on the operation unit 210. In step S <b> 1202, the CPU 205 waits for a PIN code display request to be transmitted from the mobile terminal 21 via the wireless communication unit 212. If a PIN code display request is received, the process proceeds to S1203. In step S1203, the CPU 205 issues a PIN code and stores the PIN code in the HDD 208. The PIN code includes a fixed PIN code and a one-time PIN code. When the control unit 200 issues a fixed PIN code, a predefined PIN code is read from the HDD 208. When issuing a one-time PIN code, the control unit 200 obtains it by calculation. Whether the control unit 200 issues a fixed PIN code or a one-time PIN code is preset in the MFP 100 on the PIN code initial setting screen 1101 by a system administrator (not shown). Shall.

  In step S1204, the CPU 205 displays the initial connection setting screen 321 of the mobile terminal on the operation unit 210. A PIN code 324 is displayed on the initial connection setting screen 321 of the mobile terminal. In the present embodiment, “265862” is displayed in the PIN code. In step S <b> 1205, the CPU 205 determines whether a PIN code is received from the mobile terminal 21 via the wireless communication unit 212. When the PIN code is received, the process proceeds to S1206.

  In step S1206, the CPU 205 compares the PIN code received in step S1205 with the PIN code issued by the control unit 200 in step S1203. If the received PIN code is equal to the issued PIN code, the process proceeds to S1207. Otherwise, the process proceeds to S1202.

  In step S1207, the CPU 205 determines whether the PIN code being used is a fixed PIN code or a one-time PIN code. In this case, the CPU 205 compares the PIN code being used with the fixed PIN code stored in the HDD 208. If the CPU 205 determines that the PIN codes are equal, the CPU 205 determines that the fixed PIN code is being used, and the process advances to step S1208. On the other hand, if it is determined that the PIN codes are not equal, it is determined that the one-time PIN code is used, and the process proceeds to S1213.

  In step S <b> 1208, the CPU 205 waits for reception of a random number issue request from the mobile terminal 21 via the wireless communication unit 212. If a random number issuance request is received, the process proceeds to S1209. In step S1209, the CPU 205 issues a random number and stores the random number in the HDD 208. In step S <b> 1210, the CPU 205 displays the initial connection setting screen 331 for the mobile terminal on the operation unit 210. A random number is displayed on the initial connection setting screen 331 of the mobile terminal. In this embodiment, “16164126” is displayed as a random number.

  In step S <b> 1211, the CPU 205 waits for reception of a random number verification result from the mobile terminal 21 via the wireless communication unit 212. If a collation result is received, it will progress to S1212. In step S1212, the CPU 205 determines whether the collation result received in step S1211 is OK. If the collation result is OK, the process proceeds to S1213, and if not, the process proceeds to S1202.

  In step S <b> 1213, the CPU 205 determines that authentication with the mobile terminal 21 is possible, and permits the connection between the mobile terminal 21 and the multifunction peripheral 100. In step S <b> 1214, the CPU 205 connects the multifunction peripheral 100 to the mobile terminal 21 via the wireless communication unit 212 and ends the process.

  Next, a processing procedure of the mobile terminal 21 in the present embodiment will be described with reference to FIG. Note that the processing of the mobile terminal 21 in this specification is controlled by the control unit 20 in the mobile terminal 21. Specifically, the processing described below is realized by the CPU 24 reading out the control program stored in the internal memory 25 to the RAM 26 and executing it.

  In S <b> 1301, the CPU 24 displays a device connection setting screen 411 on the mobile terminal operation unit 23 in response to a request from the mobile terminal operation unit 23. The device connection setting screen 411 displays a connection device list 412 to which the mobile terminal 21 can issue a Bluetooth connection request.

  In S1302, the CPU 24 selects a connected device from the connected device list 412 of the mobile terminal operation unit 23 according to the user input. Then, the CPU 24 requests connection to the multifunction device 100 via the wireless communication unit 29 of the mobile terminal 21 and waits for connection. When the CPU 24 detects a connection response of the multifunction machine 100, the process proceeds to S1303.

  In step S1303De, the CPU 24 displays a device connection setting screen 421 on the mobile terminal operation unit 23. A screen prompting the user to enter a PIN code is displayed in the PIN code input field 423 of the device connection setting screen 421. Subsequently, in S1304, the CPU 24 detects the PIN code input by the user in the PIN code input field 423 of the device connection setting screen 421. In this case, the PIN code displayed on the initial connection setting screen 321 of the mobile terminal displayed on the operation unit 210 of the MFP 100 is input. If the input of the PIN code is detected, the CPU 24 stores the input PIN code in the RAM 26 and proceeds to S1305.

  In step S <b> 1305, the CPU 24 transmits a PIN code to the multifunction device 100 via the wireless communication unit 29 of the mobile terminal 21. In step S <b> 1306, the CPU 24 receives the determination result of the PIN code transmitted from the mobile terminal 21 to the multifunction device 100 in step S <b> 1305 from the multifunction device 100. If the determination result indicates OK, the process proceeds to S1307, and if the determination result indicates NG, the process proceeds to S1302.

  In S1307, the CPU 24 determines whether the PIN code stored in the RAM 26 and input in S1304 is a fixed PIN code or a one-time PIN code. If the CPU 24 determines that the PIN code input in S1304 is a fixed PIN code, the process proceeds to S1308. If the CPU 24 determines that the PIN code is a one-time PIN code, the process proceeds to S1313. Note that the CPU 24 performs a determination by reading a predetermined fixed PIN code from the RAM 26 and comparing it with the input PIN code (RAM 26). In addition, it is assumed that the fixed PIN code (RAM 26) defined in advance stores a code equal to the PIN code stored in the HDD 208 of the multifunction peripheral 100.

  In step S <b> 1308, the CPU 24 requests the operation unit 210 of the multifunction peripheral 100 to display a random number via the wireless communication unit 29. In step S <b> 1309, the CPU 24 waits for a random number displayed on the operation unit 210 of the multifunction device 100 to be received from the multifunction device 100 via the wireless communication unit 29. If it is determined that the random value has been received, the CPU 24 stores the random value in the RAM 26 and proceeds to S1310.

  In step S <b> 1310, the CPU 24 displays the random number value 434 received from the multifunction device 100 on the device connection setting screen 431. In the present embodiment, an example in which “16164126” is displayed as a random number value is shown.

  In S1311, the CPU 24 waits for the OK button 435 or the cancel button 433 to be pressed on the device connection setting screen 431 of the mobile terminal operation unit 23. When the OK button 435 is pressed, the CPU 24 determines that the random number value displayed on the mobile terminal operation unit 23 is equal to the random number value displayed on the operation unit 210 of the multifunction peripheral 100. Then, the CPU 24 transmits a result (OK) message to the multifunction peripheral 100 via the wireless communication unit 29 of the mobile terminal 21. On the other hand, when the cancel button 433 is pressed, it is determined that the random number value displayed on the mobile terminal operation unit 23 is not equal to the random number value displayed on the operation unit 210 of the MFP 100. Then, the CPU 24 transmits a result (NG) to the multi-function device 100 via the wireless communication unit 29 of the mobile terminal 23.

  In S1312, the CPU 24 determines whether or not the random number collation determination result transmitted in S1311 is OK. If OK, the process proceeds to S1313. Otherwise, the process proceeds to S1302. In S <b> 1313, the CPU 24 waits for a response from the multi-function device 100 to the random number verification result transmission in S <b> 1311. When there is a response from the multifunction device 100 via the wireless communication unit 29, the mobile terminal 21 is permitted to connect to the multifunction device 100. In step S <b> 1314, the CPU 24 connects to the multifunction peripheral 100 via the wireless communication unit 29 and ends the process.

  As described above, the image processing apparatus according to the present embodiment determines whether the PIN code used at the time of the first connection is a fixed PIN code or a one-time PIN code for the PIN code received from the mobile terminal. To do. Furthermore, the image processing apparatus issues a random number only when it is determined that the PIN code is a fixed PIN code, and when it is determined that the PIN code is a one-time PIN code, the authentication is successful and the connection is permitted without issuing the random number. The Therefore, according to the present embodiment, in the case of authentication using a fixed PIN code, a random number is issued in order to further improve security, and in the case of a one-time PIN code, since the security performance is high in the first place, a random number is issued. Authentication can be performed quickly without any problems. In the present embodiment, whether or not the PIN code is a fixed PIN code is determined by determining whether or not the PIN code in use matches the fixed PIN code stored in the HDD 208 or the like.

<Fourth Embodiment>
Hereinafter, a fourth embodiment of the present invention will be described. In the present embodiment, a processing procedure for determining a fixed PIN code based on a random number value issued by the multifunction device 100 will be described. In addition, description is abbreviate | omitted about the structure and control similar to the said embodiment.

<Processing procedure>
First, with reference to FIG. 14, a processing procedure of the multifunction peripheral 100 when an initial connection request is received from the mobile terminal 21 will be described. Processing of the multifunction device 100 described below is controlled by the control unit 200 in the multifunction device 100. Specifically, the processing described below is realized by the CPU 205 reading out the control program stored in the HDD 208 to the RAM 206 and executing it. Here, the same control as in the third embodiment described in FIG. 12 is assigned the same step number, and the description is omitted. That is, since the processing of S1201 to S1214 is the same, the description thereof is omitted.

  If it is determined in S1207 that it is not a fixed PIN code, the process proceeds to S1401. In step S <b> 1401, the CPU 205 issues a predetermined random number value (default value) and stores the predetermined random number value in the HDD 208. When the CPU 205 issues the default value, the default value defined in advance is read from the HDD 208. Thereafter, the process proceeds to S1213.

  Next, a processing procedure of the mobile terminal 21 in the present embodiment will be described with reference to FIG. Note that the processing of the mobile terminal 21 in this specification is controlled by the control unit 20 in the mobile terminal 21. Specifically, the processing described below is realized by the CPU 24 reading out the control program stored in the internal memory 25 to the RAM 26 and executing it. In addition, here, the same control numbers as those in the third embodiment described with reference to FIG. That is, the processes in S1301 to S1306 and S1308 to S1314 are the same, and the description thereof is omitted. Note that the determination of S1307 is deleted from the flowchart of FIG. 13, and the determination of S1501 is performed between S1309 and S1310.

  Specifically, in S1501, the CPU 24 determines whether or not the random number stored in the RAM 26 is a predetermined random number value (default value). If it is determined that the received random value is not the default value, the process proceeds to S1310, and if not, the process proceeds to S1313. Note that the CPU 24 reads the predefined random number value (predetermined value) from the RAM 26 and compares the received random number value (RAM 26) with the received random value (RAM 26). In addition, it is assumed that the predefined random number value (RAM 26) stores a value equal to the random number value (predetermined value) stored in the HDD 208 of the multifunction peripheral 100.

  As described above, in addition to the control in the third embodiment, the image processing apparatus according to the present embodiment issues a predetermined random number value even in the case of a one-time PIN code. On the other hand, when a mobile terminal receives a random number, it determines whether it is a default random number value. If it is a default random number value, it does not perform authentication using the random number, and if it is not the default random number value, it uses it. It is determined that the PIN code inside is a fixed PIN code, and authentication using a random number is executed. Even in such control, the same effect as in the third embodiment can be obtained.

<Other embodiments>
The present invention supplies a program that realizes one or more functions of the above-described embodiments to a system or apparatus via a network or a storage medium, and one or more processors in the computer of the system or apparatus read and execute the program This process can be realized. It can also be realized by a circuit (for example, ASIC) that realizes one or more functions.

  20: Control unit, 21: Mobile terminal, 23: Mobile terminal operation unit, 24: CPU, 29: Wireless communication unit, 100: Multi-function device, 200: Control unit, 201: Scanner unit, 202: Printer unit, 205: CPU 210: operation unit 212: wireless communication unit

Claims (10)

An image processing apparatus that can communicate from an external terminal,
Accepting means for accepting a connection request from the external terminal;
When receiving the connection request for the first time by the receiving means, generating means for generating an identifier of the first digit number assigned to the external terminal;
Display means for displaying the identifier generated by the generating means;
Control means for generating a public key and a secret key when the information corresponding to the identifier is received from the external terminal after displaying the identifier by the display means, and transmitting the generated public key to the external terminal. An image processing apparatus. Further comprising setting means for setting whether to validate or invalidate the authentication using the identifier,
When authentication using the identifier is set to invalid by the setting means,
The generating means generates a random number having a second digit number larger than the first digit number of the identifier instead of the identifier,
The display means displays the random number generated by the generating means;
When the control means transmits the random number displayed by the display means to the external terminal and receives confirmation information indicating that the external terminal has received the random number as a response to the transmission of the random number, the public key and The image processing apparatus according to claim 1, wherein a secret key is generated, and the generated public key is transmitted to the external terminal. The setting means further sets whether to enable or disable the shortening function that shortens the connection time in the initial connection request,
When the authentication using the identifier is set to invalid by the setting means, and the shortening function is set to valid,
The generating means generates a random number having a second digit number larger than the first digit number of the identifier instead of the identifier,
The display means displays the random number generated by the generating means on a display unit of the image processing apparatus,
The image processing apparatus according to claim 2, wherein the control unit generates a public key and a secret key, and transmits the random number displayed by the display unit and the generated public key to the external terminal. . The setting means further includes:
As a security mode in communication with the external terminal, a first mode or a second mode in which security is strengthened than the first mode is set,
The control means, when the first mode is set by the setting means, exchanges a Long Term Key with the external terminal when receiving information corresponding to the identifier from the external terminal. Item 4. The image processing apparatus according to Item 2 or 3. When the generation unit receives the connection request for the second time or later by the reception unit, the generation unit generates challenge data,
The control unit transmits the challenge data generated by the generation unit to the external terminal, and the response encrypted with the public key generated at the time of the first connection request is transmitted as a response to the challenge data. When the data and the common key are received from the external terminal, the challenge data and the common key are decrypted with the secret key generated at the time of the first connection request, the challenge data generated by the generation unit, and the response The image processing apparatus according to any one of claims 1 to 4, wherein if the challenge data received as s matches, the encrypted communication is performed using the common key.   The image processing apparatus according to claim 1, wherein when the public key is transmitted to the external terminal, the control unit disconnects the connection with the external terminal.   The image processing apparatus according to claim 1, wherein the communication with the external terminal is Bluetooth communication.   The image processing apparatus according to claim 7, wherein the identifier is a PIN code used in the Bluetooth communication. An image processing apparatus control method capable of communicating from an external terminal,
An accepting step for accepting a connection request from the external terminal;
When the generation unit receives the first connection request in the reception step, a generation step of generating an identifier of the first digit number assigned to the external terminal;
A display step for displaying the identifier generated in the generation step;
Control means for generating a public key and a secret key when receiving information corresponding to the identifier from the external terminal after displaying the identifier in the display step, and transmitting the generated public key to the external terminal And a method of controlling the image processing apparatus. A program for causing a computer to execute each step in a control method of an image processing apparatus communicable from an external terminal, wherein the method includes:
An accepting step for accepting a connection request from the external terminal;
When the generation unit receives the first connection request in the reception step, a generation step of generating an identifier of the first digit number assigned to the external terminal;
A display step for displaying the identifier generated in the generation step;
Control means for generating a public key and a secret key when receiving information corresponding to the identifier from the external terminal after displaying the identifier in the display step, and transmitting the generated public key to the external terminal A program characterized by executing a process.

Images