JP5258422B2 - Mutual authentication system, mutual authentication method and program - Google Patents

Description

  The present invention relates to a mutual authentication technique at the time of web access, and in particular, a mutual authentication that prevents guidance to a phishing site for the purpose of stealing a password or a man-in-the-middle attack type phishing site that interrupts communication between a user and a web server. The present invention relates to a system, a mutual authentication method, and a program.

  Conventionally, when a user logs in to a web server from a personal computer, a method using a one-time password, such as the following, or a mobile phone to prevent the personal information from being stolen by guiding to a phishing site A method for transmitting / receiving authentication information to / from an authentication server using the above-described packet communication is employed.

  For example, in Patent Document 1, when a user ID is transmitted from a personal computer to a server, the server extracts a corresponding KEY. Next, a random number X is generated, a hash value R1 is calculated from the extracted KEY and the random number X, an authentication code is generated from the random number X and the hash value R1, and transmitted to the personal computer. The personal computer displays this authentication code and takes a picture with the camera of the mobile phone. The mobile phone analyzes the photographed data, converts it into a random number X and a hash value R1, and calculates a hash value R1 from the KEY and the random number X. When the analysis value of the hash value R1 matches the calculated value, the hash value R2 is calculated from the KEY and the hash value R1, and transmitted to the server. The server calculates a hash value R2 from the KEY and the hash value R1, and transmits an authentication notification to the personal computer when the hash value R2 matches the transmitted hash value R2. Thereby, the personal computer completes the login.

  Further, in Patent Document 2, a private information storage device that stores private information of an authentication terminal, and a secret information storage that stores secret information transmitted from the authentication server when the authentication server authenticates the authentication terminal and the operator server. The apparatus includes an authentication image generating unit that generates an authentication image including an authentication parameter and transmits the authentication image to the communication terminal, and an authentication parameter storage unit that stores the authentication parameter. The private information included in the authentication information is private information. Authentication information collating means for determining whether or not the private information stored in the storage device matches, and content editing means for editing and distributing the secret information.

Further, in Non-Patent Document 1, a one-time password generator called a token is usually a key chain type or PDA software, and the time is synchronized with a server in advance, and the token is a user-specific PIN number. From a combination of (or PIN) and time, a seemingly random number of about 10 digits is generated. This number is used when logging into the server as a one-time password. The server uses the same algorithm as the token to check if the password is from a legitimate user.
JP 2008-3754 A JP 2008-61178 A RSA SecurID Internet <URL: http: // Japan. rsa. com / node.aspx? id = 1156>

  However, conventional methods using one-time passwords and authentication systems using packet communication of mobile phones are effective for phishing sites for the purpose of stealing conventional passwords. There is a problem that a man-in-the-middle attack-type phishing site that interrupts communication with the Internet is ineffective.

  In addition, URLs are saved in the bookmark function on mobile phones and browsers, and means using this are also being studied. However, if you receive a phishing email and open a link, There is a problem that it does not take effect.

  Therefore, the present invention has been made in view of the above circumstances, and prevents guiding to a phishing site for the purpose of stealing a password or a man-in-the-middle attack type phishing site that interrupts communication between a user and a web server. An object is to provide a mutual authentication system, a mutual authentication method, and a program.

  The present invention proposes the following items in order to solve the above-described problems.

  (1) The present invention is a mutual authentication system including a user identification device including a tamper resistant module storing user authentication information, a web server, and an authentication server, and the user identification device is incorporated therein. An access means for accessing the web server from the browser extension, and an authentication parameter comprising a session ID, the URL of the web server, the URL of the authentication server, and a serial ID corresponding to the session ID from the web server. A server verification unit that verifies the web server and the authentication server, a second verification unit that verifies whether the URL of the web server and the URL of the authentication server are registered, and A one-time password from the shared key shared with the authentication server and the serial ID One-time password generating means to be formed; first transmission means for transmitting the received session ID, the generated one-time password and the individual identification number to the authentication server; and display information after login from the web server. Display means for receiving and displaying, and when the web server is accessed from the user identification device, transmits a session ID to the authentication server and transmits a request for transmitting the authentication parameter. From the second transmission means, the third transmission means for receiving the authentication parameter from the authentication server, and transmitting the received authentication parameter and the session ID to the user identification device; User information is received, and based on the received user information, the display information after login is displayed as the user. A fourth transmission means for transmitting to another device, wherein the authentication server generates a serial ID issuing means for issuing a serial ID corresponding to the session ID received from the web server; and generating the authentication parameter And a fifth transmission means for transmitting to the web server, a user specifying means for specifying a user from the individual identification number received from the user identification device, a key corresponding to the specified user, and the issued serial ID A one-time password verification unit that verifies the one-time password received from the user identification device, and a sixth transmission unit that transmits user information to the web server. A system is proposed.

  According to this invention, it can be shown that there is no intermediary between the user identification device and the server. Further, since the server information is read by a user identification device in which information is incorporated in advance and it is verified whether or not it is a legitimate web server, it is possible to reliably confirm that the web server is not a phishing site. Furthermore, possession authentication can be performed by the user identification device transmitting client authentication information. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site.

  (2) In the mutual authentication system of (1), the present invention includes a personal computer in which a browser extension is incorporated in a user owned by the user identification device and a portable terminal, and the browser extension of the personal computer is Based on the session ID and the authentication parameter received by accessing the web server, the web server and the authentication server are verified, and if there is no abnormality, the session ID and the authentication parameter are two-dimensionally displayed. Coded and displayed or transmitted by short-range wireless, the mobile terminal reads the two-dimensional code, or received by the short-range wireless, and the URL of the web server and the URL of the authentication server are registered And share with the authentication server To generate a one-time password from the keyed serial ID, the session ID and the generated one-time password, proposes a mutual authentication system and transmitting the individual identification number to the authentication server.

  According to the present invention, it can be shown that no intermediate person exists between the personal computer and the server. In addition, server information is incorporated into, for example, a two-dimensional code, is read in advance by a portable terminal in which information is incorporated, and verifies whether the web server is a legitimate web server. Can be confirmed. Furthermore, possession authentication which proves that the client possesses the portable terminal can be performed by transmitting the client authentication information from the portable terminal. Moreover, since the standard two-dimensional code reader and the short-distance wireless function can be used for the recent portable terminal with a camera, it is not necessary to develop a new application. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site.

  (3) The present invention is a mutual authentication system including a user identification device including a tamper resistant module storing user authentication information, a web server, an authentication server, and a verification server, wherein the user identification device includes: Authentication means comprising access means for accessing the web server from a browser extension incorporated therein, and a session ID from the web server, a URL of the web server, a URL of the authentication server, and a serial ID corresponding to the session ID Server verification means for receiving the parameters for the server and verifying the web server and the authentication server, and sending the URL of the web server and the URL of the authentication server to the verification server and inquiring about the registration status And a response from the verification server, A connection unit that transmits the individual identification number and the session ID to the certificate server to connect, a first transmission unit that transmits a password in response to a request for the password from the authentication server, and the web server Display means for receiving and displaying display information after login, and when the web server is accessed from the user identification device, the session ID is transmitted to the authentication server and the authentication server A second transmission means for transmitting a parameter transmission request; a third transmission for receiving the authentication parameter from the authentication server and transmitting the received authentication parameter and the session ID to the user identification device; And user information and a password are received from the authentication server, the password is verified, and the received user is 4th transmission means which transmits the display information after login to the user identification device based on the information and the password, and the authentication server has a serial corresponding to the session ID received from the web server. Issuing means for issuing an ID, authentication parameter generating means for generating the authentication parameter, fifth transmitting means for transmitting the generated authentication parameter to the web server, and receiving from the user identification device User identification means for identifying a user from the individual identification number, confirmation means for confirming whether the received session ID matches the issued serial ID, and requesting a password to the user identification device Sixth transmission means for transmitting information to be transmitted, and seventh information for transmitting user information and a password to the web server. A transmission means, wherein the verification server confirms the registration status and sends a response to the inquiry about the registration status regarding the URL of the web server and the URL of the authentication server from the user identification device. A mutual authentication system characterized by comprising an eighth transmitting means is proposed.

  According to this invention, it can be shown that there is no intermediary between the user identification device and the server. In addition, the browser extension of the user identification device transfers the server information to another secure verification server, and verifies whether the server information has been registered (or collates with the server information stored in the browser extension). Thus, since it is verified whether or not the server information has been registered, it is possible to reliably confirm that the web server is not a phishing site. Furthermore, possession authentication can be performed by the user identification device transmitting client authentication information. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site.

  (4) In the mutual authentication system of (3), the present invention includes a personal computer in which the user identification device has a browser extension incorporated in a user and a portable terminal, and the browser extension of the personal computer is The web server is accessed, and the web server and the authentication server are verified based on the received session ID and the authentication parameter, and the URL of the web server and the authentication server When the registration status with the URL is inquired and a reply indicating that it has been registered is received, the session ID and the authentication parameter are incorporated into one URL and displayed in two-dimensional code, or transmitted by short-range radio And the portable terminal reads the two-dimensional code. Or receiving by the short-range wireless transmission, transmitting the individual identification number and serial ID to the authentication server, and transmitting a password in response to a password request from the authentication server. We have proposed a mutual authentication system characterized by

  According to the present invention, it can be shown that no intermediate person exists between the personal computer and the server. In addition, the browser extension of the personal computer transfers the server information to another secure verification server, and verifies whether the server information has been registered (or collates with the server information stored in the browser extension). In order to verify whether or not the server information has been registered, it is possible to reliably confirm that the web server is not a phishing site. Furthermore, possession authentication which proves that the client possesses the portable terminal can be performed by transmitting the client authentication information from the portable terminal. Moreover, since the standard two-dimensional code reader and the short-distance wireless function can be used for the recent portable terminal with a camera, it is not necessary to develop a new application. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site.

  (5) The present invention is a mutual authentication system including a user identification device including a tamper resistant module storing user authentication information, a web server, and an authentication server, and the user identification device is incorporated therein. An access means for accessing the web server from the browser extension, and an authentication parameter comprising a session ID, the URL of the web server, the URL of the authentication server, and a serial ID corresponding to the session ID from the web server. A server verification unit that verifies the web server and the authentication server, a registration status verification unit that verifies a registration status of the URL of the web server and the URL of the authentication server, and a share shared with the authentication server Generating one-time password from key and serial ID A first transmission means for transmitting the generated one-time password, user ID and session ID to the authentication server; and a display means for receiving and displaying display information after login from the web server. A second transmission means for transmitting the session ID to the authentication server and transmitting the authentication parameter transmission request when the web server is accessed from the user identification device; and the authentication Receiving the authentication parameter from a server, receiving the authentication parameter and the received session ID to the user identification device; and receiving user information from the authentication server; Fourth transmission means for transmitting display information after login to the user identification device based on user information, The authentication server issues issuing means for issuing a serial ID corresponding to the session ID received from the web server, authentication parameter generating means for generating the authentication parameter, and the generated authentication parameter to the web server 5th transmission means for transmitting to the user identification means for identifying a user from the user ID received from the user identification device, and calling the serial ID from the session ID received from the user identification device, the received There has been proposed a mutual authentication system comprising a one-time password verification means for verifying a one-time password and a sixth transmission means for transmitting user information to the web server.

  According to this invention, it can be shown that there is no intermediary between the user identification device and the server. Further, since the server information is read by a user identification device in which information is incorporated in advance and it is verified whether or not it is a legitimate web server, it is possible to reliably confirm that the web server is not a phishing site. Furthermore, possession authentication can be performed by the user identification device transmitting client authentication information. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site.

  (6) In the mutual authentication system of (5), the present invention includes a personal computer in which the user identification device is owned by a user, a browser extension is incorporated therein, and an imaging device is connected to a portable terminal. The browser extension of the personal computer accesses the web server, and the web server and the authentication server are verified based on the received session ID and the authentication parameter. The ID and the authentication parameter are two-dimensionally encoded and displayed, or transmitted by short-range wireless, and the mobile terminal reads the two-dimensional code or receives by the short-range wireless, and the URL of the web server And registration status of the authentication server URL Confirm, generate a one-time password from the shared key and serial ID shared with the authentication server, and display the generated one-time password and user ID in a two-dimensional code format, or display the personal computer by short-range wireless The browser extension in the personal computer uses the imaging device to decode the user ID and the one-time password obtained by imaging the two-dimensional code displayed on the mobile terminal, and the decoded user A mutual authentication system is proposed in which an ID, a one-time password, and a session ID are transmitted to the authentication server.

  According to the present invention, it can be shown that no intermediate person exists between the personal computer and the server. In addition, server information is incorporated into, for example, a two-dimensional code, is read in advance by a portable terminal in which information is incorporated, and verifies whether the web server is a legitimate web server. Can be confirmed. Furthermore, possession authentication which proves that the client possesses the portable terminal can be performed by transmitting the client authentication information from the portable terminal. Moreover, since the standard two-dimensional code reader and the short-distance wireless function can be used for the recent portable terminal with a camera, it is not necessary to develop a new application. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site. Also, even if a man-in-the-middle attack is established, only the browser that outputs the two-dimensional code activates the imaging device connected to the personal computer and is built into the victim's mobile terminal. Since the imaging device does not start, it can be proved that no one is connected to the web server between the personal computer and the user's portable terminal.

  (7) The present invention is a mutual authentication method in a mutual authentication system including a user identification device including a tamper-resistant module storing user authentication information, a web server, and an authentication server, wherein the user identification device includes: A first step of accessing the web server from a browser extension incorporated therein; and when the web server is accessed from the user identification device, a session ID is transmitted to the authentication server, and A second step of transmitting a request for transmitting an authentication parameter comprising a URL of a web server, a URL of the authentication server and a serial ID corresponding to the session ID; and the session received by the authentication server from the web server A third step for issuing a serial ID corresponding to the ID And a fourth step in which the authentication server generates the authentication parameter and transmits it to the web server, the web server receives the authentication parameter from the authentication server, and the received authentication A fifth step of transmitting a parameter for use and the session ID to the user identification device; and the user identification device receives the session ID and the authentication parameter from the web server, and the web server and the authentication A sixth step of performing verification with a server, a seventh step in which the user identification device verifies whether the URL of the web server and the URL of the authentication server have been registered, and the user identification When the URL of the web server and the URL of the authentication server are already registered, the device shares the authentication server with the shared server. An eighth step of generating a one-time password from the key and the serial ID; and a step of transmitting the received session ID, the generated one-time password and the individual identification number to the authentication server by the user identification device. A tenth step in which the authentication server specifies a user from the individual identification number received from the user identification device, a key corresponding to the specified user, and the issued serial number An ID for verifying the one-time password received from the user identification device; a twelfth step for the authentication server to transmit user information to the web server; and The user information is received from the authentication server, and after login based on the received user information A thirteenth step of transmitting display information to the user identification device, and a fourteenth step of the user identification device receiving and displaying the display information after login from the web server. A mutual authentication method is proposed.

  According to this invention, it can be shown that there is no intermediary between the user identification device and the server. Further, since the server information is read by a user identification device in which information is incorporated in advance and it is verified whether or not it is a legitimate web server, it is possible to reliably confirm that the web server is not a phishing site. Furthermore, possession authentication can be performed by the user identification device transmitting client authentication information. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site.

  (8) The present invention is a mutual authentication method in a mutual authentication system including a user identification device including a tamper-resistant module storing user authentication information, a web server, an authentication server, and a verification server, A first step in which the identification device accesses the web server from a browser extension incorporated therein; and a session ID is transmitted to the authentication server when the web server is accessed from the user identification device And a second step of transmitting an authentication parameter transmission request including a URL of the web server, a URL of the authentication server, and a serial ID corresponding to the session ID, and the authentication server from the web server Issue serial ID corresponding to the received session ID A third step in which the authentication server generates the authentication parameter and transmits it to the web server; the web server receives the authentication parameter from the authentication server; and A fifth step of transmitting the received authentication parameter and the session ID to the user identification device; the user identification device receives a session ID and an authentication parameter from the web server; and A sixth step of performing verification with the authentication server, and a seventh step in which the user identification device transmits the URL of the web server and the URL of the authentication server to the verification server and inquires about the registration status thereof. And the verification server confirms the registration status in response to an inquiry from the user identification device, and gives an answer. And when the URL of the web server and the URL of the authentication server are already registered, the user identification device transmits an individual identification number and a session ID to the authentication server, Ninth step of performing connection, tenth step in which the authentication server specifies a user from the received individual identification number, and whether the authentication server receives the received session ID and the issued serial ID. An twelfth step of requesting a password to the user identification device if it matches, and a twelfth step in which the user identification device transmits the password in response to a password request from the authentication server. And a thirteenth step in which the authentication server transmits user information and the password to the web server; The server receives the user information and the password from the authentication server, verifies the password, and displays display information after login to the user identification device based on the received user information and the password. Proposing a mutual authentication method comprising: a fourteenth step for transmitting; and a fifteenth step for the user identification device to receive and display the display information after login from the web server. ing.

  According to this invention, it can be shown that there is no intermediary between the user identification device and the server. In addition, the browser extension of the user identification device transfers the server information to another secure verification server, and verifies whether the server information has been registered (or collates with the server information stored in the browser extension). Thus, since it is verified whether or not the server information has been registered, it is possible to reliably confirm that the web server is not a phishing site. Furthermore, possession authentication can be performed by the user identification device transmitting client authentication information. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site.

(9) The present invention is a mutual authentication method in a mutual authentication system including a user identification device including a tamper-resistant module storing user authentication information, a web server, and an authentication server, wherein the user identification device includes: A first step of accessing the web server from a browser extension incorporated therein; and when the web server is accessed from the user identification device, a session ID is transmitted to the authentication server, and A second step of transmitting a request for transmitting an authentication parameter consisting of a URL of a web server, a URL of the authentication server and a serial ID corresponding to the session ID; and a session ID received by the authentication server from the web server The third step of issuing a serial ID corresponding to A fourth step in which the authentication server generates the authentication parameter and transmits it to the web server; the web server receives the authentication parameter from the authentication server; and the received authentication parameter And a fifth step of transmitting the session ID to the user identification device, and the user identification device receives a session ID and an authentication parameter from the web server, and verifies the web server and the authentication server. A sixth step in which the user identification device verifies the registration status of the URL of the web server and the URL of the authentication server, and the user identification device includes the URL of the web server. When the URL of the authentication server is already registered, the shared key and serial ID shared with the authentication server A ninth step of generating a one-time password, the user identification device, and an eighth step of transmitting the one-time password and user ID and the session ID thus generated to the authentication server,
A ninth step in which the authentication server identifies a user from the user ID received from the user identification device; and the authentication server calls the serial ID from the session ID received from the user identification device and receives the received one A tenth step of verifying a time password; an eleventh step in which the authentication server transmits user information to the web server; and the web server receives the user information from the authentication server and receives the user information. An eleventh step of transmitting display information after login to the user identification device based on user information, and a twelfth step in which the user identification device receives and displays the display information after login from the web server. And a mutual authentication method characterized by comprising the steps.

  According to this invention, it can be shown that there is no intermediary between the user identification device and the server. Further, since the server information is read by a user identification device in which information is incorporated in advance and it is verified whether or not it is a legitimate web server, it is possible to reliably confirm that the web server is not a phishing site. Furthermore, possession authentication can be performed by the user identification device transmitting client authentication information. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site.

  (10) The present invention is a program for causing a computer to execute a mutual authentication method in a mutual authentication system including a user identification device including a tamper-resistant module storing user authentication information, a web server, and an authentication server. A first step in which the user identification device accesses the web server from a browser extension incorporated therein; and when the web server is accessed from the user identification device, a session ID is A second step of transmitting an authentication parameter transmission request including a URL of the web server, a URL of the authentication server, and a serial ID corresponding to the session ID, and the authentication server, The session I received from the web server A third step of issuing a serial ID corresponding to, a fourth step in which the authentication server generates the authentication parameter and transmits it to the web server, and the web server receives the authentication from the authentication server. A fifth step of receiving an authentication parameter and transmitting the received authentication parameter and the session ID to the user identification device; and the user identification device transmits the session ID and the authentication parameter from the web server. And a sixth step of verifying the web server and the authentication server, and whether the user identification device has already registered the URL of the web server and the URL of the authentication server. In the seventh step of verification, the user identification device registers the URL of the web server and the URL of the authentication server. And an eighth step of generating a one-time password from the shared key shared with the authentication server and the serial ID when the user identification device has generated the received session ID and the generated one-time password. And an individual identification number to the authentication server, a tenth step in which the authentication server identifies a user from the individual identification number received from the user identification device, and the authentication server An eleventh step of verifying the one-time password received from the user identification device from the key corresponding to the identified user and the issued serial ID; and the authentication server transmits user information to the web server A twelfth step, wherein the web server receives the user information from the authentication server; A thirteenth step of transmitting display information after login to the user identification device based on the received user information, and the user identification device receives and displays the display information after login from the web server. A program for causing a computer to execute the fourteenth step is proposed.

  According to this invention, it can be shown that there is no intermediary between the user identification device and the server. Further, since the server information is read by a user identification device in which information is incorporated in advance and it is verified whether or not it is a legitimate web server, it is possible to reliably confirm that the web server is not a phishing site. Furthermore, possession authentication can be performed by the user identification device transmitting client authentication information. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site.

  (11) The present invention causes a computer to execute a mutual authentication method in a mutual authentication system including a user identification device including a tamper-resistant module storing user authentication information, a web server, an authentication server, and a verification server. A first step in which the user identification device accesses the web server from a browser extension incorporated therein; and when the web server is accessed from the user identification device, A second step of transmitting a session ID to the authentication server, and transmitting an authentication parameter transmission request including a URL of the web server, a URL of the authentication server, and a serial ID corresponding to the session ID; Before the authentication server receives from the web server A third step of issuing a serial ID corresponding to a session ID; a fourth step in which the authentication server generates the authentication parameter and sends the parameter to the web server; and the web server from the authentication server. A fifth step of receiving the authentication parameter and transmitting the received authentication parameter and the session ID to the user identification device; and the user identification device transmits a session ID and an authentication parameter from the web server. And a step of verifying the web server and the authentication server, and the user identification device transmits the URL of the web server and the URL of the authentication server to the verification server, A seventh step for inquiring the registration status, and the verification server sends an inquiry from the user identification device And confirming the registration status and transmitting an answer, and when the user identification device has already registered the URL of the web server and the URL of the authentication server, A ninth step of transmitting the individual identification number and the session ID to the authentication server for connection; a tenth step for the authentication server to identify a user from the received individual identification number; and Confirming whether the received session ID and the issued serial ID match, an eleventh step of requesting a password from the user identification device if they match, and the user identification device from the authentication server A twelfth step of transmitting the password in response to the password request, and the authentication server sends the user information and the password to the web server. And the web server receives the user information and the password from the authentication server, verifies the password, and receives the user information and the password. A fifteenth step of transmitting display information after login to the user identification device, and a fifteenth step of the user identification device receiving and displaying the display information after login from the web server; Has proposed a program to make a computer execute.

  According to this invention, it can be shown that there is no intermediary between the user identification device and the server. In addition, the browser extension of the user identification device transfers the server information to another secure verification server, and verifies whether the server information has been registered (or collates with the server information stored in the browser extension). Thus, since it is verified whether or not the server information has been registered, it is possible to reliably confirm that the web server is not a phishing site. Furthermore, possession authentication can be performed by the user identification device transmitting client authentication information. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site.

  (12) The present invention is a program for causing a computer to execute a mutual authentication method in a mutual authentication system including a user identification device including a tamper resistant module storing user authentication information, a web server, and an authentication server. A first step in which the user identification device accesses the web server from a browser extension incorporated therein; and when the web server is accessed from the user identification device, a session ID is A second step of transmitting an authentication parameter transmission request including a URL of the web server, a URL of the authentication server, and a serial ID corresponding to the session ID, and the authentication server, In the session ID received from the web server A third step of issuing a corresponding serial ID; a fourth step in which the authentication server generates the authentication parameter and sending it to the web server; and the web server A fifth step of receiving a parameter and transmitting the received authentication parameter and the session ID to the user identification device; and the user identification device receives a session ID and an authentication parameter from the web server. A sixth step of verifying the web server and the authentication server; a seventh step of verifying a registration status of the URL of the web server and the URL of the authentication server by the user identification device; When the user identification device has registered the URL of the web server and the URL of the authentication server, An eighth step of generating a one-time password from a shared key and a serial ID shared with the certificate server, and the user identification device transmits the generated one-time password, user ID, and session ID to the authentication server A ninth step in which the authentication server identifies a user from a user ID received from the user identification device; and a serial ID from the session ID received by the authentication server from the user identification device. An eleventh step of verifying the received one-time password, a twelfth step in which the authentication server transmits user information to the web server, and the web server receives user information from the authentication server. Display information after login based on the received user information. For causing a computer to execute a thirteenth step of transmitting information to the user identification device and a fourteenth step of receiving and displaying the display information after the login by the user identification device from the web server. Propose a program.

  According to this invention, it can be shown that there is no intermediary between the user identification device and the server. Further, since the server information is read by a user identification device in which information is incorporated in advance and it is verified whether or not it is a legitimate web server, it is possible to reliably confirm that the web server is not a phishing site. Furthermore, possession authentication can be performed by the user identification device transmitting client authentication information. Even if a link in a phishing email is accidentally opened, it is possible to prevent the user from being directed to a phishing site.

  According to the present invention, there is an effect that it is possible to indicate that no intermediate person exists between the user identification device and the server. In addition, when using a browser extension or a portable terminal incorporated in the user identification device, it is ensured that the web server is used to confirm whether the web server is a registered server on the portable terminal. There is an effect that it can be confirmed whether or not it is a phishing site.

  In addition, according to the present invention, when using a mobile terminal, authentication information is transmitted and received using a separate path between the mobile terminal and the authentication server, so that the authentication information is not erroneously input from a personal computer. effective. Furthermore, since the mobile terminal and the authentication server communicate with each other, there is an effect that possession authentication regarding the user's mobile terminal can be performed. In addition, even if a link in a phishing email is accidentally opened, there is an effect that it is possible to prevent guidance to a phishing site.

Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.
Note that the constituent elements in the present embodiment can be appropriately replaced with existing constituent elements and the like, and various variations including combinations with other existing constituent elements are possible. Therefore, the description of the present embodiment does not limit the contents of the invention described in the claims.

<First Embodiment>
The present embodiment will be described with reference to FIGS.
As shown in FIG. 1, the mutual authentication system according to the present embodiment includes a personal computer (PC) 1, a mobile phone 2, a web server 3, and an authentication server 4. The personal computer (PC) 1 and the web server 3. The authentication server 4 is connected via a network. In this embodiment, an example in which the mobile phone 2 is used will be described. However, when a tamper resistant module is incorporated in the personal computer (PC) 1 and user authentication information is stored in the tamper resistant module, Even without using the cellular phone 2, the personal computer (PC) 1 alone can constitute a system.

<Configuration of personal computer (PC)>
As shown in FIG. 2, the personal computer (PC) 1 according to the present embodiment includes a receiving unit 11, a server verification unit 12, a two-dimensional encoding unit 13, a display unit 14, and an access unit 15. Has been.

  The receiving unit 11 receives an authentication parameter (P) including a session ID (SID), a web server URL (URL-web), an authentication server URL (URL-auth), and a serial ID (serial-ID) from the web server 3. -Auth).

  The server verification unit 12 verifies the web server 3 and the authentication server 4 based on the received session ID (SID) and authentication parameter (P-auth). Specifically, 1) Whether the common name field of the SSL server certificate matches the domain of the URL. 2) Has the certificate expired? 3) Root certificate signature. 4) Whether the URL of the access destination matches the common name of the server certificate. 5) Verify whether the URL (URL-web) of the web server in the authentication parameter (P-auth) matches the URL of the currently accessed web server.

  The two-dimensional encoding unit 13 two-dimensionally encodes the session ID (SID) and the authentication parameter (P-auth) when there is no abnormality in the verification in the server verification unit 12. Note that the two-dimensional code may be a QR code, for example. When a QR code is used, information can be easily read, for example, with a camera-equipped mobile phone or the like that is generally distributed without using a special device, which is excellent in convenience. In the present embodiment, the two-dimensional code is exemplified, but the present invention is not limited to this. For example, a secure communication method using infrared rays, Bluetooth (registered trademark), a serial cable, or the like may be used.

  The display unit 14 is a display device that displays the two-dimensional code generated by the two-dimensional encoding unit 13. The access unit 15 accesses the web server 3 from a browser extension incorporated in the personal computer (PC) 1 by a user operation.

<Configuration of mobile phone>
As shown in FIG. 3, the mobile phone 2 according to this embodiment includes a two-dimensional code reading unit 21, a server verification unit 22, a server registration information database (DB) 23, a one-time password generation unit 24, an individual The identification number storage unit 25 and the transmission unit 26 are included. In the present embodiment, a mobile phone has been exemplified. However, the present invention is not limited to this, and a reliable device such as a PDA (Personal Digital Assistant) may be used.

  The two-dimensional code reading unit 21 reads the contents of the two-dimensional code generated by the two-dimensional coding unit 13 of the personal computer (PC) 1 by using, for example, a camera built in the mobile phone.

  In the server verification unit 22, the URL (URL-web) of the web server and the URL (URL-auth) of the authentication server read by the two-dimensional code reading unit 21 have been registered in the server registration information database (DB) 23. Verify whether or not. The server registration information database (DB) 23 is a database that stores the URL of each registered server.

  The one-time password generation unit 24 calculates a one-time password (OTP) from the shared key K shared with the authentication server 4 and the serial ID (serial-ID) read by the two-dimensional code reading unit 21, and the one-time password (OTP) OTP). The individual identification number storage unit 25 is a storage unit that stores an individual identification number (sub-ID) of the mobile phone 2.

  The transmission unit 26 transmits a session ID (SID), a one-time password (OTP), and an individual identification number (sub-ID) to the authentication server 4. When the mobile phone 2 is out of the communication range and cannot communicate, the user ID (UID) and the one-time password (OTP) are displayed on the display unit of the mobile phone 2 and incorporated in the personal computer (PC) 1. The user can input such information on the browser extension, and the browser extension can transmit it to the authentication server 4 via the network.

<Web server configuration>
As shown in FIG. 4, the web server 3 according to the present embodiment includes a reception unit 31, a control unit 32, a transmission unit 33, a session ID storage unit 34, and a display information storage unit 35.

  The receiving unit 31 receives an access signal from the personal computer (PC) 1 and an authentication parameter (P-auth) and user information from the authentication server 4. When the reception unit 31 receives an access signal from the personal computer (PC) 1, the control unit 32 transmits the session ID (SID) stored in the session ID storage unit 34 from the transmission unit 33, and the authentication server 4. Requesting an authentication parameter (P-auth).

  When the receiving unit 31 receives the authentication parameter (P-auth) from the authentication server 4, the personal computer (PC) 1 receives the authentication parameter (P-auth) and the session ID storage unit 34. The stored session ID (SID) is transmitted.

  Further, when the receiving unit 31 receives the user information and the display screen after login from the authentication server 4, the display unit after login stored in the display information storage unit 35 is transmitted to the personal computer (PC) 1.

  As described above, the transmission unit 33 transmits necessary information to the personal computer (PC) 1 and the authentication server 4 through the network under the control of the control unit 32. The session ID storage unit 34 is a storage unit that stores a session ID (SID), and the display information storage unit 35 is a storage unit that stores a display screen after login received from the authentication server 4.

<Configuration of authentication server>
As shown in FIG. 5, the authentication server 4 according to the present embodiment includes a receiving unit 41, a serial ID issuing unit 42, a user specifying unit 43, a one-time password verification unit 44, and an authentication parameter generation unit 45. , A URL information database (DB) 46 and a transmission unit 47.

  The receiving unit 41 receives a session ID (SID) from the web server 3 and a session ID (SID), an individual identification number (sub-ID), and a one-time password (OTP) from the mobile phone 2.

  The serial ID issuing unit 42 issues a serial ID (serial-ID) corresponding to the session ID (SID) received from the web server 3. The user specifying unit 43 specifies a user from the received individual identification number (sub-ID). When the mobile phone 2 is out of the communication range and cannot communicate, the user is specified based on the user ID (UID) received via the network.

  The one-time password verification unit 44 uses the shared key K shared with the mobile phone 2 and the serial ID (serial-ID) issued to the session ID (SID) received from the web server 3 to receive the received one-time password. To verify.

  The authentication parameter generation unit 45 generates an authentication parameter (P-auth) including a URL (URL-web) of the web server, a URL (URL-auth) of the authentication server, and a serial ID (serial-ID).

  The URL information database (DB) 46 is a database that stores the URL (URL-web) of the web server and the URL (URL-auth) of the authentication server in association with each other. The transmission unit 47 transmits the authentication parameter (P-auth) and user information to the web server 3.

<Processing of mutual authentication system>
The process of the mutual authentication system according to the present embodiment will be described with reference to FIG.
First, the personal computer (PC) 1 accesses the web server 3 from a browser extension incorporated therein (step S101). When accessed from the personal computer (PC) 1, the web server 3 transmits a session ID (SID) to the authentication server 4, and corresponds to the URL of the web server 3, the URL of the authentication server 4, and the session ID. A transmission request for an authentication parameter (P-auth) including the serial ID is transmitted (step S102).

  The authentication server 4 issues a serial ID (serial-ID) corresponding to the session ID received from the web server 3, generates an authentication parameter (P-auth) (step S103), and generates the generated authentication parameter ( P-auth) is transmitted to the web server (step S104).

  The web server 3 receives the authentication parameter (P-auth) from the authentication server 4 and transmits the received authentication parameter (P-auth) and session ID (SID) to the personal computer (PC) 1.

  The personal computer (PC) 1 receives the session ID (SID) and the authentication parameter (P-auth) from the web server 3, and verifies the web server 3 and the authentication server 4 (step S105). If there is no abnormality as a result of the verification, the browser extension incorporated in the personal computer (PC) 1 converts the session ID (SID) and the authentication parameter (P-auth) into a two-dimensional code, and displays the display unit. (Step S106).

  The mobile phone 2 is a built-in camera that reads a two-dimensional code displayed on the display unit of the personal computer (PC) 1, and the URL (URL-web) of the web server 3 and the URL (URL-auth) of the authentication server 4. Are verified (step S107).

  Next, when the URL of the web server 3 and the URL of the authentication server 4 have already been registered, the mobile phone 2 uses the shared key K and serial ID (serial-ID) shared with the authentication server 4 to make a one-time password. (OTP) is generated (step S108). Then, the mobile phone 2 transmits the received session ID (SID), the generated one-time password (OTP), and the individual identification number (sub-ID) to the authentication server 4 (step S109).

  The authentication server 4 identifies a user from the individual identification number (sub-ID) received from the mobile phone 2, and uses the key corresponding to the identified user and the issued serial ID (serial-ID) from the mobile phone 2. The received one-time password (OTP) is verified (step S110). And user information is transmitted to the web server 3 (step S111).

  The web server 3 receives user information from the authentication server 4, and transmits display information after login to the personal computer (PC) 1 based on the received user information (step S112). The personal computer (PC) 1 receives the display information after login from the web server 3 and displays it on the display unit.

  As described above, according to the present embodiment, it can be shown that no intermediate person exists between the personal computer, the web server, and the authentication server. In addition, the server information of the web server and the authentication server is incorporated into the two-dimensional code, and the mobile phone in which the information is incorporated in advance reads this to verify whether it is a legitimate web server. It is possible to reliably verify that the web server to perform is not a phishing site. In addition, possession authentication that proves that the client has the mobile phone can be performed by transmitting the client authentication information (individual identification number) from the mobile phone. In addition, mutual authentication can be performed regardless of whether the mobile phone is in the communication range or out of the communication range. It is also effective when you open a link in a phishing email.

<Second Embodiment>
The present embodiment will be described with reference to FIGS.
As shown in FIG. 7, the mutual authentication system according to this embodiment includes a personal computer (PC) 1, a mobile phone 2, a web server 3, an authentication server 4, and a verification server 5. 1) The web server 3, the authentication server 4, and the verification server 5 are connected via a network. In this embodiment, an example in which the mobile phone 2 is used will be described. However, when a tamper resistant module is incorporated in the personal computer (PC) 1 and user authentication information is stored in the tamper resistant module, Even without using the cellular phone 2, the personal computer (PC) 1 alone can constitute a system.

<Configuration of personal computer (PC)>
As shown in FIG. 8, the personal computer (PC) 1 according to the present embodiment includes a receiving unit 11, a server verification unit 12, a display unit 14, an access unit 15, a two-dimensional encoding unit 16, and a registration status. And an inquiry unit 17. In addition, about the component which attaches | subjects the same code | symbol as 1st Embodiment, since it has the same function, the detailed description is abbreviate | omitted.

  When the two-dimensional encoding unit 16 receives an answer indicating that the URL (URL-web) of the web server 3 and the URL (URL-auth) of the authentication server 4 have been registered from the verification server 5 described later. The session ID (SID) and the authentication parameter (P-auth) are incorporated into one URL and are two-dimensionally encoded. Note that the two-dimensional code may be a QR code, for example. When a QR code is used, information can be easily read, for example, with a camera-equipped mobile phone or the like that is generally distributed without using a special device, which is excellent in convenience. In the present embodiment, the two-dimensional code is exemplified, but the present invention is not limited to this. For example, a secure communication method using infrared, Bluetooth (registered trademark), a serial cable, or the like may be used.

  When there is no abnormality in the verification result of the server verification unit 12, the registration status inquiry unit 17 sends the URL (URL-web) of the web server 3 and the URL (URL-auth) of the authentication server 4 to the verification server 5. Inquire about the registration status of.

<Configuration of mobile phone>
As shown in FIG. 9, the mobile phone 2 according to the present embodiment includes a two-dimensional code reading unit 21, an individual identification number storage unit 25, a transmission unit 26, an access unit 27, and a one-time password input unit 28. It is composed of In the present embodiment, a mobile phone has been exemplified. However, the present invention is not limited to this, and a reliable device such as a PDA (Personal Digital Assistant) may be used. In addition, about the component which attaches | subjects the same code | symbol as 1st Embodiment, since it has the same function, the detailed description is abbreviate | omitted.

  The access unit 27 accesses the URL (URL-auth) of the authentication server 4 read by the two-dimensional code reading unit 21 by transmitting the individual identification number (sub-ID) and the session ID (SID).

  In response to the password request from the authentication server 4, the one-time password input unit 28 inputs the password and transmits the password to the authentication server 4 via the transmission unit 26.

<Web server configuration>
As shown in FIG. 10, the web server 3 according to the present embodiment includes a reception unit 31, a control unit 32, a transmission unit 33, a session ID storage unit 34, a display information storage unit 35, and a password verification unit 36. It consists of and. In addition, about the component which attaches | subjects the same code | symbol as 1st Embodiment, since it has the same function, the detailed description is abbreviate | omitted.

  The password verification unit 36 verifies the password received from the authentication server 4.

<Configuration of authentication server>
As shown in FIG. 11, the authentication server 4 according to the present embodiment includes a receiving unit 41, a serial ID issuing unit 42, a user specifying unit 43, an authentication parameter generating unit 45, and a URL information database (DB) 46. And a serial ID / session ID match verification unit 48 and a transmission unit 49. In addition, about the component which attaches | subjects the same code | symbol as 1st Embodiment, since it has the same function, the detailed description is abbreviate | omitted.

  The serial ID / session ID match verification unit 48 checks the match of the pair of serial ID (serial-ID) and session ID (SID). The transmission unit 49 transmits to the web server 3 the authentication parameter (P-auth) generated by the authentication parameter generation unit 45, the user information output from the user specifying unit 43, and the password received from the mobile phone 2. .

<Configuration of verification server>
As illustrated in FIG. 12, the verification server 5 according to the present embodiment includes a reception unit 61, a registration status confirmation unit 62, a server registration information database (DB) 63, and a transmission unit 64.

  The receiving unit 61 receives the URL (URL-web) of the web server 3 and the URL (URL-auth) of the authentication server 4 from the personal computer (PC) 1. The registration status confirmation unit 62 indicates the registration status of the received URL (URL-web) of the web server 3 and the URL (URL-auth) of the authentication server 4 based on the information stored in the server registration information database (DB) 63. And confirm.

  The server registration information database (DB) 63 is a storage device that stores the URL registration status of each server. The transmission unit 64 transmits the confirmation result confirmed by the registration status confirmation unit 62 to the personal computer (PC) 1.

<Processing of mutual authentication system>
Processing of the mutual authentication system according to the present embodiment will be described using FIG.
First, the personal computer (PC) 1 accesses the web server 3 from a browser extension incorporated therein (step S201). When accessed from the personal computer (PC) 1, the web server 3 transmits a session ID (SID) to the authentication server 4, and corresponds to the URL of the web server 3, the URL of the authentication server 4, and the session ID. A transmission request for an authentication parameter (P-auth) including the serial ID is transmitted (step S202).

  The authentication server 4 issues a serial ID (serial-ID) corresponding to the session ID received from the web server 3, generates an authentication parameter (P-auth) (step S203), and generates the generated authentication parameter ( P-auth) is transmitted to the web server (step S204).

  The web server 3 receives the authentication parameter (P-auth) from the authentication server 4 and transmits the received authentication parameter (P-auth) and session ID (SID) to the personal computer (PC) 1.

  The personal computer (PC) 1 receives the session ID (SID) and the authentication parameter (P-auth) from the web server 3, and verifies the web server 3 and the authentication server 4 (step S205).

  If there is no abnormality as a result of the verification, the personal computer (PC) 1 transmits the URL (URL-web) of the web server 3 and the URL (URL-auth) of the authentication server 4 to the verification server 5, and The browser extension incorporated in the computer (PC) 1 inquires the registration status of the web server 3 and the authentication server 4 to the verification server 4 (step S206). Upon receiving the URL (URL-web) of the web server 3 and the URL (URL-auth) of the authentication server 4, the verification server 5 confirms the registration status (step S 207) and sends the response to the personal computer ( PC) to 1.

  The personal computer (PC) 1 that has received the response regarding the registration status from the verification server 5 indicates that the URL (URL-web) of the web server 3 and the URL (URL-auth) of the authentication server 4 have been registered. Is received, a session ID (SID) and an authentication parameter (P-auth) are incorporated into one URL, a two-dimensional code is generated, and displayed on the display unit (step S208).

  The mobile phone 2 is a built-in camera that reads a two-dimensional code displayed on the display unit of the personal computer (PC) 1 and transmits an individual identification number (sub-ID) and a session ID (SID) to the authentication server 4. Then, the URL (URL-auth) of the authentication server 4 is accessed (step S209).

  The authentication server 4 identifies the user from the individual identification number (sub-ID) received from the mobile phone 2, and further confirms that the session ID (SID) and serial ID (serial-ID) match, A password is requested to the telephone 2 (step S210).

  When receiving the password request from the authentication server 4, the user inputs the password using the mobile phone 2 (step S211), and transmits the password. When the authentication server 4 receives the password from the mobile phone 2, it transmits the user information to the web server 3 together with the user information (step S212).

  When the web server 3 receives the user information and password from the authentication server 4, the web server 3 verifies the received password (step S 213) and transmits display information after login to the personal computer (PC) 1 based on the user information. . The personal computer (PC) 1 receives the display information after login from the web server 3 and displays it on the display unit.

  Note that the server verification by the verification server 5 performed in step S207 does not have to be performed for a limited server for which safety is ensured, such as when the connection is limited on the browser extension or EVSSL. Good. If server information is stored in the browser extension, the server verification by the verification server 5 performed in step S207 may not be performed by verifying the server information.

  As described above, according to the present embodiment, it can be shown that no intermediate person exists between the personal computer, the web server, and the authentication server. In addition, the browser extension in the personal computer transfers the server information to another secure verification server and verifies whether it is registered (or verifies it with the server information stored in the browser extension, and whether it is registered. It is possible to reliably verify that the web server to be accessed is not a phishing site. In addition, possession authentication that proves that the client has the mobile phone can be performed by transmitting the client authentication information (individual identification number) from the mobile phone. Moreover, since the camera-equipped mobile phones currently on the market are equipped with a two-dimensional code reader as standard, it is not necessary to develop a new application. It is also effective when you open a link in a phishing email.

<Third Embodiment>
The present embodiment will be described with reference to FIGS.
As shown in FIG. 14, the mutual authentication system according to the present embodiment includes a personal computer (PC) 1, a mobile phone 2, and a web server 3, and the personal computer (PC) 1, web server 3, and authentication server 4. Are connected via a network. A camera 6 is connected to the personal computer (PC) 1. In this embodiment, an example in which the mobile phone 2 is used will be described. However, when a tamper resistant module is incorporated in the personal computer (PC) 1 and user authentication information is stored in the tamper resistant module, Even without using the cellular phone 2, the personal computer (PC) 1 alone can constitute a system.

<Configuration of personal computer (PC)>
As shown in FIG. 15, the personal computer (PC) 1 according to the present embodiment includes a receiving unit 11, a server verification unit 12, a two-dimensional encoding unit 13, a display unit 14, an access unit 15, and a decoding unit. The unit 19 and the transmission unit 20 are included. In addition, about the component which attaches | subjects the same code | symbol as 1st Embodiment, since it has the same function, the detailed description is abbreviate | omitted.

  The decoding unit 19 decodes the user ID (UID) and the one-time password (OTP) from the two-dimensional code read by the camera 6. The transmission unit 20 transmits the user ID (UID) and one-time password (OTP) decoded by the decoding unit 19 and the session ID (SID) received from the web server 3 to the authentication server 4.

<Configuration of mobile phone>
As shown in FIG. 16, the mobile phone 2 according to the present embodiment includes a two-dimensional code reading unit 21, a server verification unit 22, a server registration information database (DB) 23, a one-time password generation unit 24, two The dimension code generation unit 29 and the transmission unit 30 are included. In the present embodiment, a mobile phone has been exemplified. However, the present invention is not limited to this, and a reliable device such as a PDA (Personal Digital Assistant) may be used. In addition, about the component which attaches | subjects the same code | symbol as 1st Embodiment, since it has the same function, the detailed description is abbreviate | omitted.

  The two-dimensional code generation unit 29 converts the one-time password (OTP) and user ID (UID) generated by the one-time password generation unit 24 into a two-dimensional code. The transmission unit 30 transmits the generated two-dimensional code to the personal computer (PC) 1 in the two-dimensional code generation unit 29.

<Web server configuration>
As shown in FIG. 17, the web server 3 according to the present embodiment includes a reception unit 31, a control unit 32, a transmission unit 33, a session ID storage unit 34, and a display information storage unit 35. Since the configuration is the same as that of the first embodiment, detailed description thereof is omitted.

<Configuration of authentication server>
As shown in FIG. 18, the authentication server 4 according to the present embodiment includes a receiving unit 41, a serial ID issuing unit 42, a one-time password verification unit 44, an authentication parameter generating unit 45, a URL information database (DB). ) 46, a transmission unit 47, and a user identification unit 50. In addition, about the component which attaches | subjects the same code | symbol as 1st Embodiment, since it has the same function, the detailed description is abbreviate | omitted.

  The user specifying unit 50 specifies a user based on a user ID (UID) received from the personal computer (PC) 1.

<Processing of mutual authentication system>
The process of the mutual authentication system according to the present embodiment will be described with reference to FIG.
First, the personal computer (PC) 1 accesses the web server 3 from a browser extension incorporated therein (step S301). When accessed from the personal computer (PC) 1, the web server 3 transmits a session ID (SID) to the authentication server 4, and corresponds to the URL of the web server 3, the URL of the authentication server 4, and the session ID. An authentication parameter (P-auth) transmission request including the serial ID is transmitted (step S302).

  The authentication server 4 issues a serial ID (serial-ID) corresponding to the session ID received from the web server 3, generates an authentication parameter (P-auth) (step S 303), and generates the generated authentication parameter ( P-auth) is transmitted to the web server (step S304).

  The web server 3 receives the authentication parameter (P-auth) from the authentication server 4 and transmits the received authentication parameter (P-auth) and session ID (SID) to the personal computer (PC) 1.

  The personal computer (PC) 1 receives the session ID (SID) and the authentication parameter (P-auth) from the web server 3, and verifies the web server 3 and the authentication server 4 (step S305). If there is no abnormality as a result of the verification, the browser extension incorporated in the personal computer (PC) 1 converts the session ID (SID) and the authentication parameter (P-auth) into a two-dimensional code, and displays the display unit. (Step S306).

  The browser extension of the personal computer (PC) 1 activates the connected camera 6 (step S307). The mobile phone 2 is a built-in camera that reads the two-dimensional code displayed on the display unit of the personal computer (PC) 1, and the URL (URL-web) of the web server 3 and the URL (URL-) of the authentication server 4. auth) is registered (step S308).

  Next, when the URL of the web server 3 and the URL of the authentication server 4 have already been registered, the mobile phone 2 uses the shared key K and serial ID (serial-ID) shared with the authentication server 4 to make a one-time password. (OTP) is generated (step S309). The mobile phone 2 converts the user ID (UID) and the generated one-time password (OTP) into a two-dimensional code (step S310), and transmits the two-dimensional code to the personal computer (PC) 1.

  The browser extension of the personal computer (PC) 1 reads the two-dimensional code with the connected camera 6 and decodes the user ID (UID) and the one-time password (OTP), and the user ID (UID) and the one-time code. A time password (OTP) and a session ID (SID) are transmitted to the authentication server 4 (step S311).

  The authentication server 4 specifies a user based on the user ID (UID) received from the personal computer (PC) 1 and calls a serial ID (serial-ID) from the session ID (SID) to obtain a one-time password (OTP). ) Is verified (step S312). Then, the user information is transmitted to the web server 3 (step S313).

  The web server 3 receives user information from the authentication server 4, and transmits display information after login to the personal computer (PC) 1 based on the received user information (step S314). The personal computer (PC) 1 receives the display information after login from the web server 3 and displays it on the display unit.

  As described above, according to the present embodiment, it can be shown that no intermediate person exists between the personal computer, the web server, and the authentication server. In addition, the server information of the web server and the authentication server is incorporated into the two-dimensional code, and the mobile phone in which the information is incorporated in advance reads this to verify whether it is a legitimate web server. It is possible to reliably verify that the web server to perform is not a phishing site. In addition, possession authentication that proves that the client has the mobile phone can be performed by transmitting the client authentication information (individual identification number) from the mobile phone. In addition, mutual authentication can be performed regardless of whether the mobile phone is in the communication range or out of the communication range. Furthermore, for example, when an attacker accesses a legitimate server, creates a two-dimensional code on the attacker's browser extension, and forwards it to the user, the user erroneously reads the two-dimensional code, However, according to the present embodiment, only the browser that outputs the two-dimensional code activates the camera connected to the personal computer, and the victim's camera does not activate. And the user's mobile phone are safer because it can be proved that there is no one other than the person connected to the web server. It is also effective when a link in a phishing email is opened.

  These programs are recorded on a computer-readable recording medium, and the program recorded on the recording medium is read into each of the personal computer, mobile phone, web server, authentication server, and verification server (all are computer systems), By executing this, the mutual authentication system of the present invention can be realized. The computer system here includes an OS and hardware such as peripheral devices.

  Further, the “computer system” includes a homepage providing environment (or display environment) if a WWW (World Wide Web) system is used. The program may be transmitted from a computer system storing the program in a storage device or the like to another computer system via a transmission medium or by a transmission wave in the transmission medium. Here, the “transmission medium” for transmitting the program refers to a medium having a function of transmitting information, such as a network (communication network) such as the Internet or a communication line (communication line) such as a telephone line.

  The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, and what is called a difference file (difference program) may be sufficient.

  The embodiments of the present invention have been described in detail with reference to the drawings. However, the specific configuration is not limited to the embodiments, and includes designs and the like that do not depart from the gist of the present invention. For example, in the first to third embodiments, an example has been described in which the web server sends a session ID to the authentication server, makes a serial ID transmission request, and the authentication server issues a serial ID. Instead, the serial ID may be issued on the web server side.

It is a block diagram of the mutual authentication system which concerns on 1st Embodiment. 1 is a configuration diagram of a personal computer according to a first embodiment. FIG. 1 is a configuration diagram of a mobile phone according to a first embodiment. It is a lineblock diagram of the web server concerning a 1st embodiment. It is a block diagram of the authentication server which concerns on 1st Embodiment. It is a processing flow of the mutual authentication system which concerns on 1st Embodiment. It is a block diagram of the mutual authentication system which concerns on 2nd Embodiment. It is a block diagram of the personal computer which concerns on 2nd Embodiment. It is a block diagram of the mobile telephone which concerns on 2nd Embodiment. It is a block diagram of the web server which concerns on 2nd Embodiment. It is a block diagram of the authentication server which concerns on 2nd Embodiment. It is a block diagram of the verification server which concerns on 2nd Embodiment. It is a processing flow of the mutual authentication system which concerns on 2nd Embodiment. It is a block diagram of the mutual authentication system which concerns on 3rd Embodiment. It is a block diagram of the personal computer which concerns on 3rd Embodiment. It is a block diagram of the mobile telephone which concerns on 3rd Embodiment. It is a block diagram of the web server which concerns on 3rd Embodiment. It is a block diagram of the authentication server which concerns on 3rd Embodiment. It is a processing flow of the mutual authentication system which concerns on 3rd Embodiment.

Explanation of symbols

  DESCRIPTION OF SYMBOLS 1 ... Personal computer (PC), 2 ... Mobile phone, 3 ... Web server, 4 ... Authentication server, 5 ... Verification server, 6 ... Camera, 11, 31, 41, 61..Receiving unit, 12, 22 ... Server verification unit, 13, 16 ... Two-dimensional encoding unit, 14 ... Display unit, 15 ... Access unit, 17 ... Registration status inquiry unit , 19 ... Decoding unit, 20, 26, 30, 33, 47, 49, 64 ... Transmission unit, 21 ... Two-dimensional code reading unit, 23, 63 ... Server registration information database (DB) 24... One-time password generation unit 25... Individual identification number storage unit 27. Access unit 28. One-time password input unit 29. Two-dimensional code generation unit 32. ..Control unit 34 ... Session ID rating 35, display information storage unit, 36 ... password verification unit, 42 ... serial ID issuing unit, 43, 50 ... user identification unit, 44 ... one-time password verification unit, 45. ..Authentication parameter generation unit, 46... URL information database (DB), 48... Serial ID, session ID match verification unit, 62.

Claims (12)

A mutual authentication system comprising a user identification device including a tamper-resistant module storing user authentication information, a web server, and an authentication server,
The user identification device is
An access means for accessing the web server from a browser extension incorporated therein;
A server that receives an authentication parameter including a session ID, a URL of the web server, a URL of the authentication server, and a serial ID corresponding to the session ID from the web server, and performs verification between the web server and the authentication server Verification means;
Second verification means for verifying whether the URL of the web server and the URL of the authentication server have been registered;
One-time password generation means for generating a one-time password from the shared key shared with the authentication server and the serial ID;
First transmission means for transmitting the received session ID, the generated one-time password and an individual identification number to the authentication server;
Display means for receiving and displaying display information after login from the web server;
With
The web server is
Second access means for transmitting a session ID to the authentication server and transmitting a request for transmitting the authentication parameter when accessed from the user identification device;
Third transmitting means for receiving the authentication parameter from the authentication server and transmitting the received authentication parameter and the session ID to the user identification device;
Fourth transmission means for receiving user information from the authentication server and transmitting the display information after the login to the user identification device based on the received user information;
With
The authentication server is
Serial ID issuing means for issuing a serial ID corresponding to the session ID received from the web server;
Fifth transmission means for generating the authentication parameter and transmitting it to the web server;
User specifying means for specifying a user from the individual identification number received from the user identification device;
One-time password verification means for verifying the one-time password received from the user identification device from the key corresponding to the specified user and the issued serial ID;
Sixth transmission means for transmitting user information to the web server;
A mutual authentication system characterized by comprising: The user identification device is composed of a personal computer and a mobile terminal in which a browser extension is incorporated inside the user,
The browser extension of the personal computer accesses the web server and performs verification between the web server and the authentication server based on the received session ID and the authentication parameter. The authentication parameters are displayed as a two-dimensional code, or transmitted by short-range wireless,
The portable terminal reads the two-dimensional code or receives it by the short-range wireless communication, verifies whether the URL of the web server and the URL of the authentication server are registered, and shares with the authentication server The mutual authentication system according to claim 1, wherein a one-time password is generated from a shared key and a serial ID to be transmitted, and the session ID, the generated one-time password, and an individual identification number are transmitted to the authentication server. . A mutual authentication system comprising a user identification device including a tamper-resistant module storing user authentication information, a web server, an authentication server, and a verification server,
The user identification device is
An access means for accessing the web server from a browser extension incorporated therein;
A server that receives an authentication parameter including a session ID, a URL of the web server, a URL of the authentication server, and a serial ID corresponding to the session ID from the web server, and performs verification between the web server and the authentication server Verification means;
Inquiry means for sending the URL of the web server and the URL of the authentication server to the verification server and inquiring about the registration status thereof;
Connection means for receiving an answer from the verification server, transmitting the individual identification number and the session ID to the authentication server, and performing a connection;
First transmission means for transmitting a password in response to a password request from the authentication server;
Display means for receiving and displaying display information after login from the web server;
With
The web server is
A second transmission means for transmitting the session ID to the authentication server and transmitting a request for transmitting the authentication parameter when accessed from the user identification device;
Third transmitting means for receiving the authentication parameter from the authentication server and transmitting the received authentication parameter and the session ID to the user identification device;
Fourth transmission means for receiving user information and a password from the authentication server, verifying the password, and transmitting display information after login to the user identification device based on the received user information and password When,
With
The authentication server is
Issuing means for issuing a serial ID corresponding to the session ID received from the web server;
Authentication parameter generating means for generating the authentication parameter;
Fifth transmission means for transmitting the generated authentication parameter to the web server;
User specifying means for specifying a user from the individual identification number received from the user identification device;
Confirmation means for confirming whether or not the received session ID and the issued serial ID match;
Sixth transmission means for transmitting information requesting a password to the user identification device;
Seventh transmission means for transmitting user information and a password to the web server;
With
The verification server is
In response to an inquiry about the registration status regarding the URL of the web server and the URL of the authentication server from the user identification device, an eighth transmission means is provided for confirming the registration status and transmitting an answer. Mutual authentication system. The user identification device is composed of a personal computer and a mobile terminal in which a browser extension is incorporated inside the user,
The browser extension of the personal computer accesses the web server, verifies the web server and the authentication server based on the received session ID and the authentication parameter, and sends the web server to the verification server. When the registration status between the URL of the authentication server and the URL of the authentication server is inquired and a reply indicating that it has been registered is received, the session ID and the authentication parameter are incorporated into one URL and displayed as a two-dimensional code. Or by short-range radio
The portable terminal reads the two-dimensional code, or receives it by the short-range wireless, and accesses the authentication server by transmitting an individual identification number and a serial ID, and requests a password from the authentication server. The mutual authentication system according to claim 3, wherein a password is transmitted. A mutual authentication system comprising a user identification device including a tamper-resistant module storing user authentication information, a web server, and an authentication server,
The user identification device is
An access means for accessing the web server from a browser extension incorporated therein;
A server that receives an authentication parameter including a session ID, a URL of the web server, a URL of the authentication server, and a serial ID corresponding to the session ID from the web server, and performs verification between the web server and the authentication server Verification means;
Registration status verification means for verifying the registration status of the URL of the web server and the URL of the authentication server;
Generating means for generating a one-time password from a shared key and a serial ID shared with the authentication server;
First transmission means for transmitting the generated one-time password, user ID, and session ID to the authentication server;
Display means for receiving and displaying display information after login from the web server;
With
The web server is
A second transmission means for transmitting the session ID to the authentication server and transmitting a request for transmitting the authentication parameter when accessed from the user identification device;
Third transmitting means for receiving the authentication parameter from the authentication server and transmitting the received authentication parameter and the session ID to the user identification device;
Fourth transmission means for receiving user information from the authentication server and transmitting display information after login to the user identification device based on the received user information;
With
The authentication server is
Issuing means for issuing a serial ID corresponding to the session ID received from the web server;
Authentication parameter generating means for generating the authentication parameter;
Fifth transmission means for transmitting the generated authentication parameter to the web server;
User specifying means for specifying a user from the user ID received from the user identification device;
One-time password verification means for calling the serial ID from the session ID received from the user identification device and verifying the received one-time password;
Sixth transmission means for transmitting user information to the web server;
A mutual authentication system characterized by comprising: The user identification device is owned by the user, and a browser extension is incorporated therein, and includes a personal computer and a portable terminal to which an imaging device is connected,
When the browser extension of the personal computer accesses the web server, the web server and the authentication server are verified based on the received session ID and the authentication parameter, and if there is no abnormality, the session ID And the authentication parameter are displayed in two-dimensional code, or transmitted by short-range wireless,
The portable terminal reads the two-dimensional code or receives it by the short-range wireless communication, confirms the registration status of the URL of the web server and the URL of the authentication server, and shares a shared key and serial number shared with the authentication server Generate a one-time password from the ID, display the generated one-time password and user ID as a two-dimensional code, or send to the personal computer by short-range wireless,
A browser extension in the personal computer uses the imaging device to decode the user ID and the one-time password obtained by imaging the two-dimensional code displayed on the portable terminal, and the decoded user ID and one-time The mutual authentication system according to claim 5, wherein a password and a session ID are transmitted to the authentication server. A mutual authentication method in a mutual authentication system comprising a user identification device having a tamper resistant module storing user authentication information, a web server, and an authentication server,
A first step in which the user identification device accesses the web server from a browser extension incorporated therein;
When the web server is accessed from the user identification device, it transmits a session ID to the authentication server, and from the URL of the web server, the URL of the authentication server, and a serial ID corresponding to the session ID A second step of transmitting an authentication parameter transmission request,
A third step in which the authentication server issues a serial ID corresponding to the session ID received from the web server;
A fourth step in which the authentication server generates the authentication parameter and transmits it to the web server;
A fifth step in which the web server receives the authentication parameter from the authentication server, and transmits the received authentication parameter and the session ID to the user identification device;
A sixth step in which the user identification device receives the session ID and the authentication parameter from the web server, and verifies the web server and the authentication server;
A seventh step in which the user identification device verifies whether the URL of the web server and the URL of the authentication server have been registered;
An eighth step in which the user identification device generates a one-time password from the shared key shared with the authentication server and the serial ID when the URL of the web server and the URL of the authentication server have been registered; When,
A ninth step in which the user identification device transmits the received session ID, the generated one-time password, and an individual identification number to the authentication server;
A tenth step in which the authentication server identifies a user from the individual identification number received from the user identification device;
An eleventh step in which the authentication server verifies the one-time password received from the user identification device from a key corresponding to the identified user and the issued serial ID;
A twelfth step in which the authentication server transmits user information to the web server;
A thirteenth step in which the web server receives the user information from the authentication server and transmits display information after login to the user identification device based on the received user information;
A fourteenth step in which the user identification device receives and displays the display information after the login from the web server;
A mutual authentication method characterized by comprising: A mutual authentication method in a mutual authentication system comprising a user identification device including a tamper-resistant module storing user authentication information, a web server, an authentication server, and a verification server,
A first step in which the user identification device accesses the web server from a browser extension incorporated therein;
When the web server is accessed from the user identification device, it transmits a session ID to the authentication server, and from the URL of the web server, the URL of the authentication server, and a serial ID corresponding to the session ID A second step of transmitting an authentication parameter transmission request,
A third step in which the authentication server issues a serial ID corresponding to the session ID received from the web server;
A fourth step in which the authentication server generates the authentication parameter and transmits it to the web server;
A fifth step in which the web server receives the authentication parameter from the authentication server, and transmits the received authentication parameter and the session ID to the user identification device;
A sixth step in which the user identification device receives a session ID and an authentication parameter from the web server, and verifies the web server and the authentication server;
A seventh step in which the user identification device transmits the URL of the web server and the URL of the authentication server to the verification server and inquires about the registration status;
An eighth step in which the verification server confirms the registration status and transmits an answer to the inquiry from the user identification device;
A ninth step in which, when the URL of the web server and the URL of the authentication server are already registered, the user identification device transmits an individual identification number and a session ID to the authentication server to establish a connection; ,
A tenth step in which the authentication server identifies a user from the received individual identification number;
An eleventh step for the authentication server to check whether the received session ID and the issued serial ID match, and to request a password from the user identification device if they match;
A twelfth step in which the user identification device transmits the password in response to a request for the password from the authentication server;
A thirteenth step in which the authentication server transmits user information and the password to the web server;
The web server receives the user information and the password from the authentication server, verifies the password, and displays display information after login based on the received user information and the password as the user identification. A fourteenth step of transmitting to the device;
A fifteenth step in which the user identification device receives and displays the display information after the login from the web server;
A mutual authentication method characterized by comprising: A mutual authentication method in a mutual authentication system comprising a user identification device having a tamper resistant module storing user authentication information, a web server, and an authentication server,
A first step in which the user identification device accesses the web server from a browser extension incorporated therein;
When the web server is accessed from the user identification device, it transmits a session ID to the authentication server, and from the URL of the web server, the URL of the authentication server, and a serial ID corresponding to the session ID A second step of transmitting an authentication parameter transmission request,
A third step in which the authentication server issues a serial ID corresponding to the session ID received from the web server;
A fourth step in which the authentication server generates the authentication parameter and transmits it to the web server;
A fifth step in which the web server receives the authentication parameter from the authentication server, and transmits the received authentication parameter and the session ID to the user identification device;
A sixth step in which the user identification device receives a session ID and an authentication parameter from the web server, and verifies the web server and the authentication server;
A seventh step in which the user identification device verifies a registration status of the URL of the web server and the URL of the authentication server;
A ninth step in which the user identification device generates a one-time password from a shared key and a serial ID shared with the authentication server when the URL of the web server and the URL of the authentication server have been registered; ,
An eighth step in which the user identification device transmits the generated one-time password, a user ID, and the session ID to the authentication server;
A ninth step in which the authentication server identifies a user from the user ID received from the user identification device;
A tenth step in which the authentication server calls a serial ID from the session ID received from the user identification device and verifies the received one-time password;
An eleventh step in which the authentication server transmits user information to the web server;
An eleventh step in which the web server receives user information from the authentication server, and transmits display information after login to the user identification device based on the received user information;
A twelfth step in which the user identification device receives and displays the display information after the login from the web server;
A mutual authentication method characterized by comprising: A program for causing a computer to execute a mutual authentication method in a mutual authentication system including a user identification device including a tamper resistant module storing user authentication information, a web server, and an authentication server,
A first step in which the user identification device accesses the web server from a browser extension incorporated therein;
When the web server is accessed from the user identification device, it transmits a session ID to the authentication server, and from the URL of the web server, the URL of the authentication server, and a serial ID corresponding to the session ID A second step of transmitting an authentication parameter transmission request,
A third step in which the authentication server issues a serial ID corresponding to the session ID received from the web server;
A fourth step in which the authentication server generates the authentication parameter and transmits it to the web server;
A fifth step in which the web server receives the authentication parameter from the authentication server, and transmits the received authentication parameter and the session ID to the user identification device;
A sixth step in which the user identification device receives the session ID and the authentication parameter from the web server, and verifies the web server and the authentication server;
A seventh step in which the user identification device verifies whether the URL of the web server and the URL of the authentication server have been registered;
An eighth step in which the user identification device generates a one-time password from the shared key shared with the authentication server and the serial ID when the URL of the web server and the URL of the authentication server have been registered; When,
A ninth step in which the user identification device transmits the received session ID, the generated one-time password, and an individual identification number to the authentication server;
A tenth step in which the authentication server identifies a user from the individual identification number received from the user identification device;
An eleventh step in which the authentication server verifies the one-time password received from the user identification device from a key corresponding to the identified user and the issued serial ID;
A twelfth step in which the authentication server transmits user information to the web server;
A thirteenth step in which the web server receives the user information from the authentication server and transmits display information after login to the user identification device based on the received user information;
A fourteenth step in which the user identification device receives and displays the display information after the login from the web server;
A program that causes a computer to execute. A program for causing a computer to execute a mutual authentication method in a mutual authentication system including a user identification device including a tamper-resistant module storing user authentication information, a web server, an authentication server, and a verification server,
A first step in which the user identification device accesses the web server from a browser extension incorporated therein;
When the web server is accessed from the user identification device, it transmits a session ID to the authentication server, and from the URL of the web server, the URL of the authentication server, and a serial ID corresponding to the session ID A second step of transmitting an authentication parameter transmission request,
A third step in which the authentication server issues a serial ID corresponding to the session ID received from the web server;
A fourth step in which the authentication server generates the authentication parameter and transmits it to the web server;
A fifth step in which the web server receives the authentication parameter from the authentication server, and transmits the received authentication parameter and the session ID to the user identification device;
A sixth step in which the user identification device receives a session ID and an authentication parameter from the web server, and verifies the web server and the authentication server;
A seventh step in which the user identification device transmits the URL of the web server and the URL of the authentication server to the verification server and inquires about the registration status;
An eighth step in which the verification server confirms the registration status and transmits an answer to the inquiry from the user identification device;
A ninth step in which, when the URL of the web server and the URL of the authentication server are already registered, the user identification device transmits an individual identification number and a session ID to the authentication server to establish a connection; ,
A tenth step in which the authentication server identifies a user from the received individual identification number;
An eleventh step for the authentication server to check whether the received session ID and the issued serial ID match, and to request a password from the user identification device if they match;
A twelfth step in which the user identification device transmits the password in response to a request for the password from the authentication server;
A thirteenth step in which the authentication server transmits user information and the password to the web server;
The web server receives the user information and the password from the authentication server, verifies the password, and displays display information after login based on the received user information and the password as the user identification. A fourteenth step of transmitting to the device;
A fifteenth step in which the user identification device receives and displays the display information after the login from the web server;
A program that causes a computer to execute. A program for causing a computer to execute a mutual authentication method in a mutual authentication system including a user identification device including a tamper resistant module storing user authentication information, a web server, and an authentication server,
A first step in which the user identification device accesses the web server from a browser extension incorporated therein;
When the web server is accessed from the user identification device, it transmits a session ID to the authentication server, and from the URL of the web server, the URL of the authentication server, and a serial ID corresponding to the session ID A second step of transmitting an authentication parameter transmission request,
A third step in which the authentication server issues a serial ID corresponding to the session ID received from the web server;
A fourth step in which the authentication server generates the authentication parameter and transmits it to the web server;
A fifth step in which the web server receives the authentication parameter from the authentication server, and transmits the received authentication parameter and the session ID to the user identification device;
A sixth step in which the user identification device receives a session ID and an authentication parameter from the web server, and verifies the web server and the authentication server;
A seventh step in which the user identification device verifies a registration status of the URL of the web server and the URL of the authentication server;
An eighth step in which the user identification device generates a one-time password from a shared key and a serial ID shared with the authentication server when the URL of the web server and the URL of the authentication server have been registered; ,
A ninth step in which the user identification device transmits the generated one-time password, a user ID, and the session ID to the authentication server;
A tenth step in which the authentication server identifies a user from a user ID received from the user identification device;
An eleventh step in which the authentication server calls a serial ID from the session ID received from the user identification device and verifies the received one-time password;
A twelfth step in which the authentication server transmits user information to the web server;
A thirteenth step in which the web server receives user information from the authentication server, and transmits display information after login to the user identification device based on the received user information;
A fourteenth step in which the user identification device receives and displays the display information after the login from the web server;
A program that causes a computer to execute.

Images