JP3860721B2 - Authentication system - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to an authentication token and an authentication system, and more particularly to an authentication token and a recognition system for authenticating the identity of a user using human biometric information.
[0002]
[Prior art]
In an advanced information society, there is a high demand for authenticating users themselves with affinity for information processing. In particular, the above requirements are extremely high in an entry management system that permits entry only to users who have been approved in advance, an information management system that handles important information such as personal information, or a payment system that performs electronic payment.
In response to such a demand, research on an authentication system for authenticating a user himself / herself based on unique biometric information detected electronically based on semiconductor device manufacturing technology and information processing technology has been actively conducted.
[0003]
Conventionally, such an authentication system has a configuration as shown in FIG. FIG. 4 shows a block diagram of a conventional authentication system.
In this authentication system, for example, a sensor 81, a storage circuit 82, and a verification circuit 83 are provided in the use device 8 that provides a predetermined service by the processing device 84 when user authentication is obtained. The sensor 81 electronically detects biological information such as a fingerprint and outputs the obtained sensing data 81A to the verification circuit 83. On the other hand, information for collating the user's biometric information is stored in the storage circuit 82 as registered fingerprint data 82A.
[0004]
The verification circuit 83 performs user authentication by verifying the sensing data 81A from the sensor 81 using the registered fingerprint data 82A read from the storage circuit 82. Then, the authentication result is output to the processing device 84 as authentication data 83A. The processing device 84 provides a predetermined service to the user only when the authentication data 83A from the verification circuit 83 indicates successful authentication.
In addition, as shown in FIG. 5, a data card 9 that can have only the storage circuit 82 can be considered. In this case, when the service is provided, the data card 9 possessed by each user is connected to the use device 8 and registered in the storage circuit 82 via the communication circuit 85 provided in the use device 8. The fingerprint data 82A is read into the verification circuit 83 as registered fingerprint data 85A and verified.
[0005]
[Problems to be solved by the invention]
However, in such a conventional authentication system, the sensor 81 for detecting the biometric information of the user and the verification circuit 83 for performing the verification are provided in the utilization device 8, and information for verifying the biometric information of the user, that is, registered fingerprint data 82A. Since the verification is performed using, there are the following problems.
First, according to the former (see FIG. 4), (1) if the registered fingerprint data 82A of the user is not registered in advance in the storage circuit 82 inside the user device 8, the user can receive the service even if he / she is himself / herself. Is impossible. (2) In order to store registered fingerprint data of a large number of users in all the devices that provide the service, the distribution method and the storage method become complicated and large-scale, which causes an increase in cost and a decrease in safety. End up. Furthermore, (3) the fact that the user's fingerprint data is registered in the device also causes a privacy problem for the user, which makes the system unacceptable psychologically.
[0006]
On the other hand, in the latter authentication system (see FIG. 5), since the user owns and manages the user registration data with the data card 9, the problems (1) to (3) can be avoided. ▼ Since the registered fingerprint data of the user is transmitted to the service device at the time of collation, it is necessary to take measures against the data leakage, and the scale of the system increases. Furthermore, (5) since the sensor 81 for detecting biological information is shared among an unspecified number of users, all services for the device cannot be used when the sensor 81 fails. In addition, (6) when it is necessary to bring a part of the human body into contact with the sensor, such as a fingerprint, there is a problem in terms of hygiene for the user by sharing the sensor 81, and in order to solve these problems, The scale will increase.
The present invention is intended to solve such problems, and can prevent leakage of registered data used at the time of collation, minimizes the influence of sensor failure, and further maintains a good sanitary environment for the user. It aims to provide an authentication system that can be used.
[0013]
  In addition, the authentication system according to the present invention is an authentication system that performs user authentication using the user's biometric information when using a device that performs predetermined processing, and is normally held by the user. When a user uses a user device, the user is provided with an authentication token that is connected to the user device and performs user authentication based on the user's biometric information. The user's biometric information is detected in the authentication token and the detection result is used as sensing data. Sensor to output, registration data for collating user's biometric information, storage circuit preliminarily storing user information used for processing in user equipment, and registration data stored in storage circuit The sensing data from the sensor is collated usingRegardless of the matching result,A verification circuit that outputs the verification result indicating the user authentication result as authentication data, and a first communication circuit that transmits authentication data including user information stored in the storage circuit as communication data to a device to be used are provided. The circuit unit is formed as a unit, and the communication data transmitted from the authentication token is received and output as authentication data to the use device, and the verification included in the authentication data from the second communication circuit resultAnd refer to the matching resultAnd a processing device that performs predetermined processing based on user information.
[0014]
  MaIn addition, in order to support various use devices having different data formats, a data conversion module that converts communication data from the first communication circuit of the authentication token into a predetermined data format and transmits the data to the use device is connected to the authentication token. You may make it use. Furthermore, in order to connect to the user device via the wireless section, the wireless module for transmitting the communication data from the first communication circuit of the authentication token to the user device via the wireless section is connected to the authentication token and used. The device may be provided with a wireless circuit that receives the communication data transmitted from the wireless module or the communication data from the data conversion module via the wireless section and outputs it to the second communication circuit.
[0015]
In addition, a battery may be provided in the authentication token, and power may be supplied from the battery into the authentication token, and power may be supplied to the data conversion module and the wireless module. Further, a battery may be provided in the data conversion module or the wireless module, and power may be supplied to the module and the authentication token.
Further, secondary batteries may be used as these batteries, and when the authentication token is connected to the use device, charging may be performed by supplying power from the use device.
[0016]
In addition, the authentication token storage circuit stores the user's personal information and service information related to the service provided by the user device as user information, and stores the personal information, service information, and registration information in separate storage areas. It may be.
[0017]
When the encryption method is applied to the authentication data sent from the authentication token to the user device, the data generated from the dynamic information sent from the user device and the authentication data is encrypted in the authentication token with a pre-registered key. A first communication circuit for transmitting the encrypted data generated by the encryption circuit to the using device, and for generating dynamic information to be transmitted to the authentication token to the processing device. A result information circuit, a decryption circuit for decrypting encrypted data transmitted from the authentication token using a key paired with a key, and a result determination circuit for determining whether or not to execute a predetermined process. The authentication circuit includes a verification result indicating that the verification result of the authentication data included in the data decrypted by the decryption circuit indicates a successful verification, and the dynamic information included in the data is generated by the dynamic information generation circuit. Only if it matches the transmitted dynamic information, it may be performed a predetermined processing.
[0018]
As another encryption method, when the verification result indicates that the authentication is successful, the authentication data is output to the encryption circuit, and when the verification result indicates that the authentication is failed, the authentication data is output to the first communication circuit. The first result determination circuit to be output and the dynamic information transmitted from the user device is encrypted using a pre-registered key in accordance with the authentication data from the first result determination circuit. An encryption circuit that adds the encrypted data to the authentication data and outputs the authentication data, and the first communication circuit adds the encrypted data from the encryption circuit to the authentication data or the first result determination circuit. The authentication data from the authentication device is transmitted to the device to be used, and the processing device generates a dynamic information generation circuit that generates dynamic information to be transmitted to the authentication token, and the encryption data transmitted from the authentication token is paired with the key. Decrypt using An encryption circuit and a second result determination circuit for determining whether or not to execute a predetermined process are provided, and authentication of authentication data from an authentication token received by the second communication circuit is performed by the second result determination circuit. Only when the result indicates successful authentication, the encrypted data added to the authentication data is decrypted by the decryption circuit, and the obtained dynamic information is generated by the dynamic information generation circuit and transmitted to the authentication token. The predetermined process may be performed only when it matches the target information.
[0019]
In addition, an encryption circuit that encrypts the dynamic information transmitted from the device to be used with the authentication token using a pre-registered key, and outputs the obtained encrypted data as data to the first communication circuit; If the verification result indicates successful authentication, the encryption circuit is instructed to generate encrypted data. If the verification result indicates an authentication failure, data having a different number of digits from the encrypted data is output to the first communication circuit. A first result determination circuit that transmits data from the encryption circuit or data from the first result determination circuit to the use device by the first communication circuit, and sends the authentication token to the processing device. A dynamic information generation circuit for generating dynamic information to be transmitted; a decryption circuit for decrypting encrypted data transmitted from an authentication token using a key paired with a key; and determining whether or not to execute a predetermined process A second result determination circuit; Therefore, only when the number of digits of data from the authentication token received by the second communication circuit indicates the number of digits at the time of successful authentication, the second result determination circuit adds the encryption added to the data. The predetermined processing may be performed only when the data is decrypted by the decryption circuit and the obtained dynamic information matches the dynamic information generated by the dynamic information generation circuit and transmitted to the authentication token.
[0020]
  The keys used in these encryption methods are further provided with an ID storage circuit for storing identification information of the authentication token registered in advance in the authentication token, and stored in the ID communication circuit in the first communication circuit. The encrypted identification data from the authentication token may be decrypted by the decryption circuit using the key corresponding to the identification information transmitted from the authentication token.
  For user information, any of user ID, password, name, address, telephone number, account number, and credit number may be used.
  Further, the usage device further includes a power source for supplying power to the authentication token connected to the usage device, and the authentication token is supplied with power from the usage device while being connected to the usage device. Also good.
[0021]
DETAILED DESCRIPTION OF THE INVENTION
Next, embodiments of the present invention will be described with reference to the drawings.
FIG. 1 is a block diagram showing an authentication token and an authentication system using the authentication token according to the first embodiment of the present invention.
This authentication system performs user authentication using a user device 2 that provides a service when user authentication is obtained, and is connected to the user device 2 that is normally held by the user and provided to the user device 2 when the service is provided. It consists of an authentication token 1. In the present invention, the token refers to a small and lightweight device that can be carried and carried by the user, and the authentication token refers to a token having a function of authenticating the user. In the following, a case where a fingerprint is used as biometric information will be described as an example. However, as biometric information, a voice print, an iris, a handwriting, a palm shape (finger joint length), a vein pattern, a face arrangement pattern, or the like may be used. Is possible.
[0022]
The authentication token 1 includes a sensor 11 for reading a fingerprint (biological information), a storage circuit 12 for storing the user's own registered fingerprint data 12A and user information 12B, and sensing data 11A indicating a reading result by the sensor 11; Is provided with a collation circuit 13 that collates using registered fingerprint data 12A stored in the communication circuit 14 and transmits the authentication data 13A including the collation result in the collation circuit 13 to the outside of the authentication token 1 as communication data 1A. An authentication token 1 that integrally forms these circuit units is detachably connected to the utilization device 2.
The processing device 22 that provides a service to the user device 2 only when the communication circuit 21 that receives the communication data 1A from the authentication token 1 and the matching result included in the received communication data 1A match. And are provided.
[0023]
Next, the operation of the present embodiment will be described with reference to FIG.
The user stores in advance the user information 12B including the registered fingerprint data 12A, a password for using the service, personal information, and the like in the storage circuit 12 of the authentication token 1 possessed by the user.
When using the use device 2, the user first connects his authentication token 1 to the use device 2 and places his finger on the sensor 11. As a result, the user's fingerprint is read by the sensor 11 of the authentication token 1 and output as sensing data 11A. This sensing data 11A is collated in the collation circuit 13 using the registered fingerprint data 12A in the storage circuit 12. And the authentication data 13A containing the collation result is output. At this time, the verification circuit 13 reads the user information 12B such as the user ID, password, personal information, etc. stored in the storage circuit 12 in advance in the storage circuit 12, and outputs them in the authentication data 13A.
[0024]
In the communication circuit 14, the authentication data 13A from the verification circuit 13 is transmitted as communication data 1A to the use device 2.
The communication circuit 21 of the utilization device 2 receives the communication data 1A transmitted from the communication circuit 14 of the authentication token 1 and outputs it as authentication data 21A having the same contents as the authentication data 13. The processing device 22 receives this authentication data 21A and refers to the collation result included in the authentication data 21A. If the collation result indicates a match, the processing device 22 executes a predetermined process desired by the user.
[0025]
As described above, in this embodiment, the sensor 11 that detects the user's fingerprint and outputs the detection result as sensing data, and the storage circuit 12 that stores the registered fingerprint data 12A for collating the user's fingerprint in advance. The collation circuit 13 which collates the sensing data 11A from the sensor 11 using the registered fingerprint data 12A stored in the storage circuit 12, and outputs the collation result as a user authentication result as authentication data, and the collation A communication circuit 14 that transmits authentication data from the circuit 13 as communication data 1 </ b> A to the utilization device 2 is integrally formed as the authentication token 1.
[0026]
When the user uses the utilization device 2 that performs a predetermined process in response to the authentication, the authentication token 1 is connected to the utilization device 2, and the authentication token 1 performs user authentication based on the user's biometric information. In this case, the device 2 is notified.
Further, a communication circuit 21 that receives the communication data 1A transmitted from the authentication token 1 and outputs it as the authentication data 21A to the using device 2, and a predetermined process based on the verification result included in the authentication data 21A from the communication circuit 21 The processing device 22 is provided so that each user independent of the using device 2 performs a predetermined process based on the authentication result of the authentication token 1 possessed by each user.
[0027]
Therefore, as in the past, a sensor that detects the user's biological information and a verification circuit that performs verification are provided inside the user device, and the user's registration data is registered and compared with the case where the user owns and manages the data on the data card. Data is not output outside the authentication token, and it is possible to prevent leakage of registered data used during verification. In addition, it is not necessary to share the sensor with an unspecified number of users, and since a sensor provided for each authentication token that the user has individually is used, even if a sensor failure occurs, it does not affect other users. Furthermore, when detecting biometric information, even if it is necessary to bring a part of the human body into contact with the sensor, such as a fingerprint, a good sanitary environment can be maintained for the user.
[0028]
As for the authentication token 1, various circuits such as the above-described sensor, storage circuit, and verification circuit are integrally formed, that is, accommodated in the same casing so as to be suitable for the user. In this case, these various circuits may be formed on the same substrate, and by using a technique for forming these various circuits as a one-chip semiconductor device (for example, see Japanese Patent Application Laid-Open No. 2000-242971), It is also possible to realize a very small authentication token.
[0029]
Further, the user ID 12 and the user information 12B such as personal information are stored in advance in the storage circuit 12, and these are included in the authentication data 13A and transmitted to the user device 2. In the device 22, whether or not the process can be executed can be determined by checking user information 12B included in the authentication data, for example, a user ID and a password, and the authentication can be determined based on a criterion that matches the importance of the process performed by the user device. Further, by using the personal information of the user information 12B, for example, name, address, telephone number, account number, credit card number, etc., in the processing, it becomes unnecessary for the user to input personal information necessary for the processing, and the operation burden on the user Can be greatly reduced.
[0030]
Next, a second embodiment will be described with reference to FIG. FIG. 2 is a block diagram showing an authentication system according to the second embodiment of the present invention. In the present embodiment, the data conversion module 3 is added to the output stage of the authentication token 1 in the authentication system (see FIG. 2) of the first embodiment.
The data conversion module 3 is provided with a protocol conversion circuit 31 that converts communication data output from the communication circuit 14 of the authentication token 1 into a data format that can be received and decoded by the use device 2.
[0031]
As described above, since the desired use device 2 and the authentication token 1 are connected via the data conversion module 3 that is detachably attached to the authentication token 1, the same applies to use devices having different data formats. User authentication using an authentication token becomes possible. In addition, by preparing data conversion modules corresponding to various formats and easily attaching / detaching them to / from the authentication token, the user can use various devices using one authentication token, No need to have multiple authentication tokens. One data conversion module can be shared by a plurality of users.
In the above description, the case where the data conversion module 3 is detachably attached to the authentication token 1 has been described as an example. However, the protocol conversion circuit 31 may be provided inside the authentication token 1 and can be configured more compactly.
[0032]
Next, a third embodiment will be described with reference to FIG. FIG. 3 is a block diagram showing an authentication system according to the third embodiment of the present invention. In the present embodiment, the wireless module 4 is added to the output stage of the authentication token 1 in the authentication system (see FIG. 1) of the first embodiment.
The wireless module 4 includes a protocol conversion device 41 that converts communication data output from the communication circuit 14 of the authentication token 1 into a data format that can be received and decoded by the use device 2, and communication from the protocol conversion device 41. A wireless circuit 42 that transmits data to the utilization device 2 via a wireless section is provided. In this case, it is necessary to provide the wireless circuit 23 also on the use device 2 side.
[0033]
As described above, since the desired usage device 2 and the authentication token 1 are connected using the wireless module 4 that is detachably attached to the authentication token 1, the user directly connects the authentication token 1 to the usage device 2. Without connection, for example, it is possible to receive a service by performing user authentication using the authentication token 1 at hand. Therefore, the work load on the user during authentication, such as the work of connecting the authentication token 1 to the use device 2 and the work of performing the authentication using the authentication token 1 connected to the use device 2, is greatly reduced. it can.
[0034]
In addition, by preparing wireless modules that support various communication protocols and easily attaching / detaching them to / from the authentication token, users can use a variety of devices using a single authentication token. Become. Furthermore, one wireless module can be shared by a plurality of users.
When the communication protocol of the use device 2 and the authentication token 1 is the same, the protocol conversion circuit 41 of the wireless module 4 can be omitted. Instead of the wireless circuit 42, a communication circuit capable of data communication via a wireless section, such as an infrared communication circuit or an ultrasonic communication circuit, may be used.
In the above description, the case where the wireless module 4 is detachably attached to the authentication token 1 has been described as an example. However, the wireless circuit 42 and the protocol conversion circuit 41 may be provided inside the authentication token 1 and can be configured more compactly. In addition, an encryption method may be used for authentication data and communication data exchanged between the authentication token 1 and the using device 2, and can be applied to each of the above embodiments.
[0035]
In the first to third embodiments described above, power to the authentication token 1, the data conversion module 3, and the wireless module 4 may be supplied using a battery provided in the authentication token. Further, power may be supplied to the authentication token 1 from the power supply in the utilization device 2 in a state where the authentication token 1 is connected to the utilization device 2. At this time, a rechargeable secondary battery is used as the battery in the authentication token 1, and the secondary battery is charged using the power source in the utilization device 2 when connected to the utilization device 2. Good.
In addition, by using a non-contact power supply technique used in a non-contact card or the like, power may be supplied from the use device to the authentication token 1, the data conversion module 3, or the wireless module 4, or the secondary battery may be charged. Good.
Note that the power supply to the authentication token 1 is not limited to the above configuration example.
[0036]
In the second embodiment described above, power may be supplied to each circuit of the data conversion module 3 and the authentication token 1 using a battery provided in the data conversion module 3. Alternatively, a rechargeable secondary battery may be used as the battery in the data conversion module 3 and the secondary battery may be charged using the power supply of the utilization device 2.
In the third embodiment described above, a battery provided in the wireless module 4 may be used to supply power to each circuit of the wireless module 4 and the authentication token 1. In addition, a rechargeable secondary battery may be used as the battery in the wireless module 4 and the secondary battery may be charged using the power supply of the utilization device 2.
[0037]
Next, a fourth embodiment according to the present invention will be described with reference to FIG. FIG. 6 is a block diagram showing a configuration of an authentication system according to the fourth embodiment of the present invention.
In the present embodiment, a case will be described in which, in each of the above embodiments, when authentication data including a verification result is transmitted from an authentication token to a user device, an encryption method for encrypting the authentication data is applied.
This authentication system includes an authentication token 1001 serving as an authentication device that performs user authentication, and a use device 1002 that provides a service to the user after user authentication.
[0038]
The authentication token 1001 includes a biometric information recognition circuit 1011, an encryption circuit 1012, and a communication circuit 1013. Among these, the biometric information recognition circuit 1011 includes the sensor 11, the verification circuit 13, and the storage circuit 12. The communication circuit 1013 is equivalent to the communication circuit 14 described above.
Therefore, the authentication token 1001 can be regarded as a password circuit 1012 added to the authentication token of FIG.
[0039]
The utilization device 1002 includes a decryption circuit 1021, a random number generation circuit 1022, a result determination circuit 1023, a detection circuit 1024, and a communication circuit 1025. Among them, the decryption circuit 1021, the random number generation circuit 1022, the result determination circuit 1023, and the detection circuit 1024 are included in the processing device 22. The communication circuit 1025 is equivalent to the communication circuit 21.
Therefore, the utilization device 1002 can be regarded as a decryption circuit 1021, a random number generation circuit 1022, a result determination circuit 1023, and a detection circuit 1024 added to the processing device 22 with respect to the utilization device 2 of FIG.
[0040]
The encryption circuit 1012 encrypts the authentication result output from the biometric information recognition circuit 1011 and the random number transmitted from the using device 1002 using a common key encryption algorithm and outputs the result. Examples of common encryption algorithms include DES (Data Encryption Standard). Since the encryption circuit 1012 encrypts data obtained by adding the authentication result to the random number, the random number generation circuit 1022 generates an n-digit random number, and the authentication result is one-digit data indicating authentication OK or authentication NG. In this case, at least n + 1 digit data is encrypted. The communication circuit 1013 is an interface unit that transmits and receives data to and from the use device 1002 in a wired or wireless manner while synchronizing with the use device 1002.
[0041]
The detection circuit 1024 in the utilization device 1002 detects a service provision request from the user to the own device. When the detection circuit 1024 detects a service provision request from the user, the random number generation circuit 1022 generates and outputs a random number having a predetermined number of digits and a different value every time it is generated. The decryption circuit 1021 decrypts the encrypted data transmitted from the authentication token 1001 and outputs it.
[0042]
If the authentication result transmitted from the decryption circuit 1021 is authentication NG, the result determination circuit 1023 rejects service provision to the user. If the authentication result is authentication OK, the result determination circuit 1023 decrypts the data decrypted by the decryption circuit 1021. Is compared with the random number output from the random number generation circuit 1022, and a match or mismatch is determined. The communication circuit 1025 is interface means for transmitting / receiving data to / from the authentication token 1001 in a wired or wireless manner while synchronizing with the authentication token 1001.
[0043]
FIG. 7 shows the configuration of the encryption circuit 1012. The encryption circuit 1012 includes a temporary storage circuit 1050, a storage circuit 1051, and a processing circuit 1052. The temporary storage circuit 1050 temporarily stores a random number transmitted from the using device 1002. The storage circuit 1051 stores a pre-registered common key and outputs setting data and a common key necessary for an encryption operation using this common key.
[0044]
The processing circuit 1052 encrypts data obtained by adding the authentication result output from the biometric information recognition circuit 1011 to the random number output from the temporary storage circuit 1050 using the common key and setting data output from the storage circuit 1051. Note that the decryption circuit 1021 can also be realized with the same configuration as the encryption circuit 1012.
[0045]
Hereinafter, an operation of managing access to the utilization device 1002 by the user authentication system of the present embodiment will be described with reference to FIGS. FIG. 8 is a flowchart showing the operation of the using device 1002, and FIG. 9 is a flowchart showing the operation of the authentication token 1001.
[0046]
The feature of the present embodiment is that the authentication token 1001 encrypts the authentication result and transmits it to the using device 1002, and the using device 1002 generates a random number and transmits it to the authentication token 1001, and is transmitted from the authentication token 1001. The point is that the result is judged after decrypting the encrypted data. In this embodiment, a description will be given assuming that a fingerprint is used as the user's biometric information.
[0047]
First, a specific user who intends to use the utilization device 1002 requests the utilization device 1002 to provide a service. The detection circuit 1024 in the user device 1002 detects a service provision request from the user (step 1101 in FIG. 8). When the detection circuit 1024 detects a service provision request from the user, the random number generation circuit 1022 generates a random number R having a predetermined number of digits and a different value every time it is generated (step 1102). Is transmitted to the authentication token 1001 via the communication circuit 1025 to request user authentication (step 1103).
[0048]
When the encryption circuit 1012 (temporary storage circuit 1050) in the authentication token 1001 receives the random number R transmitted from the using device 1002 via the communication circuit 1013 (step 1104 in FIG. 9: YES), the encryption circuit 1012 stores the random number R. (Step 1105).
When the biometric information recognition circuit 1011 receives the random number R, the biometric information recognition circuit 1011 determines that there is a user authentication request from the using device 1002, performs user authentication, and sends an authentication result M indicating authentication OK or authentication NG to the encryption circuit 1012. Output (step 1106).
[0049]
That is, the biometric information recognition circuit 1011 collates the fingerprint image of the specific user collected by the fingerprint sensor unit with the fingerprint image of the regular user registered in advance in the internal storage circuit by the authentication circuit, and If the fingerprint images match, an authentication result M indicating authentication OK is output, and if they do not match, an authentication result M indicating authentication NG is output.
Fingerprint verification methods include extracting the feature points of a specific user's fingerprint image and comparing them with the feature points of a normal user's fingerprint image, or directly matching the specific user's fingerprint image with the normal user's fingerprint image, etc. There is.
[0050]
Next, the processing circuit 1052 in the encryption circuit 1012 adds the authentication result M output from the biometric information recognition circuit 1011 to the random number R output from the temporary storage circuit 1050 (step 1107), and authenticates the random number R. Data M + R with the result M added is encrypted using the common key and setting data output from the storage circuit 1051 to generate encrypted data C (step 1108).
Then, the processing circuit 1052 transmits the encrypted data C to the using device 1002 via the communication circuit 1013 (step 1109).
[0051]
When receiving the encrypted data C transmitted from the authentication token 1001 via the communication circuit 1025 (step 1110 in FIG. 8: YES), the decryption circuit 1021 in the user device 1002 stores the encrypted data C in the internal storage. Decryption is performed using a common key stored in advance in the circuit (step 1111).
This common key is the same as that stored in the storage circuit 1051 in the encryption circuit 1012.
[0052]
The result determination circuit 1023 extracts the authentication result M from the data M + R ′ decrypted by the decryption circuit 1021 (step 1112). If the authentication result M indicates authentication NG, the specific user who issued the service provision request is authorized. It is determined that the user is not, and the service provision to the specific user is rejected (step 1113).
[0053]
If the authentication result M included in the decrypted data M + R ′ indicates authentication OK, the result determination circuit 1023 obtains a numerical value R ′ obtained by removing the authentication result M from the data M + R ′ (step 1114). The numerical value R ′ is compared with the random number R generated by the random number generation circuit 1022 (step 1115). Then, if the numerical value R ′ and the random number R match, the result determination circuit 1023 determines that the specific user who issued the service provision request is a regular user, and permits service provision to the specific user (step) 1116) When the numerical value R ′ does not match the random number R, the service provision to the specific user is rejected (step 1117).
[0054]
As described above, in the present embodiment, a common encryption key (common key) is registered in advance in the authentication token 1001 and the use device 1002, and when the user requests service provision, the use device 1002 sends the authentication token 1001. Is transmitted to the user device 1002 by encrypting the data obtained by adding the authentication result M to the random number R received by the authentication token 1001 using the common key, and the user device 1002 transmits the received encrypted data. Only when the authentication result M is decrypted using the common key, the authentication result M included in the decrypted data indicates authentication OK, and the numerical value R ′ included in the decrypted data matches the random number R generated by the user device 1002 Allow service delivery to In this embodiment, since the using device 1002 transmits a different random number each time, the encrypted data transmitted by the authentication token 1001 also has a different value each time.
[0055]
Therefore, even if a third party other than the authorized user can steal the encrypted data signal, it cannot be used to impersonate the authorized user by using the signal. Furthermore, even if a third party other than the authorized user can steal the random number output from the using device 1002, the encryption key possessed only by the authorized user is secret, and therefore forging the encrypted data signal Can not.
For the above reasons, it is possible to prevent a third party other than a regular user from impersonating a regular user and prevent unauthorized use.
[0056]
Next, a fifth embodiment according to the present invention will be described with reference to FIG.
FIG. 10 is a block diagram showing a configuration of an authentication system according to the fifth embodiment of the present invention, and FIG. 11 is a block diagram showing a configuration of an encryption circuit in the biometric information recognition integrated circuit according to the present embodiment. The difference from the fourth embodiment is that the authentication token 1001 includes a storage circuit 1014 and the encryption circuit 1012 includes an arithmetic operation circuit 1053.
[0057]
The storage circuit 1014 stores identification information (hereinafter referred to as “ID”) unique to the authentication token 1001. A storage circuit 1051 in the encryption circuit 1012 stores a secret key registered in advance. The arithmetic operation circuit 1053 performs arithmetic operations such as division in order to perform public key encryption operations. Note that the arithmetic operation circuit 1053 may be integrated with the processing circuit 1052. The configuration of the decryption circuit 1021 is the same as that of the encryption circuit 1012. In the storage circuit in the decryption circuit 1021, the ID of the authentication token 1001 and the public key corresponding thereto are registered in advance for each authentication token 1001. As a public key encryption algorithm, for example, there is a discrete logarithm method.
[0058]
Hereinafter, an operation of managing access to the utilization device 1002 by the user authentication system of the present embodiment will be described with reference to FIGS. 12 is a flowchart showing the operation of the using device 1002, and FIG. 13 is a flowchart showing the operation of the authentication token 1001. The difference from the fourth embodiment is that the authentication token 1001 transmits an ID to the using device 1002, and a public key corresponding to the ID of the authentication token 1001 is used as an encryption key for the using device 1002 to decrypt. This is a point stored in advance.
[0059]
First, a specific user who intends to use the utilization device 1002 requests the utilization device 1002 to provide a service. When detecting the service provision request from the user (step 1201 in FIG. 12), the detection circuit 1024 in the user device 1002 requests user authentication from the authentication token 1001 via the communication circuit 1025 (step 1202).
[0060]
When the biometric information recognition circuit 1011 in the authentication token 1001 receives a user authentication request from the utilization device 1002 via the communication circuit 1013 (step 1203 in FIG. 13: YES), the user authentication is performed and authentication OK or authentication is performed. The authentication result M indicating NG is output to the encryption circuit 1012 (step 1204). The user authentication method at this time is as described in step 1106 of the fourth embodiment.
[0061]
Subsequently, the storage circuit 1014 in the authentication token 1001 outputs an ID stored in advance in response to the reception of the user authentication request, and transmits the ID to the utilization device 1002 via the communication circuit 1013 (step 1205).
When receiving the ID transmitted from the authentication token 1001 via the communication circuit 1025 (step 1206 in FIG. 12: YES), the decryption circuit 1021 in the user device 1002 searches the internal storage circuit based on the received ID. Then, a public key corresponding to the ID is acquired from the storage circuit (step 1207).
[0062]
After acquiring the public key, the random number generation circuit 1022 generates a random number R having a predetermined number of digits and a different value every time it is generated (step 1208), and this random number R is transmitted to the authentication token 1001 via the communication circuit 1025. (Step 1209).
When the encryption circuit 1012 (temporary storage circuit 1050) in the authentication token 1001 receives the random number R transmitted from the using device 1002 via the communication circuit 1013 (step 1210: YES in FIG. 13), the encryption circuit 1012 stores the random number R. (Step 1211).
[0063]
Subsequently, the processing circuit 1052 in the encryption circuit 1012 adds the authentication result M output from the biometric information recognition circuit 1011 to the random number R output from the temporary storage circuit 1050 (step 1212), and authenticates the random number R. Data M + R with the result M added is encrypted using a secret key stored in advance in the storage circuit 1051 to generate encrypted data C (step 1213), and the encrypted data C is used via the communication circuit 1013. It transmits to 1002 (step 1214).
[0064]
When the decryption circuit 1021 in the user device 1002 receives the encrypted data C transmitted from the authentication token 1001 via the communication circuit 1025 (step 1215: YES in FIG. 12), the encrypted data C is acquired in step 1207. Decryption is performed using the public key (step 1216). The result determination circuit 1023 extracts the authentication result M from the data M + R ′ decrypted by the decryption circuit 1021 (step 1217). If the authentication result M indicates authentication NG, the result determination circuit 1023 sends the authentication request M to the specific user who issued the service provision request. Service provision is rejected (step 1218).
[0065]
If the authentication result M included in the decrypted data M + R ′ indicates authentication OK, the result determination circuit 1023 obtains a numerical value R ′ obtained by removing the authentication result M from the data M + R ′ (step 1219). The numerical value R ′ is compared with the random number R generated by the random number generation circuit 1022 (step 1220). Then, if the numerical value R ′ and the random number R match, the result determination circuit 1023 permits service provision to the specific user who issued the service provision request (step 1221), and the numerical value R ′ and the random number R do not match. If so, the service provision to the specific user is rejected (step 1222).
[0066]
As described above, in this embodiment, a random key received from the user device 1002 in the authentication token 1001 by registering a secret key in the authentication token 1001 in advance and disclosing the public key corresponding to the authentication token 1001. Data obtained by adding the authentication result M to R is encrypted using a secret key and transmitted to the using device 1002, and the using device 1002 decrypts the received encrypted data using the public key corresponding to the ID of the authentication token 1001. The service is provided to the user only when the authentication result M included in the decrypted data indicates authentication OK and the numerical value R ′ included in the decrypted data matches the random number R generated by the user device 1002. To do. In this embodiment, since the using device 1002 transmits a different random number each time, the encrypted data transmitted by the authentication token 1001 also has a different value each time.
[0067]
Therefore, even if a third party other than the authorized user can steal the encrypted data signal, it cannot be used to impersonate the authorized user by using the signal. Furthermore, even if a third party other than the authorized user can steal the random number output from the using device 1002, the encryption key possessed only by the authorized user is secret, and therefore forging the encrypted data signal Can not.
For the above reasons, it is possible to prevent a third party other than a regular user from impersonating a regular user and prevent unauthorized use.
[0068]
In this embodiment, since only one secret key needs to be registered in the authentication token 1001, the capacity of the storage circuit 1051 can be reduced, and a plurality of unspecified use devices 1002 can be easily handled. be able to. That is, in the fourth embodiment, since the authentication token 1001 and the using device 1002 use the same common key, when the authentication token 1001 performs user authentication for a plurality of using devices 1002, the common key is used. It is necessary to register in the authentication token 1001 for each service providing apparatus. On the other hand, the authentication token 1001 according to the present embodiment allows the user device 1002 to use the public key corresponding to the own device by disclosing the ID and public key of the own device. It is only necessary to store one key.
[0069]
Next, a sixth embodiment according to the present invention will be described with reference to FIG.
FIG. 14 is a block diagram showing a configuration of an authentication system according to the sixth embodiment of the present invention. The difference from the fourth embodiment is that the authentication token 1001 includes a result determination circuit 1015. If the authentication result is OK, the result determination circuit 1015 outputs the authentication result to the encryption circuit 1012 to prompt the start of encryption. Further, when the authentication result is NG, the authentication result is directly output to the communication circuit 1013. Also in this embodiment, the configuration of the encryption circuit 1012 is the same as that of the encryption circuit 1012 of the fourth embodiment, and will be described using the reference numerals in FIG.
[0070]
Hereinafter, an operation of managing access to the utilization device 1002 by the user authentication system of the present embodiment will be described with reference to FIGS. 15 and 16. 15 is a flowchart showing the operation of the using device 1002, and FIG. 16 is a flowchart showing the operation of the authentication token 1001. The difference from the fourth embodiment is that when the authentication result is NG, the authentication token 1001 does not encrypt data, and the using device 1002 does not perform decryption when the authentication result is NG. It is.
[0071]
First, a specific user who intends to use the utilization device 1002 requests the utilization device 1002 to provide a service. The detection circuit 1024 in the user device 1002 detects a service provision request from the user (step 1301 in FIG. 15). When the detection circuit 1024 detects a service provision request from the user, the random number generation circuit 1022 generates a random number R having a predetermined number of digits and a different value every time it is generated (step 1302). Is transmitted to the authentication token 1001 via the communication circuit 1025 to request user authentication (step 1303).
[0072]
When the encryption circuit 1012 in the authentication token 1001 receives the random number R transmitted from the use device 1002 via the communication circuit 1013 (step 1304 in FIG. 16: YES), the encryption circuit 1012 stores the random number R (step 1305). The biometric information recognition circuit 1011 performs user authentication in response to the reception of the random number R, and outputs an authentication result M indicating authentication OK or authentication NG to the result determination circuit 1015 (step 1306). The user authentication method at this time is as described in step 1106 of the fourth embodiment.
[0073]
The result determination circuit 1015 determines whether the authentication result M is authentication OK or NG (step 1307). When the authentication result M indicates authentication NG, the authentication result M is transmitted to the user equipment 1002 via the communication circuit 1013 (step 1307). 1308). When the authentication result M indicates authentication OK, the result determination circuit 1015 outputs a signal instructing encryption of the random number R to the encryption circuit 1012 and outputs the authentication result M to the encryption circuit 1012. .
[0074]
In response to an instruction from the result determination circuit 1015, the encryption circuit 1012 encrypts the random number R stored in step 1305 using the common key and setting data stored in advance in the internal storage circuit to obtain the encrypted data C. Generate (step 1309). Then, the processing circuit 1052 generates data M + C in which the authentication result M is added to the encrypted data C (step 1310), and transmits this data M + C to the using device 1002 via the communication circuit 1013 (step 1311).
[0075]
The result determination circuit 1023 in the user device 1002 receives the authentication result M (step 1312 in FIG. 15: YES) or receives data M + C in which the authentication result M is added to the encrypted data C (step 1313: YES). ), It is determined whether the received authentication result M is authentication OK or NG (step 1314). If the authentication result M indicates authentication NG, service provision to the specific user who issued the service provision request is rejected (step 1315).
[0076]
If the received authentication result M indicates authentication OK, the result determination circuit 1023 obtains the encrypted data C obtained by removing the authentication result M from the received data M + C (step 1316), and the encrypted data C is decrypted. Pass to 1021. The decryption circuit 1021 decrypts the encrypted data C passed from the result determination circuit 1023 using a common key stored in advance in the internal storage circuit (step 1317).
[0077]
The result determination circuit 1023 compares the numerical value R ′ decrypted by the decryption circuit 1021 with the random number R generated by the random number generation circuit 1022 (step 1318). If the numerical value R ′ and the random number R match, the result determination circuit 1023 permits service provision to the specific user who issued the service provision request (step 1319), and the numerical value R ′ and the random number R do not match. If so, the service provision to the specific user is rejected (step 1320).
[0078]
In the present embodiment, when the result of user authentication with the authentication token 1001 is NG, since the encryption process in the authentication token 1001 and the decryption process in the using device 1002 are not performed, the authentication token 1001 and the using device 1002 Communication processing can be speeded up. Note that the configuration of this embodiment may be applied to the public key cryptosystem described in the fifth embodiment.
[0079]
Next, a seventh embodiment according to the present invention will be described.
In the sixth embodiment, when the result of user authentication is NG, the authentication result 100 is transmitted from the authentication token 1001 to the using device 1002, and when the result of user authentication is OK, the authentication result is stored in the encrypted data C. Data M + C with M added is transmitted to the use device 1002, and the use device 1002 determines the authentication result M. However, the authentication token 1001 does not need to send the authentication result M, and the use device 1002 does not need to send the authentication token. The determination may be performed based on the number of digits of the sentence transmitted from 1001.
[0080]
That is, the result determination circuit 1015 in the authentication token 1001 instructs the encryption circuit 1012 to encrypt the random number R when the authentication result M indicates authentication OK in step 1307 of FIG. When the result determination circuit 1015 is instructed to encrypt the random number R, only the encrypted data C obtained by encrypting the random number R is transmitted to the use device 1002 (steps 1309 and 1311). If the authentication result M indicates authentication NG in step 1307, the result determination circuit 1015 transmits data having a different number of digits from the encrypted data C to the using device 1002 (step 1308).
[0081]
When determining whether the authentication result M is authentication OK or NG in step 1314 in FIG. 15, the result determination circuit 1023 in the using device 1002 determines whether the authentication is OK or NG based on the number of digits of data transmitted from the authentication token 1001. To do. Other operations are the same as those in the sixth embodiment.
As described above, in this embodiment, by setting the number of digits of data representing authentication NG to a number of digits different from that of the encrypted data C, only the encrypted data C is transmitted in the case of authentication OK. Therefore, the amount of data to be transmitted can be reduced. Note that the configuration of this embodiment may be applied to the public key cryptosystem described in the fifth embodiment.
[0082]
An example of the utilization device 1002 described in the fourth to seventh embodiments is a computer, for example. The authentication token 1001 serving as the authentication device may be integrated with the use device 1002 or may be a separate body (for example, a terminal device possessed by the user). Data may be transmitted and received between the authentication token 1001 and the using device 1002 by wire or wireless.
[0083]
In the fourth to seventh embodiments, the case where a fingerprint is used as biometric information is described as an example. However, as other biometric information, for example, a user's voiceprint, iris, handwriting, handprint, finger There are length, human phase, etc. When the user's bill or finger length is used as the biometric information, the authentication token 1001 captures the user's palm or finger image, and compares the captured image with a pre-registered regular user's palm or finger image. Perform user authentication.
[0084]
When a user's voice print, that is, a sound spectrogram is used as the biometric information, the authentication token 1001 collects the user's voice to extract the voice print, and the extracted voice print data is registered with the voice user's voice print data registered in advance. Verify user authentication. When the user's handwriting is used as the biometric information, the authentication token 1001 captures the user's pen locus with a digitizer or the like, or captures and captures a signature written on paper, and the image data of the captured handwriting is registered in advance. User authentication is performed by checking with handwritten data of authorized users.
[0085]
When the user's iris is used as the biometric information, the authentication token 1001 captures the user's iris and compares the photographed iris image data with pre-registered regular user iris image data to perform user authentication. . When the user's human phase is used as the biometric information, the authentication token 1001 extracts a facial feature by photographing the user's face, and compares the extracted feature data with the feature data of a regular user registered in advance to perform user authentication. I do.
[0086]
In the fourth and fifth embodiments, the data obtained by adding the authentication result M to the random number R is encrypted, but this data may be generated from the exclusive OR of the random number R and the authentication result M. . That is, the encryption circuit 1012 encrypts data M∀R (∀ is an exclusive OR operator) obtained by taking an exclusive OR of the random number R and the authentication result M to generate encrypted data C (FIG. 9). Steps 1107, 1108). Similarly, the encryption circuit 1012 generates encrypted data C by encrypting the data M∀R obtained by taking the exclusive OR of the random number R and the authentication result M (steps 1212 and 1213 in FIG. 13).
[0087]
The exclusive OR has a property of A∀B∀A = B. Using this property, the encrypted data C is decrypted to extract a random number. For this purpose, the result determination circuit 1023 performs exclusive OR R2 = M∀R between the data M∀R ′ decrypted by the decryption circuit 1021 in step 1111 of FIG. 8 and the authentication result M ′ indicating authentication OK. “∀M” is obtained in step 1115. When M = M ′, R2 = R ′. Further, if the encryption circuit 1012 correctly encrypts the random number R, R2 = R.
[0088]
Therefore, the result determination circuit 1023 according to the fourth embodiment determines that the specific user who has issued the service provision request is a regular user when the numerical value R2 obtained in step 1115 matches the random number R generated by the random number generation circuit 1022. Therefore, the service provision to the specific user is permitted (step 1116), and if the numerical value R2 and the random number R do not match, the service provision to the specific user is rejected (step 1117).
[0089]
By performing the determination process as described above, the authentication result M included in the decrypted data M∀R ′ indicates that it is an authorized user, and the random number R ′ included in the decrypted data M∀R ′ is It can be confirmed at a time that it matches the random number R generated by the random number generation circuit 1022. Note that when an exclusive OR is used to generate data in step 1107, the processing in steps 1112 to 1114 is not performed.
[0090]
Similarly, the result determination circuit 1023 according to the fifth embodiment performs an exclusive OR operation between the data M∀R ′ decrypted by the decryption circuit 1021 in step 1216 of FIG. 12 and the authentication result M ′ indicating authentication OK. R2 = M∀R'∀M 'is obtained in step 1220. Then, if the obtained numerical value R2 matches the random number R generated by the random number generation circuit 1022, the result determination circuit 1023 permits the service provision to the specific user (step 1221), and the numerical value R2 and the random number R are If they do not match, the service provision to the specific user is rejected (step 1222). Note that, when an exclusive OR is used to generate data in step 1212 in FIG. 13, the processing in steps 1217 to 1219 is not performed.
[0091]
In the above fourth to seventh embodiments, the case where encryption is performed using a random number has been described as an example. However, the present invention is not limited to the random number.
For example, the random number generation circuit 1022 can be regarded as one of dynamic information generation circuits that generate dynamic information. Dynamic information here refers to information in which the content of the information changes sequentially each time information generation processing is performed, and specific examples include random numbers, date and time information, and counters.
[0092]
Next, a specific configuration example of the sensor 11 constituting the authentication token 1 will be described with reference to FIG. FIG. 17 is a diagram showing a schematic cross section of the sensor 11 constituting the authentication token 1.
The sensor 11 includes, for example, a plurality of 80 μm square sensor electrodes 315 and a grid-like ground electrode 316 on an interlayer insulating film 314 formed on a lower insulating film 312 on a semiconductor substrate 311 made of silicon, for example. The plurality of sensor electrodes 315 and the ground electrode 316 are arranged on the same plane defined by the surface of the interlayer insulating film 314.
[0093]
The sensor electrodes 315 are covered with a passivation film 317 formed on the interlayer insulating film 314, and a plurality of sensor electrodes 315 are provided at intervals of 150 μm, are made of Au, and have a thickness of about 1 μm. Since the thickness of the passivation film 317 is about 3 μm, the passivation film 317 is present on the sensor electrode 315 with about 2 (= 3-1) μm. The passivation film 317 is made of an insulator having a relative dielectric constant of about 4.0 such as polyimide.
[0094]
A wiring 313 connected to the sensor electrode 315 through a through hole is formed on the lower insulating film 312, while a capacitance detection circuit 318 that detects a capacitance formed on the sensor electrode 315 is formed on the semiconductor substrate 311. Is forming.
The capacitance detection circuit 318 is connected to the sensor electrode 315 by the wiring 313 described above. The capacitance detection circuit 318 is provided for each sensor electrode 315, and detects a capacitance formed between the sensor electrode 315 and a part of the recognition target (finger).
[0095]
The output side of each capacitance detection circuit 318 is connected to the collation circuit 13, and fingerprint data obtained by converting the capacitance formed in each sensor electrode 315 to light and shade is output to the collation circuit 13.
Each capacitance detection circuit 318, verification circuit 13 and storage circuit 12 are formed on a semiconductor substrate 311 below the sensor electrode 315, for example. As a result, the authentication token 1 can be made into one chip. As another example of such a one-chip implementation, there is one disclosed in, for example, Japanese Patent Laid-Open No. 2000-242771.
[0096]
FIG. 18 is a circuit diagram showing a specific configuration of the capacitance detection circuit 318 shown in FIG. Cf is a capacitance formed between the sensor electrode 315 and the finger skin 331 shown in FIG. The sensor electrode 315 forming the capacitor Cf is connected to the drain terminal of the Nch MOS transistor Q3a, and the source terminal of the transistor Q3a is connected to the input side of the current source 332A of the current I.
A source terminal of an Nch MOS transistor (first element) Q2a is connected to a node N1a between the sensor electrode 315 and the transistor Q3a. At the node N2a between the drain terminal of the transistor Q2a and the drain terminal of the Pch MOS transistor (first switch means) Q1a, an NchMOS having a power supply voltage VDD applied to the drain terminal and a source terminal connected to the ground via a resistor Ra. The gate terminal of the transistor Q4a is connected. An inverter gate 333A is connected to the source terminal of the transistor Q4a.
[0097]
Signals PRE (bar) and RE are applied to the gate terminals of the transistors Q1a and Q3a, respectively. A bias voltage VG is applied from the constant voltage source to the gate terminal of the transistor Q2a. Here, when the threshold voltage between the gate and the source at which the transistor Q2a is turned off is Vth, the voltages VDD and VG are set so that VDD> VG-Vth.
The nodes N1a and N2a have parasitic capacitances Cp1a and Cp2a, respectively.
The current source 332A and the transistor Q3a constitute a signal generation circuit 332, and the transistor Q4a, the resistor Ra, and the inverter gate 333A constitute an output circuit 333.
[0098]
FIG. 19 is a timing chart for explaining the operation of the capacitance detection circuit 318. (a) shows the potential change of the signal PRE (bar) for controlling the transistor Q1a, and (b) shows the signal for controlling the transistor Q3a. The potential change of RE is shown, (c) shows the potential change of each of the nodes N1a and N2a.
Initially, a high level (VDD) signal PRE (bar) is applied to the gate terminal of the transistor Q1a, and a low level (GND) signal RE is applied to the gate terminal of the transistor Q3a. Therefore, at this time, the transistors Q1a and Q3a are not conducting.
[0099]
In this state, when the signal PRE (bar) changes from the High level to the Low level, the transistor Q1a becomes conductive. At this time, the transistor Q3a remains in a non-conductive state and the signal generation circuit 332 is in a stopped state, so that the potential of the node N2a is precharged to VDD.
Node N1a is charged until the gate-source voltage of transistor Q2a reaches threshold voltage Vth and transistor Q2a is turned off. As a result, the potential of the node N1a is precharged to VG-Vth.
[0100]
When the signal PRE (bar) changes to High level after the precharge is completed, the transistor Q1a is turned off. At the same time, when the signal RE changes to a high level, the transistor Q3a becomes conductive, and the signal generation circuit 332 changes to an operating state.
Then, when the charge charged at the node N1a is extracted by the current source 332A and the potential of the node N1a is slightly lowered, the voltage between the gate and the source of the transistor Q2a becomes larger than the threshold voltage Vth, and the transistor Q2a is turned on. To change. As a result, the charge at the node N2a is also extracted, and the potential drop at the node N2a starts.
[0101]
Assuming that the period during which the signal RE is at the high level is Δt, the potential drop ΔV at the node N1a after the lapse of Δt is VDD− (VG−Vth) + IΔt / (Cf + Cp1a). Here, the parasitic capacitance Cp2a is sufficiently smaller than the parasitic capacitance Cp1a.
[0102]
Since the current I, the period Δt, and the parasitic capacitances Cp1a and Cp2a of the current source 332A are constant, the potential decrease amount ΔV is a value of a capacitance generated between the sensor electrode 315 and the finger surface 331 to be recognized. Determined by Cf. Since the capacitance value Cf is determined by the distance between the sensor electrode 315 and the finger surface 331, the capacitance value Cf varies depending on the unevenness of the fingerprint. Therefore, the magnitude of the potential decrease amount ΔV changes to reflect the unevenness of the fingerprint. Since this potential decrease amount ΔV is supplied as an input signal to the output circuit 333, ΔV is input by the output circuit 333, and a signal reflecting the fingerprint irregularities is output.
[0103]
The output signal of each capacitance detection circuit 318 is output to the verification circuit 13 as the aforementioned fingerprint image data. Then, the verification circuit 13 authenticates the user by comparing the fingerprint image data with the registered fingerprint image data stored in advance in the storage circuit 12.
[0104]
The example in which the sensor 11, the verification circuit 13, and the storage circuit 12 in the authentication token 1 are configured as one chip has been described above. In addition, the sensor 11 is configured as one chip, and the sensor 11 and the bus are connected to each other. The verification circuit 13 may be connected, and the storage circuit 12 may be further connected to the verification circuit 13 via a bus. Alternatively, the sensor 11 and the verification circuit 13 may be integrated into one chip, and the storage circuit 12 may be connected to the one-chip integrated circuit via a bus.
[0105]
Next, the storage circuit 12 in the authentication token 1 will be described with reference to FIG. FIG. 20 is an explanatory diagram showing a configuration in the memory circuit 12.
In each of the embodiments described above, as shown in FIG. 20, three different storage areas 12X, 12Y, and 12Z may be provided in the storage circuit 12 to store various information.
[0106]
In this example, the storage area 12X stores registered fingerprint data 12A used for fingerprint authentication, and the storage area 12Y stores user (individual) information (for example, name, address, date of birth, credit card number, etc.) of the token holder. ) Store 12B.
Further, in the storage area 12Z, service information related to the service (for example, password, authentication token identification information, use date / time, coin locker door number, gate opening / closing, concert name, ATM account number, e-commerce password, telephone book, electronic Email address etc.).
[0107]
In general, in the authentication token 1, only registered fingerprint data is stored in the token and only the result of the personal authentication is output outside the token. However, according to this, the authentication token can be applied. The system will be limited.
On the other hand, as shown in FIG. 20, various kinds of information as described above are stored, and if necessary, these information and processing information obtained by processing these information are exchanged with the use device 2. It is possible to exchange and receive various services using the authentication token.
[0108]
【The invention's effect】
  As described above, the present invention detects a user's biological information and outputs the detection result as sensing data, registration data for collating the user's biological information,User information specific to the user used for processing on the user deviceIs a pre-stored storage circuit, a verification circuit that compares sensing data from the sensor using registration data stored in the storage circuit, and outputs the verification result indicating the user authentication result as authentication data,Including user information stored in the memory circuitA communication circuit that transmits authentication data as communication data to the device to be used is integrally formed as an authentication token. This authentication token is normally held by the user, and when the user uses the device, it is connected to the device to be used. Thus, user authentication is performed based on the user's biometric information.
[0109]
Therefore, as in the past, a sensor that detects the user's biological information and a verification circuit that performs verification are provided inside the user device, and the user's registration data is registered and compared with the case where the user owns and manages the data on the data card. Data is not output outside the authentication token, and it is possible to prevent leakage of registered data used during verification. In addition, since the sensor is not shared by an unspecified number of users and is provided for each authentication token that the user has individually, even if a sensor failure occurs, it does not spill over to other users, and biometric information Even when it is necessary to bring a part of the human body into contact with the sensor, such as a fingerprint, at the time of detection, a good sanitary environment can be maintained for the user.
[Brief description of the drawings]
FIG. 1 is a block diagram showing an authentication token and an authentication system according to a first embodiment of the present invention.
FIG. 2 is a block diagram showing an authentication token and an authentication system according to a second embodiment of the present invention.
FIG. 3 is a block diagram showing an authentication token and an authentication system according to a third embodiment of the present invention.
FIG. 4 is a block diagram showing a conventional authentication system.
FIG. 5 is a block diagram showing another conventional authentication system.
FIG. 6 is a block diagram showing a configuration of an authentication system according to a fourth embodiment of the present invention.
FIG. 7 is a block diagram showing a configuration of an encryption circuit in a biometric information recognition integrated circuit according to a fourth embodiment of the present invention.
FIG. 8 is a flowchart showing an operation of a service providing apparatus according to a fourth embodiment of the present invention.
FIG. 9 is a flowchart showing the operation of the biological information recognition integrated circuit in the fourth embodiment of the present invention.
FIG. 10 is a block diagram showing a configuration of an authentication system according to a fifth embodiment of the present invention.
FIG. 11 is a block diagram showing a configuration of an encryption circuit in a biometric information recognition integrated circuit according to a fifth embodiment of the present invention.
FIG. 12 is a flowchart showing an operation of the service providing apparatus according to the fifth embodiment of the present invention.
FIG. 13 is a flowchart showing the operation of the biometric information recognition integrated circuit in the fifth embodiment of the present invention.
FIG. 14 is a block diagram showing a configuration of an authentication system according to a sixth embodiment of the present invention.
FIG. 15 is a flowchart showing an operation of the service providing apparatus according to the sixth embodiment of the present invention.
FIG. 16 is a flowchart showing the operation of the biometric information recognition integrated circuit in the sixth embodiment of the present invention.
FIG. 17 is a cross-sectional view showing a configuration example of a sensor.
FIG. 18 is a circuit diagram illustrating a configuration example of a capacitance detection circuit of a sensor.
FIG. 19 is a timing chart showing the operation of the capacitance detection circuit.
FIG. 20 is a diagram illustrating an authentication token storage circuit;
[Explanation of symbols]
DESCRIPTION OF SYMBOLS 1 ... Authentication token, 11 ... Sensor, 12 ... Memory circuit, 12A ... Registration fingerprint data, 12B ... User information, 13 ... Verification circuit, 13A ... Authentication data, 14 ... Communication circuit, 1A ... Communication data, 2 ... Utilization apparatus, DESCRIPTION OF SYMBOLS 21 ... Communication circuit, 21A ... Authentication data, 22 ... Processing apparatus, 23 ... Wireless circuit, 3 ... Data conversion module, 31 ... Protocol conversion circuit, 3A ... Communication data, 4 ... Wireless module, 41 ... Protocol conversion circuit, 42 ... Wireless line, 4A ... communication data, 1001 ... authentication token, 1002 ... used device, 1011 ... biological information recognition circuit, 1012 ... encryption circuit, 1013 ... communication circuit, 1014 ... storage circuit, 1015 ... result determination circuit, 1021 ... decryption 1022, random number generation circuit, 1023 ... result determination circuit, 1024 ... detection circuit, 1025 ... communication circuit, 10 1 ... memory circuit, 1052 ... processing circuit, 1053 ... the temporary storage circuit.

Claims (15)

An authentication system that performs user authentication using user biometric information when using a device that performs predetermined processing,
  It is usually possessed by the user and includes an authentication token that is connected to the user device and performs user authentication based on the user's biometric information when the user uses the user device,
  The authentication token detects the user's biometric information and outputs the detection result as sensing data; registration data for collating the user's biometric information; and the user used for processing in the user device The storage circuit in which unique user information is stored in advance and the sensing data from the sensor are collated using registered data stored in the storage circuit, and the user authentication result is shown regardless of the collation result. A verification circuit that outputs verification results as authentication data;
And a first communication circuit that transmits the authentication data including the user information stored in the storage circuit to the utilization device as communication data, and these circuit units are integrally formed,
  The utilization device refers to the second communication circuit that receives the communication data transmitted from the authentication token and outputs it as authentication data, and the verification result included in the authentication data from the second communication circuit, and An authentication system comprising: a processing device that performs the predetermined processing based on a result and user information. The authentication system according to claim 1,
  An authentication system, further comprising: a data conversion module connected to the authentication token and configured to convert communication data from the first communication circuit of the authentication token into a predetermined data format and transmit the data to the use device. The authentication system according to claim 1,
  A wireless module connected to the authentication token and transmitting communication data from the first communication circuit of the authentication token to the utilization device via a wireless section;
  2. The authentication system according to claim 1, wherein the utilization device includes a wireless circuit that receives the communication data transmitted from the wireless module via a wireless section and outputs the communication data to the second communication circuit. The authentication system according to claim 2,
  A wireless module that is connected to the authentication token and transmits communication data from the data conversion module to the utilization device via a wireless section;
  2. The authentication system according to claim 1, wherein the utilization device includes a wireless circuit that receives the communication data transmitted from the wireless module via a wireless section and outputs the communication data to the second communication circuit. The authentication system according to claim 1,
  The authentication system further includes a battery that supplies power to the authentication token. The authentication system according to claim 2 or 4,
  The data conversion module further includes a battery that supplies power to the data conversion module and to the authentication token. The authentication system according to claim 1 or 2,
  The wireless system further includes a battery that supplies power to the wireless module and to the authentication token. In the authentication system according to any one of claims 5 to 7,
  The said battery consists of a secondary battery charged by the power supply from the utilization apparatus, when the said authentication token is connected to the said utilization apparatus. The authentication system according to claim 1,
  The storage circuit stores, as the user information, personal information of the user and service information related to a service provided by the use device, and the personal information, the service information, and An authentication system, wherein the registration information is stored in separate storage areas. The authentication system according to claim 1,
  The authentication token further includes an encryption circuit that encrypts data generated from the dynamic information transmitted from the user device and the authentication data with a pre-registered key,
  The first communication circuit transmits the encrypted data generated by the encryption circuit to the use device,
  The processing device includes a dynamic information generation circuit that generates dynamic information to be transmitted to the authentication token, and a decryption circuit that decrypts encrypted data transmitted from the authentication token using a key paired with the key The verification result of the authentication data included in the data decrypted by the decryption circuit indicates that the verification is successful, and the dynamic information included in the data is generated by the dynamic information generation circuit and transmitted to the authentication token. An authentication system, comprising: a result determination circuit that performs the predetermined process only when it matches the dynamic information. The authentication system according to claim 1,
  The authentication token outputs authentication data to the encryption circuit when the verification result indicates authentication success, and outputs the authentication data to the first communication circuit when the verification result indicates authentication failure. In accordance with the first result determination circuit and the authentication data from the first result determination circuit, the dynamic information transmitted from the utilization device is encrypted using a pre-registered key. An encryption circuit that adds the encrypted data to the authentication data and outputs the encrypted data;
  The first communication circuit transmits the authentication data to which the encrypted data from the encryption circuit is added or the authentication data from the first result determination circuit to the use device,
  The processing apparatus includes a dynamic information generation circuit that generates dynamic information to be transmitted to the authentication token, and a decryption circuit that decrypts encrypted data transmitted from the authentication token using a key paired with the key And the decryption circuit decrypts the encrypted data added to the authentication data only when the authentication result of the authentication data from the authentication token received by the second communication circuit indicates successful authentication. A second result determination circuit that performs the predetermined process only when the obtained dynamic information matches the dynamic information generated by the dynamic information generation circuit and transmitted to the authentication token. A featured authentication system. The authentication system according to claim 1,
  The authentication token includes an encryption circuit that encrypts dynamic information transmitted from the use device using a pre-registered key, and outputs the obtained encrypted data to the first communication circuit as data. When the verification result indicates authentication success, the encryption circuit is instructed to generate encrypted data. When the verification result indicates authentication failure, data having a different number of digits from the encrypted data is input to the first encryption circuit. And a first result determination circuit that outputs to the communication circuit of
  The first communication circuit transmits data from the encryption circuit or data from the first result determination circuit to the utilization device,
  The processing apparatus includes a dynamic information generation circuit that generates dynamic information to be transmitted to the authentication token, and a decryption circuit that decrypts encrypted data transmitted from the authentication token using a key paired with the key Only when the number of digits of data from the authentication token received by the second communication circuit indicates the number of digits at the time of successful authentication, the encrypted data added to the data is obtained by the decryption circuit. A second result determination circuit that performs the predetermined process only when the dynamic information obtained by decryption matches the dynamic information generated by the dynamic information generation circuit and transmitted to the authentication token. An authentication system characterized by that. In the authentication system according to any one of claims 10 to 12,
  The authentication token further includes an ID storage circuit that stores identification information of the authentication token registered in advance,
  The first communication circuit transmits the identification information stored in the ID storage circuit to the use device,
  The decryption circuit decrypts encrypted data from the authentication token using a key corresponding to the identification information transmitted from the authentication token. In the authentication system according to any one of claims 1, 2, 9 to 13,
  2. The authentication system according to claim 1, wherein the user information includes any one of a user ID, a password, a name, an address, a telephone number, an account number, and a credit number. In the authentication system according to any one of claims 1, 2, 9 to 13,
  The utilization device further includes a power source for supplying power to the authentication token connected to the utilization device,
  The authentication system, wherein the authentication token is supplied with power from the use device in a state of being connected to the use device.

Images