JP4959038B2 - Authentication system, authentication device, terminal device, IC card, and program - Google Patents

Description

  The present invention relates to an authentication system, an authentication device, a terminal device, an IC (Integrated Circuit) card, and a program for performing user authentication.

  As a widely used user authentication method, when performing user authentication, the user inputs his / her own ID (Identification) and password, and the entered password matches the password registered for the user ID. There is a method for determining whether or not the user is an authorized user depending on whether or not to do so. However, in the method of inputting the fixed password itself as described above, there is a risk that when the user enters the password, if the third party sees the input, the user is authenticated on behalf of the legitimate user. .

In order to solve this problem, in Japanese Patent Laid-Open No. 2004-228561, instead of allowing the user to input authentication information such as a password stored by the user at the time of authentication, a presentation pattern (random number table) displayed on the screen is used. ), A method for allowing a user to input a password (a number located at a predetermined location) according to a password derivation rule (a predetermined location on a random number table) stored in the user is disclosed.
Republished WO2003 / 069490, pages 1-65, FIG.

In the conventional method, the user selects a number located at a predetermined location on the random number table presented on the screen in accordance with the stored password derivation rule, and inputs the number as authentication data indicating that the user is an authorized user.
The password itself (in this case, the password derivation rule itself) is not entered, but since a number is selected and entered from the random number table on the screen, if the authentication operation is stolen by a third party, it is impersonated. There is a problem in that the risk of authentication is increased and the strength of authentication is reduced.

FIG. 25 is a simplified version of FIG.
For example, when the value entered by the user for the random number table is “9873” as shown in FIG. 25, there are seven password derivation rule candidates for the first and third '9', There are nine password derivation rule candidates for the second '8', five password derivation rule candidates for the fourth '3', and the password derivation rule candidates are 7 × 7 × 9 × 5 = Although 2205 candidates remain, if the value entered by the user is “5607” for the same random number table, only 2 × 1 × 4 × 2 = 16 candidates remain, and the malicious second The probability of being impersonated by a tripartite increases and the strength of authentication decreases.

In Patent Document 1, in order to prevent a decrease in the authentication strength, a dummy that can be entered in the password derivation rule or a conversion law such as +1 for the value to be entered is registered to guess the derivation rule for a third party. A method for making this difficult is disclosed.
However, since the third party can input anything for the dummy, the strength cannot be prevented from decreasing.
Also, as for the conversion law, the same conversion law is applied to the same input digit every time, so if you look into authentication more than once, the value obtained by subtracting the input value from each value in the random number table for each input digit Whatever the value of the conversion law is obtained by obtaining a random number table consisting of (a value obtained by adding 10 in the case of a negative value) at each authentication time, the influence of this value is removed from the resulting random number table, Since the derivation rule candidates can be narrowed down to the same number in the same position in the resulting random number table every time, the burden on the user to memorize the conversion rule separately from the password derivation rule and the conversion rule at the time of authentication The probability that the derivation rule will be understood by a malicious third party is still high despite the burden of the calculation.

In the above method, the authentication information to be stored by the user when performing authentication is different from a password that is generally widely used, such as characters and numbers, “1 row 2 columns, 2 rows 4 columns”. This is a derivation rule indicating the position on the presented random number table, such as “3 rows, 5 columns, 4 rows, 8 columns”.
For a user, storing such complicated information is a heavy burden.
Further, in order to maintain the strength of authentication, in a system in which authentication information such as a password is updated every fixed period such as one month, the user memorizes a derivation rule indicating a new position every time the authentication information is updated. Therefore, it is difficult to distinguish the derivation rule before update from the newly stored derivation rule, which further increases the burden on the user.

  One of the main objects of the present invention is to solve the above-described problems, and a user's burden at the time of authentication is reduced by using a widely-used password such as letters and numbers, and authentication. One of the purposes is to provide a user authentication system, an authentication device, a terminal device, an IC card, and an authentication method that have a low risk of being guessed of a password even if a third party can see the operation of, and maintain high security .

An authentication system according to the present invention is an authentication system having a terminal device used by a user and an authentication device that performs authentication with the terminal device by performing communication with the terminal device,
The terminal device
A terminal communication unit that receives an authentication random number from the authentication device and transmits a response value to the authentication random number to the authentication device;
An input unit for receiving input values;
An appearance setting unit that sets the appearance of password candidate characters based on the authentication random number received by the terminal communication unit and the input value received by the input unit;
A display unit that displays password candidate characters of the appearance set by the appearance setting unit;
A response value calculation unit that calculates the response value based on an input value received by the input unit;
The authentication device
A management unit for storing two or more user password strings;
An authentication random number generator for generating an authentication random number;
An authentication communication unit that transmits an authentication random number generated by the authentication random number generation unit to the terminal device and receives a response value to the authentication random number from the terminal device;
Each password character string selected by the terminal device using each password character string stored in the management unit, an authentication random number generated by the authentication random number generation unit, and a response value received by the authentication communication unit The appearance of the first password character of the obtained password character string, the appearance of the first password character of each password character string, each password character string stored in the management unit and the authentication random number generated by the authentication random number generation unit, It has an authentication judgment part which performs a predetermined calculation using the response value received by the authentication communication part, and judges success or failure of user authentication.

The management unit
Storing two or more password character strings in which an authentication order is specified by the authentication determination unit;
The authentication judgment unit
In accordance with the authentication sequence, the response value corresponding to each password character string is extracted from the response values received by the authentication communication unit, and the response value corresponding to each password character string and each password character string are used. The appearance of the first password character of each password character string selected by the terminal device is obtained, and for each password character string, the appearance of the obtained first password character, the password character string, the authentication random number, and the password character string are determined. A predetermined calculation is performed using a corresponding response value, and success / failure determination of user authentication is performed.

The management unit
Remember two or more password strings whose password lengths are not constant
The authentication judgment unit
According to the authentication sequence, a response value corresponding to each password character string is extracted from response values received by the authentication communication unit according to a password length of each password character string.

The authentication judgment unit
For each password character string, the appearance of each of the second and subsequent password characters selected by the terminal device is obtained, and whether or not the appearance of each of the obtained second and subsequent password characters matches the appearance of the first password character. It is characterized by performing an operation for determining whether or not.

The appearance setting unit
The background color of each character is set as the appearance of the password candidate character.

The appearance setting unit
As a password candidate character appearance, a design is set on the background of each character.

An authentication apparatus according to the present invention is an authentication apparatus that authenticates a user by communicating with a terminal device used by the user,
A management unit for storing two or more user password strings;
An authentication random number generator for generating an authentication random number;
The authentication random number generated by the authentication random number generation unit is transmitted to the terminal device, and the terminal device receives an input value from the terminal device and receives a response value for the authentication random number calculated based on the input value. An authentication communication unit to
Each password character string selected by the terminal device using each password character string stored in the management unit, an authentication random number generated by the authentication random number generation unit, and a response value received by the authentication communication unit The appearance of the first password character of the obtained password character string, the appearance of the first password character of each password character string, each password character string stored in the management unit and the authentication random number generated by the authentication random number generation unit, It has an authentication judgment part which performs a predetermined calculation using the response value received by the authentication communication part, and judges success or failure of user authentication.

The management unit
Storing two or more password character strings in which an authentication order is specified by the authentication determination unit;
The authentication judgment unit
In accordance with the authentication sequence, the response value corresponding to each password character string is extracted from the response values received by the authentication communication unit, and the response value corresponding to each password character string and each password character string are used. The appearance of the first password character of each password character string selected by the terminal device is obtained, and for each password character string, the appearance of the obtained first password character, the password character string, the authentication random number, and the password character string are determined. A predetermined calculation is performed using a corresponding response value, and success / failure determination of user authentication is performed.

The management unit
Remember two or more password strings whose password lengths are not constant
The authentication judgment unit
The authentication judgment unit
According to the authentication sequence, a response value corresponding to each password character string is extracted from response values received by the authentication communication unit according to a password length of each password character string.

The authentication judgment unit
For each password character string, the appearance of each of the second and subsequent password characters selected by the terminal device is obtained, and whether or not the appearance of each of the obtained second and subsequent password characters matches the appearance of the first password character. It is characterized by performing an operation for determining whether or not.

A terminal device according to the present invention is a terminal device used by a user that communicates with an authentication device that authenticates the user,
A pre-conversion password input section that accepts the user's pre-conversion password string;
A terminal random number generator for generating a random number for password conversion;
A password array storage unit for storing a password array in which a plurality of password candidate characters used for authentication by the authentication device are arranged;
Based on the password conversion random number generated by the terminal random number generation unit and the password array stored in the password array storage unit, the password string before conversion received by the password input unit before conversion is converted. And a password conversion unit.

The password array storage unit
Stores a password array in which each character of a plurality of password candidate characters is placed at the specified position,
The password conversion unit
Determine the position in the password array where the password candidate characters that match each password character constituting the password character string before conversion are arranged, and based on the determined position of each password candidate character and the random number for password conversion The password character string before conversion is converted.

The password conversion unit
Determine the position in the password array where the password candidate characters that match each password character constituting the password character string before conversion are arranged, and use the determined position of each password candidate character and the random number for password conversion Performing a predetermined calculation, replacing the password character of the password string before conversion with a password candidate character arranged at a position corresponding to the value of the calculation result, and converting the password string before conversion. And

The terminal device further includes:
It has a terminal communication part which transmits the password string after conversion converted by the password conversion part to the authentication device.

The password input part before conversion is
Accept random number generation password character string for password conversion random number generation,
The terminal random number generator
A random number for password conversion is generated by performing a one-way operation on the password character string for random number generation received by the password input unit.

The terminal device further includes:
An input unit for receiving input values;
A terminal storage unit for storing an appearance change pattern indicating rules for changing the appearance of password candidate characters and the password conversion random number;
A terminal communication unit that receives an authentication random number from the authentication device and transmits a response value corresponding to the authentication random number to the authentication device;
The authentication random number received by the terminal communication unit, the input value received by the input unit, the appearance change pattern stored by the terminal storage unit, and the password array stored in the password array storage unit Based on the appearance setting unit for setting the appearance of the password candidate characters,
A display unit that displays password candidate characters of the appearance set by the appearance setting unit;
It has a response value calculation part which calculates the response value based on the input value received by the input part, and the random number for password conversion memorized by the terminal storage part.

The display unit
Display password candidate characters in a matrix of m rows and n columns (m and n are both natural numbers)
The response value calculation unit
The response value is calculated based on the input value received by the input unit, the password conversion random number stored in the terminal storage unit, and the number of rows and columns of the matrix displayed by the display unit. It is characterized by that.

An IC card according to the present invention is an integrated circuit (IC) card that is used by being inserted into a terminal device that authenticates a user, and that exchanges data with the terminal device,
A storage unit for storing the appearance of two or more password character strings and password candidate characters of the user;
A random number generator for generating a random number and providing the random number to the terminal device;
Appearance of each password character string and password candidate character stored in the storage unit, a random number generated by the random number unit, and the terminal device acquired from the terminal device accepts an input value and calculates based on the input value An authentication determining unit that performs a predetermined calculation using a response value with respect to the random number and determines whether or not the user authentication is successful.

The program according to the present invention includes an authentication device that is a computer that performs authentication with a user by communicating with a terminal device used by the user.
An authentication random number generation process for generating an authentication random number;
The authentication random number generated by the authentication random number generation process is transmitted to the terminal device, and the terminal device receives an input value from the terminal device and receives a response value for the authentication random number calculated based on the input value. Authentication communication processing to
The terminal using each of the two or more password character strings of the user stored in the storage area of the authentication device, the authentication random number generated by the authentication generation process, and the response value received by the authentication communication process The appearance of the first password character of each password character string selected by the device is obtained, the appearance of the first password character of each obtained password character string, each password character string stored in the storage area and the authentication random number generation A predetermined calculation is performed using the authentication random number generated by the process and the response value received by the authentication communication process, and an authentication determination process for determining success or failure of user authentication is executed.

The program according to the present invention communicates with an authentication device that performs authentication for a user, and a terminal device that is a computer used by the user.
Pre-conversion password input process that accepts the user's pre-conversion password string;
A terminal random number generation process for generating a random number for password conversion;
Based on a random number for password conversion generated by the terminal random number generation process and a password array in which a plurality of password candidate characters used for authentication by the authentication device are stored in the storage area of the terminal device And a password conversion process for converting the pre-conversion password character string received by the pre-conversion password input process.

According to the present invention, by using a widely-used password such as characters and numbers, the burden on the user at the time of authentication is small, and the password can be guessed even if the operation at the time of authentication is seen by a third party. An authentication system with low risk and high security can be provided.
In particular, since authentication is performed with two or more password strings in succession, it is impossible for a third party to know how many password strings are used for authentication and the length of each password string. Therefore, even if the operation at the time of authentication is seen by a third party, the risk of guessing the password is low, and an authentication system or the like having high security can be provided.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
In the following first to fourth embodiments, the appearances of password characters and password candidate characters used for user authentication processing are set to the password color (character background color).
The appearance of password characters and password candidate characters is the visual characteristics of each character and its surrounding parts. In addition to using the background color of the character, for example, font type and size, character drawing It is possible to use a color, a background pattern of a character, a type of figure surrounding the character, and the like.
A password character string composed of a plurality of characters is called a password character string, and each character constituting the password character string is called a password character.
The password candidate character is a password character candidate, and the user selects a character that matches the password character from a plurality of password candidate characters at the time of user authentication. The password candidate characters will be described later with reference to examples.

Embodiment 1 FIG.
1 is a block diagram showing a configuration of an authentication system according to Embodiment 1 of the present invention.

In FIG. 1, a terminal communication unit 105 of a terminal device 101 and an authentication communication unit 110 of a server device 106 are connected via a network such as wireless communication, wired communication, or the Internet.
The server device 106 is an example of an authentication device.

The authentication random number generation unit 107 of the server device 106 generates, for example, a 10-digit random number.
The authentication determination unit 108 determines the success or failure of user authentication based on the response value from the terminal device 101.
At least the authentication random number generation unit 107 and the authentication determination unit 108 are specifically realized by a program in the present embodiment, and this program is stored in a hard disk device, a nonvolatile memory, a flexible disk, or the like. Are loaded onto the server device (authentication device) 106 and executed on a CPU (Central Processing Unit).

The appearance setting unit 104 of the terminal device 101 stores in advance a password array composed of password candidate characters that are password candidates and a color conversion table, and sets the background color of the password displayed on the display unit 102.
In addition, the response value calculation unit 111 of the terminal device 101 calculates a response value that responds to the server device 106 based on the input value from the user.
At least the appearance setting function and the response value calculation unit 111 in the appearance setting unit 104 are specifically realized by a program in the present embodiment, and this program is stored in a hard disk device, a nonvolatile memory, a flexible disk, or the like. They are stored and loaded on the terminal device 101 from these and executed on a CPU (Central Processing Unit).

The management unit 109 of the server device 106 is composed of a hard disk device in this embodiment, and stores passwords of two or more users in association with user IDs.
In addition, a password array and a color conversion table are stored.

  The password array P indicates a sequence of characters when the password candidate characters that can be used for the password are displayed on the display unit 102 of the terminal device 101. As shown below, the ASCII code of the character displayed in the i row and j column is displayed. It is stored.

That is, the password candidate characters are, for example, 1, 2, 3,. , @ Each character, and at the time of user authentication, the user selects a character that matches the password character from among a plurality of password candidate characters.
The password array P is an array of such password candidate characters.

  The color conversion table C indicates the background color when the password array P is displayed on the display unit 102 of the terminal device 101. As shown below, the color designation code of the background color corresponding to a numerical value from 0 to 9 is shown below. Are stored in 6-digit hexadecimal numbers (2 digits each correspond to each numerical value of RGB).

That is, the color conversion table C is an appearance change pattern indicating a rule for changing the appearance of the password candidate character, and for example, a rule for determining the background color of the password candidate character shown in FIG. 9 is shown.
Details of FIG. 9 will be described later.

  In the present embodiment, the total length of the password character string is assumed to be 64, but the length is not limited to this. Further, as a password candidate character, a password array of 7 rows and 10 columns is used, but the size of the array is not limited to this.

  Here, an outline of the operation of the authentication system according to the present embodiment will be described.

The management unit 109 of the server device 106 stores one or more user password character strings as described above. In the following description, it is assumed that the management unit 109 stores two or more user password character strings.
Further, when there is an authentication request from the terminal device 101, the authentication random number generation unit 107 generates a 10-digit authentication random number used for user authentication.
Then, the authentication communication unit 110 transmits the authentication random number generated by the authentication random number generation unit 107 to the terminal device 101.

In the terminal device 101, the terminal communication unit 105 receives the authentication random number from the server device 106.
Then, the appearance setting unit 104 sets the appearance of the password candidate characters based on the authentication random number received by the terminal communication unit 105 and the input value received from the user by the input unit 103, and the display unit 102 The password candidate characters having the appearance set by the appearance setting unit 104 are displayed.
The user operates the cursor or the like of the input unit 103 so that the password candidate characters corresponding to each character have the same appearance (background color) for all characters included in the password character string, and the appearance setting unit 104 The appearance (background color) of the password candidate character is changed based on the user's operation such as the cursor (input value from the user).
And the response value calculation part 111 calculates the response value with respect to the random number for authentication for every password character string based on the input value from a user.
The terminal communication unit 105 transmits a response value for the authentication random number calculated by the response value calculation unit 111 to the server device 106.

In the server device 106, the authentication communication unit 110 receives a response value for the authentication random number from the terminal device 101.
Then, the authentication determination unit 108 performs the same calculation as that of an appropriate user operation using each password character string stored in the management unit 109, the password array, and the authentication random number generated by the authentication random number generation unit 107. Then, the authentication value is compared with the response value received by the authentication communication unit 110 to determine whether the user authentication is successful.
The authentication determination unit 108 obtains the appearance of the first password character of each password character string selected by the terminal device 101, and the appearance of the first password character of each obtained password character string and each stored in the management unit 109. Calculation is performed using the password character string, the authentication random number generated by the authentication random number generation unit 107, and the response value received by the authentication communication unit 110, and the success or failure of the user authentication is determined.
The two or more password character strings stored in the management unit 109 specify the authentication order by the authentication determination unit 108, and the authentication determination unit 108 selects each password from the response values received by the authentication communication unit 110. Extracts the response value corresponding to the character string. Note that the password lengths of two or more password character strings stored in the management unit 109 may not be constant with each other. In such a case, the authentication determination unit 108 extracts a response value corresponding to each password character string according to the password length of each password character string in accordance with the authentication order.
Then, the authentication determination unit 108 obtains the appearance of the first password character of each password character string selected by the terminal device 101 using the response value for each password character string and each password character string, and for each password character string Then, using the appearance of the obtained first password character, the password character string, the authentication random number, and the response value for the password character string, a predetermined calculation is performed to determine success or failure of the user authentication.
More specifically, the authentication determination unit 108 obtains the appearance of each of the second and subsequent password characters selected by the terminal device 101 for each password character string, and displays the appearance of each of the obtained second and subsequent password characters. Performs an operation to determine whether or not matches the appearance of the first password character.

  Next, details of operations of the terminal device 101 and the server device 106 in the user authentication system according to the present embodiment will be described with reference to the drawings.

First, the operation of the terminal device 101 when performing user authentication will be described.
2 and 3 are flowcharts illustrating processing executed when user authentication is performed in the terminal device 101. FIG.

First, when a user performs authentication using the terminal device 101, a user ID input screen is displayed on the display unit 102, and a user ID is received from the input unit 103 (S101).
At this time, the response value calculation unit 111 initializes the elements of the authentication data array v [64] and h [64] for storing data to be returned to the server device 106 as a response value to 0, and the horizontal movement amount m and the vertical movement amount n and the input counter k are each initialized to 0 (S102).
Here, the horizontal movement amount m indicates the amount (the number of squares in FIG. 9) that the user has moved the background color in the horizontal direction in order to change the background color of the password candidate character illustrated in FIG.
The vertical movement amount n indicates the amount (number of squares in FIG. 9) that the user has moved the background color in the vertical direction in order to change the background color of the password candidate character illustrated in FIG.
The input counter k is a counter for counting the password length (number of password characters) for which an input for designating the background color is performed by the user. In the present embodiment, since the password length is 64 at the maximum, the maximum value of the input counter k is 64.

  Note that the variable values (horizontal movement amount m, vertical movement amount n, input counter k, horizontal random number array RH, vertical random number array RV, etc.) described in the present embodiment and the second and subsequent embodiments are a terminal device or a server device. Are temporarily stored in a main memory (not shown), a register, a cache memory, a buffer memory, and the like.

Next, an authentication request including a user ID is transmitted to the server apparatus 106 via the terminal communication unit 105 (S103).
Thereafter, the terminal device 101 receives a set of random numbers including seven 10-digit random numbers for the authentication request transmitted via the terminal communication unit 105 from the server device 106, and the appearance setting unit 104 receives the random number array R [ i | (0 ≦ i ≦ 6)] is stored (S104).

Next, the appearance setting unit 104 sets, for each row and column of the password array P, a stored random number set value, two movement amounts m and n values, and a color designation code by a predetermined calculation from the color conversion table C. Ask.
The display unit 102 displays a user authentication screen in which password characters are drawn on the background color designated by the obtained color designation code (S105).
Details of the calculation for obtaining the color designation code of the background color will be described later.

The user's input key value (input value) is received from the input unit 103 for the password array with the background color displayed as characters on the display unit 102 (S106).
When receiving the input key, the response value calculation unit 111 determines the type of the input key (S107).

If the type of the input key is a selection key, the response value calculation unit 111 checks whether the value of the input counter k is smaller than 64 (S108). When the value of k is smaller than 64, the values of the movement amounts m and n are stored as the values of the authentication data arrays h [k] and v [k], respectively, and then 1 is added to the value of the input counter k. (S109), the process from step S105 is repeated.
On the other hand, if the value of the input counter k is 64 or more in step S108, a warning indicating that the determined number has already reached the maximum password length is displayed (step S110), and the processing from step S105 is repeated.

  If the input key type is the left shift key, the response value calculation unit 111 subtracts 1 from the horizontal shift amount m (S111). Next, the response value calculation unit 111 checks whether the value of the horizontal movement amount m is smaller than 0 (S112). If the value is smaller than 0, 10 is added to m (S113). Repeat the process.

  If the input key type is a rightward movement key, the response value calculation unit 111 adds 1 to the horizontal movement amount m (S114). Next, it is checked whether the value of the horizontal movement amount m is greater than 9 (S115). If the value is greater than 9, 10 is subtracted from m (S116), and the processing from step S105 is repeated.

  If the input key type is the upward movement key, the response value calculation unit 111 subtracts 1 from the vertical movement amount n (S117). Next, it is checked whether the value of the vertical movement amount n is smaller than 0 (S118). If the value is smaller than 0, 7 is added to n (S119), and the processing from step S105 is repeated.

  If the type of the input key is a downward movement key, the response value calculation unit 111 adds 1 to the vertical movement amount n (S120). Next, it is checked whether the value of the vertical movement amount n is larger than 6 (S121). If the value is larger than 6, 7 is subtracted from n (S122), and the processing from step S105 is repeated.

  If the input key type is a clear key, the response value calculation unit 111 stores 0 in the values of the authentication data arrays h [k] and v [k] (S123), and the input counter k It is checked whether the value is greater than 0 (S124). If the value is greater than 0, 1 is subtracted from k (S125), and the processing from step S105 is repeated.

  When the type of the input key is an authentication key, the response value calculation unit 111 causes the terminal communication unit 105 to use the values of the input counter k and the authentication data arrays h [k] and v [k] as authentication data. To the server device 106 (S126).

  Next, the authentication result sent from the server device 106 is received (S127), the authentication result received from the server device 106 is displayed on the display unit 102 (S128), and the authentication process is terminated.

Next, the detailed operation of step S105 in FIG. 2 will be described with reference to FIG.
First, the appearance setting unit 104 initializes variables x and y to 1 (S201). Next, it is checked whether the value of the variable y is greater than 7 (S202).
If the value of the variable y is 7 or less, it is checked whether the value of the variable x is greater than 10 (S203).
When the value of the variable x is 10 or less, the appearance setting unit 104 uses the following equation (1) to set the background color to be set as the password candidate character at the position of row y from the top of the screen and column x from the left. A color designation code D (x, y) is obtained (S204).
In Expression (1), m and n represent the horizontal movement amount and the vertical movement amount in FIG. 2, respectively.
In Expression (1), “%” indicates an operation for obtaining a remainder (the same applies to Expression (2)).

Next, the appearance setting unit 104 displays the character designated by the character code of the password array P [y−1, x−1] in the y-th row and x-th column from the upper left of the screen as the color designation code D (x, y ) Background color (S205).
Next, 1 is added to the variable x (S206), and the processing from step S203 is repeated.
On the other hand, if the value of the variable x is greater than 10 in step S203, the appearance setting unit 104 sets 1 to the variable x, adds 1 to the variable y (S207), and repeats the processing from step S202.
In step S202, if the value of variable y is greater than 7, the process is terminated.

Next, a process executed when the server apparatus 106 receives an authentication request from the terminal apparatus 101 will be described.
FIG. 5 shows processing executed when the server apparatus 106 receives an authentication request from the terminal apparatus 101.

First, when an authentication request including a user ID is received from the terminal device 101 (S301), the authentication determination unit 108 checks whether the user ID included in the received authentication request is registered in the management unit 109 ( S302).
When the user ID is registered in the management unit 109, the authentication determination unit 108 sequentially extracts two or more passwords registered in association with the user ID and extracts the registered password character string PW [i | (0 ≦ i ≦ S−1)] (S is the number of registered passwords) and stored as an element (S303).
I (0 ≦ i ≦ S−1), which is the number of the registered password character string PW, is the order of authentication processing in the authentication determination unit 108.
On the other hand, when the user ID is not registered on the management unit 109, the authentication determination unit 108 stores the authentication failure (S304).

Next, a random number required for user authentication is generated in the authentication random number generation unit 107 (S305).
In this embodiment, a password array of 7 rows and 10 columns is displayed on the terminal screen, so a set of random numbers consisting of seven 10-digit random numbers is generated, and the generated random number set is authenticated to the terminal device 101. It transmits via the communication part 110 (S306).

Thereafter, authentication data is received from the terminal device 101 (S307), and it is checked whether or not an authentication failure is stored in the authentication determination unit 108 (S308).
If authentication failure is not stored in the authentication determining unit 108, the authentication determining unit 108 sets the random number set transmitted via the authentication communication unit 110, the input counter k of the received authentication data, and the authentication data array h [ k], v [k], and the registered password character string PW extracted from the management unit 109, the success or failure of the authentication is determined (S309). If the authentication data is correct, the terminal device 101 is authenticated via the authentication communication unit 110. An authentication success message notifying the success is returned (S310).
On the other hand, if the authentication data is incorrect, the authentication determination unit 108 transmits an authentication failure message notifying the terminal device 101 of the authentication failure via the authentication communication unit 110 (S311).
Details of the calculation for determining the success or failure of the authentication will be described later.
If an authentication failure is recorded in the authentication determination unit 108 in step S308, an authentication failure message is transmitted in step S311.

  Next, the detailed operation of the authentication determination process in step S309 in FIG. 5 will be described with reference to FIG.

First, the authentication determination unit 108 initializes the variable s to 1 and the variable k to 0 (S401).
Here, the variable s is a variable for counting the number of password character strings.
The variable k is a variable for counting the password length (number of password characters).
Next, the password length of the registered password character string PW [s−1] registered in the management unit 109 is stored in the variable ln, the variable r is set to 1, and the variables m and n are set to 0 (S402). ).
The variable ln is a variable for recording the password length (number of password characters) of the registered password character string, and corresponds to the fact that the password length of each registered password character string is not constant. The variable r is a variable for determining what number character in the registered password character string is the target character. Variable m and variable n correspond to horizontal movement amount m and vertical movement amount n.

Next, the authentication judgment unit 108 obtains the position in the password array P for the rth character of the password in the sth registered password character string PW [s-1] (S403).
The position in the password array P can be obtained using the conversion table shown in FIG.
Specifically, the positions i and j in the password array P are obtained from the conversion table of FIG. 7 using a numerical value t uniquely obtained from the upper 4 bits and the lower 4 bits of the ASCII code of a password character. At this time, i is a quotient when t is divided by 10, and j is a remainder when t is divided by 10.
Next, the authentication judgment unit 108 uses the following equation (2) from i and j and the elements h [k] and v [k] of the authentication data array, and the r-th password of the s-th registered password. A color designation code E (s, k) selected as the background color of the character is obtained (S403).

  Here, k is equal to a value obtained by adding r−1 to the total length of the registered password character strings up to s−1.

Next, the authentication determination unit 108 checks whether the variable r is equal to 1 (S405), and if it is equal, the color code E (s, r) is temporarily stored in the authentication determination unit 108 (S406). .
If the variable r is not equal to 1 in step S405, the authentication determination unit 108 determines that the color code E (s, r) obtained in step S404 is temporarily stored in the authentication determination unit 108. It is checked whether it matches the code (S407).
That is, the authentication determination unit 108 extracts a response value corresponding to each password character string from the response values received by the authentication communication unit 110 according to the authentication order according to the password length ln. Then, the calculation shown in the above equation (2) is performed to obtain the appearance of the first password character selected by the terminal device 101 for each password character string and obtain the appearance of each of the second and subsequent password characters. Then, it is determined whether the appearance of each of the obtained second and subsequent password characters matches the appearance of the first password character.

If the color codes do not match in step S407, the authentication determination unit 108 fails authentication (S408) and ends the authentication determination process.
On the other hand, if it matches with the color code in step S407, the authentication judgment unit 108 checks whether the variable r is equal to the variable ln (S409).
In step S409, if the variable r is not equal to the variable ln, it is not checked whether the color codes match for all characters of the sth registered password character string, so the variable r and the variable k are set to 1 respectively. Add (S401) and repeat the process from step S403.
On the other hand, if the variable r is equal to the variable ln in step S409, it is checked whether the color code matches for all the characters of the sth registered password character string. (S411).
If the variable s is not equal to S in step S411, the response value check for all registered password character strings has not yet been completed, so the variable s is incremented by 1 (S412), and the processing from step S402 is repeated. .
On the other hand, if the variable s is equal to S in step S411, the response values have been checked for all registered password character strings, so that authentication is successful (S413), and the authentication determination unit 108 ends the authentication determination process. .

  FIG. 8 is a user ID input screen displayed on the display unit 102 when the terminal device 101 accepts an authentication request from a user in S101.

  When the user starts authentication, the user inputs the user ID into the user ID input field 202 of the user ID input screen 201 from the input unit 103 and presses the execution button 203, thereby including the user ID for the server device 106 in S103. An authentication request is sent.

  FIG. 9 shows a user authentication screen displayed on the display unit 102 when the terminal device 101 receives a response from the user in S105.

When the user performs authentication, the user finds characters in the password array 302 in order from the first character of the first registered password character string stored on the user authentication screen 301, and for each registered password character string, The authentication operation is performed by repeating the operation of pressing the selection key when the background becomes the same by operating the background with the movement key so that the background is the same for each registered password character.
For example, if the registered password character string is “1F”, the background color that is the same as the background color of “1” is at the position “C”, so the user moves the entire background three times to the right, The background color of “F” is the same as that of “1”.
When the selection key is pressed to confirm the background, one “*” is additionally displayed in the confirmation display field 303.
After executing the authentication operation for all the registered password character strings, the user presses the authentication button 304, whereby authentication data for the server device 106 is transmitted in step S125.
Further, before the user presses the authentication button 304, an error in the authentication operation can be cleared by one character by pressing the clear button 305 once, and displayed in the confirmation display field 303 at this time. One '*' is deleted.

In this way, authentication is performed by simply matching the background color of each password without entering the password itself, so even if a third party can steal the authentication operation, the user matches which background color of which character. Since it does not know whether it is, it can be prevented from being authenticated by impersonating the person himself / herself.
Further, the user can freely change the background color to be shared for each character for each password character string at every authentication. Further, at the time of authentication, authentication is performed by continuously using one or more password character strings. For this reason, since it is not known how many password character strings are used for authentication and the length of each password character string, a third party can perform user authentication with high security.

  Furthermore, when a plurality of passwords are registered and authentication is repeated for each password in the conventional method, only the effect of increasing the number of digits of the password can be obtained to prevent spoofing. On the other hand, the terminal device side according to the present embodiment performs a series of authentication operations by continuously using a plurality of passwords in one authentication, and the authentication device side determines the background of the first character of the password and The authentication is successful only when the background of the remaining characters matches. As a result, the third party does not know what corresponds to the first character of the second and subsequent passwords, which increases the number of candidates guessed as passwords and makes impersonation difficult. can get.

Further, as the authentication data stored by the user, a widely used conventional password made up of letters and numbers can be used. For the user, there is no burden of newly storing data in a special format according to this authentication method, and the load when updating a password for maintaining security is also small.
As the password, an already stored password can be used as it is, or the stored password can be divided into two and registered.

In this embodiment, the password array and the color conversion table are stored in advance in the appearance setting unit 104 of the terminal apparatus 101, but the password array and the color conversion table are stored in the management unit 109 of the server apparatus 106. In the authentication, these may be extracted from the management unit 109 and transmitted from the server device 106 to the terminal device 101.
Further, by storing different password arrangements and color conversion tables for each user in the management unit 109 in association with user IDs, it is possible to use different password candidate characters and background colors for each user on the user authentication screen. It is.
In this embodiment, the background color is used as the appearance of the password. However, by using a symbol conversion table having a file name including a symbol as an element instead of the color conversion table, a user as shown in FIG. It is also possible to display password candidate characters together with different designs on the authentication screen.

As described above, the present embodiment has described the authentication system including the terminal device used by the user and the authentication device that performs authentication with the user by communicating with the terminal device.
More specifically, the terminal device receives a random number for authentication from the authentication device, transmits a response value for the authentication random number to the authentication device, and an input unit that receives an input value from a key; , An appearance setting unit for setting the appearance of password candidate characters based on the authentication random number received by the terminal communication unit and the input value from the input unit, and the password candidate characters having the appearance set by the appearance setting unit The terminal device calculates the response value based on the input value received by the input unit.
The authentication device includes a management unit that stores two or more password strings of a user, an authentication random number generation unit that generates an authentication random number, and an authentication random number generated by the authentication random number generation unit. An authentication communication unit that transmits a response value to the authentication random number from the terminal device, two or more password character strings stored in the management unit, and an authentication random number generated by the authentication random number generation unit And an initial appearance of each password character string selected by the terminal device using the response value received by the authentication communication unit, and the appearance of each password character obtained and each password stored in the management unit Authentication that performs a predetermined calculation using a character string, an authentication random number generated by the authentication random number generation unit, and a response value received by the authentication communication unit, and determines success or failure of user authentication It has been described to have a cross section.

  In the present embodiment, it has been described that the appearance setting unit sets the background color of each character as the appearance of the password candidate character.

  Furthermore, in the present embodiment, it has been described that the appearance setting unit sets a design for the background of each character as the appearance of the password candidate character.

Embodiment 2. FIG.
In the first embodiment described above, the registered password character string is a password character string registered in advance in the management unit of the server device. Next, the user directly inputs his password character string from the terminal device. An embodiment in the case of change registration is shown.

FIG. 11 is a block diagram showing a configuration of an authentication system according to Embodiment 2 of the present invention.
In FIG. 11, the terminal communication unit 405 of the terminal device 401 and the authentication communication unit 412 of the server device 408 are connected via a network such as wireless communication, wired communication, and the Internet.

The appearance setting unit 404 of the terminal device 401 stores in advance a password array composed of password candidate characters that are password candidates and a color conversion table, and sets the background color of the password displayed on the display unit 402. In the present embodiment, the appearance setting unit 404 is an example of a password array storage unit.
Note that the password arrangement and the color conversion table stored in the appearance setting unit 404 are the same as those described in the first embodiment.
The terminal random number generation unit 406 generates a password conversion random number.
The terminal storage unit 407 stores an array of random numbers, and specifically includes a hard disk device, a nonvolatile memory, a flexible disk, and the like.
The input unit 403 inputs a pre-conversion password, which is a pre-conversion password, from the user. The input unit 403 is an example of a pre-conversion password input unit.
The response value calculation unit 413 calculates a response value for the authentication random number from the server device 408 as in the first embodiment.
The password conversion unit 414 converts the password character string before conversion received by the input unit 403 based on the password conversion random number generated by the terminal random number generation unit 406 and the password array stored in the appearance setting unit 404. I do.

In the present embodiment, the management unit 411 of the server device 408 includes a hard disk device, and stores one or more user passwords in association with user IDs. In addition, a password array and a color conversion table are stored.
The authentication random number generation unit 409 generates a 10-digit random number.
The authentication random number generation unit 409 and the authentication determination unit 410 are specifically realized by a program in the present embodiment, and the program is stored in a hard disk device, a nonvolatile memory, a flexible disk, or the like, from which It is loaded on a server device (authentication device) 408 and executed on a CPU (Central Processing Unit).

  Next, an outline of the operation of the authentication system according to the present embodiment will be described.

In the terminal device 401, the input unit 403 receives the user's pre-conversion password character string. The pre-conversion password is a password stored by the user.
Also, the terminal random number generation unit 406 generates a password conversion random number.
In the password arrangement stored in the appearance setting unit 404, as in the first embodiment, each character of a plurality of password candidate characters is arranged at a designated position.
The password conversion unit 414 determines the position in the password array in which the password candidate characters that match each password character constituting the pre-conversion password character string are arranged, and the determined position of each password candidate character and the password conversion random number Based on the above, the password string before conversion is converted.
Specifically, the password conversion unit 414 determines the position in the password array in which the password candidate characters that match each password character constituting the pre-conversion password character string are arranged, and the position of each determined password candidate character And a password conversion random number are used to perform a predetermined calculation, and the password character of the password string before conversion is replaced with the password candidate character arranged at the position corresponding to the value of the calculation result, Perform conversion.
Then, the terminal communication unit 405 transmits the converted password character string converted by the password conversion unit 414 to the server device 408.

  In the server device 408, the authentication communication unit 412 receives the converted password character string transmitted from the terminal device 401, and the management unit 411 stores the converted password character string as the password character string of the user of the terminal device 401. .

  Thus, in this embodiment, the password character string (post-conversion password character string) registered in the server apparatus 408 is different from the password character string (pre-conversion password character string) stored by the user. can do.

Also in the present embodiment, the user authentication process is performed in the same procedure as in the first embodiment, and the user sets password candidate characters for each character of the stored password character string (pre-conversion password character string). Input to share the background.
Here, the response value calculation procedure of the response value calculation unit 413 is different from that of the first embodiment. In the present embodiment, the response value calculation unit 413 calculates a response value using the user input value and the password conversion random number.
By using the password conversion random number in the calculation of the response value, the response value calculation unit 413 uses the input value input to the password character string before conversion by the user as the converted password character string registered in the server device 408. The response value is calculated by converting corresponding to.

In the following, the authentication system according to the present embodiment will be described in detail. In the present embodiment, a temporary password associated with the user ID is registered in the management unit 411 as a state after registration of a new user. The terminal storage unit 407 of the terminal device 401 stores two random number arrays having a length of 64 whose elements are initialized to 0, a horizontal random number array RH [64], and a vertical random number array RV [64]. Suppose you are. The horizontal random number array RH [64] and the vertical random number array RV [64] are password conversion random number arrays.
The same password array P and color conversion table C as those used in the first embodiment are used.
In this embodiment, the total length of the password is described as 64 at maximum, but the length is not limited to this.
Further, as a password candidate character, a password array of 7 rows and 10 columns is used, but the size of the array is not limited to this.

  Next, details of operations of the terminal device 101 and the server device 106 in the user authentication system according to the present embodiment will be described with reference to the drawings.

First, after the new user registration with the server device 408 is completed, the user performs an authentication operation with the server device 408 using the temporary password for the terminal device 401, and after the authentication is successful, the user performs password change registration. Do.
First, the operation of the terminal device 401 when performing user authentication will be described.
FIGS. 12 and 13 are flowcharts showing processing executed when user authentication is performed in the terminal device 401.

First, when a user performs authentication using the terminal device 401, a user ID input screen is displayed on the display unit 402, and a user ID is received from the input unit 403 (S501).
At this time, the response value calculation unit 413 initializes the elements of the authentication data arrays v [64] and h [64] for storing data to be returned to the server apparatus 408 as response values to 0, and the horizontal movement amount m and the vertical movement amount. n and the input counter k are each initialized to 0 (S502).

Next, an authentication request including the user ID is transmitted to the server apparatus 408 via the terminal communication unit 405 (S503).
Thereafter, the terminal device 401 receives a set of random numbers including seven 10-digit random numbers for the authentication request transmitted via the terminal communication unit 405 from the server device 408, and the appearance setting unit 404 receives the random number array R [ i | (0 ≦ i ≦ 6)] is stored (S504).

Next, the appearance setting unit 404 obtains a color designation code for each row and each column of the password array from the stored random number set value, the two movement amounts m and n, and the color conversion table C by a predetermined calculation. .
The display unit 402 displays a user authentication screen in which password candidate characters are drawn on the background color designated by the obtained color designation code (S505).
Details of the calculation for obtaining the color designation code of the background color will be described later.

The user's input key value (input value) is received from the input unit 403 for the password array with the background color displayed as characters on the display unit 402 (S506).
When receiving the input key, the response value calculation unit 413 determines the type of the input key (S507).

If the type of the input key is a selection key, the response value calculation unit 413 checks whether the value of the input counter k is smaller than 64 (S508).
When the value of k is smaller than 64, the response value calculation unit 413 stores the value obtained by adding the horizontal random number array RH [k] to the horizontal movement amount m as the value of the authentication data array h [k], and moves vertically. The value obtained by adding the vertical random number array RV [k] to the quantity n is stored as the value of the authentication data array v [k] (S509).
Next, the response value calculation unit 413 checks whether the value of k is equal to 0 (S510).
When the value of k is not equal to 0, the response value calculation unit 413 obtains a value obtained by subtracting the value of the horizontal random number array RH [k−1] from the value obtained by adding 10 to the value of the authentication data array h [k]. The value obtained by subtracting the value of the vertical random number array RV [k−1] from the value obtained by adding 7 to the value of the authentication data array v [k] is stored as the value of the authentication data array h [k]. ] (S511).
Next, the response value calculation unit 413 stores the remainder obtained by dividing the value of the authentication data array h [k] by 10 as the value of the authentication data array h [k], and sets the value of the authentication data array v [k] to 7 Is stored as the value of the authentication data array v [k], 1 is added to the value of the input counter k (S512), and the processing from step S505 is repeated.
If the value of k is equal to 0 in step S510, the processing from step S512 is performed.
If the value of the input counter k is 64 or more in step S508, a warning indicating that the determined number has already reached the maximum password length is displayed (S513), and the processing from step S505 is repeated.

  When the input key type is the left shift key, the response value calculation unit 413 subtracts 1 from the horizontal shift amount m (S514). Next, it is checked whether or not the value of the horizontal movement amount m is smaller than 0 (S515). If the value is smaller than 0, 10 is added to m (S516), and the processing from step S505 is repeated.

  If the type of the input key is a rightward movement key, the response value calculation unit 413 adds 1 to the horizontal movement amount m (S517). Next, it is checked whether the value of the horizontal movement amount m is greater than 9 (S518). If the value is greater than 9, 10 is subtracted from m (S519), and the processing from step S505 is repeated.

  If the input key type is the upward movement key, the response value calculation unit 413 subtracts 1 from the vertical movement amount n (S520). Next, it is checked whether the value of the vertical movement amount n is smaller than 0 (S521). If the value is smaller than 0, 7 is added to n (S522), and the processing from step S505 is repeated.

  If the input key type is the downward movement key, the response value calculation unit 413 adds 1 to the vertical movement amount n (S523). Next, it is checked whether the value of the vertical movement amount n is larger than 6 (S524). If the value is larger than 6, 7 is subtracted from n (S525), and the processing from step S505 is repeated.

  If the input key type is the clear key, the response value calculation unit 413 stores 0 in the values of the authentication data arrays h [k] and v [k] (S526), and the input counter k It is checked whether the value is greater than 0 (S527). If the value is greater than 0, 1 is subtracted from k (S528), and the processing from step S505 is repeated.

  When the type of the input key is an authentication key, the response value calculation unit 413 uses the terminal communication unit 405 with the values of the input counter k and the authentication data arrays h [k] and v [k] as authentication data. To the server device 408 (S529).

Next, the authentication result sent from the server device 408 is received (S530), the authentication result received from the server device 408 is displayed on the display unit 502 (S531), and the authentication process is terminated.
In step S530, if the received authentication result is successful, the authentication result includes a session ID (random number). Therefore, the terminal device 401 stores the session ID in the terminal storage unit 407.

The detailed operation in step S505 is the same as the process in step S105 of the first embodiment.
Further, the process executed when the server apparatus 408 receives an authentication request from the terminal apparatus 401 is the same as the process executed when the server apparatus 106 according to the first embodiment receives an authentication request from the terminal apparatus 101. It is.
When transmitting the authentication success message in step S310, the authentication random number generation unit 409 generates a random number for the session ID, stores it in the management unit 411 in association with the user ID, and transmits it in the authentication success message. To do.

Next, after successful authentication, the password character string is changed and registered.
FIG. 14 is a password change registration screen displayed on the display unit 102 when the user uses the password character string change registration after successful authentication in the terminal device 401. FIG. 14A shows the password change registration. This is the screen immediately after starting the screen.
The password change registration screen 501 includes an upward scroll button 502, a first password character string input field 503, a first password character string (confirmation) input field 504, a downward scroll button 505, an add button 506, and a registration button. 507 is displayed.
When the user performs the password character string change registration, the user enters the first password character string (pre-conversion password character string) in the first password character string input field 502 of the password change registration screen, and the first Similarly, the first password character string (pre-conversion password character string) is entered in the password character string (confirmation) input field 502. When only one password character string is registered, a password change registration is transmitted from the terminal device 401 to the server device 408 by pressing a registration button 504.

On the other hand, when the user registers the second password character string, by pressing the add button 506, the second password character is displayed on the password character string change registration screen as shown in FIG. A column input field 508 and a second password character string (confirmation) input field 509 are additionally displayed.
The user inputs the second password character string (pre-conversion password character string) in the second password character string input field 508 of the password change registration screen, and further inputs the second password character string (confirmation) input field 509. Similarly, enter the second password character string (pre-conversion password character string).

Further, when the user registers the third password character string (pre-conversion password character string), the user presses the add button 506 again to display the password change registration screen as shown in FIG. An input field 510 for the third password character string and an input field 511 for the third password character string (confirmation) are additionally displayed.
The user depresses the upward scroll button 502 and the downward scroll button 505 to move the password input field display up and down.

  When the user presses the registration button 507 after entering the password character strings in all the password character string input fields and the password character string (confirmation) input fields, the password change registration is transmitted from the terminal device 401 to the server device 408. .

Next, the operation of the terminal device 401 when performing password character string change registration will be described.
15 and 16 are flowcharts showing processing executed when the terminal device 401 changes registration of a password character string.

First, when the user changes the registration using the terminal device 401, the password registration change is accepted by selecting the password registration change with the input unit 403 from the menu displayed on the display unit 402 (screen is omitted) (S601). ).
First, the password conversion unit 414 initializes a variable k for counting the number of password character strings to 1 (S602).
Next, the password conversion unit 414 allocates areas ps_1 and pc_1 for storing the first password (S603).
Next, the password registration change screen shown in FIG. 14 is displayed on the display unit 402, and key inputs and button operations are accepted in the password input field and the password (confirmation) input field (S604). When receiving an input from the user, the password conversion unit 414 determines the type of input (S605).

When the input is a press of the upward scroll button 502 or the downward scroll button 505, the password input field to be displayed is changed according to the direction (S606).
If the input is the push of the add button 506, k is incremented by 1 (S607), areas ps_k and pc_k for storing the kth password are allocated (S608), and the process of step S604 is repeated.

When the input is a press of the registration button 507, the password conversion unit 414 initializes the internal variable i to 1 and the variable sum for obtaining the total length of the password to 0 (S609).
Next, it is checked whether the internal variable i is less than or equal to the password counter k (S610).
When the internal variable i is less than or equal to k, the password conversion unit 414 checks whether the value of ps_i is equal to the value of pc_i in order to confirm whether the password of the i-th password matches (confirmation). (S611).
When the value of ps_i is equal to the value of pc_i, the password conversion unit 414 adds the length of ps_i to the variable sum (S612), and checks whether the variable sum is 64 or less (S613).
When the variable sum is 64 or less, the password conversion unit 414 adds 1 to i (S614), and repeats the processing from step S610.
On the other hand, if the variable sum is larger than 64 in step S613, the password conversion unit 414 displays a warning that the total length of the input password exceeds the maximum value on the display unit 402 (S615), and step S604. Repeat the process from.
If the ps_i value and the pc_i value are not equal in step S610, the password conversion unit 414 displays a warning that the input contents of the i-th password and the password (confirmation) do not match on the display unit 402. (S616), and the processing from step S604 is repeated.
In step S610, if the value of the internal variable i is greater than the counter k for the number of passwords, the password conversion unit 414 performs conversion processing for the input password (S617). Details of the conversion process will be described later.

  Next, random number arrays RH [k] and RV [k], which are password conversion random number arrays used in the conversion processing step S617, are stored in the terminal storage unit 407 (S618), the number of passwords k and the converted password ps_1. To password registration change including ps_k is transmitted to the server device 408 via the terminal communication unit 405 of the terminal device 401 (S619), and the password registration change processing is terminated.

  Next, the detailed operation of the password conversion process in step S617 in FIG. 16 will be described with reference to FIG.

First, the password conversion unit 414 allocates the horizontal random number array RH [64] and the vertical random number array RV [64], and initializes all elements to 0 (S701).
Next, the password conversion unit 414 initializes the internal variable i to 1 and the internal variable j to 0 (S702), and checks whether i is equal to or less than the number k of input passwords (S703). If i is less than or equal to k, the internal variable m is initialized to 1, and the length of the i-th password is stored in the internal variable ln (S704). The internal variable m is a variable indicating the position of the character to be processed in the password character string. The internal variable ln is a variable indicating the password length (number of password characters) of the password character string to be processed.
Next, the terminal random number generation unit 406 generates two random numbers r1 and r2 (S705). These two random numbers r1 and r2 are password conversion random numbers.
Next, the password conversion unit 414 stores the remainder obtained by dividing r1 by 10 as r1 and further stores it in the horizontal random number array RH [j], sets the remainder obtained by dividing r2 by 7 as r2, and further generates the vertical random number array RV [j. ] (S706).
Next, the password conversion unit 414 temporarily stores the m-th character of the i-th password in the internal variable ch (S707), and stores it in the internal variable ch using the password array shown in FIG. The number of the character in the password array is obtained and stored in the internal variable n (S708).
Next, the password conversion unit 414 obtains an element of P [(n% 10 + r2)% 7] [(n / 10 + r1)% 10] from the password array P and temporarily stores it in the internal variable ch (S709). ), The m-th character of the i-th password is replaced with the character stored in the internal variable ch (S710).
Next, the password conversion unit 414 checks whether m is less than or equal to ln (S711). If m is less than or equal to ln, m and j are each added one by one (S712), and the processing from step S705 is repeated. .
In step S711, if m is greater than ln, i is incremented by 1 (S713), and the processing from step 703 is repeated.
In step S703, if i is larger than k, the password character string conversion process is terminated.

  As described above, the password conversion unit 414 determines the position in the password array in which the password candidate characters matching each password character are arranged for each password character constituting the password character string before conversion, and determines each password thus determined. Performs a predetermined calculation using the position of the candidate character and the random number for password conversion, and replaces the password character in the password string before conversion with the password candidate character arranged at the position corresponding to the value of the calculation result before conversion. Perform password string conversion.

Next, processing when the server apparatus 408 receives a password registration change will be described with reference to FIG.
Upon receiving a registration change including a session ID and one or more new password character strings from the terminal device 401 (S801), the authentication determination unit 410 stores the received session ID in the management unit 411 in association with the user ID. Is checked (S802).
If the received session ID is not stored in the management unit 411 in association with the user ID, the authentication determination unit 410 ends the process as an unauthorized password registration change.
On the other hand, when the received session ID is stored in the management unit 411 in association with the user ID in step S802, the authentication determination unit 410 uses the user ID stored in association with the session ID from the management unit 411. One or more password character strings received as passwords stored in the management unit 411 in association with the user ID are registered (S804), and the process ends.

The user authentication process after the password registration change shown in FIG. 18 is performed according to the flow shown in FIGS.
In the above, an example in which user authentication is performed using a temporary password immediately after new user registration in the server device 408 has been described based on the flow of FIGS. 12 and 13, but not immediately after new user registration. User authentication processing during normal operation is also performed according to the flow of FIGS.

That is, as in the first embodiment, the user inputs the selection key by operating the movement key so that each character of the stored password character string has a common background color. After the selection key is input, the processing of S508 to S512 in FIG. 13 is performed by the response value calculation unit 413, and the response value is calculated. The horizontal random number array RH [k] and the vertical random number array RV [k] used for calculation of the response value are password conversion random number arrays stored in S618 of FIG.
Accordingly, the response value calculation unit 413 calculates a response value using the password conversion random number used in the password conversion processing by the password conversion unit 414.
In this way, the response value calculation unit 413 uses the password conversion random number used in the password conversion process by the password conversion unit 414 to calculate the response value corresponding to the password conversion process. Even if the password character string used for authentication determination by the determination unit 410 is a password character string after conversion, user authentication can be correctly performed by the response value by the response value calculation unit 413.

  In this way, when the password registration is updated from the terminal device 401, the user password is converted based on the random number generated on the terminal side, and the converted password is registered in the server device 408. For example, the server device Even if the converted password leaks from the management unit 411 in 408, it is impossible to guess what password the user is actually using. This can strengthen the security of the authentication system. is there.

As described above, in the present embodiment, the terminal device used by the user by performing communication with the authentication device that performs user password change registration and authentication for the user has been described.
More specifically, the terminal device receives an authentication random number from the authentication device, transmits a response value corresponding to the authentication random number to the authentication device, and after successful authentication, sends an update password to the authentication device. A terminal communication unit to transmit, an input unit that accepts an input value from a key, a terminal random number generation unit that generates a random number for password conversion, and an external appearance change pattern indicating rules for changing the appearance of password candidates and a random number for password conversion The appearance of the password candidate character is set based on the terminal storage unit, the authentication random number received by the terminal communication unit, the input value input from the input unit, and the external pattern stored in the terminal storage unit And an input value received by the input unit, and a display unit for displaying password candidate characters of the appearance set by the appearance setting unit. The response value is calculated based on the password conversion random number stored in the terminal storage unit, and the password input from the input unit after successful authentication is updated based on the password conversion random number generated by the terminal random number generation unit. Explained that it is converted to a password.

  Further, in the present embodiment, the authentication device has been described in which the authentication communication unit receives the password change registration from the terminal device and updates the password character string stored in the management unit after successful user authentication.

Embodiment 3 FIG.
In the second embodiment described above, a random number is generated in the terminal device, and the password of the user is converted using this to prevent the leakage of the user's password. An embodiment in which a password for authentication with a server apparatus is converted using an input conversion password will be described.

FIG. 19 is a block diagram showing a configuration of an authentication system according to Embodiment 3 of the present invention.
In FIG. 19, a terminal communication unit 605 of a terminal device 601 and an authentication communication unit 611 of a server device 607 are connected via a network such as wireless communication, wired communication, and the Internet.

The appearance setting unit 604 of the terminal device 601 previously stores a password array composed of characters that are password candidates and a color conversion table, and sets the background color of the password displayed on the display unit 602. The appearance setting unit 604 is an example of a password array storage unit.
The input unit 603 accepts a password string before conversion from the user and an activation password character string. The activation password character string is a random number generation password character string used to generate a password conversion random number. The input unit 603 is an example of a pre-conversion password input unit.
The hash value generation unit 606 of the terminal device generates a hash value for the activation password character string (random number generation password character string) and generates a password conversion random number. The hash value generation unit 606 may generate a password conversion random number by performing another type of one-way operation other than the hash operation on the activation password character string (random number generation password character string). The hash value generation unit 606 is an example of a terminal random number generation unit.
The password conversion unit 614 converts the password character string before conversion using the password conversion random number generated by the hash value generation unit 606.
The response value calculation unit 613 calculates a response value to the server device 607 using the password conversion random number as in the second embodiment.

In the present embodiment, the management unit 610 of the server device 607 includes, for example, a hard disk device, and stores one or more user passwords in association with user IDs. In addition, a password array and a color conversion table are stored.
The authentication random number generation unit 608 generates a 10-digit random number.
The authentication random number generation unit 409 and the authentication determination unit 410 are specifically realized by a program in the present embodiment, and the program is stored in a hard disk device, a nonvolatile memory, a flexible disk, or the like, from which It is loaded on a server device (authentication device) 408 and executed on a CPU (Central Processing Unit).
Each element of the server device 607 is the same as that shown in the second embodiment.

  In the present embodiment, a temporary password is registered in association with the user ID as a state after the new user is registered in the management unit 610, and the terminal device 401 has a length in which the value is initialized to 0 in the element. 64 random number arrays, horizontal random number array RH [64] and vertical random number array RV [64] are stored.

In the third embodiment, when the authentication with the server device 607 is started, the activation password input screen 701 shown in FIG. 20 is displayed before the user ID input screen is displayed on the display unit 602 of the terminal device 601.
The user finds characters in the password array 702 in order from the first character of the activation password character string stored in the activation password input screen 701 so that the cursor becomes the background of the password character for each registered password character string. The operation of inputting the activation password character string is performed by repeating the operation of pressing the selection key by operating with the movement key.
When the selection key is pressed, one “*” is additionally displayed in the input display field 703. After executing the input operation for all activation password character strings, the user presses the confirm button 704 to start processing for generating a random number array from the activation password character strings.
Further, before the user presses the confirm button 704, an error in the input operation can be cleared by one character by pressing the clear button 705 once, and displayed in the input display field 703 at this time. One '*' is deleted.

Next, FIG. 21 shows a random number sequence generation process started when the confirm button 704 is pressed.
First, the hash value generation unit 606 allocates two random number arrays RH [64] and RV [64], and initializes the elements to 0 (S901).
Next, the hash value generation unit 606 stores a value obtained by hashing the activation password character string input by the user on the activation password input screen with the SHA-256 hash function H () in the variable val1, and the same value is stored in the variable val1. It is also stored in val2 (S902).
Next, the hash value generation unit 606 initializes the internal counter i to 0 (S903).
Next, the hash value generation unit 606 stores the remainder obtained by dividing val1 by 10 in the random number array RH [i] and the remainder obtained by dividing the variable val2 by 7 in the random number array RV [i]. Val1 is updated with the quotient divided by 10 and val2 is updated with the quotient obtained by dividing the variable val2 by 7 (S904).
Next, the hash value generation unit 606 checks whether the value of the counter i is 63 or more (S905), and if it is 63 or more, the process ends.
On the other hand, if the value of the counter i is smaller than 63 in step S905, i is incremented by 1 (S906), and the processing from step S904 is repeated.

In this way, the hash value generation unit 606 generates a password conversion random number by performing a predetermined operation including a hash operation on the activation password character string (random number generation password character string) input by the user.
The subsequent operation is the same as that in the second embodiment. In the terminal device 601, the password conversion unit 614 converts the password character string of the user (pre-conversion password character string) using the password conversion random number, and after the conversion, The password character string is transmitted to the server device 607, and the server device 607 registers the converted password character string.
In the terminal device 601, at the time of user authentication, the hash value generation unit 606 generates a password conversion random number using the activation password character string (random number generation password character string) according to the above procedure, and the hash value Using the password conversion random number generated by the generation unit 606, the response value calculation unit 613 calculates the response value in the same manner as in the second embodiment, and transmits the response value to the server device 607.

Thus, in the present embodiment, when the password registration is updated from the terminal device 601, the user password is based on the hash value generated by the hash value generation unit 606 of the terminal device 601 based on the activation password character string. The password character string after conversion is registered in the server device 607, and at the time of authentication, the converted password character string is based on the hash value generated by the hash value generation unit 606 of the terminal device 601 based on the activation password character string. Since it is converted into a response value for the password, for example, even if the password character string after conversion leaks from the management unit 610 in the server device 607, it is impossible to guess what password the user is actually using. This makes it possible to strengthen the security of the authentication system.
Further, since the hash value is dynamically generated from the activation password character string, even if the user loses or loses the terminal device 601, authentication can be performed using another terminal device.

  In this embodiment, the method of inputting the activation password character string by moving the cursor with the movement key on the activation password input screen has been described. However, the activation password character string is directly input from the key in the same manner as the user ID input. It is also possible to input.

As described above, in the present embodiment, the terminal device used by the user by performing communication with the authentication device that performs user password change registration and authentication for the user has been described.
More specifically, terminal communication that receives an authentication random number from the authentication device, transmits a response value corresponding to the authentication random number to the authentication device, and transmits an update password to the authentication device after successful authentication. An input unit that receives an input value from a key, a hash value generation unit that generates a hash value, a terminal storage unit that stores an appearance change pattern indicating a rule for changing the appearance of a password candidate, and a random number for password conversion; Based on the authentication random number received by the terminal communication unit, the input value input from the input unit, the hash value obtained by hashing the input value by the hash value generation unit, and the appearance pattern stored in the terminal storage unit An appearance setting unit for setting the appearance of password candidate characters, and a display unit for displaying password candidate characters for the appearance set by the appearance setting unit. The response value is calculated based on the input value received by the input unit and the hash value obtained by hashing the input value by the hash value generation unit, and the password input from the input unit after successful authentication is based on the hash value. The terminal device for converting to the update password has been described.

Embodiment 4 FIG.
In this embodiment, the terminal device is a single unit using an authentication method in which the user operates the direction key to perform authentication by matching the background color of each character of one or more password character strings to a specific color. An embodiment in which user authentication is performed will be described.
In the present embodiment, a password of a symbol string including numbers, alphabets, and special characters is used as the password character string, and the total length of the password character string is assumed to be 64 at the maximum. It is not limited. Further, as a password candidate character, a password array of 7 rows and 10 columns is used, but the size of the array is not limited to this.

FIG. 22 is a block diagram showing a configuration of an authentication system according to Embodiment 4 of the present invention.
The storage unit 805, the random number generation unit 806, and the authentication determination unit 807 are mounted in an IC (integrated circuit) card 808 in the present embodiment, and are specifically realized by a program.
This program is stored in the flash memory in the IC card 808 and executed by the CPU in the IC card 808. Note that the IC card 808 can be detached from the terminal device 801.
The display unit 802, the input unit 803, and the appearance setting unit 804 are the same as the display unit 102, the input unit 103, and the appearance setting unit 104 described in Embodiment 1.

  The storage unit 805 includes a non-volatile memory in the present embodiment, and includes a user private key that is paired with one or more password character strings, a password color, and a user public key of the user who is authenticated by the terminal device 801. A password array composed of password candidate characters made up of password candidates and a color conversion table are stored in advance.

  The password array P indicates a sequence of characters when characters that can be used for a password are displayed on the display unit 802 of the terminal device 801, and stores ASCII codes of characters to be displayed in i rows and j columns as shown below. Is.

  The color conversion table C indicates the background color when the password array P is displayed on the display unit 802 of the terminal device 801. As shown below, the color designation code of the background color corresponding to a numerical value from 0 to 9 is shown below. Are stored in 6-digit hexadecimal numbers (2 digits each correspond to each numerical value of RGB).

In this embodiment, the total length of the password is described as 64 at maximum, but the length is not limited to this.
In addition, a password array of 7 rows and 10 columns is used as a password candidate character, but the size of the array is not limited to this.

Next, the operation will be described.
23 and 24 are flowcharts showing processing executed when the user authentication processing is performed in the terminal device 801. First, when the user performs authentication using the terminal device 801, an authentication request is received from the input unit 803 (S1001).
At this time, the appearance setting unit 804 initializes the elements of the authentication data arrays h [64] and v [64] storing response values to 0, and sets the horizontal movement amount m, the vertical movement amount n, and the input counter k to 0, respectively. (S1002).
Next, the random number generation unit 806 of the IC card 808 generates a set of random numbers necessary for user authentication (S1003). In this embodiment, in order to display a 7-row 10-column password array on the screen of the terminal device, a set of 7 10-digit random numbers is generated.
Next, the appearance setting unit 804 obtains a color designation code for each row and each column of the password array from the generated random number set value, the two movement amounts m and n, and the color conversion table C by a predetermined calculation.
The display unit 802 displays a user authentication screen in which password characters are drawn on the background color designated by the obtained color designation code (S1004). The calculation for obtaining the color code of the background color in step S1004 is the same as the processing of formula (1) shown in the first embodiment.

  The user's input key value (input value) is received from the input unit 803 for the password array with background color displayed as characters on the display unit 802 (S1005). When receiving the input key, the authentication determining unit 807 determines the type of the input key (S1006).

If the input key type is a selection key, the authentication judgment unit 807 checks whether the value of the input counter k is smaller than 64 (S1007). When the value of k is smaller than 64, the values of the movement amounts m and n are stored as the values of the authentication data arrays h [k] and v [k], respectively, and then 1 is added to the value of the input counter k. (S1008), the processing from step S1004 is repeated.
On the other hand, if the value of the input counter k is 64 or more in step S1007, a warning indicating that the determined number has already reached the maximum password length is displayed (step S1009), and the processing from step S1004 is repeated.

  If the input key type is the left shift key, the authentication determination unit 807 subtracts 1 from the horizontal shift amount m (S1010). Next, it is checked whether the value of the horizontal movement amount m is smaller than 0 (S1011). If the value is smaller than 0, 10 is added to m (S1012), and the processing from step S1004 is repeated.

  If the type of the input key is a rightward movement key, the authentication determination unit 807 adds 1 to the horizontal movement amount m (S1013). Next, it is checked whether the value of the horizontal movement amount m is greater than 9 (S1014). If the value is greater than 9, 10 is subtracted from m (S1015), and the processing from step S1004 is repeated.

  If the input key type is the upward movement key, the authentication judgment unit 807 subtracts 1 from the vertical movement amount n (S1016). Next, it is checked whether the value of the vertical movement amount n is smaller than 0 (S1017). If the value is smaller than 0, 7 is added to n (S1018), and the processing from step S1004 is repeated.

  If the input key type is the downward movement key, the authentication determination unit 807 adds 1 to the vertical movement amount n (S1019). Next, it is checked whether the value of the vertical movement amount n is larger than 6 (S1020). If the value is larger than 6, 7 is subtracted from n (S1021), and the processing from step S1004 is repeated.

  If the input key type is a clear key, the authentication judgment unit 807 stores 0 in the values of the authentication data arrays h [k] and v [k] (S1022), and the value of the input counter k. Is greater than 0 (S1023). If the value is greater than 0, 1 is subtracted from k (S1024), and the processing from step S1004 is repeated.

If the type of the input key is an authentication key, the authentication determination unit 807 has a random number set, authentication data arrays h [k] and v [k], and one or more stored in the storage unit 805. (S1025), if the authentication data is correct, the user is allowed to access the terminal device 801 and the IC card 808 (S1026), and the display unit 802 is authenticated. The success is displayed (S1026).
On the other hand, if the authentication data is not correct in step S1025, an authentication failure is displayed on the display unit 802 (S1027).
The calculation for performing the authentication determination in step S1025 is the same as the processing of equation (2) shown in the first embodiment.

When the terminal device 801 accepts a response from the user in step S1005, the user authentication screen shown in FIG. 9 is displayed on the display unit 802 as in the first embodiment.
The operation method of the user authentication screen is the same as in the first embodiment.
After executing the authentication operation for all the registered password character strings, the user presses the authentication button 304 to check whether the authentication data is correct in step S1025.

As described above, in the fourth embodiment, the authentication is performed by matching the background color of each registered password character string without inputting the password character string itself. However, since the user does not know which background color of which character is matched, it is possible to prevent authentication by impersonating the user when using the terminal device or the IC card.
In addition, the user can freely change the background color to be shared for each character for each password character string at every authentication. Further, at the time of authentication, authentication is performed by continuously using one or more password character strings.
For this reason, since it is not known how many passwords are used for authentication and the length of each password, it is possible for a third party to perform user authentication with high security.
Further, as the authentication data stored by the user, a widely used conventional password made up of letters and numbers can be used. For the user, there is no burden of newly storing data in a special format according to this authentication method, and the load when updating a password for maintaining security is also small. As the password, an already stored password can be used as it is, or the stored password can be divided into two and registered.

  In this embodiment, the background color is used as the appearance of the password. However, by using a symbol conversion table having a file name including symbols as an element instead of the color conversion table, a user authentication screen as shown in FIG. It is also possible to display password candidate characters together with different designs.

As described above, the present embodiment has described the integrated circuit (IC) card that is used by being inserted into a terminal device that authenticates a user and that exchanges data with the terminal device.
More specifically, one or more password character strings of the user and a storage unit that stores the appearance of the password character string, a random number generation unit that generates a random number and provides the random number to the terminal device, and the storage unit The password character string stored in the table, the appearance of the password character, the random number generated by the random number unit, and the terminal device acquired from the terminal device receives the input value from the key and calculates based on the input value An IC card having an authentication determination unit that performs a predetermined calculation using a response value with respect to a random number and determines whether or not user authentication is successful has been described.

Finally, a hardware configuration example of the terminal devices 101, 401, 601, and 801 and the server devices 106, 408, and 607 described in Embodiment 1-4 will be described.
FIG. 26 is a diagram illustrating an example of hardware resources of the terminal devices 101, 401, 601, and 801 and the server devices 106, 408, and 607 described in Embodiment 1-4.
Note that the configuration in FIG. 26 is merely an example of the hardware configuration of the terminal devices 101, 401, 601, and 801 and the server devices 106, 408, and 607. The terminal devices 101, 401, 601, and 801 and the server device The hardware configuration of 106, 408, and 607 is not limited to the configuration illustrated in FIG. 26, and may be another configuration.

In FIG. 26, terminal devices 101, 401, 601, and 801 and server devices 106, 408, and 607 are a CPU 911 (Central Processing Unit, a central processing unit, a processing unit, an arithmetic unit, a microprocessor, a microcomputer, and a processor that execute programs. (Also called). The CPU 911 is connected to, for example, a ROM (Read Only Memory) 913, a RAM (Random Access Memory) 914, a communication board 915, a display device 901, a keyboard 902, a mouse 903, and a magnetic disk device 920 via a bus 912. Control hardware devices. Further, the CPU 911 may be connected to an FDD 904 (Flexible Disk Drive), a compact disk device 905 (CDD), a printer device 906, and a scanner device 907. Further, instead of the magnetic disk device 920, a storage device such as an optical disk device or a memory card read / write device may be used.
The RAM 914 is an example of a volatile memory. The storage media of the ROM 913, the FDD 904, the CDD 905, and the magnetic disk device 920 are an example of a nonvolatile memory. These are examples of the storage device.
A communication board 915, a keyboard 902, a mouse 903, a scanner device 907, an FDD 904, and the like are examples of input devices.
The communication board 915, the display device 901, the printer device 906, and the like are examples of output devices.

As shown in FIG. 1, the communication board 915 is connected to a network. For example, the communication board 915 may be connected to a LAN (local area network), the Internet, a WAN (wide area network), or the like.
The magnetic disk device 920 stores an operating system 921 (OS), a window system 922, a program group 923, and a file group 924. The programs in the program group 923 are executed by the CPU 911, the operating system 921, and the window system 922.

  The program group 923 stores programs that execute the functions described as “... Unit” in the description of Embodiment 1-4. The program is read and executed by the CPU 911.

In the description of the embodiment 1-4, the file group 924 includes “determination of...”, “Calculation of...”, “Comparison of. ..Information, data, signal values, variable values, and parameters indicating the results of processing described as "Update", "Setting ...", "Register ...", etc. "And" ... Database "are stored as each item.
“... File” and “... Database” are stored in a recording medium such as a disk or a memory. Information, data, signal values, variable values, and parameters stored in a storage medium such as a disk or memory are read out to the main memory or cache memory by the CPU 911 via a read / write circuit, and extracted, searched, referenced, compared, and calculated. Used for CPU operations such as calculation, processing, editing, output, printing, and display.
Information, data, signal values, variable values, and parameters are stored in the main memory, registers, cache memory, and buffers during the CPU operations of extraction, search, reference, comparison, calculation, processing, editing, output, printing, and display. It is temporarily stored in a memory or the like.
In addition, the arrows in the flowchart described in the embodiment 1-4 mainly indicate input / output of data and signals. The data and signal values are the RAM 914 memory, the FDD 904 flexible disk, the CDD 905 compact disk, and the magnetic field. Recording is performed on a recording medium such as a magnetic disk of the disk device 920, other optical disks, mini disks, DVDs, and the like. Data and signals are transmitted online via a bus 912, signal lines, cables, or other transmission media.

  In addition, what is described as “... Part” in the description of Embodiment 1-4 may be “... circuit”, “... device”, “... device”. Also, "... step", "... procedure", "... process" may be used. That is, what is described as “... Unit” may be realized by firmware stored in the ROM 913. Alternatively, it may be implemented only by software, or only by hardware such as elements, devices, substrates, and wirings, by a combination of software and hardware, or by a combination of firmware. Firmware and software are stored as programs in a recording medium such as a magnetic disk, a flexible disk, an optical disk, a compact disk, a mini disk, and a DVD. The program is read by the CPU 911 and executed by the CPU 911. That is, the program causes the computer to function as “... Unit” in the embodiment 1-4. Alternatively, the computer executes the procedure and method of “... Unit” in the embodiment 1-4.

  As described above, the terminal devices 101, 401, 601, and 801 and the server devices 106, 408, and 607 described in Embodiment 1-4 include a CPU that is a processing device, a memory that is a storage device, a magnetic disk, and a keyboard that is an input device, A computer including a mouse, a communication board, a display device as an output device, a communication board, etc. As described above, the functions indicated as “... It is realized by using.

FIG. 3 shows a configuration example of an authentication system according to the first embodiment. FIG. 3 is a flowchart showing an operation example in the terminal device according to the first embodiment. FIG. 3 is a flowchart showing an operation example in the terminal device according to the first embodiment. FIG. 4 is a flowchart showing an example of an appearance setting operation of a password array of the terminal device according to the first embodiment. FIG. 3 is a flowchart showing an operation example in the server apparatus according to the first embodiment. FIG. 6 is a diagram illustrating an example of authentication determination operation of the server device according to the first embodiment. FIG. 5 is a diagram showing an example of a password array conversion table according to the first embodiment. FIG. 5 shows an example of a user ID input screen according to the first embodiment. FIG. 6 shows an example of a user authentication screen according to the first embodiment. FIG. 6 shows an example of a user authentication screen according to the first embodiment. FIG. 4 is a diagram illustrating a configuration example of an authentication system according to a second embodiment. FIG. 9 is a flowchart showing an operation example in the terminal device according to the second embodiment. FIG. 9 is a flowchart showing an operation example in the terminal device according to the second embodiment. The figure which shows the example of the change registration screen of the password which concerns on Embodiment 2. FIG. FIG. 9 is a flowchart showing an operation example in the terminal device according to the second embodiment. FIG. 9 is a flowchart showing an operation example in the terminal device according to the second embodiment. FIG. 9 is a flowchart showing an operation example in the terminal device according to the second embodiment. FIG. 9 is a flowchart showing an operation example in the server device according to the second embodiment. FIG. 9 is a diagram illustrating a configuration example of an authentication system according to a third embodiment. FIG. 10 shows an example of an activation password input screen according to the third embodiment. FIG. 9 is a flowchart showing an operation example in the terminal device according to the third embodiment. FIG. 10 is a diagram illustrating a configuration example of an authentication system according to a fourth embodiment. FIG. 9 is a flowchart showing an operation example in the terminal device according to the fourth embodiment. FIG. 9 is a flowchart showing an operation example in the terminal device according to the fourth embodiment. The figure explaining a prior art. The figure which shows the hardware structural example of the terminal device and server apparatus which concern on Embodiment 1-4.

Explanation of symbols

  101 terminal device, 102 display unit, 103 input unit, 104 appearance setting unit, 105 terminal communication unit, 106 server device, 107 authentication random number generation unit, 108 authentication judgment unit, 109 management unit, 110 authentication communication unit, 111 response value calculation Unit, 401 terminal device, 402 display unit, 403 input unit, 404 appearance setting unit, 405 terminal communication unit, 406 terminal random number generation unit, 407 terminal storage unit, 408 server device, 409 authentication random number generation unit, 410 authentication judgment unit, 411 management unit, 412 authentication communication unit, 413 response value calculation unit, 414 password conversion unit, 601 terminal device, 602 display unit, 603 input unit, 604 appearance setting unit, 605 terminal communication unit, 606 hash value generation unit, 607 server Device, 608 authentication random number generation unit, 609 authentication determination unit, 610 management unit, 611 Authentication communication unit, 613 Response value calculation unit, 614 Password conversion unit, 801 Terminal device, 802 Display unit, 803 Input unit, 804 Appearance setting unit, 805 Storage unit, 806 Random number generation unit, 807 Authentication judgment unit, 808 IC card .

Claims (16)

An authentication system having a terminal device used by a user and an authentication device that performs authentication with the terminal device by performing communication with the terminal device,
The terminal device
A terminal communication unit that receives an authentication random number from the authentication device and transmits a response value to the authentication random number to the authentication device;
An input unit for receiving input values;
An appearance setting unit that sets the appearance of password candidate characters based on the authentication random number received by the terminal communication unit and the input value received by the input unit;
A display unit that displays password candidate characters of the appearance set by the appearance setting unit;
A response value calculation unit that calculates the response value based on an input value received by the input unit;
The authentication device
A management unit for storing two or more user password strings;
An authentication random number generator for generating an authentication random number;
An authentication communication unit that transmits an authentication random number generated by the authentication random number generation unit to the terminal device and receives a response value to the authentication random number from the terminal device;
And each password character string stored in the management unit, the authentication random authentication random number generated by the generating unit, by using the received response value by the authentication communication unit, the authentication performing success determining user authentication have a a determination unit,
The management unit
Storing two or more password character strings in which the authentication order by the authentication judging unit is designated and the password lengths are not constant with each other;
The authentication judgment unit
In accordance with the authentication sequence, the response value corresponding to each password character string is extracted from the response value received by the authentication communication unit according to the password length of each password character string, and the response value corresponding to each password character string For each password character string selected by the terminal device using each password character string and each password character string, and for each password character string, the obtained first password character appearance and the password character string An authentication system, wherein a predetermined calculation is performed using the authentication random number and a response value corresponding to the password character string to determine success or failure of user authentication . The authentication judgment unit
For each password character string, the appearance of each of the second and subsequent password characters selected by the terminal device is obtained, and whether or not the appearance of each of the obtained second and subsequent password characters matches the appearance of the first password character. The authentication system according to claim 1 , wherein an operation for determining whether or not is performed. The appearance setting unit
2. The authentication system according to claim 1 , wherein a background color of each character is set as an appearance of a password candidate character. The appearance setting unit
The authentication system according to claim 1 , wherein a design is set as a background of each character as an appearance of a password candidate character. An authentication device that authenticates a user by communicating with a terminal device used by the user,
A management unit for storing two or more user password strings;
An authentication random number generator for generating an authentication random number;
The authentication random number generated by the authentication random number generation unit is transmitted to the terminal device, and the terminal device receives an input value from the terminal device and receives a response value for the authentication random number calculated based on the input value. An authentication communication unit to
And each password character string stored in the management unit, the authentication random authentication random number generated by the generating unit, by using the received response value by the authentication communication unit, the authentication performing success determining user authentication have a a determination unit,
The management unit
Storing two or more password character strings in which the authentication order by the authentication judging unit is designated and the password lengths are not constant with each other;
The authentication judgment unit
In accordance with the authentication sequence, the response value corresponding to each password character string is extracted from the response value received by the authentication communication unit according to the password length of each password character string, and the response value corresponding to each password character string For each password character string selected by the terminal device using each password character string and each password character string, and for each password character string, the obtained first password character appearance and the password character string An authentication apparatus, wherein a predetermined calculation is performed using the authentication random number and a response value corresponding to the password character string to determine success or failure of user authentication . The authentication judgment unit
For each password character string, the appearance of each of the second and subsequent password characters selected by the terminal device is obtained, and whether or not the appearance of each of the obtained second and subsequent password characters matches the appearance of the first password character. The authentication apparatus according to claim 5 , wherein an operation for determining whether or not is performed. A terminal device used by a user that communicates with an authentication device that authenticates the user,
A pre-conversion password input section that accepts the user's pre-conversion password string;
A terminal random number generator for generating a random number for password conversion;
A password array storage unit for storing a password array in which a plurality of password candidate characters used for authentication by the authentication device are arranged;
Based on the password conversion random number generated by the terminal random number generation unit and the password array stored in the password array storage unit, the password string before conversion received by the password input unit before conversion is converted. A terminal device comprising a password conversion unit. The password array storage unit
Stores a password array in which each character of a plurality of password candidate characters is placed at the specified position,
The password conversion unit
Determine the position in the password array where the password candidate characters that match each password character constituting the password character string before conversion are arranged, and based on the determined position of each password candidate character and the random number for password conversion The terminal device according to claim 7 , wherein the password character string before conversion is converted. The password conversion unit
Determine the position in the password array where the password candidate characters that match each password character constituting the password character string before conversion are arranged, and use the determined position of each password candidate character and the random number for password conversion Performing a predetermined calculation, replacing the password character of the password string before conversion with a password candidate character arranged at a position corresponding to the value of the calculation result, and converting the password string before conversion. The terminal device according to claim 7 or 8 . The terminal device further includes:
Terminal device according to claim 7 or 8, characterized in that it has a terminal communication unit that transmits the converted password string converted by the password conversion unit to the authentication device. The password input part before conversion is
Accept random number generation password character string for password conversion random number generation,
The terminal random number generator
Performing unidirectional operation on the random number generated password strings accepted by the password input unit, the terminal device according to claim 7 or 8, characterized in that to generate a password conversion random number. The terminal device further includes:
An input unit for receiving input values;
A terminal storage unit for storing an appearance change pattern indicating rules for changing the appearance of password candidate characters and the password conversion random number;
A terminal communication unit that receives an authentication random number from the authentication device and transmits a response value corresponding to the authentication random number to the authentication device;
The authentication random number received by the terminal communication unit, the input value received by the input unit, the appearance change pattern stored by the terminal storage unit, and the password array stored in the password array storage unit Based on the appearance setting unit for setting the appearance of the password candidate characters,
A display unit that displays password candidate characters of the appearance set by the appearance setting unit;
An input value accepted by the input section, based on the password conversion random number stored in the terminal storage unit, according to claim 7, characterized in that it has a response value calculation unit for calculating the response value or The terminal device according to 8 . The display unit
Display password candidate characters in a matrix of m rows and n columns (m and n are both natural numbers)
The response value calculation unit
The response value is calculated based on the input value received by the input unit, the password conversion random number stored in the terminal storage unit, and the number of rows and columns of the matrix displayed by the display unit. The terminal device according to claim 12 . An integrated circuit (IC) card that is used by being inserted into a terminal device that authenticates a user, and that exchanges data with the terminal device,
A storage unit for storing the appearance of two or more password character strings and password candidate characters of the user;
A random number generator for generating a random number and providing the random number to the terminal device;
Wherein each password character string stored in the storage unit and the appearance of the password candidate character, a random number generated by the random number portion, the terminal device said terminal device obtained from the based on the input value accepts input values by using the response value for the calculated the random number, possess an authentication determination unit for performing success determining user authentication,
The storage unit
Storing two or more password character strings in which the authentication order by the authentication judging unit is designated and the password lengths are not constant with each other;
The authentication judgment unit
In accordance with the authentication order, the response value corresponding to each password character string is extracted from the response value acquired from the terminal device according to the password length of each password character string, and the response value corresponding to each password character string and each Obtaining the appearance of the first password character of each password character string selected by the terminal device using the password character string, and for each password character string, the appearance of the obtained first password character, the password character string and the authentication An IC card, wherein a predetermined calculation is performed using a random number for use and a response value corresponding to the password character string to determine success or failure of user authentication . An authentication device, which is a computer that performs authentication with a user by communicating with a terminal device used by the user,
An authentication random number generation process for generating an authentication random number;
The authentication random number generated by the authentication random number generation process is transmitted to the terminal device, and the terminal device receives an input value from the terminal device and receives a response value for the authentication random number calculated based on the input value. Authentication communication processing to
Using each of the two or more password character strings of the user stored in the storage area of the authentication device, the authentication random number generated by the authentication generation process, and the response value received by the authentication communication process , A program for executing an authentication determination process for determining whether authentication is successful or not ,
In the storage area of the authentication device,
Two or more password character strings in which the authentication order by the authentication determination process is designated and the password lengths are not constant are stored.
In the authentication judgment process,
In the authentication device,
In accordance with the authentication order, the response value corresponding to each password character string is extracted from the response value received by the authentication communication process according to the password length of each password character string, and the response value corresponding to each password character string For each password character string selected by the terminal device, and for each password character string, the appearance of the obtained first password character and the password character string And a random number for authentication and a response value corresponding to the password character string to perform a predetermined calculation and determine whether or not user authentication is successful . A terminal device that is a computer used by a user that communicates with an authentication device that authenticates the user.
Pre-conversion password input process that accepts the user's pre-conversion password string;
A terminal random number generation process for generating a random number for password conversion;
Based on a random number for password conversion generated by the terminal random number generation process and a password array in which a plurality of password candidate characters used for authentication by the authentication device are stored in the storage area of the terminal device And a password conversion process for converting a pre-conversion password character string received by the pre-conversion password input process.

Images