JP2018046575A - Authentication system and image formation apparatus - Google Patents

Abstract

PROBLEM TO BE SOLVED: To inexpensively perform authentication with high security on an apparatus to be authenticated.SOLUTION: An authentication system comprises: an apparatus 101 to be authenticated for generating first authentication data; an authenticator converter 103 for converting the first authentication data generated by the apparatus 101 to be authenticated to second authentication data; and an authentication apparatus 102 for authenticating the apparatus 101 to be authenticated using the second authentication data obtained by the authenticator converter 103's conversion. The first authentication data includes: an authenticator obtained by encrypting challenge data output from the authentication apparatus 102 and predetermined data possessed by the apparatus 101 to be authenticated, using an encryption system using a first encryption key; and the predetermined data possessed by the apparatus 101 to be authenticated. The second authentication data includes: an authenticator obtained by encrypting the challenge data output from the authentication apparatus 102 and the predetermined data possessed by the apparatus 101 to be authenticated, using an encryption system using a second encryption key, on the basis of an authentication result obtained by the authenticator converter 103 authenticating the first authentication data; and the predetermined data possessed by the apparatus 101 to be authenticated.SELECTED DRAWING: Figure 2

Description

  The present invention relates to an authentication system for authenticating a wearer and an authenticator converter for converting an authenticator from the wearer into an authenticator of an authenticator for authenticating the wearer.

  In a multi-function printer (hereinafter referred to as a printer) having a print function and a copy function, consumables and periodic replacement parts are replaced in units. For example, since a fixing device, which is an essential function of a printer, is used in a high-temperature environment, its life is shorter than that of a printer main body, and is therefore often designed to be easily replaced.

  Many printers are provided with an expansion function so that an optional feeder or an optional paper discharge device can be attached to the printer. However, if a unit that is not a device compatible with the printer body (printer specifications) (for example, for other types of printer bodies) is installed in the printer by mistake, not only will the printer not operate, There is also a risk. For this reason, it is important to determine whether or not a unit suitable for the printer body is mounted, particularly for a unit that requires high reliability such as a fixing device. When it is determined that a unit that does not match the main body is attached, it is necessary to alert the user. In order to determine whether or not the attached device is a suitable unit, an authentication technique that is a kind of cryptographic technique has already been used. As the authentication method, for example, there are a challenge response authentication method using a common key encryption, an electronic signature using a public key encryption, and the like.

  The challenge-response authentication method is based on the premise that the device to be authenticated that is the wearer and the authenticator that is the authentication source each have a common key. The device to be authenticated encrypts the data (challenge data) given by the authenticator and sends the encrypted data (response data) back to the authenticator. The authenticator receives the encrypted data sent back from the device to be authenticated. Judgment of authentication is performed based on whether or not it is correct. The encryption performed here is performed by a message authentication code technique as described in Non-Patent Document 1, for example. Further, by using the message authentication code technique, it is possible to send the internal data of the device to be authenticated and authenticate the device to be authenticated at a time.

  The challenge-response authentication method is executed based on common key encryption, and the authentication result is determined by whether or not the authenticator and the device to be authenticated have the same encryption key (common key). It is important that is kept secret. Therefore, it is desirable that the common key data and the authentication operation are handled by a tamper-resistant chip having high security so that the common key information is not easily leaked.

  On the other hand, in an electronic signature as described in Non-Patent Document 2, an authenticated device that is a mounting device and an authenticator that is an authentication source may have a key that is not a common key but a pair. It is a premise. In the electronic signature technology, there are two entities: a signer that generates an electronic signature (authenticated device) and a verifier (authenticator) that verifies the validity of the signature. Then, the verifier verifies whether or not the message sent by the signer is surely created by the signer using public key cryptography. In the case of digital signature technology, the authenticator and the device to be authenticated do not have a common key. Therefore, it is sufficient to keep only the secret key held by the device to be authenticated, There is no need to keep the public key secret. Therefore, only the key data and the authentication operation on the authenticated device side need be handled by the tamper resistant chip.

However, a tamper-resistant chip equipped with public key cryptography is more expensive than a tamper-resistant chip equipped with common key cryptography. Therefore, in order to reduce the cost, it is desirable to mount a tamper-resistant chip equipped with a common key encryption technology on consumables that are to be authenticated or parts that are periodically replaced.

  For example, Patent Document 1 proposes an authentication system for ensuring the supply of a compatible device to be authenticated. In the authentication system of Patent Document 1, the authenticator reads the data inside the device to be authenticated and the signature data obtained by encrypting the digest of the data, compares the digest of the read data with the decrypted signature data, Authenticate the authenticator. The authenticator combines the challenge data supplied by the authenticator, the digest stored by itself, and the common secret data with the authenticator, creates a digest again, and returns it as response data. The authenticator combines the challenge data, the decrypted signature data, and the common secret data with the device to be authenticated, and authenticates the device to be authenticated based on whether or not it matches the digested data.

JP 2000-76063 A

ISO / IEC 9797-1: 1999, Information technology-Security techniques-MassageAuthentication Codes (MACs) -Part1: Mechanisms using a block cipher FIPS PUB 186-3: Federal information processing standards publication Digital Signature Standard (DSS)

  However, in the above-described conventional example, when consumables or periodic replacement parts are mounted, authentication by the printer itself is not performed, and authentication by a personal computer or the like which is an external device connected to the printer body is necessary. there were. When common key cryptography is used as an authentication technique, it is necessary to mount a tamper resistant chip in both the authenticator and the authenticator in order to satisfy security. However, it is difficult to mount a tamper-resistant chip that is a custom part on a personal computer that is a general-purpose product, and there is a problem that the personal computer cannot be used as an authentication device. Further, when using public key cryptography as an authentication technique, it is not necessary to mount a tamper resistant chip on a personal computer as an authentication apparatus. However, since it is necessary to mount a tamper-resistant chip equipped with public key cryptography on a device to be authenticated that is a consumable item, there is a problem that the cost increases.

  The present invention has been made under such circumstances, and an object of the present invention is to perform high-security authentication for a device to be authenticated while suppressing cost.

  In order to solve the above-described problems, the present invention is configured as follows.

(1) An authenticator that generates first authentication data, an authenticator converter that converts the first authentication data generated by the authenticator into second authentication data, and the authenticator conversion An authenticator for authenticating the device to be authenticated based on the second authentication data converted by the authentication device, wherein the first authentication data is output from the authenticator and the authenticator converter An authenticator obtained by encrypting challenge data input to the device to be authenticated and predetermined data possessed by the device to be authenticated by an encryption method using a first encryption key, and the predetermined data possessed by the device to be authenticated The second authentication data is output from the authenticator and input to the authenticator converter based on an authentication result obtained by authenticating the first authentication data by the authenticator converter. Challenge data and the device to be authenticated An authenticator obtained by encrypting the predetermined data with an encryption method using a second encryption key different from the encryption method using the first encryption key, and the predetermined data possessed by the device to be authenticated. An authentication system characterized by

  (2) first transmission / reception means for performing data transmission and reception with the first apparatus, second transmission / reception means for performing data transmission and reception with the second apparatus, and key data according to a predetermined encryption method Based on the data from the first device received by the first transmission / reception means, the first data using the key data corresponding to the encryption method in the first device is stored. And authenticating the data of the first device, and transmitting the data obtained by encrypting the data from the first device using the key data corresponding to the encryption method in the second device by the second transmitting / receiving means And an authenticator converter.

  According to the present invention, it is possible to perform authentication with high security for a device to be authenticated at a reduced cost.

The figure which shows schematic structure of the authentication system of Example 1. The figure which shows the structure of a to-be-authenticated device, an authenticator, and an authenticator converter of Example 1. The figure which shows the internal structure of the 1st tamper-resistant chip | tip of 2nd Example, and a 2nd tamper-resistant chip | tip. The figure which shows the 2nd tamper-resistant chip | tip of Example 1, and the internal structure of the authentication part of an authentication device. Flowchart showing the operation of the authentication process in the authenticator of the first embodiment. Flowchart showing the operation of the authentication process in the authenticator converter of the first embodiment. Flowchart showing the operation of the authentication process in the device to be authenticated according to the first embodiment. The figure which shows schematic structure of the authentication system of Example 2, and the figure which shows the structure of a to-be-authenticated device, an authenticator, and an authenticator converter. The figure which shows the internal structure of the 1st tamper-resistant chip | tip of 2nd Example, and a 2nd tamper-resistant chip | tip. The figure which shows the internal structure of the 2nd tamper-resistant chip | tip of Example 2, and the authentication part of an authentication device. Flowchart showing the operation of the authentication process in the authenticator of the second embodiment. Flowchart showing the operation of authentication processing in the authenticator converter of the second embodiment. Flowchart showing the operation of authentication processing in the device to be authenticated according to the second embodiment.

  Hereinafter, the best mode for carrying out the present invention will be described in detail with reference to examples. In the following embodiment, an embodiment using a common key encryption method or a public key encryption method will be described. Therefore, encryption and authentication methods in the common key encryption method and the public key encryption method will be described.

The message authentication code technique used in the common key encryption method uses a pre-shared encryption key (K) between two entities of a message authentication code (hereinafter abbreviated as MAC) generator and verifier, This technology detects forgery, falsification, and damage of messages. This ensures that the source of the message is authentic and the integrity of the received data. When the message authentication code technique is used in the above-described challenge response authentication method, the device to be authenticated is a MAC generator and the authenticator is a MAC verifier. The device to be authenticated uses the challenge data sent from the authenticator as a message (M ′), and uses the MAC generation algorithm (F) from the message (M ′) and the encryption key (K), and MAC (T) = F (K, M ′) is calculated, and MAC (T) is sent to the authenticator. The authenticator calculates MAC (T ′) = F (K, M) using the MAC verification algorithm (F) from the challenge data (M) and the encryption key (K) sent to the device to be authenticated. It is verified whether (T ′) and MAC (T) match. The authenticator determines that the authentication is successful if MAC (T ′) and MAC (T) match, and that the authentication fails otherwise.

  Further, by using the message authentication code technique, it is possible to send the internal data of the device to be authenticated and authenticate the device to be authenticated at a time. The authentication target device combines the challenge data (C ′) sent from the authentication device and the internal data (D) of the authentication target device to generate a message (M) = C ′ || D. Then, the device to be authenticated calculates MAC (T) = F (K, M) from the message (M) and the encryption key (K) using the MAC generation algorithm (F), and the internal data of the device to be authenticated. A pair (D, MAC (T)) of (D) and MAC (T) is sent to the authenticator. The authenticator uses the MAC verification algorithm (F) from the challenge data (C) sent to the device to be authenticated, the internal data (D ′) sent from the device to be authenticated, and the encryption key (K). T ′) = F (K, C || D ′) is calculated. Then, the authenticator verifies whether the calculated MAC (T ′) matches the MAC (T) received from the authenticator. If MAC (T ′) and MAC (T) match, it means that authentication has succeeded and the internal data of the device to be authenticated has been sent correctly, otherwise authentication has failed or the device to be authenticated has been sent. Means that the internal data is corrupted.

  On the other hand, in an electronic signature using a public key cryptosystem, it is assumed that a device to be authenticated as an attachment device and an authenticator as an authentication source have a pair of keys instead of a common key. Become. In the electronic signature technology, there are two entities: a signer that generates an electronic signature (authenticated device) and a verifier (authenticator) that verifies the validity of the signature. Then, the verifier verifies whether or not the message sent by the signer is surely created by the signer using public key cryptography. If necessary, a third party (certificate authority) that guarantees the validity of the signer's public key is used. The device to be authenticated holds the signature generation key (sk) including the secret key in secret, generates a signature (S) for the signature target document (M) sent from the authenticator, and returns it to the authenticator. . At this time, the signature generation key (sk) and the corresponding signature verification key (public key) (pk) may be generated in advance by the device to be authenticated, or may be generated by a key generation device different from the device to be authenticated. good.

  The authenticator obtains a signature (S) and a signature verification key (pk) from the device to be authenticated. When a certificate authority is used, a signature verification key (pk) is obtained together with a public key certificate issued by the certificate authority. The authenticator uses the signature target document (M) sent to the authenticator, the signature (S) received from the authenticator, and the signature verification key (pk), and the signature (S) is the signature target document (M), It authenticates whether the signature verification key (pk) is valid. The authenticator determines authentication success when the signature (S) is valid, and determines authentication failure when it is not valid.

[Configuration of Authentication System for Image Forming Apparatus]
FIG. 1 is a diagram illustrating a schematic configuration of an authentication system according to the first embodiment. The authentication system includes an image forming apparatus that forms an image on a sheet and a personal computer connected to the image forming apparatus. As an example of the image forming apparatus, FIG. 1 shows a laser beam printer. In FIG. 1, a personal computer 503 (hereinafter referred to as a PC 503), which is a second apparatus, transmits a drawing command to a laser beam printer main body 501 (hereinafter referred to as a main body 501). The main body 501 includes a process cartridge 502 that is a first device that can be attached to and detached from the main body 501 and an engine control unit 504. The engine control unit 504 controls the main body 501 in accordance with a drawing command from the PC 503. This embodiment shows a system that authenticates with a PC 503 whether or not a process cartridge 502 of a replaceable device mounted on a main body 501 is compatible with an image forming apparatus.

  In FIG. 1, a process cartridge 502 is mounted with an authenticator 101 that generates a first authenticator that is encrypted data for authenticating the cartridge. When the process cartridge 502 is attached to the main body 501, the process cartridge 502 transmits a first authenticator to the engine control unit 504. The engine control unit 504 is equipped with an authenticator converter 103, which converts the first authenticator received from the process cartridge 502 into a second authenticator that can be authenticated by the PC 503, and transmits it to the PC 503. The PC 503 is equipped with an authenticator 102 for authenticating the process cartridge 502, and authenticates whether or not the process cartridge 502 is compatible based on the second authenticator received from the engine control unit 504. To do. In the present embodiment, the authenticator 102 is not limited to hardware, and may be software that executes a similar function, for example.

[Configuration of authenticated device, authenticator, authenticator converter]
FIG. 2 is a diagram showing the configuration of the device to be authenticated 101 of the process cartridge 502, the authenticator 102 of the PC 503, and the authenticator converter 103 of the engine control unit 504.

  The authenticator 101 includes a first data transmission / reception circuit 104 and a first tamper resistant chip 105. The first data transmission / reception circuit 104 performs data transmission / reception with the authenticator converter 103 of the engine control unit 504, and the first tamper resistant chip 105 receives response data from the challenge data received by the first data transmission / reception circuit 104. Is generated. The first tamper resistant chip 105 encrypts the challenge data based on the common key encryption method, and generates first response data that is first authentication data.

  The authenticator 102 is in accordance with a second data transmission / reception circuit 106 that transmits / receives data to / from the authenticator converter 103 of the engine control unit 504, an authentication command unit 107 that issues an instruction to start authentication, and a command from the authentication command unit 107. An authentication unit 108 that performs an authentication operation is included.

  The external data transmission / reception unit of the authenticator converter 103 includes a third data transmission / reception circuit 109 which is a second transmission / reception means and a fourth data transmission / reception circuit 110 which is a first transmission / reception means. The third data transmission / reception circuit 109 performs data transmission / reception with the authenticator 102 of the PC 503, and the fourth data transmission / reception circuit 110 performs data transmission / reception with the authenticator 101 of the process cartridge 502. Further, the authenticator converter 103 includes an authenticator conversion command unit 111 and a second tamper resistant chip 112. When the fourth data transmitting / receiving circuit 110 receives the first response data from the authenticator 101, the authenticator conversion command unit 111 issues an authenticator conversion command. The second tamper resistant chip 112 decrypts the first response data based on the common key encryption method according to the command issued by the authenticator conversion command unit 111. Then, the second tamper resistant chip 112 encrypts the decrypted first response data based on the public key cryptosystem, and generates second response data that is second authentication data.

[Internal configuration of first and second tamper resistant chip and authentication unit]
FIGS. 3A and 3B are storage units that constitute the first tamper resistant chip 105 of the device to be authenticated 101, the second tamper resistant chip 112 of the authenticator converter 103, and the authentication unit 108 of the authenticator 102. It is the figure which showed the relationship between a certain memory, data, and a process block (example: authentication determination part). Here, the common key data 205 in the internal memory 202 of the first tamper resistant chip 105 shown in FIG. 3A (to be described later) and the internal memory 406 of the second tamper resistant chip 112 in FIG. The common key data 407 has the same data value. Regarding the sharing of the common key data used for encryption / decryption, for example, when the first tamper resistant chip 105 and the second tamper resistant chip 112 are initialized, the common key data is set or the common key data is used. This is done by writing additional information for this purpose.

  Also, the public key data 413 in the internal memory 406 of the second tamper resistant chip 112 in FIG. 3-2 (c) described later and the public key data 308 in the authentication unit 108 in FIG. 3-2 (d) have the same data value. It is. Regarding the sharing of the public key used for decryption, for example, the public key data paired with the private key data 408 held in the internal memory 406 by the second tamper resistant chip 112 before the authentication unit 108 executes the authentication operation. The authentication unit 108 reads and acquires 413.

(Internal configuration of the first tamper resistant chip)
FIG. 3A is a diagram illustrating the relationship (internal configuration) of the memory, data, and processing block (first authenticator generation unit) in the first tamper resistant chip 105 of the device to be authenticated 101. In FIG. 3A, when the first data transmission / reception circuit 104 receives the challenge data transmitted from the authenticator 102, the first data transmission / reception circuit 104 outputs the challenge data to the first tamper resistant chip 105. In the first tamper resistant chip 105, the input challenge data 201 is input to the first authenticator generating unit 203 together with the internal data 204 in the internal memory 202, which is predetermined data of the first tamper resistant chip 105. Is done. The first authenticator generation unit 203 performs processing for combining the two input data, and the common key data stored in the internal memory 202 that is the first encryption key for the combined data. At 205, encryption processing is performed. The encryption process executed here may be a process for generating an authenticator of input data obtained by combining the challenge data 201 and the internal data 204 by using a common key encryption as in the message authentication code (MAC) described above. That's fine. The first authenticator 206 that is encrypted and output from the first authenticator generation unit 203 constitutes the first response data 207 together with the internal data 204 of the internal memory 202, and the first data transmission / reception It is output to the circuit 104.

(Internal configuration of the second tamper resistant chip)
Next, the internal configuration of the second tamper resistant chip 112 will be described. FIG. 3B illustrates the relationship between the memory, data, and processing block (internal configuration) when challenge data from the authenticator 102 is transmitted to the authenticator 101 and when the authentication operation of the first authenticator is performed. ). FIG. 3C is a diagram illustrating the relationship among the memory, data, and processing block when converting the first authenticator into the second authenticator. In FIGS. 3-1 (b) and 3-2 (c), common memory, data, and the like are denoted by the same reference numerals.

3B, when the authenticator conversion command unit 111 receives challenge data from the authenticator 102 via the third data transmission / reception circuit 109, the authenticator conversion command unit 111 outputs the challenge data to the second tamper resistant chip 112. The authenticator conversion command unit 111 transmits the challenge data 401 to the device to be authenticated 101 via the fourth data transmission / reception circuit 110. The authenticator conversion command unit 111 monitors whether the first response data for the challenge data is input from the device to be authenticated 101 via the fourth data transmission / reception circuit 110. When the first response data is input, the authenticator conversion command unit 111 outputs the input first response data 402 to the second tamper resistant chip 112 and issues an authenticator conversion command. Receiving the authenticator conversion command, the second tamper resistant chip 112 divides the input first response data 402 into the first tamper resistant chip internal data 403 and the first authenticator 404. The divided first tamper resistant chip internal data 403 is input to the first comparison authenticator generation unit 405 together with the challenge data 401 received from the authenticator 102. The first comparison authenticator generation unit 405 performs a process of combining the two input data, and the combined data is the common key data 407 stored in the internal memory 406 of the second tamper resistant chip 112. Is used to generate a first comparison authenticator 409. Here, the first comparison authenticator generation unit 405 performs the same processing as the first authenticator generation unit 203 in FIG. The first comparison authenticator 409 generated by the encryption process is compared with the first authenticator 404 divided from the first response data 402 in the authentication determination unit 414. If the two data match, the second tamper resistant chip 112 makes a transition to the second response data generation process shown in FIG. 3-2 (c). If they do not match, the second tamper resistant chip 112 outputs an authentication error to the authenticator conversion command unit 111.

  If the first comparison authenticator 409 and the first authenticator 404 match, in FIG. 3-2 (c), the second tamper resistant chip 112 displays the challenge data 401 and the first tamper resistant The chip internal data 403 is input to the second authenticator generation unit 410. The second authenticator generation unit 410 performs a process of combining the two data, and the combined data is encrypted with the private key data 408 stored in the internal memory 406 that is the second encryption key. Processing is performed. The cryptographic process executed here may be any one that creates an authenticator (signature data) of input data by public key cryptography like the digital signature described above. The second authenticator 411 generated by the encryption process constitutes the second response data 412 together with the first tamper resistant chip internal data 403 divided from the first response data 402. Then, the second tamper resistant chip 112 outputs the second response data 412 to the authenticator conversion command unit 111. The authenticator conversion command unit 111 transmits the input second response data 412 to the authenticator 102 via the third data transmission / reception circuit 109.

(Internal configuration of authentication unit)
FIG. 3D is a diagram illustrating the relationship (internal configuration) of the memory, data, and processing blocks (such as an authentication determination unit) in the authentication unit 108 of the authentication device 102. In FIG. 3D, when the authentication unit 108 is instructed to start authentication by the authentication command unit 107, the authentication unit 108 generates challenge data 301 and outputs it to the authentication command unit 107. The authentication command unit 107 outputs the input challenge data 301 to the second data transmission / reception circuit 106, and the second response data 302 with respect to the challenge data 301 is sent to the authenticator converter via the second data transmission / reception circuit 106. The input from 103 is monitored. When the second response data 302 is input, the authentication command unit 107 outputs the input second response data 302 to the authentication unit 108 and issues an authentication instruction. Upon receiving the authentication instruction, the authentication unit 108 divides the input second response data 302 into the first tamper resistant chip internal data 303 and the second authenticator 304. The divided first tamper resistant chip internal data 303 is input to the combination processing unit 305 together with the challenge data 301. The combination processing unit 305 performs processing for combining the two input data, and outputs combined data 306. On the other hand, the second authenticator 304 divided from the second response data 302 is input to the authenticator decryption unit 307, and the authenticator decryption unit 307 uses the public key data 308 for the second authenticator 304. The decryption process is performed, and a second comparison authenticator 309 is output.

  The second comparison authenticator 309 output as a result of the decryption processing in the authenticator decryption unit 307 is compared with the combined data 306 in the authentication determination unit 310. Then, the authentication unit 108 outputs an authentication success to the authentication command unit 107 if the two data match, and an authentication error if they do not match.

[Flow of processing from authentication start to authentication judgment]
Next, the flow of processing from the start of authentication to authentication determination will be described using the flowcharts of FIGS. FIGS. 4-1 (a) and (b) are flowcharts showing the operation of the authentication process in the authenticator 102, and FIG. 4-1 (a) shows the operation from the start of authentication to challenge data transmission. (B) shows the operation of performing the authentication determination after receiving the second response data. FIGS. 4-2 (c) and (d) are flowcharts showing the operation of the authentication process in the authenticator converter 103. FIG. FIG. 4-2 (c) shows the operation from the challenge data reception to the challenge data transmission, and FIG. 4-2 (d) shows the operation from the reception of the first response data to the transmission of the second response data. Show. FIG. 4E is a flowchart showing the operation of the authentication process in the device to be authenticated 101, and shows the operation from the reception of the challenge data to the transmission of the first response data. Hereinafter, in the authentication system of this embodiment, the operation of each unit will be described based on the above-described flowchart from the start of authentication to the end of authentication determination.

(Processing in the authenticator (part 1))
In FIG. 4A, when the engine control unit 504 detects that the process cartridge 502 has been inserted into the main body 501, the engine control unit 504 transmits a cartridge detection signal to the PC 503. In step 401 (hereinafter referred to as S401), the PC 503 determines whether or not the engine control unit 504 has detected cartridge insertion based on whether or not a cartridge detection signal has been received. When the second data transmission / reception circuit 106 receives the cartridge detection signal, the process proceeds to S402, and when it has not been received, the process of S401 is repeated. In S402, when notified that the cartridge detection signal has been received from the second data transmission / reception circuit 106, the authentication command unit 107 instructs the authentication unit 108 to start authentication. In step S <b> 403, the authentication unit 108 that has received the authentication start instruction generates challenge data 301 including a random number component, and outputs the challenge data 301 to the authentication command unit 107. In S404, the authentication command unit 107 transmits the challenge data 301 to the authenticator converter 103 of the engine control unit 504 via the second data transmission / reception circuit 106.

(Processing in the authenticator converter (part 1))
4-2 (c), in S430, the third data transmission / reception circuit 109 of the authenticator converter 103 of the engine control unit 504 determines whether or not challenge data is received from the authenticator 102 of the PC 503. Then, when the third data transmission / reception circuit 109 receives the challenge data, the process proceeds to the process of S431, and if not received, the process of S430 is repeated. In S431, the authenticator conversion command unit 111 that has received the challenge data via the third data transmission / reception circuit 109 outputs the received challenge data to the second tamper resistant chip 112. The second tamper resistant chip 112 that has received the challenge data received from the authenticator conversion command unit 111 stores the received challenge data as challenge data 401. Here, challenge data 301 and challenge data 401 generated by the authentication unit of the authenticator 102 of the PC 503 indicate the same data. In step S <b> 432, the authenticator conversion command unit 111 transmits challenge data to the authentication target device 101 of the process cartridge 502 via the fourth data transmission / reception circuit 110.

(Processing in the device to be authenticated)
4E, in step S460, the first data transmission / reception circuit 104 determines whether challenge data has been received from the authenticator converter 103 of the engine control unit 504. If the first data transmission / reception circuit 104 receives the challenge data, the process proceeds to S461. If not received, the process in S460 is repeated. In step S461, the first tamper resistant chip 105 that has received the challenge data via the first data transmission / reception circuit 104 stores the received challenge data as the challenge data 201. In S462, the first tamper resistant chip 105 inputs the received challenge data and the internal data 204 stored in the internal memory 202 to the first authenticator generation unit 203. The authenticator generation unit 203 performs processing for combining the input challenge data 201 and the internal data 204, and the obtained combined data is encrypted using the common key data 205 of the internal memory 202, One authenticator 206 is generated. In S463, the first tamper resistant chip 105 combines the first authenticator 206 and the internal data 204 stored in the internal memory 202 to generate first response data 207. Then, the first tamper resistant chip 105 transmits the first response data 207 to the authenticator converter 103 of the engine control unit 504 via the first data transmission / reception circuit 104.

(Processing in the authenticator converter (part 2))
In FIG. 4D, in S440, the fourth data transmission / reception circuit 110 of the authenticator converter 103 of the engine control unit 504 receives the first response data from the authenticator 101 of the process cartridge 502. Judgment is made. Then, when the fourth data transmission / reception circuit 110 receives the first response data, the process proceeds to S441, and if not, the process of S440 is repeated. In S441, the authenticator conversion command unit 111 that has received the first response data via the fourth data transmission / reception circuit 110 outputs the first response data to the second tamper-resistant chip 112, and the authenticator. Issue a conversion command. In S442, the second tamper resistant chip 112 to which the first response data has been input stores the input first response data as the first response data 402. Here, the first response data 207 of the first tamper resistant chip 105 of the authentication target device 101 of the process cartridge 502 and the first response data 402 stored in the second tamper resistant chip 112 indicate the same data. ing. The input first response data 402 is divided by the second tamper resistant chip 112 into first tamper resistant chip internal data 403 and a first authenticator 404.

  In S443, the first tamper resistant chip internal data 403 is input to the first comparison authenticator generation unit 405 together with the challenge data 401. In the first comparison authenticator generation unit 405, processing for combining the input challenge data 401 and the first tamper resistant chip internal data 403 is performed. Further, in the first comparison authenticator generation unit 405, the obtained combined data is encrypted using the common key data 407 stored in the internal memory 406 of the second tamper resistant chip 112, A first comparison authenticator 409 is generated.

  In S444, the authentication determination unit 414 compares the generated first comparison authenticator 409 with the first authenticator 404. In S445, the authentication determination unit 414 determines whether or not the first comparison authenticator 409 and the first authenticator 404 match. If the two data match, the process proceeds to S446. The process proceeds to S449. In S449, the authentication determination unit 414 outputs an authentication error to the authenticator conversion command unit 111. In S450, the authenticator conversion command unit 111 that has received the authentication error from the authentication determination unit 414 notifies the authentication unit 102 of the PC 503 of the authentication error information via the third data transmission / reception circuit 109. The authenticator 102 of the PC 503 that has received the authentication error executes an authentication error process (S420) described later, and ends the authentication process.

  In S446, since the first comparison authenticator 409 and the first authenticator 404 coincide with each other in the second tamper resistant chip 112, the first tamper resistant chip internal data 403 and the challenge data 401 are stored in the second. To the authenticator generation unit 410. The second authenticator generation unit 410 performs processing for combining the input challenge data 401 and the first tamper resistant chip internal data 403. The obtained combined data is encrypted by the second authenticator generation unit 410 using the secret key data 408 stored in the internal memory 406, and a second authenticator 411 is generated. In S447, the second tamper resistant chip 112 combines the generated second authenticator 411 and the first tamper resistant chip internal data 403 to generate the second response data 412 to convert the authenticator. Output to command unit 111. In S <b> 448, the authenticator conversion command unit 111 transmits the second response data 412 input from the second tamper resistant chip 112 to the authenticator 102 of the PC 503 via the third data transmission / reception circuit 109.

(Processing in the authenticator (part 2))
In FIG. 4B, in S410, the second data transmitting / receiving circuit 106 of the authenticator 102 of the PC 503 determines whether or not the second response data is received from the authenticator converter 103 of the engine control unit 504. To do. Then, when the second data transmitting / receiving circuit 106 receives the second response data, the process proceeds to S411, and if not received, the process of S410 is repeated. In S411, the authentication command unit 107 that has received the second response data via the second data transmission / reception circuit 106 outputs the second response data 412 to the authentication unit 108 and issues a final authentication processing command. In step S <b> 412, the authentication unit 108 stores the second response data output from the authentication command unit 107 as the second response data 302. Here, the second response data 412 of the second tamper resistant chip of the authenticator converter 103 of the engine control unit 504 and the second response data 302 stored in the authentication unit 108 indicate the same data. In addition, the authentication unit 108 divides the input second response data 302 into the first tamper-resistant chip internal data 303 and the second authenticator 304.

  In S 413, the first tamper resistant chip internal data 303 is input to the combination processing unit 305 together with the challenge data 301. In the combination processing unit 305, a process of combining the input challenge data 301 and the first tamper resistant chip internal data 303 is performed, and combined data 306 is generated and output. In S 414, the second authenticator 304 divided from the input second response data 302 is input to the authenticator decryption unit 307. In the authenticator decryption unit 307, the input second authenticator 304 is decrypted using the public key data 308, and a second comparison authenticator 309 is generated.

  In S <b> 415, the generated second comparison authenticator 309 and the combined data 306 are input to the authentication determination unit 310, and the authentication determination unit 310 compares the second comparison authenticator 309 with the combined data 306. In S416, the authentication determination unit 310 determines whether the second comparison authenticator 309 and the combined data 306 match. The authentication determination unit 310 proceeds to S417 when the two data match, and proceeds to S419 when they do not match. In S419, the authentication determination unit 310 outputs an authentication error to the authentication command unit 107. In S420, the authentication command unit 107 that has received the authentication error executes an authentication error process such as displaying an authentication error on the display unit of the PC 503 or generating a warning sound, and ends the authentication process. In step S417, the authentication determination unit 310 outputs authentication success to the authentication command unit 107. In S418, the authentication command unit 107 that has received the authentication success executes an authentication success process for displaying the authentication success on the display unit of the PC 503, for example, and ends the authentication process.

  As described above, according to the present embodiment, it is possible to perform authentication with high security for a device to be authenticated at a reduced cost. That is, by installing a tamper-resistant chip equipped with a relatively inexpensive common key encryption technology on the authentication target device, the cost can be suppressed. In addition, since it is not necessary to mount a tamper-resistant chip in the authenticator, even if a PC or the like, which is a general-purpose product that is difficult to mount a tamper-resistant chip, is used, high-security authentication can be performed on the device to be authenticated. .

  Although the device to be authenticated is a process cartridge in this embodiment, it may be a consumable or a device or unit that is periodically replaced, such as a fixing unit. In this embodiment, the authenticator converter is mounted on the engine control unit. However, for example, the authenticator converter may be mounted on a video control unit having a control device different from the engine control unit. Further, in this embodiment, the authentication device is a personal computer that is an external device. However, for example, a video control unit that is a unit of the image forming apparatus may be the authentication device.

In the first embodiment, an authentication message transmitted from an authenticator to an authenticator converter is generated by common key encryption, and an authentication message transmitted from the authenticator converter to the authenticator is generated by public key encryption. explained. In the second embodiment, the authentication message transmitted from the authenticator to the authenticator converter is generated by common key encryption as in the first embodiment, and the authentication message transmitted from the authenticator converter to the authenticator is a disposable common message. An authentication system generated using key encryption will be described. Note that the disposable common key encryption in the present embodiment is a common key encryption that is changed at any time, for example, by resetting the common key shared between the authenticator converter and the authenticator when the image forming apparatus is turned on. The common key is generated by the authenticator as needed.

[Configuration of Authentication System in Image Forming Apparatus]
FIG. 5A is a diagram illustrating a schematic configuration of an image forming apparatus equipped with the authentication system according to the second embodiment. As an example of the image forming apparatus, FIG. 5 illustrates a laser beam printer. In FIG. 5A, a fixing unit 1002 is a unit that can be attached to and detached from a laser beam printer main body 1001 (hereinafter referred to as a main body 1001) and can be replaced. The video control unit 1003 is disposed inside the main body 1001 and issues a drawing command to the engine control unit 1004. The engine control unit 1004 controls the main body 1001 in accordance with a drawing command from the video control unit 1003. Here, the engine control unit 1004 and the video control unit 1003 are independent units, and are units controlled by a CPU mounted in each unit. This embodiment shows a system in which the video control unit 1003 authenticates whether or not the fixing unit 1002 attached to the main body 1001 is suitable.

  In FIG. 5A, the fixing device unit 1002 is mounted with an authentication target device 101 that generates a first authenticator that is encrypted data for authenticating the fixing device unit. When the main body 1001 is turned on, the fixing unit 1002 transmits a first authenticator to the engine control unit 1004. An authenticator converter 703 is mounted on the engine control unit 1004. The first authenticator received from the fixing unit 1002 is converted into a second authenticator that can be authenticated by the video control unit 1003 and transmitted. The video control unit 1003 is equipped with an authenticator 702 for authenticating the fuser unit 1002, and the fuser unit 1002 is adapted based on the second authenticator received from the engine control unit 1004. Authenticate whether or not there is. In this embodiment, the authenticator 702 is not limited to hardware, and may be software that executes the same function by the CPU of the video control unit 1003, for example.

[Configuration of authenticated device, authenticator, authenticator converter]
FIG. 5B is a diagram illustrating the configuration of the authentication target device 101 of the fixing device unit 1002, the authentication device 702 of the video control unit 1003, and the authenticator converter 703 of the engine control unit 1004.

  Since the device to be authenticated 101 is the same as the device to be authenticated 101 described in the first embodiment, the description is omitted here.

  The authenticator 702 follows a second data transmission / reception circuit 706 that performs data transmission / reception with the authenticator converter 703 of the engine control unit 1004, an authentication command unit 707 that issues an instruction to start authentication, and an instruction from the authentication command unit 707. An authentication unit 708 that performs an authentication operation is included.

The external data transmission / reception unit of the authenticator converter 703 includes a third data transmission / reception circuit 709 and a fourth data transmission / reception circuit 710. The third data transmission / reception circuit 709 performs data transmission / reception with the authenticator 702 of the video control unit 1003, and the fourth data transmission / reception circuit 710 performs data transmission / reception with the authentication target device 101 of the fixing unit 1002. Further, the authenticator converter 703 includes an authenticator conversion command unit 711 and a second tamper resistant chip 712. When the fourth data transmission / reception circuit 710 receives the first response data from the authenticator 101, the authenticator conversion command unit 711 issues an authenticator conversion command. The second tamper resistant chip 712 creates second response data according to the command issued by the authenticator conversion command unit 711.

[Internal configuration of first and second tamper resistant chip and authentication unit]
FIGS. 6A and 6B illustrate the memory and data included in the first tamper resistant chip 105 of the device to be authenticated 101, the second tamper resistant chip 712 of the authenticator converter 703, and the authentication unit 708 of the authenticator 702. FIG. 4 is a diagram illustrating a relationship between processing blocks (for example, an authentication determination unit). Here, the common key data 205 in the internal memory 202 of the first tamper resistant chip 105 in FIG. 6A (to be described later) and the internal memory 910 in the second tamper resistant chip 712 in FIG. The common key data 911 have the same data value. Regarding the sharing of the common key data, for example, when initializing the first tamper resistant chip 105 and the second tamper resistant chip 712, common key data is set or additional information for using the common key data is written. Is done.

  In addition, the public key data 916 in the internal memory 910 of the second tamper resistant chip 712 in FIG. 6-2 (c) described later and the public key data 803 in the authentication unit 108 in FIG. It is. With regard to public key sharing, for example, public key data 916 that is paired with private key data 903 held in the internal memory 910 by the second tamper resistant chip 712 before the sharing of the disposable common key described later is executed. This is done by reading and acquiring the authentication unit 708.

  FIG. 6A is a diagram illustrating the relationship (internal configuration) of the memory, data, and processing block (first authenticator generation unit) in the first tamper resistant chip 105 of the device to be authenticated 101. This figure is the same as FIG. 3A of the first embodiment, and the operation is described in the first embodiment.

(Internal configuration of the second tamper resistant chip)
Next, the internal configuration of the second tamper resistant chip 712 will be described. FIG. 6B illustrates a case where a shared operation of a disposable common key is performed, challenge data from the authenticator 702 is transmitted to the authenticator 101, and an authentication operation of the first authenticator is performed. It is the figure which showed the relationship between a memory, data, and a processing block. FIG. 6-2 (c) is a diagram showing the relationship among the memory, data, and processing block when the first authenticator is converted to the second authenticator. In FIGS. 6-1 (b) and 6-2 (c), the same reference numerals are assigned to common memories, data, and the like.

  In FIG. 6B, when the authenticator conversion command unit 711 receives the encryption key data 901 from the authenticator 702 via the third data transmission / reception circuit 709, the authenticator conversion command unit 711 encrypts the second tamper resistant chip 712. The key data 901 is output. The second tamper resistant chip 712 inputs the input encryption key data 901 to the encryption key decryption unit 902, performs decryption processing using the private key data 903 in the internal memory 910, and decrypts the disposable common data. The key data 904 is stored in the internal memory 910. Accordingly, the disposable common key data is shared between the authentication unit 708 of the authenticator 702 and the second tamper resistant chip 712 of the authenticator converter 703.

In addition, when the authenticator conversion command unit 711 receives challenge data from the authenticator 702 via the third data transmission / reception circuit 709, the authenticator conversion command unit 711 outputs the challenge data to the second tamper resistant chip 712. Further, the authenticator conversion command unit 711 transmits challenge data 905 to the device to be authenticated 101 via the fourth data transmission / reception circuit 710. Then, the authenticator conversion command unit 711 monitors that the first response data for the challenge data is input from the device to be authenticated 101 via the fourth data transmission / reception circuit 710. When the first response data is input, the authenticator conversion command unit 711 outputs the input first response data 906 to the second tamper resistant chip 712 and issues an authenticator conversion command. The second tamper resistant chip 712 that has received the authentication code conversion command divides the input first response data 906 into the first tamper resistant chip internal data 907 and the first authenticator 908. The divided first tamper resistant chip internal data 907 is input to the first comparison authenticator generation unit 909 together with the challenge data 905 received from the authenticator 702. The first comparison authenticator generation unit 909 performs processing for combining the two input data, and the combined data is the common key data 911 stored in the internal memory 910 of the second tamper resistant chip 712. Is used to generate a first comparison authenticator 912. Here, the first comparison authenticator generation unit 909 performs the same processing as the first authenticator generation unit 203 in FIG. The first comparison authenticator 912 generated by the encryption process is compared with the first authenticator 908 divided from the first response data 906 in the authentication determination unit 917. If the two data match, the second tamper resistant chip 712 transitions to the second response data generation process shown in FIG. 6-2 (c). If they do not match, the second tamper resistant chip 112 outputs an authentication error to the authenticator conversion command unit 711.

  If the first comparison authenticator 912 and the first authenticator 908 coincide with each other, in FIG. 6C, the second tamper resistant chip 712 displays the challenge data 905 and the first tamper resistant The chip internal data 907 is input to the second authenticator generation unit 913. The second authenticator generation unit 913 performs a process of combining the two data, and the combined data is obtained by using the disposable common key data 904 stored in the internal memory 910 that is the second encryption key. And encryption processing is performed. The encryption process executed here may be anything that creates an authenticator of input data by common key encryption, such as the message authentication code (MAC) described above. The second authenticator 914 generated by the encryption process constitutes the second response data 915 together with the first tamper resistant chip internal data 907 divided from the first response data 906. Then, the second tamper resistant chip 712 outputs the second response data 915 to the authenticator conversion command unit 711. The authenticator conversion command unit 711 transmits the input second response data 915 to the authenticator 702 via the third data transmission / reception circuit 709.

(Internal configuration of authentication unit)
FIG. 6D is a diagram illustrating the relationship (internal configuration) of the memory, data, and processing blocks (authentication determination unit, etc.) in the authentication unit 708 of the authentication unit 702.

  In FIG. 6-2 (d), when a command to instruct to share a disposable common key is output from the authentication command unit 707 to the authentication unit 708, the authentication unit 708 uses the random number component to store the disposable common key data 801. Generate. In the authentication unit 708, the generated disposable common key data 801 is encrypted by the encryption key creation unit 802 using the public key data 803, and the encrypted encryption key data 804 is stored. Output to the authentication command unit 707. The authentication command unit 707 transmits the input encryption key data 804 to the authenticator converter 703 via the second data transmission / reception circuit 706. As described above, in the second tamper resistant chip 712 of the authenticator converter 703, the disposable common key data 801 obtained by decrypting the encryption key data 804 by the encryption key decryption unit 902 is stored. Common key data is shared. When the disposable common key sharing process is completed, the authentication command unit 707 then outputs an authentication start instruction to the authentication unit 708.

In FIG. 6D, when the authentication unit 708 is instructed to start authentication by the authentication command unit 707, the authentication unit 708 generates challenge data 805 and outputs the challenge data 805 to the authentication command unit 707. The authentication command unit 707 outputs the input challenge data 805 to the second data transmission / reception circuit 706, and the second response data 806 corresponding to the challenge data 805 is sent to the authenticator converter via the second data transmission / reception circuit 706. The input from 703 is monitored. When the second response data 806 is input, the authentication command unit 707 outputs the input second response data 806 to the authentication unit 708 and issues an authentication instruction. Upon receiving the authentication instruction, the authentication unit 708 divides the input second response data 806 into first tamper resistant chip internal data 807 and a second authenticator 808. The divided first tamper resistant chip internal data 807 is input to the second comparison authenticator generation unit 809 together with the challenge data 805. The second comparison authenticator generation unit 809 performs processing for combining the two input data. Then, the second comparison authenticator generation unit 809 performs an encryption process on the combined data using the disposable common key data 801 and outputs the second comparison authenticator 810. The authentication determination unit 811 determines whether or not the output second comparison authenticator 810 and the second authenticator 808 match. If the two data match, the authentication unit 708 authenticates successfully. If there is no match, an authentication error is output to the authentication command unit 707.

[Flow of processing from authentication start to authentication judgment]
Next, the flow of processing from authentication start to authentication determination will be described using the flowcharts of FIGS. 7-1 to 7-3. FIGS. 7A and 7B are flowcharts showing the operation of the authentication process in the authenticator 702. Fig. 7-1 (a) shows the operation of disposable common key data sharing and the operation from the start of authentication to challenge data transmission. Fig. 7-1 (b) shows the authentication decision after receiving the second response data. The operation | movement which performs is shown. FIGS. 7-2 (c) and (d) are flowcharts showing the operation of the authentication process in the authenticator converter 703. FIG. FIG. 7-2 (c) shows the operation of the disposable common key data sharing and the operation from the challenge data reception to the challenge data transmission. FIG. 7-2 (d) shows the second operation after receiving the first response data. The operation until sending the response data is shown. FIG. 7-3 (e) is a flowchart showing the operation of the authentication process in the device to be authenticated 101, showing the operation from the reception of the challenge data to the transmission of the first response data. Hereinafter, in the authentication system of this embodiment, the operation of each unit will be described based on the above-described flowchart from the start of authentication to the end of authentication determination.

(Processing in the authenticator (part 1))
In FIG. 5A, the engine control unit 1004 transmits a power-on signal to the video control unit 1003 when detecting that the main body 1001 is powered on. In FIG. 7A, in S701, the video control unit 1003 determines that the power source of the main body 1001 has been turned on based on whether or not a power-on signal has been received. When the second data transmission / reception circuit 706 receives the power-on signal, the process proceeds to S702, and when not received, the process of S701 is repeated. In step S <b> 702, upon receiving a power-on signal via the second data transmission / reception circuit 706, the authentication command unit 707 instructs the authentication unit 708 to share a disposable common key. In step S <b> 703, the authentication unit 708 that has received the disposable common key sharing instruction generates disposable common key data 801 including a random number component. In S704, the disposable common key data 801 is input to the encryption key creation unit 802, and the encryption key creation unit 802 performs encryption using the public key data 803 to generate the encryption key data 804 and output it. Is done. In step S <b> 705, the authentication unit 708 outputs the encryption key data 804 output from the encryption key creation unit 802 to the authentication command unit 707, and the authentication command unit 707 receives the authentication code via the second data transmission / reception circuit 706. The encryption key data 804 is transmitted to the converter 703.

In FIG. 5A, when the engine control unit 1004 detects that a new fixing device unit 1002 has been inserted into the main body 1001, it sends a detection signal to the video control unit 1003. In FIG. 7A, in S706, the video control unit 1003 determines whether or not the engine control unit 1004 has detected the installation of a new fixing unit 1002 based on whether or not a detection signal has been received. When the second data transmitting / receiving circuit 706 receives the detection signal, the process proceeds to S707, and the process of S706 is repeated until the detection signal is received. In step S <b> 707, when notified that the detection signal has been received from the second data transmission / reception circuit 706, the authentication command unit 707 instructs the authentication unit 708 to start authentication. In step S <b> 708, the authentication unit 708 that has received the authentication start instruction generates challenge data 805 including a random number component, and outputs the challenge data 805 to the authentication command unit 707. In S709, the authentication command unit 707 transmits the challenge data 805 to the authenticator converter 703 of the engine control unit 1004 via the second data transmission / reception circuit 706.

(Processing in the authenticator converter (part 1))
The engine control unit 1004 monitors the transmission of the disposable common key data from the video control unit 1003 when the main body 1001 is powered on. 7C, in S730, the third data transmitting / receiving circuit 709 of the authenticator converter 103 of the engine control unit 1004 receives the encryption key data from the authenticator 702 of the video control unit 1003. Judging. Then, when the third data transmission / reception circuit 709 receives the encryption key data, the process proceeds to S731, and if it has not been received, the process of S730 is repeated. In S731, the authenticator conversion command unit 711 that has received the encryption key data 804 via the third data transmission / reception circuit 109 outputs the received encryption key data 804 to the second tamper resistant chip 712. Here, the encryption key data 804 received from the video control unit 1003 is referred to as encryption key data 901 inside the second tamper resistant chip 712. The second tamper-resistant chip 712 inputs the input encryption key data 901 to the encryption key decryption unit 902, and the encryption key decryption unit 902 uses the private key data 903 in the internal memory 910 to perform encryption. The key data 901 is decrypted. The decrypted disposable common key data 904 is stored in the internal memory 910. With this process, the disposable common key data 904 is shared by the authentication unit 708 of the video control unit 1003 and the second tamper resistant chip 712 of the engine control unit 1004.

  In S732, the third data transmission / reception circuit 709 determines whether or not challenge data has been received from the authenticator 702 of the video control unit 1003. When the third data transmission / reception circuit 709 receives the challenge data, the process proceeds to S733, and if not received, the process of S732 is repeated. In S733, the authenticator conversion command unit 711 that has received the challenge data via the third data transmission / reception circuit 709 outputs the received challenge data to the second tamper resistant chip 712. The second tamper resistant chip 712 that has received the challenge data received from the authenticator conversion command unit 711 stores the received challenge data as challenge data 905. Here, challenge data 805 and challenge data 905 generated by the authentication unit 708 of the authenticator 702 of the video control unit 1003 indicate the same data. In step S <b> 734, the authenticator conversion command unit 711 transmits challenge data to the authentication target device 101 of the fixing device unit 1002 via the fourth data transmission / reception circuit 710.

(Processing in the device to be authenticated)
FIG. 7C is a flowchart illustrating the operation of the authentication process in the device to be authenticated 101. FIG. 7E shows an operation from receiving challenge data from the authenticator converter 703 to transmitting first response data to the authenticator converter 703. This figure is the same as FIG. 4-3 (e) of the first embodiment. In the first embodiment, the transmission source of the challenge data and the transmission destination of the first response data are the authenticator converter 103, whereas in the present embodiment, except that the authenticator converter 703 is used, The operation of the authenticator converter 703 is the same as that of the authenticator converter 103 of the first embodiment. Therefore, the description of the operation shown in FIG.

(Processing in the authenticator converter (part 2))
7D, in S740, the fourth data transmission / reception circuit 710 of the authenticator converter 703 of the engine control unit 1004 receives the first response data from the authentication target device 101 of the fixing unit 1002. Determine the presence or absence. Then, when the fourth data transmission / reception circuit 710 receives the first response data, the process proceeds to S741. If not received, the process of S740 is repeated. In S741, the authenticator conversion command unit 711 that has received the first response data via the fourth data transmission / reception circuit 710 outputs the first response data to the second tamper resistant chip 712 and Issue a conversion command. In step S742, the second tamper resistant chip 712 to which the first response data is input stores the input first response data as the first response data 906. Here, the first response data 207 of the first tamper resistant chip 105 of the authentication target device 101 of the fixing unit 1002 and the first response data 906 stored in the second tamper resistant chip 712 are the same data. pointing. The input first response data 906 is divided by the second tamper resistant chip 712 into the first tamper resistant chip internal data 907 and the first authenticator 908.

  In S743, the first tamper resistant chip internal data 907 is input to the first comparison authenticator generation unit 909 together with the challenge data 905. The first comparison authenticator generation unit 909 performs processing for combining the input challenge data 905 and the first tamper resistant chip internal data 907. Further, in the first comparison authenticator generation unit 909, the obtained combined data is encrypted using the common key data 911 stored in the internal memory 910 of the second tamper resistant chip 112, A first comparison authenticator 912 is generated.

  In S744, the authentication determination unit 917 compares the generated first comparison authenticator 912 with the first authenticator 908. In S745, the authentication determination unit 917 determines whether or not the first comparison authenticator 912 and the first authenticator 908 match. If the two data match, the process proceeds to S746. The process proceeds to S749. In S749, the authentication determination unit 917 outputs an authentication error to the authenticator conversion command unit 711. In S750, the authenticator conversion command unit 111 that has received the authentication error from the authentication determination unit 917 notifies the authentication unit 702 of the video control unit 1003 of the authentication error information via the third data transmission / reception circuit 709. Note that the authenticator 702 of the video control unit 1003 that has received the authentication error executes an authentication error process (S720) described later, and ends the authentication process.

  In S746, since the first comparison authenticator 912 and the first authenticator 908 coincide with each other in the second tamper resistant chip 712, the first tamper resistant chip internal data 907 and the challenge data 905 are stored in the second. To the authenticator generation unit 913. In the second authenticator generation unit 913, a process for combining the input challenge data 905 and the first tamper resistant chip internal data 907 is performed. The obtained combined data is encrypted by the second authenticator generation unit 913 using the disposable common key data 904 stored in the internal memory 910, and the second authenticator 914 Generated. In step S747, the second tamper resistant chip 712 combines the generated second authenticator 914 and the first tamper resistant chip internal data 907 to generate second response data 915, and authenticator conversion. Output to the command unit 711. In S748, the authenticator conversion command unit 711 sends the second response data 915 input from the second tamper resistant chip 712 to the authenticator 702 of the video control unit 1003 via the third data transmission / reception circuit 709. Send.

(Processing in the authenticator (part 2))
In FIG. 7B, in S710, the second data transmission / reception circuit 706 of the authenticator 702 of the video control unit 1003 receives the second response data from the authenticator converter 703 of the engine control unit 1004. Judgment is made. Then, when the second data transmission / reception circuit 706 receives the second response data, the process proceeds to S711, and if not received, the process of S710 is repeated. In step S <b> 711, the authentication command unit 707 that has received the second response data via the second data transmission / reception circuit 706 outputs the second response data 806 to the authentication unit 708 and issues a final authentication processing command. In step S <b> 712, the authentication unit 708 stores the second response data output from the authentication command unit 707 as second response data 806. Here, the second response data 915 of the second tamper resistant chip of the authenticator converter 703 of the engine control unit 1004 and the second response data 806 stored in the authentication unit 708 indicate the same data. Further, the authentication unit 708 divides the input second response data 806 into first tamper resistant chip internal data 807 and a second authenticator 808. In S713, the first tamper resistant chip internal data 807 is input to the second comparison authenticator generation unit 809 together with the challenge data 805. The second comparison authenticator generation unit 809 performs processing for generating combined data obtained by combining the input challenge data 805 and the first tamper resistant chip internal data 807. In S714, the combined data obtained by the combining process is encrypted by the second comparison authenticator generation unit 809 using the disposable common key data 801, and a second comparison authenticator 810 is generated. The In step S <b> 715, the generated second comparison authenticator 810 and the second authenticator 808 are input to the authentication determination unit 811, and the authentication determination unit 811 performs the second comparison authenticator 810 and the second authenticator 808. Compare with. In S716, the authentication determination unit 811 determines whether the second comparison authenticator 810 and the second authenticator 808 match. The authentication determination unit 811 proceeds to S717 if the two data match, and proceeds to S719 if they do not match. In step S719, the authentication determination unit 811 outputs an authentication error to the authentication command unit 707. In S720, the authentication command unit 707 that has received the authentication error executes an authentication error process for displaying the authentication error on the display unit of the main body 1001, for example, and ends the authentication process. In step S <b> 717, the authentication determination unit 811 outputs authentication success to the authentication command unit 707. In S <b> 718, the authentication command unit 707 that has received the authentication success executes an authentication success process such as displaying authentication success on the display unit of the main body 1001, and ends the authentication process.

  As described above, according to the present embodiment, it is possible to perform authentication with high security for a device to be authenticated at a reduced cost. That is, by installing a tamper-resistant chip equipped with a relatively inexpensive common key encryption technology on the authentication target device, the cost can be suppressed. In addition, since it is not necessary to mount a tamper-resistant chip in the authenticator, the cost can be further reduced, and the authentication system built in the image forming apparatus can perform high-security authentication for the apparatus to be authenticated. .

  In the present embodiment, the device to be authenticated is a fixing unit, but it may be a consumable or a device or unit that is periodically replaced, such as a process cartridge. In this embodiment, the authenticator converter is mounted on the engine control unit, and the authenticator is mounted on the video control unit. For example, the authenticator converter may be mounted on the video control unit, and the authenticator may be mounted on the engine control unit. Furthermore, in this embodiment, the authentication device is a video control unit, but a personal computer which is an external device may be the authentication device.

[Other Examples]
In the above-described first and second embodiments, the authenticator converter performs authentication determination of the first response data received from the device to be authenticated, and generates a second response data when an authentication error is detected. The authentication error was notified to the authenticator. Here, in the first and second embodiments, in the authenticator converter, authentication determination is not performed, the authentication result is encrypted and transmitted to the authenticator, and the authenticator side includes the authentication error in the authenticator converter. An example of performing authentication determination will be described.

In the authenticator converter 103 of the first embodiment, the first comparison authenticator and the first authenticator are compared in S444 of FIG. 4-2 (d), the comparison result is determined in S445, and the authentication is performed. In the case of an error, the process proceeds to S449, and processing for outputting the authentication error to the authenticator conversion command unit 111 is performed. In other embodiments corresponding to the first embodiment, after comparing the first comparison authenticator with the first authenticator in S444, the process proceeds to S446. In S446, the second authenticator generation unit 410 encrypts the combined data of the authentication result in S444, the challenge data 401, and the first tamper resistant chip internal data 403 with the secret key data 408. To generate a second authenticator 411.

  Subsequently, in the authenticator 102 of the first embodiment, in S414 of FIG. 4B, the authenticator decryption unit 307 decrypts the second authenticator 304 with the public key data 308 and performs the second comparison. An authenticator 309 is generated. In another embodiment corresponding to the first embodiment, in S414, the authenticator decryption unit 307 decrypts the second authenticator 304 with the public key data 308, and performs the second comparison authenticator 309 and authenticator conversion. The authentication result in the device is generated. Then, from the authentication result in the authenticator converter 103, if an authentication error occurs, the process proceeds to an authentication error process in S419. If the authentication is successful, the process proceeds to S415 and an authentication determination process in the authenticator 102 may be performed.

  In the case of other embodiments corresponding to the second embodiment, the same authentication determination process as that of the other embodiments corresponding to the first embodiment described above can be performed. In the authenticator converter 703 of the second embodiment, the authentication determination unit 917 compares the generated first comparison authenticator 912 and the first authenticator 908 in S744 of FIG. 7-2 (d). In step S745, the comparison result is determined. If there is an authentication error, the process advances to step S749. In S749, a process of outputting an authentication error to the authenticator conversion command unit 711 is performed. In another example corresponding to Example 2, after comparing the first comparison authenticator with the first authenticator in S744, the process proceeds to S746. In S746, the second authenticator generation unit 913 encrypts the combined data of the authentication result in S744, the challenge data 905, and the first tamper-resistant chip internal data 907 with the disposable common key data 904. To generate a second authenticator 914.

  Subsequently, in the authenticator 702 of the second embodiment, the first tamper resistant chip internal data 807 is input to the second comparison authenticator generation unit 809 together with the challenge data 805 in S713 of FIG. 7-1 (b). Is done. The second comparison authenticator generation unit 809 performs processing for generating combined data obtained by combining the input challenge data 805 and the first tamper resistant chip internal data 807. In the case of the other embodiments corresponding to the second embodiment, in S713, the second comparison authenticator generation unit 809 receives the first tamper resistant chip internal data 807, the challenge data 805, and the second tamper resistant. Authentication result data in the case of successful authentication in the chip 712 is input. Then, the second comparison authenticator generation unit 809 performs processing for generating combined data obtained by combining the three input data. In step S715, the second comparison authenticator generation unit 809 compares the second comparison authenticator generated by encrypting the combined data obtained by combining the three pieces of data with the second authentication authenticator 811. Is done. In S716, authentication success or authentication error is determined based on the comparison result. If the second comparison authenticator and the second authenticator match, the authenticator converter 703 determines that the authentication was successful. If the second comparison authenticator and the second authenticator do not match, the authenticator converter 703 has an authentication error or the authenticator converter 703 has succeeded in authentication, but the authenticator 702 has an authentication error. It is determined that there was.

  As described above, also in other embodiments, it is possible to perform authentication with high security for a device to be authenticated while suppressing cost. In particular, the authenticator converter does not determine the authentication result of the device to be authenticated and transmits the authentication result to the authenticator regardless of the success or failure of authentication, so that the authentication determination can be performed centrally in the authenticator. .

101 Authentication Device 102 Authentication Device 103 Authentication Code Converter

The present invention relates to an authentication system for authenticating a mounting device, and an image forming apparatus to which a replaceable unit having the mounting device is mounted .

(1) Authenticate the device to be authenticated based on first authentication data that is transmitted from the device to be authenticated and includes a first authenticator and predetermined data possessed by the device to be authenticated; and authenticator converter for converting the second authentication data, based on the converted second authentication data in the authentication code converter, an authentication unit for performing the authentication processing in the authentication system wherein the The second authentication data includes a second authenticator and the predetermined data included in the authenticator , and the authenticator converter has a secret key and is transmitted from the authenticator. The predetermined data of authentication data and the challenge data transmitted from the authenticator are calculated by a common key cryptosystem using a common key to generate a first comparison authenticator, and the generated first comparison authenticator, Compare with the first authenticator of the first authentication data , When the first comparison authenticator and the first authenticator matches, the sent from the plant Teide over data and the authenticator of the first authentication data transmitted from the verifier the Challenge data, said calculated on public key cryptography using the private key to generate the second authenticator, the generated and the second authenticator with the plant Teide over data as said second authentication data Transmitted to the authenticator, the authenticator having a public key, the predetermined data of the second authentication data transmitted from the authenticator converter, and the challenge data transmitted to the authenticator converter; And decrypting the second authenticator of the second authentication data transmitted from the authenticator converter using the public key, comparing the decrypted result with the combined data, and An authentication system characterized by performing authentication processing .
(2) authenticating the device to be authenticated based on first authentication data transmitted from the device to be authenticated and including a first authenticator and predetermined data possessed by the device to be authenticated; In the authentication system, comprising: an authenticator converter that converts the authentication data into the authentication data; and an authenticator that performs an authentication process based on the second authentication data converted by the authenticator converter. The authentication data of 2 includes a second authenticator and the predetermined data of the device to be authenticated, and the authenticator converter includes the predetermined data of the first authentication data transmitted from the device to be authenticated. The challenge data transmitted from the authenticator is calculated by a common key cryptosystem using a first common key to generate a first comparison authenticator, the generated first comparison authenticator, and the first comparison authenticator Comparing the first authenticator of the authentication data, and When the first comparison authenticator and the first authenticator match, the predetermined data of the first authentication data transmitted from the authenticator and the challenge data transmitted from the authenticator are The second authenticator is generated by calculation using a common key cryptosystem using a second common key different from the first common key, and the generated second authenticator and the predetermined data are used as the second authentication. Transmitting as data to the authenticator, the authenticator combines the predetermined data of the second authentication data transmitted from the authenticator converter and the challenge data transmitted to the authenticator converter; A second comparison authenticator is generated by calculation using a common key cryptosystem using the second common key, and the second authenticator of the second authentication data transmitted from the authenticator converter and the second The comparison process is compared with the two comparison authenticators. Authentication system and performs.
(3) In an image forming apparatus to which a replaceable unit having an authenticator is mounted, a first authentication including a first authenticator and predetermined data possessed by the authenticator transmitted from the authenticator An authenticator converter that authenticates the device to be authenticated based on the data and converts the first authentication data into second authentication data; and a control unit that controls a main body of the image forming apparatus, The authentication data of 2 includes a second authenticator and the predetermined data of the authenticated device, and the authenticator converter has a secret key and is transmitted from the authenticated device. The predetermined data of the data and the challenge data transmitted from the authenticator are calculated by a common key cryptosystem using a common key to generate a first comparison authenticator, the generated first comparison authenticator, Said first authentication data 1 authenticator is compared, and when the first comparison authenticator matches the first authenticator, the predetermined data of the first authentication data transmitted from the authenticator and the authenticator The challenge data transmitted from the public key encryption method using the secret key is calculated to generate the second authenticator, and the generated second authenticator and the predetermined data are used as the second authentication. An image forming apparatus that transmits the data to an authenticator.
(4) In an image forming apparatus to which a replaceable unit having an authenticator is mounted, a first authentication including a first authenticator and predetermined data possessed by the authenticator transmitted from the authenticator. An authenticator converter that authenticates the device to be authenticated based on the data and converts the first authentication data into second authentication data; and a control unit that controls a main body of the image forming apparatus, The authentication data of 2 includes a second authenticator and the predetermined data of the device to be authenticated, and the authenticator converter includes the predetermined data of the first authentication data transmitted from the device to be authenticated. The challenge data transmitted from the authenticator is calculated by a common key cryptosystem using a first common key to generate a first comparison authenticator, the generated first comparison authenticator, and the first comparison authenticator The first authentication of authentication data And when the first comparison authenticator matches the first authenticator, the predetermined data of the first authentication data transmitted from the authenticator and the authenticator are transmitted. The challenge data is calculated by a common key cryptosystem using a second common key different from the first common key to generate the second authenticator, and the generated second authenticator and the predetermined An image forming apparatus, wherein data is transmitted to the authenticator as the second authentication data.

Claims (15)

A device to be authenticated for generating first authentication data;
An authenticator converter for converting the first authentication data generated by the authentication target device into second authentication data;
An authenticator for authenticating the device to be authenticated based on the second authentication data converted by the authenticator converter,
The first authentication data includes challenge data input from the authenticator and input to the authenticated device via the authenticator converter and predetermined data included in the authenticated device using a first encryption key. Including an authenticator encrypted by an encryption method to be used, and the predetermined data of the device to be authenticated,
The second authentication data includes the challenge data output from the authenticator and input to the authenticator converter based on an authentication result obtained by authenticating the first authentication data by the authenticator converter and the subject data. An authenticator obtained by encrypting the predetermined data included in the authenticator by an encryption method using a second encryption key different from the encryption method using the first encryption key, and the predetermined data included in the authenticator An authentication system comprising: The first encryption key is a common key in a common key cryptosystem,
The authentication system according to claim 1, wherein the authenticator and the authenticator converter have the first encryption key. The second encryption key is a secret key in a public key cryptosystem,
The authenticator converter has a secret key in a public key cryptosystem,
The authentication system according to claim 1, wherein the authenticator has a public key that is paired with the secret key. The second encryption key is a common key in a common key cryptosystem,
The authenticator converter has a secret key in a public key cryptosystem,
The authenticator has a public key paired with the secret key of the authenticator converter;
The authenticator outputs the common key encrypted with the public key to the authenticator converter,
The said authenticator converter has the said common key by decoding the said encrypted common key output from the said authenticator with the said secret key, The Claim 1 or 2 characterized by the above-mentioned. Authentication system. The second encryption key is a disposable common key;
The authentication system according to claim 4, wherein the authenticator changes the disposable common key by generating a new common key as needed and outputting the same to the authenticator converter.   The authenticator converter performs authentication of the device to be authenticated based on the first authentication data, and outputs the second authentication data to the authenticator when the authentication of the device to be authenticated is successful. The authentication system according to any one of claims 1 to 5, wherein: The encrypted authenticator of the second authentication data further includes an authentication result obtained by the authenticator converter performing authentication of the device to be authenticated based on the first authentication data,
The authenticator converter performs authentication of the device to be authenticated based on the first authentication data, and outputs the second authentication data to the authenticator regardless of success or failure of authentication of the device to be authenticated. The authentication system according to any one of claims 1 to 5, characterized in that: The authentication system according to claim 1, wherein the authentication target device is provided in a replaceable device or unit provided in an image forming apparatus that forms an image on a sheet.   9. The authentication system according to claim 1, wherein the authenticator converter is provided in a unit having a control unit included in an image forming apparatus that forms an image on a sheet.   The authentication system according to claim 1, wherein the authentication device is provided in a unit having a control unit included in an image forming apparatus that forms an image on a sheet.   The authentication system according to claim 1, wherein the authentication device is provided in an external apparatus connected to an image forming apparatus that forms an image on a sheet. First transmission / reception means for transmitting and receiving data with the first device;
Second transmitting / receiving means for transmitting and receiving data to and from the second device;
Storage means for storing information related to key data according to a predetermined encryption method;
Based on the data from the first device received by the first transmission / reception means, the first device is authenticated using the key data corresponding to the encryption method in the first device, and Control means for transmitting data encrypted by using the key data corresponding to the encryption method in the second apparatus by the second transmission / reception means;
An authenticator converter, comprising:   The authenticator converter according to claim 12, wherein the encryption method in the first device is a common key encryption method.   The authenticator converter according to claim 12 or 13, wherein the encryption method in the second device is a public key encryption method.   The authenticator converter according to claim 12 or 13, wherein the encryption method in the second device is a common key encryption method.

Images