JP5608509B2 - Key management system, key management method, and computer program - Google Patents

Description

  The present invention relates to a key management system, a key management method, and a computer program.

  Conventionally, when a device (for example, a mobile communication terminal, a personal computer, etc.) uses a service via a communication network, the device authenticates with the management server using its own authentication key. The management server manages the authentication key for each device (see, for example, Patent Document 1).

FIG. 16 is a graph for explaining a conventional authentication key management method. In FIG. 16, the relationship between an authentication key and its division | segmentation information is shown using the two-dimensional graph on a real number axis. Here, it is assumed that the management server manages the authentication keys of the two devices A and B in common. First, the management server holds initial division information W _{S, 0} common to the devices A and B. The device A holds initial division information V _{A, 0} and an initial authentication key K _{A, 0} . The device B holds initial division information V _{B, 0} and an initial authentication key K _{B, 0} .

In FIG. 16, the division information V _{A, 0} exists on a straight line connecting the authentication key K _{A, 0} and the division information W _{S, 0} . Similarly, the division information V _{B, 0} exists on a straight line connecting the authentication key K _{B, 0} and the division information W _{S, 0} . Thereby, the management server can restore the authentication key K _{A, 0} from the division information W _{S, 0} and the division information V _{A, 0} by receiving the division information V _{A, 0} from the device A. Then, the management server, by restoring authentication key K _{A, 0} and device A collates the authentication key K _{A, 0} for holding to authenticate the device A. Similarly, the management server, by receiving the divided information V _{B, 0} from the device B, it is possible to recover the authentication key K _{B, 0} from the divided information W _{S, 0} and division information V _{B, 0} Prefecture. Then, the management server, by restored authentication key K _{B, 0} and device B collates the authentication key K _{B, 0} to hold, to authenticate the device B.

Here, it is assumed that the service use registration of the device A is canceled. Then, the management server performs processing for invalidating the authentication key K _{A, 0} of the device A. Hereinafter, the process of invalidating the authentication key of the device may be referred to as “device invalidation”. The management server updates the division information W _{S, 0} held by itself to the division information W _{S, 1} in order to invalidate the device A. The division information W _{S, 1} does not exist on the straight line connecting the authentication key K _{A, 0} and the division information W _{S, 0,} and is on the straight line connecting the authentication key K _{B, 0} and the division information W _{S, 0.} Does not exist. Next, the management server generates the update information ΔV _{B, 0} of the division information for the device B that does not invalidate the device, and sends the update information ΔV _{B, 0} to the device B. The division information update information ΔV _{B, 0} is difference information between the division information V _{B, 0} and the division information V _{B, 1} . The device B obtains the division information V _{B, 1} from the update information ΔV _{B, 0} and the division information V _{B, 0} . The division information V _{B, 1} exists on a straight line connecting the authentication key K _{B, 0} and the division information W _{S, 1} . As a result, the management server receives the division information V _{B, 1} from the device B _, so that the authentication key K _{B, 0} can be restored from the division information W _{S, 1} and the division information V _{B, 1} . Then, the management server, by restored authentication key K _{B, 0} and device B collates the authentication key K _{B, 0} to hold, to authenticate the device B. As a result, the authentication of the device B is successful.

On the other hand, for the device A for which the device is invalidated, the division information V _{A, 0} held by the device A remains as it is. Therefore, the authentication key that the management server receives the division information V _{A, 0} from the device A and restores from the division information W _{S, 0} becomes the authentication key K _{A, 1} , and the authentication key K _A, Different from ₀ . As a result, the authentication of device A fails.

JP 2008-219177 A

  However, in the conventional authentication key management method described above, when a certain device is revoked, the update information of each division information is quickly generated for all devices that are not revoked. Must be sent. This places a heavy burden on the management server. Further, it is preferable that the amount of information managed by the management server is small.

  The present invention has been made in consideration of such circumstances, and can reduce the amount of processing at the time of invalidating a key of a certain device and can suppress the amount of information managed by the management server. It is an object to provide a key management system, a key management method, and a computer program.

In order to solve the above-described problem, the key management system according to the present invention manages a key of a device by dividing the key into first division information common to each device and second division information individual to the device. In the key management system to be executed, when the key of a certain device is revoked, the key generated from the latest value of the first division information and the second division information of the device, and the first division before the update A division information management unit that updates the latest value of the first division information so that a key generated from the latest value of the information matches the key generated from the second division information of the device; The division information history information storage unit that stores the time (history time) at which the first division information is updated, and the first step when authenticating a certain device “the key of the device has been corrected "Time (correction time)" Beauty using the "second division information of the device", the said correction time prior to the first date division information and the corrected time first division information two temporally successive intended for the subsequent One division information is set as a set, and for each set, the first key generated from one first division information and the second division information of the device, the other first division information and the device A verification unit that compares the second key generated from the second division information and rejects the device if at least one set matches, and passes the device if all sets do not match And using the correction time received from the device and the second division information of the device for the passed device, the latest first division information before the correction time and the second division information of the device and the key generated from the division information, the complement A difference information generation unit that generates and transmits difference information between the key generated from the latest value of the first division information after the time and the second division information of the device, and a second when authenticating a certain device As a step, using the received second division information of the device from the device, a key generated from the latest value of the first division information and the second division information of the device, a key of the device, The key generated from the second division information of each device and the first division information does not match before and after the update of the first division information at a fixed division information deletion cycle and the authentication processing unit that checks for a match between The first division information is generated and stored in the division information history information storage unit together with the history time, and the first division information and the history time before the division information deletion period before the history time are further stored. The division information history information A management apparatus having a division information history information management unit to be deleted from the information storage unit, a division information storage unit for storing second division information of the own device, and a correction time for storing a correction time relating to the key of the own device A storage unit, a key storage unit for storing a key of the own device, and a second step of the own device as a first step of the authentication request of the own device in the same cycle as the division information deletion cycle in addition to when an authorization request is generated The authorization request unit that transmits the division information and the correction time of the key of the own device to the management apparatus, and the key information of the own device is corrected using the difference information of the key received from the management apparatus, and the corrected key is the key A key correction unit that stores the correction time in the storage unit and stores the correction time in the correction time storage unit, and performs authentication processing with the management apparatus using the corrected key as a second stage of the authentication request of the device itself. An authentication processing unit; A device for, characterized by comprising a.

The key management method according to the present invention is a key management method in a key management system in which a key of a certain device is divided and managed as first division information common to each device and individual second division information for the device. When the management apparatus invalidates the key of a certain device, the key generated from the latest value of the first division information and the second division information of the device, and the first before update as a key generated from the newest value and the second division information of the device divided information matches, updating the latest value of the first division information, the management device is first divided Information and the time when the first division information was updated (history time) are stored in the division information history information storage unit, and the management apparatus receives from the device as a first stage when authenticating a device. Of the device Subject but using the second division information "of the corrected time (correction time)" and "the device, the first division information of the corrected time first division information and the corrected time after a previous date The first key is generated from one first division information and the second division information of the device, and the other one for each set. The second key generated from the first division information of the device and the second division information of the device is compared, and if at least one set matches, the device is rejected and all sets do not match And the management apparatus uses the correction time received from the device and the second division information of the device for the device that has passed , and before the correction time. The latest first division information and A key generated from the second division information of the device, and generates difference information between key generated from the newest value and the second division information of the device of the first division information after the correction time And a second stage when the management apparatus authenticates a certain device , using the second division information of the device received from the device, and the latest value of the first division information and the A step of checking a match between the key generated from the second division information of the device and the key of the device, and the management apparatus performs a fixed division information deletion cycle before and after updating the first division information. The first division information is generated so that the keys generated from the second division information of the device and the first division information do not match, and stored in the division information history information storage unit together with the history time. Than the split information A step of deleting the first division information and the history time before the time before the information deletion cycle from the division information history information storage unit, and the same period as the division information deletion cycle in addition to when the authorization request is generated in the step of transmitting as a first stage of the authentication request of the current device, the second division information and the correction time in the correction time storage unit of the own device in the division information storage unit to the management device, the device, the management using the difference information of the key received from the apparatus corrects the key of its own device, the steps of: storing the keys corrected to the key storage unit, to further stores the corrected time to the corrected time storage unit, the device And performing authentication processing with the management apparatus using the corrected key as a second stage of the authentication request of the own device.

A computer program according to the present invention provides a key in a management apparatus of a key management system in which a key of a certain device is divided and managed into first division information common to each device and individual second division information for the device. A computer program for performing management processing, when a key of a certain device is revoked, a key generated from the latest value of the first division information and the second division information of the device, and before the update Updating the latest value of the first division information so that the key generated from the latest value of the first division information matches the key generated from the second division information of the device, and the first division information and a step first division information updated time (the history time) is stored in the division information history information storage unit, as a first step of when authenticating a device, "those received from the device Use time the key of the device is corrected (correction time) "and the" second division information of the device ", the first division of the corrected time first division information and the corrected time after a previous date A first key generated from one first division information and the second division information of the device for each set, with two pieces of first division information that are temporally continuous for the information as a set; The second key generated from the other first division information and the second division information of the device is compared, and if at least one set matches, the device is rejected and all sets do not match And the step of making the device pass if it becomes, and using the correction time received from the device and the second division information of the device for the passed device, the latest before the correction time First division information and the relevant A key generated from the second division information vice, and generates difference information between the key generated from the newest value and the second division information of the device of the first division information after the correction time transmitting And using the second division information of the device received from the device as a second stage when authenticating a certain device, the latest value of the first division information and the second division of the device A step of checking a match between the key generated from the information and the key of the device, and the second division information and the first of each device before and after the update of the first division information at a constant division information deletion period First division information is generated so that the key generated from the division information does not match, and is stored in the division information history information storage unit together with the history time, and further, the time before the history information time by the division information deletion period Previous first minute The computer program for causing a computer functioning as the management device to execute the step of deleting the split information and the history time from the split information history information storage unit.
As a result, the above-described management apparatus can be realized using a computer.

The computer program according to the present invention provides key management in a device of a key management system in which a key of a certain device is divided and managed into first division information common to each device and individual second division information for the device. A computer program for performing processing, and when the authorization request is generated, in the same period as the division information deletion period of the management apparatus, as the first stage of the authentication request of the own device, The step of transmitting the second division information and the correction time in the correction time storage unit to the management device, the key difference information received from the management device is used to correct the key of the own device, and the corrected key is keyed And storing the correction time in the correction time storage unit, and using the corrected key as the second stage of the authentication request of the own device. And wherein the step of performing the serial management apparatus and the authentication process, which is a computer program to be executed by a computer functioning as the device.
As a result, the aforementioned device can be realized using a computer.

  According to the present invention, it is possible to reduce the amount of processing when invalidating a key of a certain device, and to obtain an effect that the amount of information managed by the management server can be suppressed.

It is a graph for demonstrating the basic procedure of the authentication key management method which concerns on one Embodiment of this invention. It is a graph for demonstrating the basic procedure of the authentication key management method which concerns on one Embodiment of this invention. It is a block diagram which shows the structure of the management server 2 which concerns on one Embodiment of this invention. It is a block diagram which shows the structure of the device 20 which concerns on one Embodiment of this invention. It is a conceptual diagram which shows the initial state which concerns on one Embodiment of this invention. It is a conceptual diagram which shows the procedure of invalidation of the device which concerns on one Embodiment of this invention. It is a conceptual diagram which shows the procedure of invalidation of the device which concerns on one Embodiment of this invention. It is a conceptual diagram for demonstrating the authorization process of the device which concerns on one Embodiment of this invention. It is a conceptual diagram which shows the procedure of the authorization process of the device which concerns on one Embodiment of this invention. It is a conceptual diagram which shows the procedure of the authorization process and authentication process of a device which concern on one Embodiment of this invention. It is a graph for demonstrating the subject when deleting division | segmentation information in the authentication key management method which concerns on one Embodiment of this invention. 5 is a flowchart showing a procedure of authentication key update processing related to the device 20 shown in FIG. It is a flowchart which shows the procedure of the division information deletion process which concerns on the division information log | history information management part 14 of the management server 2 shown in FIG. It is a graph for demonstrating the division | segmentation information deletion method which concerns on one Embodiment of this invention. It is explanatory drawing for demonstrating the division | segmentation information deletion method which concerns on one Embodiment of this invention. It is a graph for demonstrating the conventional authentication key management method.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
1 and 2 are graphs for explaining a basic procedure of an authentication key management method according to an embodiment of the present invention. 1 and 2, the relationship between the authentication key and its division information is shown using a two-dimensional graph on the real axis.

First, with reference to FIG. 1, the basic procedure 1 of the authentication key management method (when there is one device to be invalidated) will be described. In FIG. 1, it is assumed that the management server manages the authentication keys of the two devices A and B in common. First, the management server holds initial division information W _{S, 0} common to the devices A and B. The device A holds the division information V _A and the initial authentication key K _{A, 0} . The device B holds the division information V _B and the initial authentication key K _{B, 0} .

In FIG. 1, the division information V _A exists on a straight line connecting the authentication key K _{A, 0} and the division information W _{S, 0} . Similarly, the division information V _B exists on a straight line connecting the authentication key K _{B, 0} and the division information W _{S, 0} . Thus, the management server, by receiving the divided information V _A from the device A, it is possible to recover the authentication key K _{A, 0} and a divided information W _{S, 0} and division information V _A. Then, the management server, by restoring authentication key K _{A, 0} and device A collates the authentication key K _{A, 0} for holding to authenticate the device A. Similarly, the management server, by receiving the divided information V _B from the device B, it is possible to recover the authentication key K _{B, 0} and a divided information W _{S, 0} and division information V _B. Then, the management server, by restored authentication key K _{B, 0} and device B collates the authentication key K _{B, 0} to hold, to authenticate the device B.

Here, it is assumed that the service use registration of the device A is canceled. Then, the management server performs a process of invalidating the authentication key K _{A, 0} of the device A (invalidation of the device A). The management server updates the division information W _{S, 0} held by itself to the division information W _{S, 1} in order to invalidate the device A. The split information W _{S, 1} exists on a straight line connecting the authentication key K _{A, 0} , the split information W _{S, 0} and the split information V _A , and the split key W _{A, 0} and the split information W _{S, 0} It is an arbitrary point excluding the division information V _A. Therefore, the first authentication key K _{A, 1} restored from the updated division information W _{S, 1} and the division information V _{A of the} device A by the management server, and the initial division information W _{S, 0 by the} management server and the second authentication key K _{a, 0} restored from the divided information V _a of the device a match. In the present embodiment, when the first authentication key and the second authentication key match, the device A is regarded as an authentication failure.

On the other hand, for the device B for which the device is not invalidated, the management server restores the first authentication key K _{B, 1} restored from the updated division information W _{S, 1} and the division information V _{B of the} device B; The management server does not match the second authentication key K _{B, 0} restored from the initial division information W _{S, 0} and the division information V _{B of the} device B. In this embodiment, when the first authentication key and the second authentication key do not match, the device B is passed in the first stage of the authentication process, and the authentication process is continued.

Then, the management server for the device B that pass in the first stage of the authentication process to generate an authentication key difference information [Delta] K _{B, 1,} sends an authentication key difference information [Delta] K _{B, 1} to the device B. The authentication key difference information ΔK _{B, 1} is difference information between the initial authentication key K _{B, 0} of the device B and the authentication key K _{B, 1} . Accordingly, the device B can generate the authentication key K _{B, 1} using the authentication key difference information ΔK _{B, 1} and the initial authentication key K _{B, 0} . The authentication key K _{B, 1} exists on a straight line connecting the updated division information W _{S, 1} and the division information V _{B of the} device B. Thus, the management server, in the second stage of the authentication process, by receiving the divided information V _B from the device B, and division information after updating W _{S, 1} authentication key from and the division information V _B K _{B, 1} Can be restored. Then, the management server, by collating the authentication key K _{B, 1} in which the recovered authentication key K _{B, 1} and the device B was generated to authenticate the device B. As a result, the authentication of the device B is successful.

In the above authentication key management method, the timing for sending the authentication key difference information ΔK _{B, 1} to the device B that does not invalidate the device does not have to be immediately after the device A has been invalidated. Up to the second stage or in the second stage of the authentication process. Thereby, the processing amount of the management server at the time of invalidating the key of a certain device can be reduced.

  Next, basic procedure 2 of the authentication key management method (when there are a plurality of devices to be invalidated) will be described with reference to FIG. In FIG. 2, it is assumed that the management server manages the authentication keys of the three devices A, B, and C in common. Then, the management server sequentially invalidates the devices for the two devices A and B.

First, the management server holds initial division information W _{S, 0} common to the devices A, B, and C. The device A holds the division information V _A and the initial authentication key K _{A, 0} . The device B holds the division information V _B and the initial authentication key K _{B, 0} . The device C holds the division information V _C and the initial authentication key K _{C, 0} . The relationship between the division information V _A , the authentication key K _{A, 0} and the division information W _{S, 0} is the same as that in FIG. 1 and exists on the same straight line. Further, the relationship between the division information V _B , the authentication key K _{B, 0} and the division information W _{S, 0} is the same as that in FIG. 1 and exists on the same straight line. The relationship between the division information V _C , the authentication key K _{C, 0} and the division information W _{S, 0} is also the same and exists on the same straight line.

In FIG. 2, the management server first updates the division information W _{S, 0} held by itself to the division information W _{S, 1} in order to invalidate the device A (update 1). The split information W _{S, 1} exists on a straight line connecting the authentication key K _{A, 0} , the split information W _{S, 0} and the split information V _A , and the split key W _{A, 0} and the split information W _{S, 0} It is an arbitrary point excluding the division information V _A. The relationship between the division information V _B , the authentication key K _{B, 1} and the division information W _{S, 1} is the same as that in FIG. 1 and exists on the same straight line. Similarly, the division information V _C , the authentication key K _{C, 1} and the division information W _{S, 1} exist on the same straight line.

Next, the management server updates the division information W _{S, 1} to the division information W _{S, 2} in order to invalidate the device B (update 2). The division information W _{S, 2} exists on a straight line connecting the authentication key K _{B, 1} , the division information W _{S, 1} and the division information V _B , and the authentication key K _{B, 1} and the division information W _{S, 1} It is an arbitrary point excluding the division information V _B. Therefore, as shown in FIG. 2, the first authentication key K _{B, 2} restored from the updated division information W _{S, 2} and the division information V _{B of the} device B by the management server _, and the management server Therefore, the second authentication key K _{B, 1} restored from the division information W _{S, 1 of the} previous update value and the division information V _{B of the} device B coincides with each other. As a result, the device B is regarded as an authentication failure.

On the other hand, as shown in FIG. 2, for the device A for which the device has been invalidated first, the management server restores the updated division information W _{S, 2} and the division information V _{A of the} device A. The first authentication key K _{A, 1} , the second authentication key K _{A, 1} restored by the management server from the divided information W _{S, 1} of the update value immediately before in time and the divided information V _{A of the} device A Is inconsistent. However, the first authentication key K _{A, 1} restored from the division information W _{S, 1} and the division information V _{A of the} device A by the management server and the division of the initial division information W _{S, 0} and the device A by the management server The second authentication key K _{A, 0} restored from the information V _A matches. Therefore, when at least one set of the first authentication key and the second authentication key matches, the device is determined to be unsuccessful, and when all the sets do not match, the device is subjected to the authentication process. The authentication process is continued in one stage and the authentication process is continued.

  As described above, in the present embodiment, two pieces of first division information that are temporally continuous with respect to the initial value and the update value of the division information common to each device (first division information) are used as a set. For each, the first authentication key generated from one of the first division information and the division information (second division information) of the device, the other first division information and the division information of the device (first 2) and the second key generated from the second division information), the device is determined to be an authentication failure if at least one set is matched, and the device is subjected to the first authentication process when all the sets are not matched. At the stage, pass and continue the authentication process.

  The above is the description of the basic procedure of the authentication key management method according to the present embodiment.

FIG. 3 is a block diagram illustrating a configuration of the management server 2 according to the present embodiment. 3, the management server 2 includes a division information management unit 4, a division information history information storage unit 6, an authorization request information verification unit 8, a difference information generation unit 10, an authentication processing unit 12, and a division information history information management unit 14. .
When the division information management unit 4 receives a request for invalidation of a certain device, the division information management unit 4 updates the division information common to each device. The division information history information storage unit 6 stores an initial value and an update value of division information common to each device, and a history time of each division information. The initial value of the division information common to each device corresponds to the initial value of the key of each device. The history time is the time when the division information in the division information history information storage unit 6 is updated, and is for each piece of division information. As the history time, the time when the corresponding division information is generated is used.

  The authorization request information verification unit 8 performs the first stage of the authentication process for the device. The difference information generation unit 10 generates and transmits authentication key difference information to a device that has passed in the first stage of the authentication process. The authentication processing unit 12 performs a first stage of authentication processing for the device. The division information history information management unit 14 periodically deletes the division information history information in the division information history information storage unit 6.

FIG. 4 is a block diagram illustrating a configuration of the device 20 according to the present embodiment. In FIG. 4, the device 20 includes an authorization request unit 22, a division information storage unit 24, an authentication key correction unit 26, an authentication key storage unit 28, an authentication processing unit 30, and a correction time storage unit 32.
The authorization request unit 22 transmits the division information of the own device to the management server 2 to make an authorization request (a request corresponding to the first stage of the authentication process). This authorization request may be generated by a request from an application or the like, and may be generated periodically.

  The division information storage unit 24 stores the division information of the own device. The authentication key correction unit 26 corrects the authentication key of the own device using the authentication key difference information received from the management server 2. The authentication key correction unit 26 records the time (correction time) at which the authentication key of the own device is corrected in the correction time storage unit 32. The authentication key storage unit 28 stores the authentication key of the own device. The authentication processing unit 30 makes an authentication request (a request corresponding to the second stage of the authentication process) to the management server 2 and performs authentication with the management server 2 using the corrected authentication key. The correction time storage unit 32 stores the latest correction time.

  Next, basic operations of the management server 2 and the device 20 according to the present embodiment will be sequentially described with reference to FIGS. This basic operation corresponds to the basic procedure of the authentication key management method according to the present embodiment described above. In addition, the management server 2 and each device 20 shall transmit / receive data by communication. For example, data is transmitted and received via a communication network such as the Internet.

[initial state]
FIG. 5 is a conceptual diagram showing an initial state according to the present embodiment. In FIG. 5, the management server 2 holds initial division information W _{S, 0} common to the devices 20A, 20B, and 20C. Further, the partition information history information storage section 6 in the management server 2, the partition information history information W _S, as _R, and stores the initial division information W _{S, 0} and division information W _S, history time t ₀ of ₀ . The device 20A holds the division information V _A and the initial authentication key K _{A, 0} . The device 20B holds the division information V _B and the initial authentication key K _{B, 0} . The device 20C holds the division information V _C and the initial authentication key K _{C, 0} .

Disable device
FIG. 6 is a conceptual diagram illustrating a device invalidation procedure according to the present embodiment. Here, first, the device 20A is invalidated in the initial state shown in FIG.
Step S11: The device 20A transmits its division information V _A to the management server 2 and requests invalidation of its own device.

Step S12: In the management server 2, the division information management unit 4 uses the initial value (division information W _{S, 0} ) in the division information history information W _{S, R} and the division information V _{A of the} device 20A to determine the division information. An update value (division information W _{S, 1} ) is generated. The division information W _{S, 1,} as shown in FIGS. 1 and 2, present in the straight line connecting the divided information W _{S, 0} and division information V _A, and, dividing the authentication key K _{A, 0} This is an arbitrary point excluding the information W _{S, 0} and the division information V _A.

Step S13: In the management server 2, the division information history information storage unit 6 uses the division information history information W _{S, R} as the initial division information W _{S, 0} and the history time t _{0 of the} division information W _{S, 0} and the update value. Of the divided information W _{S, 1} and the history time t _{A of the} divided information W _{S, 1} are stored. Thereby, in the division information history information W _{S, R} , the division information W _{S, 0} is an initial value, and the division information W _{S, 1} is an updated value.

Next, it is assumed that the device 20B is further invalidated in a state where the device 20A shown in FIG. 6 is invalidated. FIG. 7 is a conceptual diagram showing a procedure for invalidating the device 20B.
Step S41: The device 20B transmits its division information V _B to the management server 2 and requests invalidation of its own device.

Step S42: In the management server 2, the division information management unit 4 divides the latest value in the division information history information W _{S, R} (here, the division information W _{S, 1} which is the only update value) and the division of the device 20B. Using the information V _B , the latest value of the division information (division information W _{S, 2} ) is generated. As shown in FIG. 2 _{, the} division information W _{S, 2} exists on a straight line connecting the division information W _{S, 1} and the division information V _B , and the authentication key K _{B, 1} and the division information W _{S. , 1} and the division information V _B are arbitrary points.

Step S43: In the management server 2, the division information history information storage unit 6 uses the division information history information W _{S, R} as the initial division information W _{S, 0} and the history time t _{0 of the} division information W _{S, 0} and the update value. division information W _{S, 1} and the divided information W _{S, 1} historical time t _a, the division information of the updated value W _{S, 2} and the partition information W storing and _{S, 2} historical time t _B. Thereby, in the division information history information W _{S, R} , the division information W _{S, 0} is an initial value, the division information W _{S, 1} , W _{S, 2} is an update value, and the division information W _{S, 2} is the latest. Value. In addition, in the division information history information W _{S, R} , it can be seen which division information and which division information are temporally continuous.

[Device authorization process (first stage of authentication process)]
FIG. 8 is a conceptual diagram for explaining device authorization processing according to the present embodiment. In FIG. 8, the division information history information storage unit 6 of the management server 2 includes initial division information W _{S, 0} and division information W _{S, 1} , M update values as division information history information W _{S, R.} ..., W _{S, M} and the history time of each piece of division information are stored. M is the number of devices that have been invalidated.

As shown in FIG. 8, when invalidating a certain device Z, two pieces of division information that are temporally continuous in the division information history information W _{S, R} are set as a set, and for each set, one piece of division information and comparing the first authentication key generated from the division information V _Z of the device Z, a second key generated from the division information V _Z of the other division information and the device Z, at least one pair matches In this case, the device Z is determined to be an authentication failure, and if all the sets do not match, the device Z is determined to pass in the first stage of the authentication processing and the authentication processing is continued.

FIG. 9 is a conceptual diagram showing a procedure of device authorization processing according to the present embodiment. Here, it is assumed that the authorization process of the device 20A is performed in a state where the devices 20A and 20B shown in FIG. 7 are invalidated.
Step S51: The device 20A transmits its division information V _A to the management server 2 and requests authorization of the own device.

Step S52: In the management server 2, the authorization request information verification unit 8 performs the division information V _{S, 0} , W _{S, 1} , W _{S, 2} and the division information V of the device 20A in the division information history information W _{S, R. Using A} , three authentication keys K _{A, 0} , K _{A, 1} and K _{A, 2} are generated. Next, the authorization request information verification unit 8 sets two pieces of divided information that are temporally continuous as divided information W _{S, 0} , W _{S, 1} , W _{S, 2} , and compares the authentication keys for each set. As a result, the authentication key # 1 (K _{A, 2} ) generated from the divided information W _{S, 2} and the divided information V _A and the authentication key generated from the divided information W _{S, 1} and the divided information V _A ( As a result of comparison with K _{A, 1} ), there is a discrepancy. Further, the partition information W _{S, 1} and split information V _A generated from the authentication key (K _{A, 1),} the partition information W _{S, 0} and division information V _A authentication key is generated from the # 2 (K _{A, 0} ) is compared, and the result is a match.

Step S53: Since the authentication key (K _{A, 1} ) and the authentication key # 2 (K _{A, 0} ) match _{, the} authorization request information verification unit 8 notifies the device 20A of refusing to continue the authentication process. Send. As a result, the authentication of the device 20A fails.

[Device authorization process (first stage of authentication process) and authentication process (second stage of authentication process)]
FIG. 10 is a conceptual diagram showing a procedure of device authorization processing and authentication processing according to the present embodiment. Here, in the state where the devices 20A and 20B shown in FIG. 7 are invalidated, the authorization process and the authentication process of the device 20C where the device is not invalidated are performed.
Step S61: The device 20C transmits its division information V _C to the management server 2 and requests authorization of its own device.

Step S62: In the management server 2, the authorization request information verification unit 8 makes all the pieces of division information W _{S, 0} , W _{S, 1} , W _{S, 2} in the division information history information W _{S, R} and the division information V of the device 20C. _{Using C} , three authentication keys K _{C, 0} , K _{C, 1} and K _{C, 2} are generated. Next, the authorization request information verification unit 8 sets two pieces of divided information that are temporally continuous as divided information W _{S, 0} , W _{S, 1} , W _{S, 2} , and compares the authentication keys for each set. As a result, the authentication key # 1 (K _{C, 2} ) generated from the divided information W _{S, 2} and the divided information V _C and the authentication key generated from the divided information W _{S, 1} and the divided information V _C ( As a result of comparison with K _{C, 1} ), there is a mismatch. Further, the partition information W _{S, 1} and split information V _C generated from the authentication key (K _{C, 1),} the partition information W _{S, 0} and division information V _C authentication key is generated from the # 2 (K As a result of comparison with ( _{C, 0} ), there is a mismatch.

Step S63: The authorization request information verification unit 8 does not match the comparison result of the authentication keys in all the pairs, so the authentication key # 1 (K _{C, 2} ) corresponding to the latest update value division information W _{S, 2} And authentication key difference information ΔK _{C, 2} is generated by calculating the difference between the authentication key # 2 (K _{C, 0} ) corresponding to the initial division information W _{S, 0} .
Step S64: The authorization request information verification unit 8 transmits the authentication key difference information ΔK _{C, 2} to the device 20C.

Step S65: the device 20C using the authentication key difference information [Delta] K _{C, 2} to correct their initial authentication key K _{C, 0,} obtain the authentication key K _{C, 2} corrected.
Step S66: The device 20C performs authentication with the management server 2 using the corrected authentication key K _{C, 2} . At this time, the management server 2 checks whether the authentication key # 1 (K _{C, 2} ) matches the authentication key K _{C, 2} of the device 20C. Thereby, the authentication of the device 20C is successful.

  The above is the description of the basic operations of the management server 2 and the device 20 according to the present embodiment.

  Next, a division information deletion procedure in the authentication key management method according to the present embodiment will be described.

  In FIG. 8 described above, the management server 2 holds the division information (initial value) and the division information (update values) for the number of devices that have been invalidated. However, since it is preferable that the amount of information managed by the management server is small, in this embodiment, the division information held by the management server 2 is reduced.

First, it will be described that inconvenience occurs only by reducing the division information held by the management server 2. FIG. 11 is a graph for explaining a problem when the division information is deleted in the authentication key management method according to the present embodiment. In FIG. 11, the relationship between an authentication key and its division information is shown using a two-dimensional graph on the real axis. FIG. 11 shows a state when the initial division information W _{S, 0} held by the management server is deleted in the state of FIG. Accordingly, in FIG. 11, the devices 20A and 20B have been invalidated, and the device 20C has not been invalidated. In addition, since the management server deletes the initial division information W _{S, 0} , it retains the remaining division information W _{S, 1} , W _{S, 2} .

(Problem 1)
For the device 20C that has not been invalidated, simply deleting the division information W _{S, 0} causes inconvenience as described below. In the authorization process (the first stage of the authentication process) for the device 20C, the authentication key K _{C, 2} and the authentication key K _{C, 2 in the combination of} the divided information W _{S, 2} and the divided information W _{S, 1} that are continuous in time _{. No} match with ₁ . Since the initial division information W _{S, 0} has been deleted, there is no combination of the division information W _{S, 1} and the division information W _{S, 0} , so the authentication key comparison process ends, and the device 20C Pass in the first stage of the authentication process. Next, authentication key difference information ΔK _{C, 2} between the authentication key K _{C, 2} and the authentication key K _{C, 1} is generated and sent to the device 20C, and the authentication key K _{C, 0} of the device 20C is corrected. Then, is different from the authentication key K _{C, 1} and the authentication key K _{C, 0,} corrected authentication key K _{C, 0} of the device 20C does not become authentication key K _{C, 2,} as a result, invalidation The device 20 </ b> C that has not been performed results in an authentication failure.

(Problem 2)
For the device 20B that has been invalidated, the authentication key KB _{, 2} and the authentication key KB _{, 1} match in the set of the temporally continuous split information WS _{, 2} and split information WS _{, 1.} Therefore, authentication fails correctly. However, for the device 20A that has been invalidated, simply deleting the division information W _{S, 0} causes inconvenience as described below. In the authorization process (first stage of the authentication process) for the device 20A, the authentication key K _{A, 2} and the authentication key K _{A, 2} in the set of the division information W _{S, 2} and the division information W _{S, 1} that are continuous in time _{. No} match with ₁ . However, since the initial division information W _{S, 0} has been deleted, there is no combination of the division information W _{S, 1} and the division information W _{S, 0} , so the authentication key comparison process ends, and the device 20A Pass in the first stage of the authentication process. Next, authentication key difference information ΔK _{A, 2} between the authentication key K _{A, 2} and the authentication key K _{A, 1} is generated and sent to the device 20A, and the authentication key K _{A, 0} of the device 20A is corrected. Then, since the authentication key K _{A, 1} and the authentication key K _{A, 0} are the same, after the authentication key K _{A, 0} of the device 20A is corrected, it becomes the authentication key K _{A, 2} , and as a result, invalidation is performed. The disconnected device 20A is successfully authenticated.

  In the present embodiment, the device 20 and the management server 2 perform processing in order to solve the problems 1 and 2 described above.

FIG. 12 is a flowchart showing the procedure of the authentication key update process related to the device 20 shown in FIG. The operation of the device 20 will be described with reference to FIG.
Step S101: The authorization request unit 22 determines whether an authorization request has occurred due to a request from an application or the like. As a result, if an authorization request has occurred, the process proceeds to step S103, and if an authorization request has not occurred, the process proceeds to step S102.

Step S102: The authorization request unit 22 determines whether it is a key update timing. The key update timing is a constant period T _D. As a result, if it is the key update timing, the process proceeds to step S103, and if it is not the key update timing, the process returns to step S101.

  Step S103: The authorization request unit 22 reads the division information of the own device from the division information storage unit 24. Further, the authorization request unit 22 reads the latest correction time from the correction time storage unit 32.

  Step S104: The authorization request unit 22 transmits the division information and correction time of the own device acquired in step S103 to the management server 2, and requests authorization of the own device. Thereby, the authorization request information verification unit 8 in the management server 2 compares the correction time received from the device 20 with the history time in the division information history information storage unit 6, and the division information in the division information history information storage unit 6. Then, the latest division information before the correction time and the division information after the correction time are extracted. And the authorization request information verification part 8 performs the authorization process (the 1st step of an authentication process) with respect to the said device 20 using the extracted division | segmentation information. The authorization request information verification unit 8 generates authentication key difference information and transmits it to the device 20 when the device 20 passes in the authorization process (first stage of the authentication process).

  Step S105: In the device 20, the authorization request unit 22 determines whether or not the authentication key difference information has been received from the management server 2 within a certain period after the authorization request in Step S104. As a result, when the authentication key difference information is received, the process proceeds to step S106, and when the authentication key difference information is not received, the process returns to step S101.

  Step S106: In the device 20, the authentication key correction unit 26 corrects the latest authentication key in the authentication key storage unit 28 using the authentication key difference information received from the management server 2. The authentication key storage unit 28 stores the corrected authentication key as the latest authentication key. The latest authentication key is used when the authentication processing unit 30 performs authentication processing (second stage of authentication processing) with the management server 2.

  Step S107: The authentication key correction unit 26 records the time when the authentication key is corrected in step S105 in the correction time storage unit 32 as the latest correction time. Thereafter, the process returns to step S101.

FIG. 13 is a flowchart showing the procedure of the division information deletion process related to the division information history information management unit 14 of the management server 2 shown in FIG. The operation of the division information history information management unit 14 of the management server 2 will be described with reference to FIG.
Step S201: The division information history information management unit 14 determines whether it is a deletion timing. Remove the timing is the same cycle T _D and a key update timing of the device 20. As a result, when it is the deletion timing, the process proceeds to step S202, and when it is not the deletion timing, the process returns to step S201.

Step S202: The division information history information management unit 14 generates division information (new value). The division information (new value) is generated as a value that is not on all straight lines passing through the latest division information in the division information history information storage unit 6 and the division information of each device. The time when this division information (new value) is generated is t ₁ . As a result, the authentication keys do not match before and after the division information is updated.

Step S203: The division information history information management unit 14 divides information before the time (t ₁ -T _D ) when the division information (new value) is generated from the division information history information in the division information history information storage unit 6. Delete history information (partition information and history time).

Step S204: dividing information history information managing unit 14 stores the division information (new value) and history time t ₁ generated in step S202 to the division information history information storage section 6. Thereafter, the process returns to step S201.

Here, the division information deletion method according to the present embodiment will be described with reference to FIGS. 14 and 15. FIG. 14 is a graph for explaining the division information deleting method according to the present embodiment. In FIG. 14, the relationship between an authentication key and its division | segmentation information is shown using the two-dimensional graph on a real number axis. FIG. 15 is an explanatory diagram for explaining the division information deletion method according to the present embodiment. FIG. 15 shows temporal changes in the division information history information W _{S, R} in the division information history information storage unit 6 of the management server 2. 14 and 15 correspond to each other.

In FIG. 15, first, at time t ₀ , the division information history information W _{S, R} has initial division information W _{S, 0} common to the devices 20A, 20B, and 20C. The device 20A holds the division information V _A and the initial authentication key K _{A, 0} . The device 20B holds the division information V _B and the initial authentication key K _{B, 0} . The device 20C holds the division information V _C and the initial authentication key K _{C, 0} .

Next, at time t _A , the device 20A is invalidated. Thereby, the division information history information W _{S, R} stores the initial division information W _{S, 0} and its history time t ₀ , the update value division information W _{S, 1} and its history time t _A. As shown in FIG. 14 _{, the} update value division information W _{S, 1} is present on a straight line connecting the division information W _{S, 0} and the division information V _A , and the authentication key K _{A, 0} and the division information. This is an arbitrary point excluding W _{S, 0} and division information V _A.

At time t ₁ then becomes a deletion timing of the period T _D, performs division information deletion process of FIG 13. Thereby, the division information (new value) W _{S, 1new} is generated. Then, the division information and the history time before the time (t ₁ -T _D = t ₀ ) are deleted from the division information history information W _{S, R.} Here, there is no relevant division information and history time. Then, division information (new value) W _{S, 1new} and its history time t ₁ are added to the division information history information W _{S, R.} As a result, the division information history information W _{S, R} includes the initial division information W _{S, 0} and its history time t ₀ , the update value division information W _{S, 1} and its history time t _A, and the division information (new Value) W _{S, 1new} and its history time t ₁ are stored.

The division information (new value) W _{S, 1new} is generated as a value that is not on all straight lines passing through the latest division information in the division information history information storage unit 6 and the division information of each device. As a result, the authentication keys do not match before and after the division information is updated. An example of a method for generating the division information (new value) W _{S, 1new} will be described with reference to FIG. First, a straight line L1 passing through the latest division information W _{S, 1} in the division information history information storage unit 6 and parallel to the vertical axis is obtained. Next, a point randomly selected from an arbitrary point excluding the division information W _{S, 1} on the straight line L1 is set as division information (new value) W _{S, 1new} . As a result, the division information (new value) W _{S, 1new} has a high probability of all straight lines passing through the division information W _{S, 1} and the division information V _A , V _B , V _{C of} each device 20A, 20B, 20C. Generated as a value not above. As a result, each authentication key K _{A, 1new} , K _{B, 1new} , K _{C, 1new} using the division information (new value) W _{S, 1new} is each authentication key using the division information W _{S, 1} before the update. K _{A, 1} , K _{B, 1} and K _{C, 1} do not match.

Next, at time t _B , the device 20B is invalidated. Thereby, the divided information history information W _{S, R} includes the initial divided information W _{S, 0} and its history time t ₀ , the divided information W _{S, 1} and its history time t _A, and the divided information (new value) W. _{S, 1new} and its history time t ₁ , update value division information W _{S, 2} and its history time t _B are stored. As shown in FIG. 14 _{, the} update value division information W _{S, 2} exists on a straight line connecting the division information W _{S, 1new} and the division information V _B , and the authentication key K _{B, 1new} and the division information. This is an arbitrary point excluding W _{S, 1new} and division information V _B. The authentication key K _{B, 1new} is defined from the division information W _{S, 1new} and the division information V _B.

At time t ₂ then becomes a deletion timing of the period T _D, performs division information deletion process of FIG 13. Thereby, the division information (new value) W _{S, 2new} is generated. Then, the division information W _{S, 0} , W _{S, 1} and the history times t ₀ , t _A before the time (t ₂ −T _D = t ₁ ) and the history times t ₀ , t _A are deleted from the division information history information W _{S, R.} Then, division information (new value) W _{S, 2new} and its history time t ₂ are added to the division information history information W _{S, R.} As a result, division information history information W _{S, R} is stored division information (new value) W _S, and _1new and history time t _1, the division information (new value) W _S, and _2new and history time t ₂ To do.

Thus, for a device 20C not invalidate is performed by the authentication key updating process of FIG 12 is performed in the same period T _D and deleting timing, since the authentication key of the device 20C is modernized, Authentication is successful. For example, consider the authorization process for the device 20C at time t ₂ after the (first stage of the authentication process). At this time, the authentication key of the device 20C is _corrected to the authentication key K _{C, 1new} by the division information W _{S, 1new} or the authentication key K _{C, 2} by the division information W _{S, 2} by the authentication key update process. . Here, it is assumed that the authentication key update process of the device 20C is performed in the period from the time t _B to the time t ₂ and the authentication key of the device 20C is corrected to the authentication key K _{C, 2} .

Then, the authorization process for the device 20C at time t ₂ later (first stage of the authentication process), the partition information history information W _S, among the _R, between the corrected time (time t _B of the device 20C until time t ₂ Only the latest division information W _{S, 2} before and the division information W _{S, 2new} after the correction time are used. As a result, the comparison result between the authentication key K _{C, 2new} and the authentication key K _{C, 2} becomes inconsistent in the set of the division information W _{S, 2new} and the division information W _{S, 2} that are temporally continuous. As a result, the device 20C passes in the first stage of the authentication process. Next, authentication key difference information ΔK _{C, 2new} between the authentication key K _{C, 2new} and the authentication key K _{C, 2} is generated and sent to the device 20C, and the authentication key of the device 20C is corrected. Here, the authentication key of the device 20C is because it is corrected in the authentication key K _{C, 2} by witness key update process, the authentication key difference information [Delta] K _C, authenticated by _2NEW key K _C, is corrected to _2NEW. As a result, the device 20C correctly authenticates successfully.

For the invalidated device 20A, even if the authentication key update process of FIG. 12 is performed in the period T _D , the authentication key K _{A, 0} is authenticated as the authentication key during the period from time t ₀ to time t _{B of} FIG. Since the key K _{A, 1} matches, the authorization process (first stage of the authentication process) in step S104 fails and the authentication key difference information cannot be obtained. Accordingly, the authentication key of the device 20A is not updated. Then, the authorization process for the device 20A at time t ₂ later (first stage of the authentication process), the partition information W _S temporally _{consecutive, 2NEW} the division information W _{S, 2} and the pair, and division information W _{S , 2} and the division information W _{S, 1new} , the comparison result of the authentication key is inconsistent, and the device 20A passes in the first stage of the authentication process. However, the authentication key difference information [Delta] K _A, is sent _2NEW in is generated by the device 20A (authentication key K _{A, 2NEW} authentication key K _A, difference information between _{1 NEW),} the device by the authentication key difference information [Delta] K _{A, 2NEW} Even if the authentication key 20A is corrected, the authentication key K _{A, 0} of the device 20A remains the authentication key K _{A, 2new} and therefore does not become the authentication key K _{A, 2new} . As a result, the device 20A correctly fails in authentication.

For the invalidated device 20B, the authentication key K _{B, 2} and the authentication key K _{B, 1new} coincide with each other in the set of the division information W _{S, 2} and the division information W _{S, 1new} that are temporally continuous. Therefore, authentication fails correctly.

  As described above, according to the present embodiment, the division information held by the management server 2 can be reduced.

In addition, a program for realizing each step performed by the management server 2 according to the above-described embodiment or each step performed by the device 20 is recorded on a computer-readable recording medium and recorded on the recording medium. The key management process may be performed by causing the computer system to read and execute the program. Here, the “computer system” may include an OS and hardware such as peripheral devices.
“Computer-readable recording medium” refers to a flexible disk, a magneto-optical disk, a ROM, a writable nonvolatile memory such as a flash memory, a portable medium such as a DVD (Digital Versatile Disk), and a built-in computer system. A storage device such as a hard disk.

Further, the “computer-readable recording medium” means a volatile memory (for example, DRAM (Dynamic DRAM) in a computer system that becomes a server or a client when a program is transmitted through a network such as the Internet or a communication line such as a telephone line. Random Access Memory)), etc., which hold programs for a certain period of time.
The program may be transmitted from a computer system storing the program in a storage device or the like to another computer system via a transmission medium or by a transmission wave in the transmission medium. Here, the “transmission medium” for transmitting the program refers to a medium having a function of transmitting information, such as a network (communication network) such as the Internet or a communication line (communication line) such as a telephone line.
The program may be for realizing a part of the functions described above. Furthermore, what can implement | achieve the function mentioned above in combination with the program already recorded on the computer system, and what is called a difference file (difference program) may be sufficient.

  As mentioned above, although embodiment of this invention was explained in full detail with reference to drawings, the specific structure is not restricted to this embodiment, The design change etc. of the range which does not deviate from the summary of this invention are included.

DESCRIPTION OF SYMBOLS 2 ... Management server, 4 ... Division information management part, 6 ... Division information history information storage part, 8 ... Authorization request information verification part, 10 ... Difference information generation part, 12 ... Authentication processing part, 14 ... Division information history information management part , 20 ... Device, 22 ... Authorization request unit, 24 ... Division information storage unit, 26 ... Authentication key correction unit, 28 ... Authentication key storage unit, 30 ... Authentication processing unit, 32 ... Correction time storage unit

Claims (4)

In a key management system in which a key of a device is divided and managed into first division information common to each device and individual second division information for the device,
When invalidating the key of a certain device, the key generated from the latest value of the first division information and the second division information of the device, the latest value of the first division information before the update, and the device A division information management unit that updates the latest value of the first division information so that a key generated from the second division information matches,
A division information history information storage unit that stores the first division information and the time (history time) at which the first division information was updated;
As a first step when authenticating a certain device, using the “time when the key of the device was corrected (correction time)” and “second division information of the device” received from the device, the correction time A pair of two pieces of first division information that are temporally continuous with respect to the previous latest first division information and the first division information after the correction time, and one first division for each set. Comparing the first key generated from the information and the second division information of the device with the second key generated from the other first division information and the second division information of the device; A verification unit that rejects the device when at least one set matches, and passes the device when all sets do not match; and
For the device that has passed, the correction time received from the device and the second division information of the device are used, and the latest first division information and the second division information of the device before the correction time are used. a key and difference information generating unit that generates and transmits difference information between key generated from the newest value and the second division information of the device of the first division information after the correction time generated from a,
As a second step when authenticating a certain device, the second division information of the device received from the device is used and generated from the latest value of the first division information and the second division information of the device An authentication processing unit that checks for a match between the generated key and the key of the device,
First division information is generated so that the keys generated from the second division information and the first division information of each device do not match before and after updating the first division information at a fixed division information deletion cycle. Stored in the division information history information storage unit together with the history time, and further deletes from the division information history information storage unit the first division information and the history time before the division information deletion period before the history time. A management apparatus having a division information history information management unit;
A division information storage unit that stores second division information of the device itself;
A correction time storage unit for storing a correction time related to the key of the own device;
A key storage unit for storing the key of the own device;
In addition to the time when the authorization request is generated, the second division information of the own device and the correction time of the key of the own device are transmitted to the management apparatus as the first stage of the authentication request of the own device in the same cycle as the division information deletion cycle. An authorization requesting unit,
A key correction unit that corrects the key of the device itself using the key difference information received from the management device, stores the corrected key in the key storage unit, and further stores the correction time in the correction time storage unit When,
A device having an authentication processing unit that performs authentication processing with the management device using the corrected key as a second stage of the authentication request of the own device;
A key management system characterized by comprising: A key management method in a key management system in which a key of a certain device is divided and managed into first division information common to each device and second division information individual to the device,
When the management apparatus invalidates the key of a certain device, the key generated from the latest value of the first division information and the second division information of the device, and the latest of the first division information before the update Updating the latest value of the first division information so that the value and the key generated from the second division information of the device match;
A step wherein the management apparatus, for storing first partition information and the first division information updated time (the history time) the division information history information storage unit,
As the first step when the management apparatus authenticates a certain device, the “time when the key of the device is corrected (correction time)” and “second division information of the device” received from the device are used. Then, the first division information that is the latest before the correction time and the first division information that is continuous after the correction time are grouped into two sets of first division information that are temporally continuous. The first key generated from the first division information of the device and the second division information of the device, and the second key generated from the other first division information and the second division information of the device And, if at least one set matches, reject the device, and if all sets do not match, pass the device;
The management apparatus uses the correction time received from the device and the second division information of the device for the device that has passed , and the latest first division information before the correction time and the device a key generated from the second division information, the step of generating and transmitting the difference information between key generated from the newest value and the second division information of the device of the first division information after the correction time When,
As the second stage when the management apparatus authenticates a certain device , the second division information of the device received from the device is used, and the latest value of the first division information and the second value of the device are used. Checking for a match between the key generated from the split information and the key of the device;
The first division so that the key generated from the second division information and the first division information of each device does not match before and after the update of the first division information at a predetermined division information deletion cycle. Information is generated and stored together with the history time in the division information history information storage unit, and the first division information and the history time before the division information deletion period before the history time are stored as the division information history information. Deleting from the storage unit;
As the first stage of the authentication request of the own device, the device has the second division information of the own device in the division information storage unit and the correction time storage unit in the same period as the division information deletion cycle in addition to when the authorization request is generated Transmitting the correction time to the management device;
The device corrects the key of the device using the key difference information received from the management apparatus, stores the corrected key in the key storage unit, and further stores the correction time in the correction time storage unit. Steps,
The device performs an authentication process with the management apparatus using the corrected key as a second stage of the authentication request of the own device;
A key management method comprising: A computer program for performing key management processing in a management apparatus of a key management system in which a key of a device is divided and managed into first division information common to each device and second division information individual to the device Because
When invalidating the key of a certain device, the key generated from the latest value of the first division information and the second division information of the device, the latest value of the first division information before the update, and the device Updating the latest value of the first division information so that the key generated from the second division information matches,
Storing the first division information and the time (history time) at which the first division information was updated in the division information history information storage unit;
As a first step when authenticating a certain device, using the “time when the key of the device was corrected (correction time)” and “second division information of the device” received from the device, the correction time A pair of two pieces of first division information that are temporally continuous with respect to the previous latest first division information and the first division information after the correction time, and one first division for each set. Comparing the first key generated from the information and the second division information of the device with the second key generated from the other first division information and the second division information of the device; Rejecting the device if at least one set matches, and passing the device if all sets do not match;
For the device that has passed, the correction time received from the device and the second division information of the device are used, and the latest first division information and the second division information of the device before the correction time are used. a step in which the key generated, generates and transmits difference information between key generated from the newest value and the second division information of the device of the first division information after the correction time from a,
As a second step when authenticating a certain device, the second division information of the device received from the device is used and generated from the latest value of the first division information and the second division information of the device Checking for a match between the generated key and the key of the device;
First division information is generated so that the keys generated from the second division information and the first division information of each device do not match before and after updating the first division information at a fixed division information deletion cycle. Stored in the division information history information storage unit together with the history time, and further deletes from the division information history information storage unit the first division information and the history time before the division information deletion period before the history time. Steps,
A computer program for causing a computer functioning as the management apparatus to execute the program. A computer program for performing key management processing in a device of a key management system in which a key of a certain device is divided and managed into first division information common to each device and individual second division information for the device There,
In the same period as the division information deletion period of the management device in addition to when the authorization request is generated, as the first stage of the authentication request of the own device, the second division information of the own device in the division information storage unit and the correction time storage unit Transmitting a correction time to the management device;
Correcting the key of the device using the key difference information received from the management apparatus, storing the corrected key in the key storage unit, and further storing the correction time in the correction time storage unit;
Performing authentication processing with the management apparatus using the corrected key as a second stage of the authentication request of the own device;
A computer program for causing a computer functioning as the device to execute.