JP4387926B2 - Identification code concealment method for two-way radio apparatus and radio communication system - Google Patents

Description

  The present invention relates to a wireless communication concealment technique in a wireless communication system using a bidirectional wireless apparatus in which communication between transmitting and receiving stations is bidirectional and long distance communication is possible.

  Announced a system that combines active wireless tags (transmitting stations) and broadband networks such as B FLET'S, which can grasp the positions of people with active wireless tags and distribute camera images linked to the position information. (See Non-Patent Document 1).

  The features of such a system are as follows: (1) Real-time processing of the position information of the active wireless tag obtained through the reader (receiving station), and always know where the person with the active wireless tag such as a kindergarten is. (2) Since it is possible to grasp the history of how a person wearing an active wireless tag such as a kindergarten behaves, it can also be used for research and research to provide an optimal childcare environment, etc. There is something you can do.

  However, since the active wireless tag is capable of long-distance communication, a third party physically intervenes between the active wireless tag and the reader to intercept the communication between the active wireless tag and the reader, There is a risk that they can easily impersonate each other.

  In particular, if the identification code sent from the active wireless tag is fixed, the individual identification of the active wireless tag is possible, and the person / thing with the active wireless tag and the surrounding environment (time and space), attribute information and Can become a violation of privacy. In addition, fake active wireless tags can be created, which has the problem of developing into various misrepresentations.

  The hazard analysis for enumerating threats to active wireless tags and readers is shown below.

(1) A third party eavesdrops on information transmitted and received between the active wireless tag and the reader.
(1-1) A third party can collate the identification code transmitted from the active wireless tag with the active wireless tag.
(1-1-1) A third party can associate a person / thing with an active wireless tag and the surrounding environment (time and space).
(1-1-1-1) There is a risk that a third party may grasp the movement history of a person / thing with an active wireless tag and infringe on privacy (tracking problem).
(1-1-1-2) There is a risk that a third party may grasp the action history of a person with an active wireless tag and use it for kidnapping.
(1-1-1-3) There is a risk that a third party may grasp the movement history of an object with an active wireless tag and use it for theft.
(1-1-2) The third party associates the person / thing with the active wireless tag and the attribute information.
(1-1-2-1) There is a risk that a third party may grasp the attribute information of a person / thing with an active wireless tag and infringe on privacy.
(1-1-2-2) There is a risk that a third party may grasp the attribute information of a person with an active wireless tag and use it for illegal business activities.
(1-1-2-3) There is a risk that a third party may grasp the attribute information of an object with an active wireless tag and use it for illegal business activities or business interference.

(2) Impersonate a third party.
(2-1) A third party uses a false active wireless tag.
(2-1-1) A third party hides the legitimate active wireless tag and uses a fake active wireless tag.
(2-1-1-1) There is a risk that a third party may steal a person or object with an active wireless tag and delay its detection.
(2-2) A third party uses a false reader.
(2-2-1) A third party uses a false reader to communicate with the active wireless tag.
(2-2-1-1) There is a risk that a third party may read information on the active wireless tag and use it illegally.

  (3) A third party falsifies.

  In reality, falsification of information transmitted and received between the active wireless tag and the reader is considered to be equivalent to (2) spoofing by a third party.

(4) A third party performs a DoS attack.
(4-1) A third party performs a DoS (Denial of Service) attack on an active wireless tag.
(4-1-1) When an active wireless tag transmits information in response to a request from a reader, a third party frequently issues an information transmission request to the active wireless tag and wastes the battery of the active wireless tag There is a risk.
(4-1-2) When a sensor is built into an active wireless tag, there is a risk that a third party may give excessive stimulation to the sensor of the active wireless tag and waste the battery of the active wireless tag .
(4-2) A third party performs a DoS attack on the reader.
(4-2-1) There is a risk that a third party may bring a large number of active wireless tags and exceed the reading limit of the reader.
(4-3) A third party performs a DoS attack on the entire system.
(4-3-1) There is a risk that a third party may shield the active wireless tag and paralyze the system.
(4-3-2) There is a risk that a third party may cause interference by sending jamming radio waves (which may be light or sound waves) between the active wireless tag and the reader.

  By concealing the identification code transmitted from the active wireless tag, the threats (1), (2), and (3) among the above threats can be avoided and suppressed.

  The Hash Lock method proposed by MIT (see Non-Patent Document 2 and Non-Patent Document 3) and the External Re-encryption method proposed by RSA (Non-Patent Document 3) are technologies for concealing the identification code transmitted from the active wireless tag at low cost. And the Universal Re-encryption method (see Non-Patent Document 5).

  The Hash Lock method is a low-cost identification code reading access control method in which only the hash circuit is mounted in the active wireless tag. However, because the metaID in which the active wireless tag is fixed is returned in response to a request from the reader, A third party can collate the metaID sent from the active wireless tag with the active wireless tag, which may cause a tracking problem.

  The External Re-encryption method is a privacy protection method that is assumed to be attached to euro bills, and the identification code encrypted using re-encryption of public key cryptography is updated in an electronic register or the like. Since public key information can be a kind of ID information, the risk of privacy infringement based on it remains.

  The Universal Re-encryption method does not require public key information, re-encryption is achieved only by random number generation, and high privacy protection is realized. However, since the decryption key must be specified at the time of decryption, the entire system is The risk of privacy infringement on key information remains.

  In addition, as a full-fledged encryption technology in which a privacy protection circuit is mounted inside a tag, there are a randomized hash lock method (see Non-Patent Document 2) and an XOR based One-time Pad method (see Non-Patent Document 6).

  The Randomized Hash Lock method has a hash circuit and random number generation circuit in the active wireless tag to make the ID variable, and although it is highly secure, it performs hash calculation for all IDs managed by the reader. A large load is applied because it is necessary. Further, since a hash circuit and a random number generation circuit are required, there is a problem in cost.

  In the XOR based One-time Pad method, an active wireless tag and a reader share a plurality of random key sequences and mutually exchange them, and use only the XOR function. Cost can be reduced. However, in order to read the ID, communication between the active wireless tag and the reader is required four times, and a problem remains in the management of the key string.

  As described above, there is a method that takes privacy protection as the top priority and makes full use of full-fledged encryption technology. It is important to make a trade-off with the value of what should be protected in consideration of the cost, the initial setting of the identification code, and the operation cost for changing / deleting.

In the system as described above, since the active wireless tag normally transmits a wireless signal including an identification code at a predetermined interval, there is a concern that a battery built in the active wireless tag is wasted. In order to extend the driving time, a method of performing bidirectional communication between an active wireless tag and a reader and transmitting a wireless signal as necessary is also considered.
“Provision of video distribution system using broadband line and wireless IC tag”, NTT West and other press releases, 2004.4.19, http://www.ntt-west.co.jp/news/0404/040419 .html R. Rivest, S. Sarma, S. Garfinkel, S. Weis, “Privacy and Security in Radio-Frequency Identification Systems”, MIT Laboratory for Computer Science, March 2003 SESarma, SAWeis, DWEngels, "RFID Systems, Security & Privacy Implications", Auto-ID Center White Paper, 2002 A. Juels and R. Pappu, “Squealing Euros: Privacy Protection in RFID-Enabled Banknotes”, In R. Wright, ed., Financial Cryptography 2003 Springer-Verlag, 2003 P.Golle, M.Jakobsson, A.Juels, and P.Syverson, “Universal Re-encryption for Mixnets”, In T. Okamoto, ed., RSA Conference Criptgraphers'Track'04.2004 I.Vajda and L.Buttyan, “Lightweight Authentication Protocols for Low-Cost RFID Tags”, Ubicomp 2003

  The present invention has been made under the above-described state of the art, and an object of the present invention is to provide simple, low power consumption without using full-fledged encryption technology for bidirectional wireless devices. Another object of the present invention is to provide a low-cost method for concealing an identification code.

  The outline of the present invention will be described according to a specific example. The present invention is a system in which, for example, an active wireless tag (bidirectional wireless device) and a broadband network are combined, and a system capable of grasping the position of a person or the like with an active wireless tag and distributing a camera image linked to the position information. Used in An identification code is sent from the active wireless tag to grasp the position information. With the technology that conceals the identification code, the active wireless tag receives a trigger signal from the reader and receives a plurality of pre-registered identification codes. The identification code selected from the codes is transmitted one by one with various changes in the transmission interval, signal strength, and modulation method. In addition, a false identification code is sent from an active wireless tag or a reader to disturb a third party who tries to find the identification code.

  FIG. 1 is a diagram showing a basic configuration of the present invention. The present invention receives a second radio signal (thick solid line arrow in the figure) that is different from the first radio signal and means for transmitting the first radio signal including the identification code 14 (thin solid arrow in the figure). A plurality of first transmission / reception stations 11, one or more second transmission / reception stations 12 having a means for transmitting a second radio signal and a means for receiving the first radio signal, and one or more second In the wireless communication system configured with the data management means 13 connected to the transmission / reception station, the first transmission / reception station 11 responds to the second wireless signal from the second transmission / reception station 12 in a plurality of pre-registered The identification code 14 selected from among the identification codes 14 is transmitted one by one so as to differ at a frequency of transmission or less (frequency of one or more transmissions). The identification code received by the transmitting / receiving station 12 Compares the identification code 15 are previously registered in de 14 and data management unit 13, and main feature to recognize the identification code 14 from the first transceiver station 11 only if they match.

  Since each of the plurality of first transmitting / receiving stations 11 transmits a plurality of identification codes 14, a third party illegally obtained the identification code 14 by eavesdropping a radio signal from the first transmitting / receiving station 11 to the second transmitting / receiving station 12. However, it is difficult to specify from which first transmitting / receiving station the identification code 14 is transmitted. That is, the correspondence between the first transmitting / receiving station 11 and the identification code 14 becomes unclear, leading to concealment.

  On the other hand, by registering the identification code 14 transmitted from the first transmission / reception station 11 in the data management means 13 as the identification code 15 in advance, the data management means 13 can easily connect the identification code 14 and the first transmission / reception station 11. Can be associated with

  Further, the present invention is characterized in that, in the above system, the transmission interval of the radio signal transmitted from the first transmitting / receiving station 11 is irregular. By making the transmission interval of radio signals irregular, even if the temporal distribution of identification codes eavesdropped by a third party is analyzed, a series of identification codes 14 transmitted from the first transmitting / receiving station 11 are grouped into one group. As a result, it becomes difficult to associate with the first transmitting / receiving station 11.

  Further, the present invention is characterized in that in the above system, the signal strength of the radio signal transmitted from the first transmitting / receiving station 11 is changed at a frequency of each transmission or less. By making the signal strength of the radio signal irregular, it becomes difficult for a third party to estimate the position of the first transmitting / receiving station 11 based on the wiretapping signal strength, and the identification code source cannot be specified. Therefore, it becomes difficult to associate the first transmitting / receiving station 11 with the identification code 14.

  Further, the present invention is characterized in that, in the above system, a radio signal transmitted from the first transmitting / receiving station 11 is modulated by a different modulation method at a frequency of each transmission or less. By changing the modulation method at every transmission or less frequently, it becomes difficult to specify the modulation method used in the wireless communication system, and it is difficult for a third party to eavesdrop on it.

  Further, the present invention is characterized in that, in the above system, some or all of a plurality of identification codes registered in advance in the first transmitting / receiving station are updated at predetermined intervals. This update can be performed, for example, when a secondary battery mounted in the first transmitting / receiving station 11 is charged. By updating the identification code 14 registered in advance in the first transmitting / receiving station 11, it becomes difficult for a third party to specify the identification code even if the third party wiretaps the radio signal for a long period of time.

  The present invention also includes one or more first transmitting / receiving stations 11 having means for transmitting a first wireless signal including the identification code 14 and means for receiving a second wireless signal different from the first wireless signal, A radio comprised of one or more second transmitting / receiving stations 12 having means for transmitting radio signals and means for receiving first radio signals, and data management means 13 connected to the one or more second transmitting / receiving stations. In the communication system, the first transmission / reception station transmits one identification code selected from one or more identification codes 14 registered in advance in response to the second radio signal from the second transmission / reception station. Then, the data management means 13 compares the identification code 14 received by the second transmission / reception station 12 with the identification code 15 registered in advance in the data management means 13, and only if the data matches, the data management means 13 The code 16 is selected from one or more codes 16 (dotted arrows in the figure) different from the identification code 15 registered in advance in the data management means 13. The main feature is that one or more code transmitting means 17 for transmitting one at a time are provided in the wireless communication system.

  By providing the code transmission means 17, the field for transmitting and receiving the identification code signal is disturbed by the code 16, making it difficult to specify the identification code 14 by eavesdropping by a third party, and associating the identification code 14 with the first transmission / reception station 11. Can be prevented.

  On the other hand, by registering the identification code 14 transmitted from the first transmission / reception station 11 in the data management means 13 as the identification code 15 in advance, the data management means 13 can easily connect the identification code 14 and the first transmission / reception station 11. Can be associated with The degree of identification code concealment can be easily adjusted by changing the number of codes 16 and the number of installed code transmission means 17.

  Further, the present invention is characterized in that in the above system, at least one of the identification code 14 transmitted from the first transmitting / receiving station 11 or the code 16 transmitted from the code transmitting means 17 differs at a frequency of each transmission or less. And

  Since the first transmission / reception station 11 transmits different identification codes 14 at the frequency of transmission or less (frequency of one or more transmissions), the association between the identification code 14 by the third party and the first transmission / reception station 11 Becomes even more difficult. The degree of identification code concealment can be adjusted by changing the number of identification codes 14 and 15. In addition, since the code 16 selected from one or more codes 16 different from the identification code 15 registered in advance in the data management means 13 is different at every transmission or less frequently, the third party transmits the code. Even if the wireless signal transmitted from the means 17 is wiretapped for a long period of time, it is difficult to specify the code 16. Therefore, it is difficult for a third party to distinguish between the identification code 14 and the code 16, and it is difficult to specify the identification code 14.

  Further, the present invention is characterized in that in the above system, the transmission interval of at least one of the radio signal transmitted from the first transmitting / receiving station 11 or the radio signal transmitted from the code transmitting means 17 is irregular. By making the radio signal transmission interval irregular, a third party cannot distinguish between the identification code 14 and the code 16 even if analyzing the temporal distribution of the wiretapped code, and the identification code 14 is difficult to specify. Become.

  Further, the present invention changes the signal strength of at least one of the radio signal transmitted from the first transmitting / receiving station 11 or the radio signal transmitted from the code transmitting unit 17 at a frequency of each transmission or less in the above system. It is characterized by that. By making the signal strength of the radio signal irregular, even if a third party analyzes the eavesdropping signal strength, the identification code 14 and the code 16 cannot be distinguished due to the difference in signal strength. It becomes difficult. Also, it is difficult to specify the installation location of the code transmission means 17.

  Further, the present invention provides a modulation method in which at least one of the radio signal transmitted from the first transmitting / receiving station 11 or the radio signal transmitted from the code transmitting means 17 differs at a frequency of each transmission or less in the above system. It is characterized by being modulated by. By changing the modulation method at every transmission or less frequently, it becomes difficult to specify the modulation method used in the wireless communication system, and it is difficult for a third party to eavesdrop on it.

  Further, according to the present invention, in the above system, at least a part or all of the identification code 14 registered in advance in the first transmitting / receiving station 11 or the code 16 registered in advance in the code transmitting means 17 is replaced at predetermined intervals. It is characterized by updating. This update can be performed, for example, when a secondary battery mounted in the first transmitting / receiving station 11 is charged. By updating the identification code 14 and the code 16 registered in the first transmitting / receiving station 11 in advance, it is difficult to specify the identification code 14 even if a third party sniffs the radio signal for a long period of time.

  Also. In the system described above, the code transmitting means 17 for transmitting one or more codes 16 different from the identification code 15 registered in the data management means 13 one by one in the system described above is provided with one or more second transmitting / receiving stations. 12 is provided. By providing the code transmitting means 17 in the second transmitting / receiving station 12, it is possible to simplify the system, improve the maintenance / operability, and reduce the installation space, thereby reducing the installation / maintenance / operation costs. Further, since the code transmitting means 17 is included in the second transmitting / receiving station 12, the code 16 registered in the code transmitting means 17 can be updated in real time.

  In the above system, the code 16 transmitted from the code transmitting unit 17 that transmits one or more codes 16 different from the identification code 15 registered in the data managing unit 13 one by one in the system described above, It is generated by a pseudo random number generator. By using a pseudo-random number generator for generating the code 16, the probability that the same code 16 is transmitted from the code transmitting means 17 is remarkably reduced. Identification becomes difficult.

  Further, according to the present invention, in the above system, the code transmission means 17 for transmitting one or more codes 16 different from the identification code 15 registered in advance in the data management means 13 one by one is provided. It is provided in the transmission / reception station 11. In this case, the first transmitting / receiving station 11 transmits the identification code 14 and the code 16.

  Since the first transmitting / receiving station 11 also serves as the code transmitting means 17, the system can be simplified, maintenance / operability can be improved, and the installation space can be reduced, and the installation / maintenance / operation cost can be reduced. In addition, a radio signal including an identification code 14 selected from one or more identification codes 14 and a radio signal including a code 16 selected from one or more codes 16 are transmitted from the same point. Therefore, it becomes more difficult to eliminate the code 16 by a third party. Therefore, the association between the identification code 14 and the first transmitting / receiving station 11 becomes more difficult, and confidentiality is improved.

  Further, the present invention is characterized in that in the above system, at least one of the identification code 14, the transmission interval, the signal strength, or the modulation method is determined based on the second radio signal transmitted from the second transmitting / receiving station. To do. Since the data management means 13 connected to the second transmitting / receiving station can control the identification code 14, the transmission interval, the signal strength, and the modulation method, the arithmetic processing of the first transmitting / receiving station can be simplified. Thus, the cost and power consumption of the first transmitting / receiving station can be reduced.

  Further, the present invention is characterized in that, in the above system, the second radio signal transmitted from the second transmitting / receiving station includes a seed generated by a pseudo random number generator. By using the seed generated by the pseudo random number generator, it is difficult to find out the identification code 14, the transmission interval, the signal strength, and the modulation method even if the second wireless signal is wiretapped by a third party.

  In the above system, the present invention is characterized in that the second radio signal transmitted from the second transmitting / receiving station is a long wave. By using a long wave for the second radio signal, power consumption during transmission and reception is reduced. In addition, since the transmission distance of the second radio signal is increased, the second radio signal can be transmitted to the first transmission / reception station existing in a wider range, and the control of the first radio signal transmitted from the first transmission / reception station can be performed. , It can be performed efficiently with fewer second transmitting and receiving stations.

  By using the method for concealing the identification code of the bidirectional wireless device according to the present invention, the identification code transmitted from the transmitting / receiving station changes randomly, and a fake code can also be transmitted to the space where the transmitting / receiving station exists. This makes it extremely difficult for a third party to individually identify a specific transmitting / receiving station using an identification code. For this reason, the present invention makes it very difficult for a third party to associate a person / thing with a transmitter / receiver station, the surrounding environment (time and space), and attribute information using an identification code, thus protecting privacy. Excellent effect.

  In addition, since the concealed identification code is valid only between legitimate transmitting / receiving stations, it is almost impossible to illegally use falsified transmitting / receiving stations or to read illegal data from fake transmitting / receiving stations. Development to various misrepresentations can also be prevented.

  Furthermore, since the method for concealing the identification code of the bidirectional wireless device of the present invention eliminates the need for full-fledged encryption processing, the manufacturing cost of the transmitting / receiving station, the consumption cost of the built-in battery, the investment cost of the related device, the encryption This is very advantageous in terms of costs such as operation costs required for key management.

  Hereinafter, embodiments of the present invention will be specifically described with reference to the drawings. However, the present invention is not limited to these embodiments.

  FIG. 2 is a diagram showing an example of a kindergarten watching system using the identification code concealing method of the bidirectional wireless apparatus of the present invention. In the present embodiment, the first transmitting / receiving station 11 in FIG. 1 is an active wireless tag 21, the second transmitting / receiving station 12 in FIG. 1 is a reader 22, and the data management means 13 in FIG. Further, an identification code that should be recognized by the server 25 is described as a true identification code, and an identification code that is not recognized by the server 25 is described as a false identification code.

  This system comprises an active wireless tag 21 attached to a kindergarten, a reader 22 installed in the kindergarten, a false identification code transmitting means 23 provided in the reader 22, a web camera 24 and a server 25. Is installed. The server 25 is connected to the child's home terminal 27 via the broadband network 26.

  Although not shown in the figure because of space, in this example, the number of active wireless tags 21 is 40, and a total of 50 true identification codes and 50 false identification codes for each active wireless tag 21. 100 identification codes are registered. Here, the 50 true identification codes should not be duplicated between the active wireless tags 21, but the false identification codes may be duplicated.

  The number of readers 22 is five and is connected to the server 25 by a communication cable. In the server 25, all the true identification codes registered in the 40 active wireless tags 21, that is, 50 × 40 = 2000 true identification codes are registered. All false identification codes registered in the active wireless tag 21 are also registered. Further, three of the five readers 22 are provided with a false identification code transmitting means 23 for transmitting a false identification code different from the 2000 true identification code group.

  FIG. 3 is a diagram showing the flow of the identification code during normal operation of the system according to the present embodiment. First, when the guardian requests acquisition of the position information and image information of the kindergarten by the home terminal 27, the reader 22 transmits a long wave (30 kHz to 300 kHz) including a seed as a trigger signal. In response to this trigger signal, the active wireless tag 21 attached to the child transmits one identification code selected from 100 registered identification codes one by one. This identification code is either a true identification code or a false identification code. This identification code is compared with 2000 true identification code groups registered in advance in the server 25, and the server 25 recognizes the active wireless tag 21 only when they match.

  The server 25 identifies the presence or absence of the child by the recognized true identification code, acquires signal reception intensity data including the true identification code from the reader 22 at the three points, and based on an algorithm such as triangulation or the like, The position information is calculated in real time, the Web camera 24 is controlled based on the information, and an image of the kindergarten is taken.

  The position information and the image information are distributed to the children's home via the broadband network 26, and the guardian can watch the children while staying at home using the home terminal 27. After the kindergarten returns, the charger 28 is used to charge the active wireless tag 21.

  In FIG. 3, the false identification code A corresponds to 50 false identification codes registered in the active wireless tag 21, and the false identification code B is sent from the false identification code transmission means 23 provided in the reader 22. Corresponds to the false identification code.

  In this embodiment, the server 25 is provided outside the reader 22 in order to simplify the configuration of the reader 22. However, the server 25 is provided in the reader 22, and another server is provided above the server 25. There is no problem even if the configuration is provided.

  Next, the internal configuration of the active wireless tag 21 and the reader 22 will be described. FIG. 4 is a diagram illustrating a configuration example of the active wireless tag and the reader in the present embodiment.

  The active wireless tag 21 includes a memory 41 for storing an identification code, a simple arithmetic device 42 for executing various data processing, a transmission circuit 43 for transmitting a wireless signal including the identification code, and reception for receiving a trigger signal. A circuit 44 is provided, and the memory 41, the transmission circuit 43, and the reception circuit 44 are connected to the simple arithmetic unit 42 by a system bus or the like. Further, a secondary battery 45 for driving them, a charging terminal 46 for charging the secondary battery 45, and a data rewriting terminal 47 for rewriting the memory 41 are provided.

  On the other hand, the reader 22 includes a reception circuit 48 for receiving a radio signal including an identification code from the active radio tag 21, a transmission circuit A49 for transmitting a trigger signal, and a transmission circuit B50 for transmitting a false identification code. The receiving circuit 48, the transmitting circuit A49, and the transmitting circuit B50 are connected to the server 25 that collectively manages data. Although not shown, these obtain drive power from a commercial power source.

  Next, operations in the active wireless tag 21 and the server 25 will be described. FIG. 5 is a transmission process flowchart of the identification code signal transmitted from the active wireless tag in the present embodiment.

  First, the active wireless tag 21 receives the trigger signal transmitted from the reader 22 (step S51), and performs arithmetic processing on the seed included in the trigger signal (step S52). Here, for example, the method shown in FIG. 6 is used for the arithmetic processing in step S52.

  FIG. 6 is a diagram illustrating an example of arithmetic processing by the simple arithmetic device according to the present embodiment. In this example, s mod N (N = a, b, c, d) is calculated for the seed s. Correspondence table 61 between s mod a value and identification code, s mod b value and transmission interval correspondence table 62, s mod c value and signal strength correspondence table 63 and s mod d value referenced according to the calculation result And the modulation method correspondence table 64 are registered in the memory 41 in advance. The coefficients a, b, c, and d are arbitrary integers. Here, a = 100, b = 40, c = 30, and d = 4. Further, in the present embodiment, calculation using the mod N of the seed is used for randomization, but other methods may be used.

  Based on the correspondence table as shown in the example of FIG. 6, the identification code to be transmitted, the transmission interval, the signal strength, and the modulation method are determined (step S53). In this case, ASK (Amplitude Shift Keying), FSK (Frequency Shift Keying), PSK (Phase Shift Keying), and QAM (Quadrature Amplitude Modulation) are used as modulation schemes.

  Next, the transmission circuit 43 transmits an identification code signal based on the information obtained in step S53 (step S54).

  By repeating the above processing, random signals having various combinations of identification codes, transmission intervals, signal strengths, and modulation schemes can be transmitted one by one. In the present embodiment, a maximum of 100 × 40 × 30 × 4 = 480,000 combinations are possible, and the association between the identification code and the active wireless tag 21 due to eavesdropping by a third party becomes very difficult.

  Note that a clock circuit is provided in the first transmitting / receiving station 11, and a simple calculation such as taking t mod N is performed on the time information t obtained by the clock circuit, and an identification code to be transmitted based on the calculation result Implementation such as determining the transmission interval, signal strength, and modulation scheme is also possible. In this way, the trigger signal can be configured not to include a seed.

  Here, the modulation scheme in this embodiment will be briefly described. The active wireless tag 21 includes four modulation circuits corresponding to the modulation schemes of ASK, FSK, PSK, and QAM, and any one modulation circuit based on the correspondence table 64 of s mod d values and modulation schemes. Is selected irregularly, and modulation is performed by this. On the other hand, on the reader 22 side, four demodulation circuits corresponding to each modulation method are mounted so that a radio signal modulated by any modulation method can be demodulated.

  Note that the number of demodulation circuits mounted on the reader 22 is not necessarily four, but may be one or more. In this case, the reader 22 does not demodulate all the radio signals transmitted from the active radio tag 21, but only when the radio signal modulation method and the demodulation circuit mounted in the reader 22 match. Demodulate the signal.

  FIG. 7 is a flowchart of the identification code recognition process in this embodiment. Here, in the server 25, as shown in FIG. 8, a true identification code correspondence table 81, which is a correspondence table between the true identification code paid out to each active wireless tag 21 and the active wireless tag 21, is registered in advance as a database. .

  FIG. 8 is a diagram showing an example of a true identification code correspondence table and a false identification code table in the present embodiment. In the true identification code correspondence table 81 in this embodiment, 50 true identification codes are registered for each active wireless tag 21. In the present embodiment, the false identification code table 82 in which the false identification code is registered is also registered in the server 25.

  First, the server 25 transmits a trigger signal via the reader 22 (step S71), and receives the identification code signal transmitted from the active wireless tag 21 in response to the trigger signal via the reader 22 (step S72). ). The received identification code is compared with the true identification code in the true identification code correspondence table 81 registered in advance in the server 25, and it is determined by the identification code determination algorithm whether or not they match (step S73). If they match in step S73, it is recognized from which active wireless tag 21 the true identification code is the true identification code based on the true identification code correspondence table 81 (step S74). If they do not match at step S73, the processing from step S71 is repeated.

  On the other hand, the reader 22 transmits a false identification code signal for disturbing the field of wireless communication by the false identification code transmitting means 23. FIG. 9 is a flowchart of processing for transmitting a false identification code transmitted from the reader according to the present embodiment.

  First, the server 25 generates a random identification code that changes every time by the pseudo random number generator (step S91), and determines whether or not this identification code matches the true identification code existing in the true identification code correspondence table 81. The determination is made by the identification code determination circuit (step S92). If they do not match, this identification code is transmitted as a false identification code signal via the transmission circuit B50 (step S93), and if they match, the processing from step S91 is repeated.

  As a result, the field of wireless communication can be disturbed without interfering with the true identification code recognition between the active wireless tag 21 and the reader 22. The false identification code signal from the transmission circuit B50 is processed by the server 25 in the same manner as the transmission of the identification code signal transmitted from the active wireless tag 21, the signal strength, and the modulation method are irregular. It is possible to make it irregular.

  When one or more true identification codes and false identification codes registered in advance in the active wireless tag 21 are fixed, the secrecy of the true identification code is reduced against long-term eavesdropping by a third party. In the present embodiment, the true identification code and the false identification code registered in advance in the active wireless tag 21 can be updated by the server 25 via the data rewriting terminal 47 when the active wireless tag 21 is charged. Such a mechanism is provided.

  FIG. 10 is a diagram showing the flow of identification code data when the identification code is updated in the present embodiment. A new identification code from the server 25 is written to the active wireless tag 21 via the home terminal 27 and the charger 28. At this time, since there is no wireless section in the communication from the server 25 to the active wireless tag 21, there is no fear that the identification code update information is wiretapped by a malicious third party. The true identification code and false identification code update processing will be described below.

  FIG. 11 is a flowchart of the true identification code update process in the server in this embodiment. First, the server 25 generates a random identification code using a pseudo random number generator (step S111), and the generated identification code and a true identification code registered in the true identification code correspondence table 81 (however, at that time) It is determined by an identification code determination algorithm whether or not (except for the registered true identification code in the active wireless tag 21 to be updated) matches (step S112). If they match, the processing from step S111 is repeated.

  If they do not match in step S112, whether or not the generated identification code matches the false identification code registered in advance in the false identification code table 82 in the server 25 is determined by the same algorithm as in step S112. Determination is made (step S113). If they match, the processing from step S111 is repeated.

  If they do not match in step S113, the registered true identification code in the true identification code correspondence table 81 in the server 25 is rewritten and updated (step S114). Next, it is determined whether a predetermined number of true identification codes have been updated (step S115). If it is determined that the update has not been completed, the processing from step S111 is repeated.

  If it is determined in step S115 that the update of the predetermined number of true identification codes has been completed, the updated true identification code signal in the true identification code correspondence table 81 is sent to the home terminal 27 and the charger 28 as shown in FIG. Is distributed to the active wireless tag 21 via (step S116). Thereby, the true identification code in the memory 41 is rewritten.

  As described above, when the identification codes are collectively managed by the server 25 and the true identification code is updated, duplication with the true identification codes corresponding to other active wireless tags 21 can be prevented. Furthermore, duplication with a false identification code can be prevented.

  FIG. 12 is a flowchart of the fake identification code update process in the server in this embodiment. First, the server 25 generates a random identification code using a pseudo random number generator (step S121), and whether the generated identification code matches the true identification code registered in the true identification code correspondence table 81 in advance. Whether or not is determined by an identification code determination algorithm (step S122). If they do not match, the registered false identification code in the false identification code table 82 in the server 25 is rewritten and updated (step S123), and if they match, the processing from step S121 is repeated.

  Next, it is determined whether the update of a predetermined number of false identification codes has been completed (step S124). If it is determined that the update has not been completed, the processing from step S121 is repeated. If it is determined in step S124 that the update of the predetermined number of false identification codes is completed, the updated false identification code signal in the false identification code table 82 is sent to the active wireless tag 21 in the same manner as in the case of the true identification code. Distribute (step S125). Thereby, the false identification code in the memory 41 is rewritten.

  As described above, if the server 25 collectively manages the false identification code and updates the false identification code, duplication with the true identification code can be prevented, and regular wireless communication is not disturbed.

  FIG. 13 is a diagram showing an example of a system when a fake identification code transmitting means is provided alone in the present embodiment. As a matter of course, as shown in FIG. 13, the false identification code transmission means 23 may be provided alone in the system.

  In this case, the configuration of the false identification code transmission means 23 can be the same as the internal configuration of the active wireless tag 21, and the transmission interval of the identification code signal, the signal strength, and the modulation method can be made irregular. It is. However, only the false identification code is stored in the memory 41. Further, rewriting and updating of the false identification code can be performed at the time of charging or the like along the flowchart shown in FIG.

  Further, the false identification code transmission means 23 may be disposable. In this case, an expiration date is set for the false identification code in the false identification code transmission means 23 in consideration of the battery life, and when the expiration date has passed, the false identification registered in the false identification code transmission means 23 The code may be deleted from the database in the server 25.

  In addition, when the confidentiality of the identification code is not so required, the false identification code transmission unit 23 may not be provided. In this case, maintenance and operation of the entire system can be simplified.

  As described above, as an embodiment of the present invention, a system has been described in which an active wireless tag can be used to grasp the location of a child and a camera image linked with the position information can be distributed. The present invention uses an active wireless tag. The present invention can be applied to an article management system, a container tracking system, and a slope monitoring system, and can also be applied to various systems using bidirectional wireless devices other than active wireless tags.

It is a figure which shows the basic composition of this invention. It is a figure which shows an example of the kindergarten watching system using the identification code concealment method of the bidirectional | two-way radio apparatus of this invention. It is a figure which shows the flow of the identification code at the time of normal operation of the system in this Embodiment. It is a figure which shows the structural example of the active wireless tag and reader | leader in this Embodiment. It is a transmission process flowchart of the identification code signal transmitted from the active radio | wireless tag in this Embodiment. It is a figure explaining the example of the arithmetic processing by the simple arithmetic unit in this Embodiment. It is a recognition process flowchart of the identification code in this Embodiment. It is a figure which shows the example of the true identification code corresponding | compatible table in this Embodiment, and a false identification code table. It is a transmission processing flowchart of the false identification code transmitted from the reader in the present embodiment. It is a figure which shows the flow of the identification code data at the time of the identification code update in this Embodiment. It is a true identification code update process flowchart in the server in this Embodiment. It is a false identification code update process flowchart in the server in this Embodiment. It is a figure which shows the example of a system at the time of arranging the false identification code transmission means independently in this Embodiment.

Explanation of symbols

DESCRIPTION OF SYMBOLS 11 1st transmission / reception station 12 2nd transmission / reception station 13 Data management means 14,15 Identification code 16 Code 17 Code transmission means 21 Active wireless tag 22 Reader 23 False identification code transmission means 24 Web camera 25 Server 26 Broadband network 27 Home terminal 28 Charging 41 Memory 42 Simple arithmetic unit 43 Transmission circuit 44 Reception circuit 45 Secondary battery 46 Charging terminal 47 Data rewriting terminal 48 Reception circuit 49 Transmission circuit A
50 Transmitter circuit B
61 correspondence table between s mod a value and identification code 62 correspondence table between s mod b value and transmission interval 63 correspondence table between s mod c value and signal strength 64 correspondence table between s mod d value and modulation scheme 81 true Identification code correspondence table 82 False identification code table

Claims (19)

Transmitting the second radio signal to a plurality of first transmitting / receiving stations by a bidirectional radio apparatus comprising means for transmitting a first radio signal including an identification code and means for receiving a second radio signal different from the first radio signal. And an identification code concealment method in a wireless communication system comprising one or more second transmitting / receiving stations comprising means for receiving the first wireless signal and data management means connected to the second transmitting / receiving station. And
The second transmitting / receiving station transmitting a second radio signal;
A process in which the first transmitting / receiving station receives a second radio signal transmitted from the second transmitting / receiving station;
In response to the received second radio signal, the first transmitter / receiver station selects one of the plurality of identification codes registered in the first transmitter / receiver station in advance at a frequency of each transmission or less. The process of selecting a code,
The first transmitting / receiving station transmitting a first radio signal including the selected identification code;
The second transmitting / receiving station receiving a first wireless signal including an identification code transmitted from the first transmitting / receiving station;
A step in which the data management means compares a plurality of identification codes registered in advance in the data management means with an identification code included in the first radio signal received by the second transmitting / receiving station;
When the data management means includes a plurality of pre-registered identification codes that match the identification code included in the first radio signal received by the second transmitting / receiving station, the second transmitting / receiving station The method of concealing the identification code of the bidirectional wireless device, comprising: recognizing that the identification code included in the first wireless signal received by the first wireless signal is the identification code transmitted by the first transmitting / receiving station. In the bidirectional wireless device identification code concealing method according to claim 1,
In the process in which the first transmitting / receiving station transmits the first radio signal including the identification code, the first radio signal including the identification code is transmitted at irregular transmission intervals. Concealment method. In the method for concealing the identification code of the bidirectional wireless device according to claim 1 or 2,
In the process of transmitting the first radio signal including the identification code by the first transmitting / receiving station, the first radio signal including the identification code is transmitted at a frequency that changes at a frequency of each transmission or less. A method for concealing an identification code of a bidirectional wireless device. The bidirectional wireless device identification code concealment method according to any one of claims 1 to 3,
In the process in which the first transmitting / receiving station transmits the first radio signal including the identification code, the first radio signal including the identification code is modulated and transmitted with a different modulation method at each transmission or less frequently. An identification code concealing method for a bidirectional wireless device. In the method for concealing the identification code of the bidirectional wireless device according to any one of claims 1 to 4,
A method for concealing an identification code of a bidirectional radio apparatus, comprising: updating a part or all of a plurality of identification codes registered in advance in the first transmitting / receiving station at predetermined intervals. One or more first transmitting / receiving stations by a bidirectional radio apparatus comprising means for transmitting a first radio signal including an identification code and means for receiving a second radio signal different from the first radio signal; Identification code concealment method in a radio communication system comprising one or more second transmitting / receiving stations comprising means for transmitting and means for receiving a first radio signal, and data management means connected to the second transmitting / receiving station Because
The second transmitting / receiving station transmitting a second radio signal;
A process in which the first transmitting / receiving station receives a second radio signal transmitted from the second transmitting / receiving station;
In response to the received second wireless signal, the first transmitting / receiving station transmits a first wireless signal including an identification code selected from one or more identification codes registered in advance in the first transmitting / receiving station. Sending process,
The second transmitting / receiving station receiving a first wireless signal including an identification code transmitted from the first transmitting / receiving station;
A step in which the data management means compares a plurality of identification codes registered in advance in the data management means with an identification code included in the first radio signal received by the second transmitting / receiving station;
When the data management means includes a plurality of pre-registered identification codes that match the identification code included in the first radio signal received by the second transmitting / receiving station, the second transmitting / receiving station Recognizing that the identification code included in the received first wireless signal is the identification code transmitted by the first transceiver station;
One or more code transmitting means provided in the wireless communication system transmits a radio signal including a code selected from one or more codes different from an identification code registered in advance in the data management means A method for concealing an identification code of a bidirectional wireless device. The identification code concealment method for a bidirectional wireless device according to claim 6,
That at least one of the identification code included in the first wireless signal transmitted from the first transmitting / receiving station and the code included in the wireless signal transmitted from the code transmitting means is different for each transmission or less frequently. A method for concealing an identification code of a bidirectional wireless device. In the method for concealing the identification code of the bidirectional wireless device according to claim 6 or 7,
Two-way radio characterized in that at least one transmission interval of the first radio signal including the identification code transmitted from the first transmitting / receiving station or the radio signal including the code transmitted from the code transmitting means is irregular. Device identification code concealment method. In the bidirectional wireless device identification code concealment method according to any one of claims 6 to 8,
The signal strength of at least one of the first wireless signal including the identification code transmitted from the first transmitting / receiving station or the wireless signal including the code transmitted from the code transmitting means is different for each transmission or less frequently. An identification code concealing method for a bidirectional wireless device. The identification code concealment method for a bidirectional wireless device according to any one of claims 6 to 9,
At least one of the first radio signal including the identification code transmitted from the first transmitting / receiving station and the radio signal including the code transmitted from the code transmitting means is modulated differently at a frequency of each transmission or less. A method for concealing an identification code of a bidirectional wireless device, characterized by being modulated by a method. In the bidirectional wireless device identification code concealing method according to any one of claims 6 to 10,
Updating a part or all of at least one of one or more identification codes registered in advance in the first transmitting / receiving station or one or more codes registered in advance in the code transmitting means at predetermined intervals; An identification code concealment method for a bidirectional wireless device. In the method for concealing the identification code of the bidirectional wireless device according to any one of claims 6 to 11,
The code transmitting means is provided in one or more of the second transmitting / receiving stations. An identification code concealing method for a bidirectional wireless device. In the two-way wireless device identification code concealing method according to claim 12,
The code transmitted from the code transmitting means provided in the second transmitting / receiving station is not a pre-registered code but a code generated by a pseudo-random number generator. Identification code concealment method. In the two-way radio apparatus identification code concealment method according to any one of claims 6 to 13,
The code transmitting means is provided in one or more of the first transmitting / receiving stations. An identification code concealing method for a bidirectional wireless device. The bidirectional wireless device identification code concealment method according to any one of claims 1 to 14,
The first transmitting / receiving station includes an identification code included in the first radio signal, a transmission interval of the first radio signal including the identification code, a signal strength of the first radio signal including the identification code, or a first code including the identification code. A method for concealing an identification code of a bidirectional radio apparatus, comprising: determining at least one modulation method of one radio signal based on a second radio signal received from the second transmitting / receiving station. The identification code concealment method for a bidirectional wireless device according to claim 15,
The identification code concealment method for a bidirectional radio apparatus, wherein the second radio signal transmitted from the second transceiver station includes a seed generated by a pseudo-random number generator. The bidirectional wireless device identification code concealment method according to any one of claims 1 to 16,
The second wireless signal transmitted from the second transmitting / receiving station is a long wave. A wireless communication system comprising a plurality of first transmitting / receiving stations by a bidirectional wireless device, one or more second transmitting / receiving stations, and data management means connected to the second transmitting / receiving station,
The first transmitting / receiving station is:
Means for receiving a second radio signal transmitted from the second transceiver station;
In response to the received second radio signal, a different identification code is selected for each transmission or less frequently from among a plurality of identification codes registered in advance in the first transmitting / receiving station, and the selection is made. Means for transmitting a first radio signal including the generated identification code,
The second transceiver station is
Means for transmitting a second radio signal different from the first radio signal;
Means for receiving a first radio signal including an identification code transmitted from the first transmitting / receiving station;
The data management means includes
Means for storing correspondence information between a plurality of identification codes registered in advance and the first transmitting / receiving station;
Means for comparing the plurality of pre-registered identification codes with an identification code included in a first radio signal received by the second transceiver station;
The first radio received by the second transmitting / receiving station when there is a code that matches the identification code included in the first radio signal received by the second transmitting / receiving station among the plurality of identification codes registered in advance. And a means for recognizing that the identification code included in the signal is the identification code transmitted by the first transmitting / receiving station. One or more first transmission / reception stations, one or more second transmission / reception stations, a data management means connected to the second transmission / reception station, and one or more for transmitting a radio signal including a code. A wireless communication system comprising:
The first transmitting / receiving station is:
Means for receiving a second radio signal transmitted from the second transceiver station;
In response to the received second radio signal, a different identification code is selected for each transmission or less frequently from among a plurality of identification codes registered in advance in the first transmitting / receiving station, and the selection is made. Means for transmitting a first radio signal including the generated identification code,
The second transceiver station is
Means for transmitting a second radio signal different from the first radio signal;
Means for receiving a first radio signal including an identification code transmitted from the first transmitting / receiving station;
The data management means includes
Means for storing correspondence information between a plurality of identification codes registered in advance and the first transmitting / receiving station;
Means for comparing the plurality of pre-registered identification codes with an identification code included in a first radio signal received by the second transceiver station;
The first radio received by the second transmitting / receiving station when there is a code that matches the identification code included in the first radio signal received by the second transmitting / receiving station among the plurality of identification codes registered in advance. Means for recognizing that the identification code included in the signal is the identification code transmitted by the first transmitting / receiving station,
The code transmission means includes
A wireless communication system, comprising: means for transmitting a wireless signal including a code different from an identification code registered in advance in the data management means.

Images