JP6266403B2 - Communication apparatus, system, and program - Google Patents

Description

  The present invention relates to a communication apparatus, system, and program, and can be applied to, for example, a home energy management system (HEMS) or a sensor network system that uses ECHONET Lite (trademark) as a communication protocol. .

  2. Description of the Related Art Conventionally, there is a HEMS that connects home appliances via a network, enables grasping of operation status and energy consumption status, and remote operation.

  As a network communication standard for realizing HEMS, for example, the ECHONET Lite protocol is used. FIG. 8 is a diagram showing the positioning of the ECHONET Lite protocol in the OSI layer. The ECHONET Lite protocol is a communication protocol related to the 5th layer and the 6th layer, and basically does not include provisions related to the lower layer (1 to 4 layers). Even if the ECHONET Lite protocol is applied, the lower layer (1 layer to Various protocols (for example, global communication specifications) can be applied to the (fourth layer). In the application layer (seventh layer), an application that considers that the ECHONET Lite protocol has been applied is applied.

  The ECHONET Lite protocol itself does not support security. In the ECHONET Lite protocol, an ECHONET Lite node is applied by applying an existing secure communication standard technology such as ZigBee (registered trademark) IP in a lower layer of 4 layers or less. Secured security transparently.

  FIG. 9 shows an example of the secure mechanism in the lower layer. DTLS (Datagram Transport Layer Security) can be applied as a four-layer secure mechanism, IPsec (Security Architecture for IP) can be applied as a three-layer secure mechanism, and WEP (Wired Equivalent Private) and WEP (Wired Equivalent Private) -Fi Protected Access), WPA2, AES-CCM (AES-Counter with CBC-MAC) or IEEE 802.1X can be applied.

  These lower-layer secure mechanisms alleviate the development burden on ECHONET Lite nodes and make it easier to work on device development.

  Conventionally, various methods have been proposed as means for preventing control of home appliances by unauthorized access. Patent Document 1 discloses a technique for authenticating a user when accessing a home electric appliance connected to a network line by remote control. Patent Document 2 discloses a technique for requesting transmission of a password set in a home appliance when an operation request to the home appliance connected to a network line is received from outside the house.

JP2011-244499A JP 2003-309883 A

  However, since there is no concept of account access control in the ECHONET Lite protocol, a malicious user from a node belonging to the same network (for example, ZigBee IP network) to another ECHONET Lite node is a pseudo ECHONET Lite message. When creating and transmitting (see FIG. 6 described later), there was no means for preventing device control. For example, the ECHONET Lite node that has received an ECHONET Lite message that sets the operation mode of the home air conditioner to heating switches the operation mode of the home air conditioner to heating without any doubt, and controls the device from a malicious user. Was possible.

  In this respect, the techniques described in Patent Document 1 and Patent Document 2 do not disclose any method for dealing with malicious unauthorized access from the same network in which the ECHONET Lite protocol is used.

  Therefore, even when a communication protocol related to a higher layer is applied to a lower layer secure mechanism, communication that can prevent malicious unauthorized access without violating the rules of that communication protocol. Devices, systems and programs are desired.

The first of the present invention is left security features secure mechanism of the lower layer in the OSI layers, a message in accordance with a communication protocol according thereto from the upper layer, one or more in accordance with the format of the message In a communication device that forms and transmits a message in which property information is inserted, (1) authentication information acquisition means for acquiring authentication information used by the message receiving side device for authenticity verification of the message ; (2) the acquired the authentication information, and having an authentication information insertion means for inserting into the message as the property information.

According to a second aspect of the present invention, there is provided a communication device that receives a message transmitted by the communication device according to the first aspect of the present invention. (1) In the message that is inserted into the message as property information according to the format of the message. Authentication information extracting means for extracting authentication information used for validity authentication ; (2) verification information acquisition means for acquiring verification information for verification against all or part of the extracted authentication information; ) It is characterized by comprising authentication means for authenticating the validity of the received message based on the extracted authentication information and the acquired verification information.

  The communication system of the third aspect of the present invention is characterized in that the communication apparatus of the first aspect of the present invention and the communication apparatus of the second aspect of the present invention are opposed to each other via a network.

A communication program according to a fourth aspect of the present invention is a message according to a communication protocol related to a higher layer, in which a security function is entrusted to a lower layer secure mechanism in the OSI layer , and is in accordance with the format of the message. Alternatively, a computer installed in a communication device that forms and transmits a message in which a plurality of property information is inserted is used. (1) For authentication that the receiving device of the message acquires authentication information used for authenticity verification of the message an information acquisition means and (2) the acquired the authentication information, function as an authentication information insertion means for inserting into the message as the property information.

According to a fifth aspect of the present invention, there is provided a communication program comprising: a computer installed in a communication device that receives a message transmitted by the communication device according to the first invention; (1) property information conforming to the message format; and authentication information extraction means for extracting the authentication information used for validity authentication of the message, which is inserted as, (2) verification of acquiring verification information to be matched with all or a portion of the extracted authentication information And (3) functioning as authentication means for authenticating the validity of the received message based on the extracted authentication information and the acquired verification information.

  According to the present invention, even when a communication protocol related to a higher layer is applied to a lower layer secure mechanism, a malicious unauthorized access without violating the definition of the communication protocol. Can be prevented.

It is a block diagram which shows the structure of the communication system which concerns on 1st Embodiment. It is explanatory drawing which shows the structure of the radio | wireless network containing the intermediate node of FIG. 1 as a component. It is explanatory drawing which shows the structure of the wired network which contains the parent node of FIG. 2 as a component. It is a block diagram which shows the structure of the communication apparatus which concerns on 1st Embodiment. It is explanatory drawing which shows the ECHONET Lite message format exchanged in the communication system of 1st Embodiment. It is a flowchart which shows the transmission operation | movement of the ECHONET Lite message | telegram in 1st Embodiment. It is a flowchart which shows the reception operation | movement of the ECHONET Lite message in 1st Embodiment. It is explanatory drawing which shows the position of the ECHONET Lite protocol in an OSI layer. It is explanatory drawing which shows the secure mechanism in the lower layer of an ECHONET Lite protocol.

(A) First Embodiment Hereinafter, a first embodiment of a communication apparatus, system, and program according to the present invention will be described in detail with reference to the drawings.

  The communication device according to the first embodiment is a communication device compatible with the ECHONET Lite protocol, and is installed as a communication device constituting a HEMS, for example.

(A-1) Configuration of the First Embodiment FIG. 1 is a block diagram showing the configuration of the communication system 1 of the first embodiment.

  In FIG. 1, each of the controlled appliances 2-1 to 2-8 such as a ceiling light, an air conditioner, and a TV recorder is described as a corresponding communication device (in FIG. 1, a child node). (Hereinafter, referred to as child nodes) 3-1 to 3-8, and the device controller 4 that controls the electrical appliances 2-1 to 2-8 is a communication device according to the first embodiment. (It is described as an intermediate node in FIG. 1 and is hereinafter referred to as an intermediate node).

  The device controller 4 controls one of the electrical appliances 2-X by the ECHONET Lite message exchanged between the intermediate node 5 and the child node 3-X (X is any one of 1 to 8), and the control result is It is made to take in. Note that, for example, ZigBee IP can be applied as a communication protocol of the fourth layer or less between the intermediate node 5 and the child node 3-X, but other short-range wireless communication standards such as Bluetooth (registered trademark) can be applied. good. In addition, the child node 3-X may have a relay function to other child nodes.

  One intermediate node 5 and child nodes 3-1 to 3-8 accommodated therein constitute, for example, one subnet. As shown in FIG. 2, each of the intermediate nodes 5-1 to 5-6 in the plurality of subnets is an element of the wireless network 6, and is described as a higher-level communication device (in FIG. 2, a parent node, , Called parent node). The wireless network 6 is, for example, a ZigBee IP network (may be a network compliant with other communication standards), and the parent node 7 and the intermediate node 5-Y (Y is any one of 1 to 6) are directly connected. It is possible to communicate, or to communicate in multi-hop via other intermediate nodes.

  As shown in FIG. 3, each of the plurality of parent nodes 7-1 to 7-4 is a component of the wired network 8, and can communicate with the highest communication device (not shown) via the Internet network 9. Has been made. For example, the user uses a smartphone or the like on the go, via the highest-level communication device, the parent node 7-Z (Z is any one of 1 to 4), the intermediate node 5-Y, and the child node 3-X. Thus, the electric appliance 2-X can be controlled.

  As described above, the intermediate node 5-Y can communicate with the parent node 7 or with the child node 3-X. Here, if attention is paid only to communication with the child node 3-X, the communication configuration is the same as the communication configuration of the child node 3-X.

  FIG. 4 is a block diagram showing an internal configuration of a communication device (hereinafter referred to as a communication node) 20 according to the first embodiment to which the child node 3-X and the intermediate node 5 correspond. Here, some of the functions of the communication node 20 can be configured by hardware, and can also be realized by software (communication program) executed by the CPU and the CPU. Even if the realization method is adopted, it can be functionally represented in FIG.

  The communication node 20 includes a power supply unit 21, a communication unit 22, a control unit 23, a storage unit 24, a hash calculation unit 25, and an authentication unit 26.

  The power supply unit 21 supplies power to each unit of the communication node 20, and manages the power on / off of the communication node 20 when the communication node 20 intermittently turns on the power. is there.

  The communication unit 22 includes a wired communication unit 22a and a wireless communication unit 22b. The wired communication unit 22 a performs communication with the electrical appliance 2-X or the device controller 4 that is wired to the communication node 20. The wireless communication unit 22b communicates with the communication node 20 via a wireless line (an intermediate node 5 if the communication node 20 is a child node 3-X, and a child node if the communication node 20 is an intermediate node 5). Node 3-X).

  The control unit 23 controls each unit in the communication node 20, executes an ECHONET Lite message used for communication, extracts information from the ECHONET Lite message, and the like.

  The storage unit 24 is configured by a nonvolatile memory such as a flash memory. The storage unit 24 stores various protocol information, communication information with other communication nodes, communication information with connected devices, and the like. In the case of the first embodiment, the storage unit 24 stores a hash function 24a, code / property correspondence information 24b to be inserted into an ECHONET property EPC, which will be described later, and the like. Among the correspondence information 24b between the code inserted into the ECHONET property EPC and the property, the code “0xF0” representing the hash key in association with the hash key and the code “0xF1” representing the hash value in association with the hash value are also included. include.

  The hash function may be common to the entire communication system 1 of the first embodiment. In this case, the hash functions stored in all the communication nodes are the same. The hash function may be different for each of the child nodes 3-1 to 3-8 and the intermediate node 5. In this case, the storage unit 24 stores at least a hash function assigned to the communication node 20. In this case, if the communication node 20 is the intermediate node 5, the hash functions assigned to all the contained child nodes 3-1 to 3-8 are also stored in the storage unit 24.

  The hash calculator 25 calculates a hash value by applying a hash function to the hash key. The hash calculator 25 also has a hash key generation function. For example, a hash key is generated using a known random number generation function. If the communication node 20 operates as the transmission side of the ECHONET Lite message, the hash calculation unit 25 generates a hash key and applies a hash function assigned to the transmission destination communication node to apply a hash value. Is calculated. On the other hand, if the communication node 20 operates as a receiver of the ECHONET Lite message, the hash calculation unit 25, in response to a request from the authentication unit 26 described later, has a hash key inserted in the received ECHONET Lite message. On the other hand, a hash value is calculated by applying a hash function assigned to itself, and the obtained hash value is given to the authentication unit 26.

  The authentication unit 26 compares the hash value in the received ECHONET Lite message with the hash value obtained by giving the hash key in the received ECHONET Lite message to the hash calculation unit 25 and requesting the calculation of the hash value, It authenticates whether the received ECHONET Lite message is a genuine message.

  As described above, in the case of the first embodiment, the hash key and the hash value are inserted into the ECHONET Lite message exchanged between the intermediate node 5 and the child node 3-X. In the first embodiment, even if a hash key and a hash value are inserted, the ECHONET Lite message after insertion satisfies the ECHONET Lite protocol.

  Hereinafter, the ECHONET Lite message into which the hash key and the hash value are inserted satisfies the ECHONET Lite protocol with reference to the ECHONET Lite message format of FIG.

  The ECHONET Lite message in the first embodiment includes an ECHONET Lite header EHD, a transmission source ECHONET object SEOJ, a destination ECHONET object DEOJ, an ECHONET Lite service ESV, and a processing target property counter OPC. These fields are as defined in the ECHONET Lite protocol, and detailed description thereof will be omitted.

  Further, the ECHONET Lite message in the first embodiment includes at least three sets (property set information) including ECHONET property EPC, property data counter PDC, and ECHONET property data EDT. For example, when there is one substantial property related to control, there are three property group information, when there are two substantial properties related to control, there are four property group information, and so on. In addition, when there are n (n is 0 or a natural number) substantial properties related to control, the property set information is n + 2.

  Here, in the case of the downstream ECHONET Lite message from the intermediate node 5 to the child node 3-X, the substantial property set information other than the property set information related to the hash key and the hash value is the device control information. Yes, in the case of an ECHONET Lite message in the upward direction from the child node 3-X to the intermediate node 5, the substantial property set information is information indicating the execution result of the instructed control.

  Of the two sets of property information extra provided when viewed from the control side, one is used for inserting a hash key and the other is used for inserting a hash value. The positions of the two sets into which the hash key and hash value information are inserted are not limited. In FIG. 5, hash key information is inserted as set information EPC1, PDC1, and EDT1 of the first set of properties, and hash value information is inserted as set information EPC2, PDC2, and EDT2 of the second set of properties. An example is shown in which information related to the original control is inserted into the property pair information after the pair.

  The first set of ECHONET property EPC1 describes a code “0xF0” indicating that this set is a hash key insertion set, the first set of ECHONET property data EDT1 describes a hash key, and the first set of ECHONET property EPC1 The property data counter PDC1 describes the number of bytes of the hash key.

  The second set of ECHONET property EPC2 describes a code “0xF1” indicating that this set is an insertion set of hash values, and the second set of ECHONET property data EDT2 describes a hash value. In the set of property data counters PDC2, the number of bytes of the hash value is described.

  When controlling an electrical appliance according to the ECHONET Lite protocol, a value to be controlled is set in the ECHONET property EPC of the ECHONET Lite message. According to the standard, the value to be inserted into the ECHONET property EPC is a value corresponding to the control object of the electrical appliance defined by the standard. For example, regarding a home air conditioner, EPC = 0xB0 is defined when the operation mode is controlled, EPC = 0xB3 is defined when the temperature is controlled, and EPC = 0xA0 is defined when the air volume is controlled.

  Here, values that can be inserted into the ECHONET property EPC are values in the range of 0x80 to 0xFF. Among them, the value range of 0xF0 to 0xFF can be uniquely defined by a developer as a user-defined region. Therefore, in the first embodiment, EPC = 0xF0 is defined as representing insertion of a hash key, and EPC = 0xF1 is defined as representing insertion of a hash value. Of course, other values belonging to the value range 0xF0 to 0xFF that can be defined by the user may be defined as representing insertion of a hash key or hash value.

(A-2) Operation of the First Embodiment Next, the operation of the communication system 1 according to the first embodiment will be described. Hereinafter, the operation when the intermediate node 5 transmits an ECHONET Lite message to the child node 3-X and the operation when the child node 3-X receives the ECHONET Lite message will be described in this order.

  FIG. 6 is a flowchart showing an ECHONET Lite message transmission operation in the intermediate node 5. Below, operation | movement at the time of setting an operation mode to heating with respect to the air conditioner 2-4 is demonstrated.

  When the intermediate node 5 receives a device control command for setting the operation mode to heating from the device controller 4 to the air conditioner 2-4 (step S001), the intermediate node 5 includes an ECHONET Lite message including a hash key, a hash value, and device control information. Is created (step S002), and the created ECHONET Lite message is transmitted to the child node 3-4 to which the air conditioner 2-4 is wired (step S003).

  In creating the ECHONET Lite message in step S002, the intermediate node 5 determines a hash key using, for example, a random number generation function, and is assigned to the child node 3-4 connected to the air conditioner 2-4 by wire. A hash value is calculated by applying the hash key determined this time to the hash function.

  The first set of ECHONET property EPC1 in the ECHONET Lite message describes a code “0xF0” indicating that this set is an insertion set of hash keys, and this time is set in the first set of ECHONET property data EDT1. Hash key is described, and the first set of property data counter PDC1 describes the number of bytes of the hash key determined this time.

  The second set of ECHONET property EPC2 in the ECHONET Lite message describes a code “0xF1” indicating that this set is an insertion set of hash values, and the second set of ECHONET property data EDT2 is obtained by calculation. And the second set of property data counter PDC2 describes the number of bytes of the hash value obtained by the calculation.

  In addition, the third set of ECHONET property EPC3 in the ECHONET Lite message describes a code representing the operation mode setting of the air conditioner, and the third set of ECHONET property data EDT3 describes data representing the setting to heating, The third set of property data counter PDC3 describes the number of bytes of data representing the setting for heating.

  A description of the setting of codes and the like for other fields in the ECHONET Lite message is omitted.

  Note that the ECHONET Lite message formed in the conventional case does not include the above-described first set and second set of codes, and the third set of codes is described in the first set.

  The ECHONET Lite message according to the first embodiment is different from the conventional one in that two sets of a hash key and a hash value are added. However, the ECHONET Lite protocol uses a hash key according to a description method in which the user's definition is permitted. Since the hash value is described, the ECHONET Lite message of the first embodiment satisfies the ECHONET Lite protocol.

  FIG. 7 is a flowchart showing an operation when the child node 3-4 receives the ECHONET Lite message transmitted by the process of FIG.

  When the ECHONET Lite message arrives, the child node 3-4 confirms whether it is for the node 3-4 based on the counterpart ECHONET object DEOJ in the ECHONET Lite message (step S101).

  Then, the child node 3-4 finds the portion (EPC1) of the code “0xF0” in the received ECHONET Lite message, and sends the immediately following data (EDT1) by the number of bytes described in the next field PDC1. Using the extracted data as a hash key, a hash function assigned to the own node 3-4 is applied to calculate a hash value (step S102).

  Although details of the extraction method are omitted, the child node 3-4 extracts a hash value from the received ECHONET Lite message, compares the hash value obtained by the operation with the extracted hash value, and receives the received ECHONET Lite message. Is authenticated (step S103).

  FIG. 7 describes only the case where the validity can be authenticated. The child node 3-4 discards the received ECHONET Lite message when the validity cannot be authenticated.

  If the child node 3-4 can authenticate the legitimacy, the operation of the air-conditioner 2-4 connected by wire is performed according to the group information (EPC3, EDT3, PDC3) of the third property in the ECHONET Lite message. The mode is set to heating (step S104).

  Although not described in FIG. 7, when the child node 3-4 returns that the operation mode is set to heating from the air conditioner 2-4, the ECHONET Lite that notifies the control result to the intermediate node 5 is returned. A telegram may be formed and transmitted.

(A-3) Effect of the First Embodiment According to the first embodiment, authentication information is put on the ECHONET Lite message while following the ECHONET Lite protocol, and the validity of the ECHONET Lite message can be authenticated on the receiving side. Therefore, device control of the ECHONET Lite node from a malicious user can be prevented, and security can be improved.

(B) Other Embodiments In the description of the first embodiment, various modified embodiments have been referred to. However, modified embodiments as exemplified below can be cited.

(B-1) In the first embodiment, the case where the ECHONET Lite message including the authentication information of the hash key and the hash value is always exchanged has been described. However, the ECHONET Lite message not including the authentication information may be exchanged. It may be acceptable.

  For example, whether or not to include authentication information depending on the property so that authentication information is included in the ECHONET Lite message for controlling the temperature of the air conditioner, and authentication information is not included in the ECHONET Lite message for reading the temperature of the air conditioner. May be controlled. For example, the two types of ECHONET Lite messages can be properly used by associating a flag indicating whether or not to include authentication information in association with the property in the storage unit.

  Note that, when a property that includes authentication information and a property that does not include authentication information are inserted into one message, authentication information may be included in the message.

  Further, for example, authentication information may be included in the downstream ECHONET Lite message from the intermediate node to the child node, and authentication information may not be included in the upstream ECHONET Lite message from the child node to the intermediate node.

(B-2) In the first embodiment, the ECHONET Lite message includes a hash key and is transmitted. However, the ECHONET Lite message may include only a hash value and no hash key.

  For example, the receiving node has the same hash key as that of the transmitting node in advance, and the receiving side performs authentication by calculating a hash value based on the hash key and the hash function that are held in advance. For example, the hash key may be periodically distributed using an ECHONET Lite message or the like.

  Further, for example, the transfer of the hash key may be omitted by applying a part of the original ECHONET property data of the ECHONET Lite message as a part of the hash key. Some child nodes use m bits from the beginning of the property data as hash keys, and other child nodes use 3 bits to m bits as hash keys, so that the part used as a hash key is changed by the child nodes. Also good.

(B-3) In the first embodiment, a case where a hash key is formed each time using a random number has been shown. However, a hash key may be registered in advance and the registered one may be applied. .

(B-4) In the first embodiment, a case is shown in which a single hash function is used by a child node. However, a plurality of hash functions that can be used by a child node are prepared and applied to an ECHONET Lite message. Information notifying the hash function to be performed may also be included.

(B-5) In the first embodiment, the hash key and the hash value are set in different property set information. However, both the hash key and the hash value are inserted into one set. You may make it do. For example, both the hash key and the hash value may be inserted into EDT1, which is the ECHONET property in the ECHONET Lite message.

(B-6) In the first embodiment, the device controller and the intermediate node are separated from each other. However, the device controller and the intermediate node may be integrated. Similarly, the child node and the electrical appliance may be integrated.

  DESCRIPTION OF SYMBOLS 1 ... Communication system, 2-1 to 2-8 ... Electric appliance, 3-1 to 3-8 ... Child node (communication apparatus of 1st Embodiment), 4 ... Equipment controller, 5, 5-1 to 5- 6 ... Intermediate node (communication device of the first embodiment), 20 ... Communication device, 23 ... Control unit, 24 ... Storage unit, 25 ... Hash calculation unit, 26 ... Authentication unit.

Claims (12)

A message that entrusts a security function to a lower layer secure mechanism in the OSI layer , and that conforms to a communication protocol related to a higher layer, and that includes one or more property information that conforms to the format of the message. In a communication device that forms and transmits,
Authentication information acquisition means for acquiring authentication information used by the message receiving side device for authenticity verification of the message ;
Communication device acquired the authentication information, and having an authentication information insertion means for inserting into the message as the property information. The authentication information acquired by the authentication information acquisition means is a hash key and a hash value calculated by applying a predetermined hash function to the hash key,
The authentication information insertion means, communication apparatus according to claim 1, characterized in that inserting the hash key and the hash value to the message in accordance with the format of the message.   The communication apparatus according to claim 1 or 2, wherein the message according to the communication protocol is an ECHONET Lite message. The authentication information acquired by the authentication information acquisition means is a hash value calculated by applying a hash key and a hash function determined according to the communication device of the other party to the hash key,
The authentication information inserting means inserts hash key information into the first set of property set information EPC1, PDC1, and EDT1 in the ECHONET Lite message, and the second set of property set information EPC2, PDC2, and EDT2 into the hash value. The communication apparatus according to claim 3, wherein the original property information is inserted into property information of the third and subsequent properties. In the communication apparatus which receives the message | telegram which the communication apparatus of Claim 1 transmitted,
Authentication information extracting means for extracting authentication information used for authenticating the correctness of the message inserted into the message as property information conforming to the format of the message ;
Collation information acquisition means for acquiring collation information for collation with all or part of the extracted authentication information;
A communication apparatus comprising: authentication means for authenticating the validity of the received message based on the extracted authentication information and the acquired verification information. The authentication information extracted by the authentication information extraction means is a hash key and a hash value calculated by applying a predetermined hash function to the hash key,
The verification information acquisition means applies a predetermined hash function to the extracted hash key, calculates a hash value as verification information,
The authentication means authenticates the validity of the received message based on the hash value extracted from the message and the hash value calculated by the verification information acquisition means. The communication device described.   The communication apparatus according to claim 5 or 6, wherein the message according to the communication protocol is an ECHONET Lite message. The authentication information extracted by the authentication information extraction means is a hash value calculated by applying a hash key and a hash function determined according to the communication device to the hash key,
The authentication information extracting means extracts the hash key included in the first set of property information EPC1, PDC1, and EDT1 in the ECHONET Lite message, and stores the second set of property information in the EPC2, PDC2, and EDT2. The included hash value is extracted. The communication apparatus according to claim 7.   A communication system according to claim 1, wherein the communication device according to claim 5 and the communication device according to claim 5 are opposed to each other via a network.   The communication system according to claim 9, wherein the network is a ZigBee IP network. A message that entrusts a security function to a lower layer secure mechanism in the OSI layer , and that conforms to a communication protocol related to a higher layer, and that includes one or more property information that conforms to the format of the message. A computer mounted on a communication device that forms and transmits,
Authentication information acquisition means for acquiring authentication information used by the message receiving side device for authenticity verification of the message ;
Communication program acquired the authentication information, characterized in that to function as a authentication information insertion means for inserting into the message as the property information. A computer mounted on a communication device that receives a message transmitted by the communication device according to claim 1,
Authentication information extracting means for extracting authentication information used for authenticating the correctness of the message inserted into the message as property information conforming to the format of the message ;
Collation information acquisition means for acquiring collation information for collation with all or part of the extracted authentication information;
A communication program that functions as authentication means for authenticating the validity of the received message based on the extracted authentication information and the acquired verification information.

Images