JP7446746B2 - Portable electronic devices and IC cards - Google Patents

Description

Embodiments of the invention relate to portable electronic devices and IC cards.

In recent years, IC cards equipped with IC (Integrated Circuit) chips have become popular, and some are known that are equipped with multiple interfaces and can be used by switching between the multiple interfaces. However, with conventional IC cards, communication between an external device such as an R/W (reader/writer) and the IC card is not possible from the outside, for example when one of the multiple interfaces is an interface using contactless communication. There was a possibility that it could be intercepted.

Japanese Patent Application Publication No. 2007-257543

The problem to be solved by the present invention is to provide a portable electronic device and an IC card that can improve security.

The portable electronic device of the embodiment includes a communication section and a control section. The communication unit can communicate with the same external device through multiple interfaces. The control unit is configured to transmit the first one of the plurality of interfaces in response to a key generation request, which is a processing request related to processing for generating an encryption key, received by the communication unit through the first interface of the plurality of interfaces. The encryption key used for secure communication of a second interface different from the first interface is generated.

FIG. 1 is a configuration diagram showing an example of an IC card system according to a first embodiment. FIG. 1 is a diagram showing an example of the hardware configuration of an IC card according to the first embodiment. FIG. 2 is a block diagram showing an example of the functional configuration of the IC card according to the first embodiment. FIG. 3 is a diagram showing an example of data in an I/F information storage unit according to the first embodiment. FIG. 3 is a diagram showing an example data structure of a key exchange command for an IC card according to the first embodiment. FIG. 3 is a diagram showing an example data structure of a response to a key exchange command of the IC card according to the first embodiment. FIG. 3 is a diagram illustrating a data configuration example of an I/F switching command to a contactless I/F of an IC card according to the first embodiment. FIG. 3 is a diagram illustrating an example data structure of a response to an I/F switching command to a contactless I/F of an IC card according to the first embodiment. FIG. 3 is a diagram illustrating a data configuration example of an I/F switching command to a contact I/F of an IC card according to the first embodiment. FIG. 3 is a diagram illustrating an example data structure of a response to an I/F switching command to a contact I/F of an IC card according to the first embodiment. 5 is a flowchart illustrating an example of IC card key exchange command processing according to the first embodiment. 5 is a flowchart showing an example of an IC card I/F switching command according to the first embodiment. FIG. 3 is a diagram showing an example of a key exchange process of the IC card system according to the first embodiment. FIG. 3 is a diagram showing an example of I/F switching processing of the IC card system according to the first embodiment. 7 is a flowchart showing an example of an IC card I/F switching command according to the second embodiment. FIG. 7 is a diagram showing an example of a key exchange process of the IC card system according to the second embodiment. FIG. 7 is a diagram showing an example of I/F switching processing of the IC card system according to the second embodiment. 9 is a flowchart showing an example of an IC card I/F switching command according to the third embodiment. FIG. 7 is a diagram showing an example of I/F switching processing of the IC card system according to the third embodiment. FIG. 7 is a diagram showing an example of data communication processing when switching the I/F of the IC card system according to the fourth embodiment.

DESCRIPTION OF THE PREFERRED EMBODIMENTS Portable electronic devices and IC cards according to embodiments will be described below with reference to the drawings.

(First embodiment)
FIG. 1 is an external view showing an example of an IC card system 200 according to the first embodiment.
As shown in FIG. 1, the IC card system 200 includes an IC card 1 and an external device 2. Note that in this embodiment, an IC card 1 will be described as an example of a portable electronic device.

The IC card 1 includes an IC module 10. The IC module 10 includes a contact part 3 used for the contact interface of the IC card 1, a coil-shaped antenna 4 used for the non-contact interface of the IC card 1, and an IC chip 100. Note that in the following description, an interface may be referred to as I/F.

The IC card 1 is formed by, for example, mounting an IC module 10 on a plastic card base material PT (an example of a card body). That is, the IC card 1 includes an IC module 10 and a card base material PT in which the IC module 10 is embedded. Further, the IC card 1 is capable of communicating with an external device 2 via the contact section 3 and the antenna 4. That is, the IC card 1 can communicate with the same external device 2 through a plurality of interfaces including contact I/F and non-contact I/F. Here, the contact I/F is a contact type interface, and the non-contact I/F is a contact type interface.

The IC card 1 receives, for example, a command (processing request) transmitted by the external device 2 via the contact unit 3 or the antenna 4, and executes processing (command processing) according to the received command. Then, the IC card 1 transmits a response (processing response) that is the execution result of the command processing to the external device 2 via the contact section 3 or the antenna 4.

The IC module 10 includes a contact section 3, an antenna 4, and an IC chip 100.
The contact section 3 has terminals for various signals necessary for communicating with the IC card 1 via the contact I/F. Here, the various signal terminals include a terminal that receives power supply voltage, a clock signal, a reset signal, etc. from the external device 2, and a serial data input/output terminal (SIO terminal) for communicating with the external device 2. included.

The antenna 4 is an antenna for communicating with the IC card 1 through a non-contact I/F, and is configured by, for example, a wiring pattern formed on a printed circuit board or the like.
The IC chip 100 is, for example, an LSI (Large Scale Integration) such as a one-chip microprocessor.

The external device 2 is a host device that communicates with the IC card 1, and is, for example, a reader/writer device or an issuing device. The external device 2 includes a communication section 20 and a control section 24.
The communication unit 20 performs communication with the IC card 1 and is capable of communicating with the IC card 1 through a plurality of interfaces including a contact I/F and a non-contact I/F. The communication unit 20 includes a contact communication unit 21, an antenna 22, and a non-contact communication unit 23.

The contact communication unit 21 communicates with the IC card 1 through the contact I/F via the contact unit 3 .
The antenna 22 supplies power to the antenna 4 by electromagnetic induction between the antenna 4 of the IC card 1 and is used for communication via the contactless I/F via the antenna 4.

The contactless communication unit 23 performs communication via the contactless I/F via the antenna 4 by controlling the antenna 22 .

Next, with reference to FIG. 2, the hardware configuration of the IC card 1 of this embodiment will be described.
FIG. 2 is a diagram showing an example of the hardware configuration of the IC card 1 of this embodiment.
As shown in FIG. 2, the IC card 1 includes an IC module 10 including a contact section 3, an antenna 4, and an IC chip 100. The IC chip 100 includes a communication section 5 , a CPU 6, a ROM (Read Only Memory) 7, a RAM (Random Access Memory) 8, an EEPROM (Electrically Erasable Programmable ROM) 9, and a coprocessor 11. The CPU 6, ROM 7, RAM 8, EEPROM 9, and coprocessor 11 are connected via an internal bus BS1.

The communication unit 5 can communicate with the same external device 2 through multiple interfaces of the contact I/F and non-contact I/F described above, and can communicate with the external device by switching between the contact I/F and the non-contact I/F. Communicate with 2. The communication section 5 includes a contact I/F section 51 and a non-contact I/F section 52.

The contact I/F unit 51 is, for example, a UART (Universal Asynchronous Receiver Transmitter), and communicates with the external device 2 via the contact unit 3 using a contact I/F (first interface). The contact I/F unit 51 performs serial data communication with the external device 2 via the above-mentioned SIO terminal. The contact I/F unit 51 outputs data (for example, 1-byte data) obtained by converting the serial data signal received via the SIO terminal into parallel data to the CPU 6. Further, the contact I/F unit 51 serially converts the data acquired from the CPU 6 and outputs the converted data to the external device 2 via the SIO terminal. The contact I/F unit 51 receives commands from the external device 2 through the contact I/F via the SIO terminal, for example. Further, the contact I/F unit 51 transmits a response to the external device 2 via the SIO terminal using the contact I/F.

The non-contact I/F unit 52 communicates with the external device 2 via the antenna 4 using a non-contact I/F (second interface). The non-contact I/F section 52 outputs data (for example, 1-byte data) obtained by converting the serial data signal received via the antenna 4 into parallel data to the CPU 6. Further, the non-contact I/F unit 52 serially converts the data acquired from the CPU 6 and outputs the converted data to the external device 2 via the antenna 4. The non-contact I/F unit 52 receives commands from the external device 2 via the antenna 4 and the non-contact I/F, for example. Further, the contact I/F section 51 transmits the response to the external device 2 via the antenna 4 and the non-contact I/F.

The CPU 6 executes programs stored in the ROM 7 or EEPROM 9 to perform various processes on the IC card 1. The CPU 6 executes command processing according to a command received by the contact I/F or the non-contact I/F via the communication unit 5, for example.

The ROM 7 is, for example, a nonvolatile memory such as a mask ROM, and stores programs for executing various processes of the IC card 1 and data such as command tables.
The RAM 8 is, for example, a volatile memory such as SRAM (Static RAM), and temporarily stores data used when performing various processes on the IC card 1.

The EEPROM 9 is, for example, an electrically rewritable nonvolatile memory. The EEPROM 9 stores various data used by the IC card 1. The EEPROM 9 stores information used for various services (applications) using the IC card 1, for example.

The coprocessor 11 executes special arithmetic processing such as encryption processing and secure messaging generation processing. The coprocessor 11 executes, for example, encryption processing and decryption processing of public key encryption, encryption processing and decryption processing of common key encryption, calculation using a hash function, and the like.

Next, an example of the functional configuration of the IC card 1 according to this embodiment will be described with reference to FIG. 3.
FIG. 3 is a block diagram showing an example of the functional configuration of the IC card 1 of this embodiment.
As shown in FIG. 3, the IC card 1 includes a communication section 5, a control section 60, an I/F information storage section 81, and a secret data storage section 91.
Here, each part of the IC card 1 shown in FIG. 3 is realized using the hardware of the IC card 1 shown in FIG. 2.

The communication unit 5 receives a command (processing request) requesting a predetermined process from the external device 2 via the contact I/F or non-contact I/F, and also sends a response to the command (processing response) via the contact I/F. Alternatively, it is transmitted to the external device 2 using a non-contact I/F. Note that the communication unit 5 is not limited to the contact I/F and the non-contact I/F, and can communicate with the external device 2 through a plurality of other I/Fs such as USB (Universal Serial Bus) and SWP (Single Wire Protocol). It is also possible to receive commands from the external device 2 and send responses to the external device 2 .

The secret data storage section 91 is a storage section composed of, for example, an EEPROM 9, and stores various kinds of secret data used in the IC card 1. The secret data includes, for example, encryption keys such as public keys and private keys, authentication information such as passwords, and various types of personal information that can identify individuals.

The I/F information storage unit 81 is, for example, a storage unit configured with the RAM 8, and stores various information regarding the interface used for communication between the IC card 1 and the external device 2. For example, as shown in FIG. 4, the I/F information storage unit 81 stores contact I/F information 811 and non-contact I/F information 812.

FIG. 4 is a diagram showing an example of data in the I/F information storage section 81 of this embodiment.
As shown in FIG. 4, the contact I/F information 811 stored in the I/F information storage unit 81 is setting information regarding the contact I/F, and the contact I/F information 811 includes, for example, "communication speed information ", "buffer size for contact I/F", "session key for contact I/F", "public key for contact I/F", and "private key for contact I/F" are included. There is.

"Communication speed information" is a communication parameter related to communication speed in various communication protocols of the contact I/F. In addition, "contact I/F buffer size" indicates the buffer size for contact I/F communication, and "contact I/F session key" indicates the session key ( common encryption key). Further, "public key for contact I/F" and "private key for contact I/F" indicate a public key and a private key used for the contact I/F. The “contact I/F public key” and the “contact I/F private key” are stored in the secret data storage unit 91. For example, when the IC card 1 is activated, the control unit 60 , and stored in the contact I/F information 811 of the I/F information storage section 81. Furthermore, default values (initial values) are stored in the "communication speed information" and "contact I/F buffer size" by the control unit 60, for example, when the IC card 1 is activated.

The non-contact I/F information 812 stored in the I/F information storage unit 81 is setting information regarding the non-contact I/F, and the non-contact I/F information 812 includes, for example, "reception speed information" and " transmission speed information,” “contactless I/F buffer size,” “contactless I/F session key,” “contactless I/F public key,” and “contactless I/F secret.” Contains "key".

"Reception speed information" and "transmission speed information" are communication parameters related to reception speed and transmission speed in various communication protocols of the non-contact I/F. In addition, "contactless I/F buffer size" indicates the buffer size for contactless I/F communication, and "contactless I/F session key" indicates secret communication using contactless I/F. Indicates the session key (common encryption key) to be used. Further, "public key for contactless I/F" and "private key for contactless I/F" indicate a public key and a private key used for the contactless I/F. The “contactless I/F public key” and the “contactless I/F private key” are stored in the secret data storage unit 91. For example, when the IC card 1 is activated, the control unit 60 controls the secret data storage. The information is read from the section 91 and stored in the non-contact I/F information 812 of the I/F information storage section 81 . Further, default values (initial values) are stored in the "reception speed information", "transmission speed information", and "buffer size for non-contact I/F" by the control unit 60 when the IC card 1 is started, for example. Ru.

Returning to the explanation of FIG. 3, the control unit 60 is realized by, for example, the CPU 6, the coprocessor 11, the RAM 8, and the ROM 7 or the EEPROM 9, and controls the IC card 1 in an integrated manner. The control unit 60 includes a command processing unit 61 and a cryptographic processing unit 62.

The command processing unit 61 executes various command processes (command processing) in response to commands (processing requests) sent from the external device 2 to the IC card 1 via the communication unit 5. Further, the command processing unit 61 transmits a response, which is a result of command processing, to the external device 2 via the communication unit 5.

For example, when the command processing unit 61 receives a key exchange command (key generation request) via the contact I/F via the communication unit 5, the command processing unit 61 uses a non-compliant device different from the contact I/F in accordance with the key exchange command. A session key for non-contact I/F is generated, which is an encryption key used for confidential communication of contact I/F. In addition, for example, when the command processing unit 61 receives a key exchange command by the contactless I/F via the communication unit 5, the command processing unit 61 uses the key exchange command for confidential communication of the contact I/F according to the key exchange command. A contact I/F session key, which is an encryption key, is generated.

Here, the key exchange command is an example of a command related to processing for generating an encryption key. In addition, secure communication includes data communication using secure messaging, and secure messaging includes encrypting data using a session key, or adding message authentication information generated by cryptographic processing using a session key to data. Or it includes cases where both are done.

Next, details of the key exchange command will be explained with reference to FIGS. 5 and 6.
FIG. 5 is a diagram showing an example of the data structure of the key exchange command of the IC card 1 of this embodiment. Further, FIG. 6 is a diagram showing an example of a data structure of a response to a key exchange command of the IC card 1 of this embodiment.

As shown in FIG. 5, the key exchange command has a command header and a command body. The command headers include "CLA" (class byte), "INS" (instruction byte), and "P1" (parameter 1 ), and “P2” (parameter 2). Further, the command body has "Lc" (data length), "device public key", and "Le" (data length). Here, “Lc” indicates the data length of the “device public key”, and “device public key” indicates the public key of the external device 2. Further, "Le" indicates the data length of the response data. Note that when transmitting a key exchange command to the IC card 1 via a contact I/F, the public key of the external device 2 for the non-contact I/F is used as the "device public key", and the key exchange command is When transmitting to the IC card 1 using the non-contact I/F, the public key of the external device 2 for the contact I/F is used.

Further, as shown in FIG. 6, the response to the key exchange command includes response data and a status byte. The response data includes a "card public key", and the status byte includes "SW1" and "SW2". Here, the "card public key" indicates the public key of the IC card 1. In addition, when sending the key exchange command to the IC card 1 through the contact I/F, the public key of the IC card 1 for the contactless I/F is used as the "card public key", and the key exchange command is sent to the IC card 1 using the contactless I/F. When transmitting to the IC card 1 using the non-contact I/F, the public key of the IC card 1 for the contact I/F is used. Further, "SW1" and "SW2" are status information indicating the processing results of the key exchange command.

When the command processing unit 61 receives a key exchange command as shown in FIG. A session key for the contactless I/F is generated based on the contactless I/F secret key of the contactless I/F information 812 stored in the contactless I/F information 81 , and the session key is transferred to the contactless I/F information 812 . It is stored in the I/F information storage unit 81 as a session key for the non-contact I/F.

In addition, the command processing unit 61 acquires the contactless I/F public key of the contactless I/F information 812 stored in the I/F information storage unit 81, and generates a key containing the contactless I/F public key . Send an exchange command to the external device 2. The command processing unit 61 causes the communication unit 5 to transmit the key exchange command as shown in FIG. 5 described above through the contact I/F.

Further, when the command processing unit 61 receives a key exchange command as shown in FIG. A session key for the contact I/F is generated based on the contact I/F secret key of the contact I/F information 811 stored in the information storage unit 81, and the session key is used as the contact I/F secret key of the contact I/F information 811. It is stored in the I/F information storage unit 81 as a session key for contact I/F.

Further, the command processing unit 61 acquires the contact I/F public key of the contact I/F information 811 stored in the I/F information storage unit 81, and sends a key exchange command containing the contact I/F public key . Send to external device 2. The command processing unit 61 causes the communication unit 5 to transmit the key exchange command as shown in FIG. 5 described above through the non-contact I/F.

Further, the command processing unit 61 switches the interface with which the communication unit 5 communicates in response to an I/F switching command (switching request) that is a command to switch the interface between the contact I/F and the non-contact I/F. For example, when the command processing unit 61 receives an I/F switching command via the contact I/F via the communication unit 5, the command processing unit 61 selects the interface after switching (non-contact I/F) according to the I/F switching command. Set the communication parameters of F) and switch the interface from contact I/F to non-contact I/F.
In addition, for example, when the command processing unit 61 receives an I/F switching command by the non-contact I/F via the communication unit 5, the command processing unit 61 controls the interface after switching (contact) according to the I/F switching command. I/F) communication parameters and switch the interface from non-contact I/F to contact I/F.

Next, details of the I/F switching command will be explained with reference to FIGS. 7 to 10.
FIG. 7 is a diagram showing an example data structure of an I/F switching command to the non-contact I/F of the IC card 1 of this embodiment. Further, FIG. 8 is a diagram showing an example of the data structure of a response to the I/F switching command to the non-contact I/F of the IC card 1 of this embodiment.

As shown in FIG. 7, the I/F switching command for switching from a contact I/F to a non-contact I/F has a command header and a command body, and the command body includes "Lc" (data length), " ``Reception speed information'', ``Transmission speed information'', and ``Non-contact I/F buffer size''. Here, "Lc" indicates the total data length of "reception speed information", "transmission speed information", and "buffer size for non-contact I/F". Further, "reception speed information" indicates a communication parameter regarding the reception speed of the non-contact I/F, and "transmission speed information" indicates a communication parameter regarding the transmission speed of the non-contact I/F. Moreover, "buffer size for non-contact I/F" indicates the buffer size of the non-contact I/F. Here, "reception speed information", "transmission speed information", and "buffer size for non-contact I/F" are examples of information indicating communication parameters of the interface after switching.

Further, as shown in FIG. 8, the response to the I/F switching command includes status information "SW1" and "SW2" indicating the processing result of the I/F switching command.
When the command processing unit 61 receives an I/F switching command as shown in FIG. /F buffer size" and stores the acquired information as communication parameters in the non-contact I/F information 812 stored in the I/F information storage unit 81. After the command processing unit 61 causes the communication unit 5 to transmit a response as shown in FIG. Switch to

Further, FIG. 9 is a diagram showing an example of the data structure of an I/F switching command to the contact I/F of the IC card 1 of this embodiment. Further, FIG. 10 is a diagram showing an example of a data structure of a response to an I/F switching command to the contact I/F of the IC card 1 of this embodiment.

As shown in FIG. 9, the I/F switching command for switching from a non-contact I/F to a contact I/F has a command header and a command body, and the command body includes "Lc" (data length), " "Communication speed information" and "Touch I/F buffer size". Here, "Lc" indicates the total data length of "communication speed information" and "contact I/F buffer size." Further, "communication speed information" indicates communication parameters related to the communication speed (transmission/reception speed) of the contact I/F. Moreover, "buffer size for contact I/F" indicates the buffer size of the contact I/F. Here, "communication speed information" and "buffer size for contact I/F" are examples of information indicating communication parameters of the interface after switching.

Further, as shown in FIG. 10, the response to the I/F switching command includes status information "SW1" and "SW2" indicating the processing result of the I/F switching command.
When the command processing unit 61 receives an I/F switching command as shown in FIG. 9 described above through the non-contact I/F, the command processing unit 61 inputs "communication speed information" and "buffer size for contact I/F" in the command body. The acquired information is stored as communication parameters in the contact I/F information 811 stored in the I/F information storage unit 81. Then, the command processing unit 61 causes the communication unit 5 to transmit a response as shown in FIG. Switch to F.

In addition, when the command processing unit 61 receives a command to perform communication between the external device 2 and the IC card 1 through the contact I/F, the command processing unit 61 receives the contact I/F stored in the I/F information storage unit 81. Confidential communication is performed using the contact I/F session key of the F information 811. For example, in response to a command to receive data from the external device 2 through secure communication, the command processing unit 61 causes the encryption processing unit 62 to decrypt the received encrypted data using the contact I/F session key.
Furthermore, if message authentication information is added to the received data through secure communication, the command processing unit 61 causes the encryption processing unit 62 to generate message authentication information from the received data using the contact I/F session key. Then, the validity of the received data is determined based on whether the received message authentication information and the generated message authentication information match.

Further, the command processing unit 61 causes the cryptographic processing unit 62 to encrypt the plain text data to be transmitted using the session key for the contact I/F, for example, in response to a command to transmit data to the external device 2 through confidential communication. .
In addition, when adding message authentication information to transmission data through secure communication, the command processing unit 61 causes the encryption processing unit 62 to generate message authentication information from the transmission data using the session key for contact I/F, The generated message authentication information is added to the transmission data and transmitted to the external device 2 via the contact I/F.

In addition, when the command processing unit 61 receives a command to perform communication between the external device 2 and the IC card 1 through the contactless I/F using confidential communication, the command processing unit 61 also processes the contactless information stored in the I/F information storage unit 81. Confidential communication is performed using the contactless I/F session key of the I/F information 812. In this case, the command processing unit 61 uses the contactless I/F session key to cause the cryptographic processing unit 62 to execute the same process as when the command is received through the contact I/F. In this case, the information is transmitted to the external device 2 via the non-contact I/F.

The cryptographic processing unit 62 executes various processes such as encryption processing, decryption processing, and message authentication information generation processing.

Next, the operation of the IC card system 200 and the IC card 1 according to this embodiment will be described with reference to the drawings.
FIG. 11 is a flowchart showing an example of the key exchange command processing of the IC card 1 of this embodiment.

As shown in FIG. 11, in the activated state of the IC card 1, the IC card 1 determines whether or not a command has been received (step S101). That is, the communication unit 5 of the IC card 1 determines whether a command has been received from the external device 2 via the contact I/F unit 51 or the non-contact I/F unit 52. When the communication unit 5 receives the command (step S101: YES), the communication unit 5 advances the process to step S102. If the communication unit 5 has not received the command (step S101: NO), the communication unit 5 returns the process to step S101 and repeats the process of step S101.

In step S102, the command processing unit 61 of the IC card 1 acquires the command. That is, the command processing unit 61 acquires a command from the communication unit 5.

Next, the command processing unit 61 determines whether the received command is a key exchange command (step S103). The command processing unit 61 determines whether the received command is a key exchange command based on "CLA" and "INS" of the acquired commands. If the received command is a key exchange command (step S103: YES), the command processing unit 61 advances the process to step S104. Further, if the received command is not a key exchange command (step S103: NO), the command processing unit 61 advances the process to step S109.

In step S104, the command processing unit 61 determines whether a command has been received through the contact I/F. The command processing unit 61 acquires information on the interface used for reception from the communication unit 5 and determines whether the command has been received through the contact I/F. When the command processing unit 61 receives the command through the contact I/F (step S104: YES), the command processing unit 61 advances the process to step S105. Further, when the command processing unit 61 has not received the command through the contact I/F (the command has been received through the non-contact I/F) (step S104: NO), the command processing unit 61 advances the process to step S107.

In step S105, the command processing unit 61 generates a contactless I/F session key based on the received device public key and contactless I/F private key. That is, the command processing unit 61 generates a contactless I/F session key based on the device public key included in the key exchange command and the contactless I/F private key stored in the I/F information storage unit 81. is generated and stored in the I/F information storage section 81.

Next, the command processing unit 61 transmits a response including the card public key for the contactless I/F (step S106). That is, the command processing unit 61 acquires the contactless I/F public key included in the contactless I/F information 812 of the I/F information storage unit 81, and uses the contactless I/F as shown in FIG. A response including the /F public key as the card public key is transmitted to the communication unit 5 through the contact I/F. After the process in step S106, the command processing unit 61 returns the process to step S101.

Further, in step S107, the command processing unit 61 generates a contact I/F session key based on the received device public key and the contact I/F private key. That is, the command processing unit 61 generates a contact I/F session key based on the device public key included in the key exchange command and the contact I/F private key stored in the I/F information storage unit 81. and stores it in the I/F information storage section 81.

Next, the command processing unit 61 transmits a response including the card public key for the contact I/F (step S108). That is, the command processing unit 61 acquires the contact I/F public key included in the contact I/F information 811 of the I/F information storage unit 81, and executes the contact I/F public key as shown in FIG. A response including the public key as the card public key is transmitted to the communication unit 5 through the non-contact I/F. After the process in step S108, the command processing unit 61 returns the process to step S101.

Furthermore, in step S109, the command processing unit 61 executes other command processing. Here, other command processing refers to processing of commands corresponding to "CLA" and "INS" other than the key exchange command.

Next, the IC card 1 transmits the response to the external device 2 (step S110). That is, the command processing unit 61 generates a response including the result of the command processing, and transmits the response to the external device 2 via the communication unit 5. After the process in step S110, the command processing unit 61 returns the process to step S101.

Next, with reference to FIG. 12, I/F switching command processing of the IC card 1 of this embodiment will be described.
FIG. 12 is a flowchart showing an example of I/F switching command processing of the IC card 1 of this embodiment.

As shown in FIG. 12, in the activated state of the IC card 1, the IC card 1 determines whether or not a command has been received (step S201). That is, the communication unit 5 of the IC card 1 determines whether a command has been received from the external device 2 via the contact I/F unit 51 or the non-contact I/F unit 52. Note that the processing in step S201 and step S202 is the same as the processing in step S101 and step S102 shown in FIG. 11 described above, so the description thereof will be omitted here.

In step S203, the command processing unit 61 determines whether the received command is an I/F switching command (step S203). The command processing unit 61 determines whether the received command is an I/F switching command based on "CLA" and "INS" of the acquired commands. If the received command is an I/F switching command (step S203: YES), the command processing unit 61 advances the process to step S204. Further, if the received command is not an I/F switching command (step S203: NO), the command processing unit 61 advances the process to step S211.

In step S204, the command processing unit 61 determines whether a command has been received through the contact I/F. When the command processing unit 61 receives the command through the contact I/F (step S204: YES), the command processing unit 61 advances the process to step S205. Further, if the command processing unit 61 has not received the command through the contact I/F (the command has been received through the non-contact I/F) (step S204: NO), the command processing unit 61 advances the process to step S208.

In step S205, the command processing unit 61 sets the received communication parameters for the non-contact I/F. The command processing unit 61 transfers the reception speed information, transmission speed information, and non-contact I/F buffer size included in the received I/F switching command to the non-contact I/F stored in the I/F information storage unit 81. The information 812 is stored as a communication parameter.

Next, the command processing unit 61 transmits a response to the I/F switching command via the contact I/F (step S206). That is, the command processing section 61 causes the communication section 5 to transmit a response as shown in FIG. 8 described above through the contact I/F.

Next, the command processing unit 61 switches to the non-contact I/F (step S207). That is, the command processing section 61 stops the contact I/F section 51 of the communication section 5, operates the non-contact I/F section 52, and switches from the contact I/F to the non-contact I/F. After the process in step S207, the command processing unit 61 returns the process to step S201.

Further, in step S208, the command processing unit 61 sets the received communication parameters for the contact I/F. The command processing unit 61 stores the communication speed information and the contact I/F buffer size included in the received I/F switching command in the contact I/F information 811 stored in the I/F information storage unit 81 as communication parameters. Make me remember.

Next, the command processing unit 61 transmits a response to the I/F switching command via the contact I/F (step S209). That is, the command processing unit 61 causes the communication unit 5 to transmit a response as shown in FIG. 10 described above through the contact I/F.

Next, the command processing unit 61 switches to the contact I/F (step S210). That is, the command processing unit 61 stops the non-contact I/F unit 52 of the communication unit 5, operates the contact I/F unit 51, and switches from the non-contact I/F to the contact I/F. After the process in step S210, the command processing unit 61 returns the process to step S201.

Furthermore, in step S211, the command processing unit 61 executes other command processing. Here, other command processing refers to processing of commands corresponding to "CLA" and "INS" other than the I/F switching command.

Next, the IC card 1 transmits the response to the external device 2 (step S212). That is, the command processing unit 61 generates a response including the result of the command processing, and transmits the response to the external device 2 via the communication unit 5. After the process in step S211, the command processing unit 61 returns the process to step S201.

Next, with reference to FIG. 13, the key exchange process of the IC card system 200 of this embodiment will be described.
FIG. 13 is a diagram showing an example of the key exchange process of the IC card system 200 of this embodiment.

As shown in FIG. 13, the external device 2 first executes activation processing for the IC card 1 (step S301). The activation processing here includes reception of an initial response (Answer To Reset) by the contact I/F of the IC card 1 of the external device 2, communication setting processing, anti-collision processing by the non-contact I/F, and non-contact I/F. This includes processing to check the support status of /F communications. In this example, it is assumed that the IC card 1 has been switched to a contact I/F after activation.

Next, the external device 2 transmits a key exchange command to the IC card 1 via the contact I/F (step S302). Note that this key exchange command using the contact I/F includes the device public key for the non-contact I/F.

Next, the IC card 1 generates a contactless I/F session key in response to the key exchange command (step S303). The control unit 60 (command processing unit 61) of the IC card 1 uses the received device public key for contactless I/F and the private key for contactless I/F stored in the I/F information storage unit 81. Then, a contactless I/F session key is generated, and the contactless I/F session key is stored in the I/F information storage unit 81.

Next, the IC card 1 transmits a response to the key exchange command to the external device 2 via the contact I/F (step S304). The command processing unit 61 of the IC card 1 causes the external device 2 to transmit a response including the contactless I/F public key stored in the I/F information storage unit 81 as the card public key via the communication unit 5. .

Next, the external device 2 generates a contactless I/F session key (step S305). The control unit 24 of the external device 2 generates a contactless I/F session key based on the card public key received from the IC card 1 and the contactless I/F private key of the external device 2.

Next, the external device 2 transmits an I/F switching command to the IC card 1 via the contact I/F (step S306). Note that the I/F switching command by the contact I/F includes communication parameters for the contactless I/F (for example, reception speed information, transmission speed information, and contactless I/F buffer size).

Next, the IC card 1 sets communication parameters for the non-contact I/F in response to the I/F switching command (step S307). The command processing unit 61 causes the I/F information storage unit 81 to store communication parameters (reception speed information, transmission speed information, and non-contact I/F buffer size) included in the I/F switching command.

Next, the IC card 1 transmits a response to the I/F switching command to the external device 2 via the contact I/F (step S308).
Next, the IC card 1 is switched to the non-contact I/F (step S309). The command processing unit 61 stops the contact I/F unit 51 of the communication unit 5, operates the non-contact I/F unit 52, and switches from the contact I/F to the non-contact I/F.

Next, the external device 2 transmits a key exchange command to the IC card 1 via the contactless I/F (step S310). Note that this key exchange command using the contactless I/F includes the device public key for the contact I/F.

Next, the IC card 1 generates a contact I/F session key in response to the key exchange command (step S311). The command processing unit 61 generates a session key for the contact I/F based on the received device public key for the contact I/F and the private key for the contact I/F stored in the I/F information storage unit 81. Then, the contact I/F session key is stored in the I/F information storage unit 81.

Next, the IC card 1 transmits a response to the key exchange command to the external device 2 via the contact I/F (step S312). The command processing unit 61 causes the external device 2 to transmit a response including the contact I/F public key stored in the I/F information storage unit 81 as the card public key via the communication unit 5.

Next, the external device 2 generates a contact I/F session key (step S313). The control unit 24 of the external device 2 generates a contact I/F session key based on the card public key received from the IC card 1 and the contact I/F private key of the external device 2.
As a result, the external device 2 and the IC card 1 have a common contact I/F session key and a common contactless I/F session key.

Next, with reference to FIG. 14, I/F switching processing of the IC card system 200 of this embodiment will be described.
FIG. 14 is a diagram showing an example of I/F switching processing of the IC card system 200 of this embodiment. Here, a case will be described in which processing is performed from a state in which the key exchange processing shown in FIG. 13 described above is completed.

In FIG. 14, the external device 2 first transmits a normal processing command to the IC card 1 as secure messaging via the non-contact I/F (step S321).

Next, the IC card 1 generates secure messaging using the contactless I/F session key in response to the normal processing command (step S322). The control unit 60 (command processing unit 61) of the IC card 1 generates secure messaging using the non-contact I/F session key stored in the I/F information storage unit 81 from the data read in response to the normal processing command.

Next, the IC card 1 transmits a response to the normal secure messaging processing command to the external device 2 via the non-contact I/F (step S323). The command processing unit 61 transmits the response including the generated secure messaging to the external device 2 via the communication unit 5 and the non-contact I/F.

Next, the external device 2 transmits an I/F switching command to the IC card 1 via the non-contact I/F (step S324). Note that the I/F switching command by the non-contact I/F includes communication parameters for the contact I/F (for example, communication speed information and buffer size for the contact I/F).

Next, the IC card 1 sets communication parameters for the contact I/F in response to the I/F switching command (step S325). The command processing unit 61 causes the I/F information storage unit 81 to store communication parameters (communication speed information and contact I/F buffer size) included in the I/F switching command.

Next, the IC card 1 transmits a response to the I/F switching command to the external device 2 via the non-contact I/F (step S326).
Next, the IC card 1 is switched to the contactless I/F (step S327). The command processing unit 61 stops the non-contact I/F unit 52 of the communication unit 5, operates the contact I/F unit 51, and switches from the non-contact I/F to the contact I/F.

Next, the external device 2 transmits an important processing command to the IC card 1 as secure messaging via the contact I/F (step S328). Note that the important processing commands here are, for example, processing commands that handle important information, and include processing commands such as password verification and transmission/reception of data that is not very confidential. Here, a case will be described in which highly confidential data is read using an important processing command.

Next, the IC card 1 generates secure messaging using the contact I/F session key in response to the important secure messaging processing command (step S329). The command processing unit 61 generates secure messaging using the contact I/F session key stored in the I/F information storage unit 81 from the data read in response to the important processing command.

Next, the IC card 1 transmits a response to the important processing command to the external device 2 via the contact I/F (step S330). The command processing unit 61 transmits the response including the generated secure messaging to the external device 2 via the communication unit 5 and the contact I/F.

The process of switching from the contact I/F to the non-contact I/F using the I/F switching command from the next step S330 to step S334 is similar to the process from step S306 to step S309 shown in FIG. 13 described above. The explanation thereof will be omitted here.

Further, the processing of the normal processing command from step S335 to step S337 is the same as the processing from step S321 to step S323 described above, so the description thereof will be omitted here.

In this way, in the example shown in FIG. 14, the IC card system 200 switches to the contactless I/F when processing a normal processing command, and executes the processing for an important processing command that requires high confidentiality. When executing the process, the process is executed by switching the communication between the external device 2 and the IC card 1 to a contact I/F that is less likely to be intercepted from the outside.

As described above, the IC card 1 (portable electronic device) according to this embodiment includes the communication section 5 and the control section 60. The communication unit 5 can communicate with the same external device 2 through a plurality of interfaces (for example, contact I/F and non-contact I/F). The control unit 60 selects the first one of the plurality of interfaces in response to a key exchange command (key generation request) received by the communication unit 5 through the first interface (for example, contact I/F) of the plurality of interfaces. An encryption key is generated to be used for secure communication of a second interface (eg, non-contact I/F) that is different from the interface (eg, contact I/F). The key exchange command is a command (processing request) related to the process of generating an encryption key (for example, a session key).

Thereby, the IC card 1 according to the present embodiment generates an encryption key (for example, a session key) using a different interface, so that security can be improved. For example, even if a malicious third party intercepts and analyzes the communication of key exchange processing by the first interface (for example, contact I/F), the encryption key generated in the processing Since the IC card 1 according to the present embodiment is used in a second interface (e.g., non-contact I/F) different from the interface (e.g., contact I/F), the IC card 1 according to the present embodiment can be used by a malicious third party. security can be improved.

Further, in this embodiment, the first interface is a contact interface (contact I/F), and the second interface is a contactless interface (noncontact I/F).
As a result, the IC card 1 according to the present embodiment transfers the encryption key to be used for the contactless interface (contactless I/F) whose communication is likely to be intercepted from the contactless interface (contactless I/F). Since the information is generated using a contact type interface (contact I/F) in which communication is difficult to be intercepted, security can be improved.

Furthermore, in the present embodiment, the control unit 60 switches the interface with which the communication unit 5 communicates in response to an I/F switching command (switching request) that is a command to switch between multiple interfaces.
As a result, the IC card 1 according to the present embodiment switches to the contactless I/F and executes the process when executing a normal processing command, for example, and processes an important processing command that requires high confidentiality. When executing the process, the process can be executed by switching the communication between the external device 2 and the IC card 1 to a contact I/F that is less likely to be intercepted from the outside. That is, the IC card 1 according to the present embodiment enables switching of interfaces using an I/F switching command (switching request), thereby making it possible to switch interfaces flexibly according to processing, further improving security. Can be done.

Further, in this embodiment, the I/F switching command includes information indicating communication parameters of the interface after switching. The control unit 60 sets communication parameters of the switched interface in response to the I/F switching command.
As a result, the IC card 1 according to the present embodiment can dynamically change communication parameter settings such as communication speed when switching interfaces, and prevents a malicious third party from intercepting communication. It can be made even more difficult. Therefore, the IC card 1 according to this embodiment can further improve security.

Further, in the present embodiment, the control unit 60 responds to a first key exchange command (first key generation request) that is a key exchange command received by the communication unit 5 through the first interface (for example, contact I/F). Then, a second encryption key is generated to be used for secure communication of the second interface (for example, contactless I/F). In addition, the control unit 60 controls the first A first encryption key to be used for secure communication of the interface (for example, contact I/F) is generated.
As a result, since the IC card 1 according to the present embodiment performs the encryption key generation process using different interfaces, analysis by a malicious third party can be prevented, and security can be further improved. .

(Second embodiment)
Next, an IC card 1 according to a second embodiment will be described with reference to the drawings.
In the second embodiment, a modification example in which an I/F switching command is not required when switching the interface will be described.

Note that the basic configurations of the IC card system 200 and the IC card 1 according to this embodiment are the same as those of the first embodiment shown in FIGS. 1 to 3 described above, and therefore the description thereof will be omitted here. In this embodiment, the processing of the control unit 60 is different from the first embodiment.

In this embodiment, the communication unit 5 can always accept communication via a plurality of interfaces while waiting to receive an arbitrary command. That is, in the command waiting state, the communication unit 5 does not switch between the contact I/F unit 51 and the non-contact I/F unit 52 to operate them, but operates the contact I/F unit 51 and the non-contact I/F unit. 52 are both operational.

Further, in the present embodiment, the command processing unit 61 of the control unit 60 selects the interface from which the communication unit 5 has received an arbitrary command from among the plurality of interfaces as an interface to be used for communication with the external device 2. Switch. That is, the command processing unit 61 transmits the response to the external device 2 through the same interface as the interface through which the arbitrary command was received.
For example, when the command processing unit 61 receives a command through the contact I/F, it transmits a response through the contact I/F. Further, when the command processing unit 61 receives a command through the contactless I/F, the command processing unit 61 transmits a response through the contactless I/F.

In this embodiment, the I/F switching command does not need to be executed every time the interface is switched, but rather sets the communication parameters of the interface after switching.
For example, when the command processing unit 61 receives an I/F switching command through the contact I/F, the command processing unit 61 inputs communication parameters for the non-contact I/F (reception speed information, transmission speed information, and the buffer for the non-contact I/F). size). Note that the data structure of the I/F switching command in this case is the same as that of the first embodiment shown in FIG. 7 described above.

Further, for example, when the command processing unit 61 receives an I/F switching command through the non-contact I/F, the command processing unit 61 inputs communication parameters for the contact I/F (communication speed information and buffer size for the contact I/F). Set. Note that the data structure of the I/F switching command in this case is the same as that of the first embodiment shown in FIG. 9 described above.

Next, the operation of the IC card system 200 and the IC card 1 according to this embodiment will be described with reference to the drawings.
FIG. 15 is a flowchart showing an example of I/F switching command processing of the IC card 1 of this embodiment.

In FIG. 15, the processing from step S401 to step S404 is the same as the processing from step S201 to step S204 shown in FIG. 12 described above, so the description thereof will be omitted here. Note that in step S404, when the command processing unit 61 receives the command through the contact I/F (step S404: YES), the command processing unit 61 advances the process to step S405. Further, if the command processing unit 61 has not received the command through the contact I/F (the command has been received through the non-contact I/F) (step S404: NO), the command processing unit 61 advances the process to step S407.

Furthermore, since the processing in step S405 and step S406 is similar to the processing in step S205 and step S206 shown in FIG. 12 described above, the description thereof will be omitted here. In this embodiment, the command processing unit 61 switches the communication unit 5 from the contact I/F unit 51 after the process of step S406 without executing the process of switching to the non-contact I/F in step S207 shown in FIG. Both the contact I/F unit 52 and the contact I/F unit 52 are made operable, and the process returns to step S401.

Furthermore, since the processing in step S407 and step S408 is similar to the processing in step S208 and step S209 shown in FIG. 12 described above, the description thereof will be omitted here. In this embodiment, the command processing unit 61 does not perform the process of switching to the contact I/F in step S210 shown in FIG. Both the I/F unit 52 and the I/F unit 52 are made operable, and the process returns to step S401.
Furthermore, since the processing in step S409 and step S410 is similar to the processing in step S211 and step S212 shown in FIG. 12 described above, the description thereof will be omitted here.

Next, with reference to FIG. 16, the key exchange process of the IC card system 200 of this embodiment will be described.
FIG. 16 is a diagram showing an example of the key exchange process of the IC card system 200 of this embodiment.

In FIG. 16, the processing from step S501 to step S508 is the same as the processing from step S301 to step S308 shown in FIG. 13 described above, so the description thereof will be omitted. Furthermore, since the processing from step S509 to step S512 is the same as the processing from step S310 to step S313 shown in FIG. 13 described above, the explanation thereof will be omitted.

Note that in this embodiment, the IC card 1 is similar to the first embodiment shown in FIG. 13, except that the process of switching to the non-contact I/F in step S309 shown in FIG. 13 is not executed.
In this embodiment, switching of the interface is performed by the external device 2 switching the interface to be used.

Next, with reference to FIG. 17, I/F switching processing of the IC card system 200 of this embodiment will be described.
FIG. 17 is a diagram showing an example of I/F switching processing of the IC card system 200 of this embodiment. Here, a case will be described in which the process is performed from a state in which the key exchange process shown in FIG. 16 described above is completed.

In FIG. 17, the processing from step S521 to step S526 is the same as the processing from step S321 to step S326 shown in FIG. 14 described above, so the description thereof will be omitted. Furthermore, since the processing from step S527 to step S529 is similar to the processing from step S328 to step S330 shown in FIG. 14 described above, the explanation thereof will be omitted. Furthermore, since the processing from step S530 to step S532 is similar to the processing from step S335 to step S337 shown in FIG. 14 described above, the explanation thereof will be omitted.

In this embodiment, the IC card 1 does not execute the process of switching to the contactless I/F in step S327 shown in FIG. 14 and the process of the I/F switching command from step S331 to step S334. This is similar to the first embodiment shown in FIG.
In this embodiment, the external device 2 does not need to send an I/F switching command to the IC card 1 every time the interface is switched between the contact I/F and the non-contact I/F.

As described above, in the IC card 1 according to the present embodiment, the communication unit 5 can always accept communication via a plurality of interfaces while waiting to receive an arbitrary command. The control unit 60 (command processing unit 61) switches the interface from which the communication unit 5 has received an arbitrary command from among the plurality of interfaces as the interface to be used for communication with the external device 2.
As a result, in the IC card 1 according to the present embodiment, there is no need to send an I/F switching command to the IC card 1 every time the interface is switched, and convenience can be improved without reducing security. can.

(Third embodiment)
Next, an IC card 1 according to a third embodiment will be described with reference to the drawings.
In the third embodiment, a modification example in which the interface is switched before sending a response to an I/F switching command when switching the interface will be described.

Note that the basic configurations of the IC card system 200 and the IC card 1 according to this embodiment are the same as those of the first embodiment shown in FIGS. 1 to 3 described above, and therefore the description thereof will be omitted here. In this embodiment, the processing of the control unit 60 is different from the first embodiment.

In this embodiment, the command processing unit 61 of the control unit 60 causes the communication unit 5 to send back a response (processing response) to the I/F switching command using the switched interface. That is, when the command processing unit 61 receives an I/F switching command through the contact I/F, the command processing unit 61 switches from the contact I/F to the non-contact I/F before transmitting the response, and transfers the response to the non-contact I/F. /F to send to external device 2. Further, when the command processing unit 61 receives an I/F switching command through the contactless I/F, the command processing unit 61 switches the contactless I/F to the contact I/F before transmitting the response, and transfers the response to the contact I/F. /F to send to external device 2.

Next, the operation of the IC card system 200 and the IC card 1 according to this embodiment will be described with reference to the drawings.
FIG. 18 is a flowchart showing an example of I/F switching command processing of the IC card 1 of this embodiment.

In FIG. 18, the processing from step S601 to step S604 is the same as the processing from step S201 to step S204 shown in FIG. 12 described above, so the description thereof will be omitted here. Note that in step S604, when the command processing unit 61 receives a command through the contact I/F (step S604: YES), the command processing unit 61 advances the process to step S605. Further, if the command processing unit 61 has not received the command through the contact I/F (the command has been received through the non-contact I/F) (step S604: NO), the command processing unit 61 advances the process to step S608.

In step S605, the command processing unit 61 sets the received communication parameters for the non-contact I/F.
Next, the command processing unit 61 switches to the non-contact I/F (step S606). That is, the command processing section 61 stops the contact I/F section 51 of the communication section 5, operates the non-contact I/F section 52, and switches from the contact I/F to the non-contact I/F.
Next, the command processing unit 61 transmits a response to the I/F switching command using the non-contact I/F (step S607). After the process in step S607, the command processing unit 61 returns the process to step S601.

Further, in step S608, the command processing unit 61 sets the received communication parameters for the contact I/F.
Next, the command processing unit 61 switches to the contact I/F (step S609). That is, the command processing unit 61 stops the non-contact I/F unit 52 of the communication unit 5, operates the contact I/F unit 51, and switches from the non-contact I/F to the contact I/F.
Next, the command processing unit 61 transmits a response to the I/F switching command via the contact I/F (step S610). After the process in step S610, the command processing unit 61 returns the process to step S601.

Furthermore, since the processing in step S611 and step S612 is similar to the processing in step S211 and step S212 shown in FIG. 12 described above, the description thereof will be omitted here.

Next, with reference to FIG. 19, I/F switching processing of the IC card system 200 of this embodiment will be described.
FIG. 19 is a diagram showing an example of I/F switching processing of the IC card system 200 of this embodiment. Here, a case will be described in which processing similar to that in FIG. 14 described above is performed.

In FIG. 19, the processing from step S701 to step S703, the processing from step S708 to step S710, and the processing from step S715 to step S717 are the processing from step S321 to step S323 shown in FIG. Since the processing from step S330 to step S330 is the same as the processing from step S335 to step S337, the explanation thereof will be omitted.

In the processing from step S704 to step S707, in response to the I/F switching command sent by the external device 2 via the non-contact I/F, the command processing unit 61 switches from the non-contact I/F to the contact I/F. (Step S706), and then transmits the response to the external device 2 via the contact I/F (Step S707).

Further, in the processing from step S711 to step S714, in response to the I/F switching command sent by the external device 2 through the contact I/F, the command processing unit 61 switches the I/F from the contact I/F to the non-contact I/F. After switching (step S713), a response is transmitted to the external device 2 via the non-contact I/F (step S714).

In this manner, in the present embodiment, the command processing unit 61 transmits a response to the I/F switching command using an interface (post-switched interface) different from the interface that received the I/F switching command.

As described above, in the IC card 1 according to the present embodiment, the control unit 60 (command processing unit 61) causes the communication unit 5 to return a response (processing response) to the I/F switching command through the switched interface. .
As a result, the IC card 1 according to the present embodiment has the same effect as the first embodiment, and since the interfaces for the I/F switching command and response are different, communication interception by a malicious third party is prevented. It can be made more difficult. Therefore, the IC card 1 according to this embodiment can further improve security.

(Fourth embodiment)
Next, an IC card 1 according to a fourth embodiment will be described with reference to the drawings.
In the fourth embodiment, a modification example in which, when reading data as a response to an important processing command, the data is divided into divided data and the divided data is transmitted to the external device 2 through confidential communication using a different interface. I will explain about it.

Note that the basic configurations of the IC card system 200 and the IC card 1 according to this embodiment are the same as those of the first embodiment shown in FIGS. 1 to 3 described above, and therefore the description thereof will be omitted here. In this embodiment, the processing of the control unit 60 is different from the first embodiment.

In this embodiment, the command processing unit 61 of the control unit 60 divides transmission data (transmission information) to be transmitted to the external device 2 into at least two or more pieces of divided data (divided information), and divides the divided pieces of divided data into The communication unit 5 is caused to transmit by secret communication using two or more different interfaces among the plurality of interfaces.

For example, the command processing unit 61 divides the response data of the important processing command into two pieces of divided data. The command processing unit 61 generates secure messaging for one of the two divided data using the contact I/F session key, and transmits the secure messaging to the external device 2 via the contact I/F. Further, the command processing unit 61 generates secure messaging for the other of the two divided data using the contactless I/F session key, and transmits the secure messaging to an external device using the contactless I/F. Send to 2.

Note that the command processing unit 61 may transmit the divided data by secret communication using two or more different interfaces based on random numbers. That is, the command processing unit 61 may dynamically change the interface for transmitting the divided data based on random numbers.

Next, with reference to FIG. 20, command processing of the IC card 1 according to this embodiment will be described.
FIG. 20 is a diagram showing an example of data communication processing when the I/F of the IC card system 200 according to the present embodiment is switched.

In FIG. 20, the external device 2 first transmits an important processing command to the IC card 1 as secure messaging via the contact I/F (step S801). Note that the important processing command here is, for example, a command for reading highly confidential data.
Next, the command processing unit 61 of the IC card 1 divides the data to be transmitted as a response into two pieces of divided information (divided data A and divided data B) in accordance with the important processing command of secure messaging (step S802).

Next, the command processing unit 61 generates secure messaging A from the divided data A using the contact I/F session key (step S803).
Further, the command processing unit 61 generates secure messaging B from the divided data B using the contactless I/F session key (step S804).

Next, the IC card 1 transmits a response (secure messaging A) to the external device 2 via the contact I/F (step S805). The command processing unit 61 causes the communication unit 5 to transmit a response including the secure messaging A to the external device 2 via the contact I/F.
Furthermore, the IC card 1 transmits a response (secure messaging A) to the external device 2 via the contact I/F (step S806). The command processing unit 61 causes the communication unit 5 to transmit a response including the secure messaging B to the external device 2 via the non-contact I/F.

The external device 2 acquires the divided data A from the received secure messaging A (step S807). The control unit 24 of the external device 2 obtains the divided data A from the secure messaging A using the contact I/F session key.
Furthermore, the external device 2 obtains divided data B from the received secure messaging B (step S808). The control unit 24 obtains the divided data B from the secure messaging B using the contactless I/F session key.

Next, the external device 2 generates reply data (A8 response data) from the divided data A and the divided data B (step S809).

As described above, in the IC card 1 according to the present embodiment, the control unit 60 (command processing unit 61) divides transmission data (transmission information) to be transmitted to the external device 2 into at least two or more pieces of divided data (divided information). ), and causes the communication unit 5 to transmit the divided data through secret communication using two or more different interfaces among the plurality of interfaces.
As a result, in the IC card 1 according to the present embodiment, transmission data is divided into divided data and transmitted through confidential communication using two or more different interfaces, making it more difficult for a third party with malicious intent to intercept the communication. It can be done. Therefore, the IC card 1 according to this embodiment can further improve security.

Further, in the present embodiment, the control unit 60 (command processing unit 61) may transmit the divided division information by secret communication using two or more different interfaces based on random numbers.
As a result, the IC card 1 according to the present embodiment can dynamically switch the interface to be used using random numbers, thereby further improving security.

In addition, although the above-mentioned each embodiment explained the example implemented independently, you may implement by combining a part of each embodiment.
Further, in each of the above embodiments, an example in which two interfaces, a contact I/F and a non-contact I/F, are applied as an example of a plurality of interfaces has been described, but the present invention is not limited to this. For example, the plurality of interfaces may be three or more interfaces. Furthermore, the plurality of interfaces may be interfaces with different protocols in contact I/F or non-contact I/F, for example.

Further, in each of the above embodiments, an example in which a key exchange command is used as an example of a command related to processing for generating an encryption key has been described, but the present invention is not limited to this. The commands related to the process of generating an encryption key may be, for example, a series of commands for exchanging random numbers generated by the external device 2 and the IC card 1 with each other and generating a session key based on the random numbers and the private key. good.

Further, in each of the above embodiments, an example was explained in which a response including secure messaging is sent from the IC card 1 to the external device 2 as an example of the normal processing command and the important processing command, but the present invention is not limited to this. . The normal processing command and the important processing command may be commands for transmitting data such as secure messaging to the IC card 1.

In addition, in the fourth embodiment described above, an example was explained in which the data to be sent from the IC card 1 to the external device 2 is divided, but the data to be sent from the external device 2 to the IC card 1 can be divided into multiple The transmission may be performed by switching between different interfaces using confidential communication.

Further, in each of the above embodiments, the IC card 1 is configured to include the EEPROM 9 as a rewritable nonvolatile memory, but the present invention is not limited to this. For example, the IC card 1 may include a flash memory, FeRAM (Ferroelectric Random Access Memory), or the like instead of the EEPROM 9.

According to at least one embodiment described above, the communication unit 5 is capable of communicating with the same external device 2 through a plurality of interfaces, and the communication unit 5 responds to a key exchange command received by the contact interface among the plurality of interfaces. Furthermore, security can be improved by including a control unit 60 that generates an encryption key used for secret communication of a contactless interface different from a contact interface among the plurality of interfaces.

The above embodiment can be expressed as follows.
a communication unit capable of communicating with the same external device through multiple interfaces, including a contact interface using a contact unit and a non-contact interface using an antenna;
a storage unit that stores at least information regarding programs executable by the computer;
a hardware processor that executes a program stored in the storage unit,
By executing the program, the hardware processor:
the first interface among the plurality of interfaces in response to a key generation request, which is a processing request related to processing for generating an encryption key, received by the communication unit by the first interface among the plurality of interfaces; A portable electronic device configured to perform a process of generating the encryption key used for secure communication of a different second interface.

Note that a program for realizing the functions of each component included in the IC card system 200 in the embodiment is recorded on a computer-readable recording medium, and the program recorded on the recording medium is read into the computer system and executed. Accordingly, processing in each configuration included in the above-mentioned IC card system 200 may be performed. Here, "reading a program recorded on a recording medium into a computer system and executing it" includes installing the program on the computer system. The "computer system" here includes hardware such as an OS and peripheral devices.
Furthermore, the term "computer-readable recording medium" refers to portable media such as flexible disks, magneto-optical disks, ROMs, and CD-ROMs, and storage devices such as hard disks built into computer systems.

Although several embodiments of the invention have been described, these embodiments are presented by way of example and are not intended to limit the scope of the invention. These embodiments can be implemented in various other forms, and various omissions, substitutions, and changes can be made without departing from the gist of the invention. These embodiments and their modifications are included within the scope and gist of the invention as well as within the scope of the invention described in the claims and its equivalents.

DESCRIPTION OF SYMBOLS 1...IC card, 2...External device, 3...Contact section, 4, 22...Antenna, 5, 20...Communication section, 6...CPU, 7...ROM, 8...RAM, 9...EEPROM, 10...IC module, 11 ...Coprocessor, 21...Contact communication unit, 23...Contact communication unit, 24, 60...Control unit, 61...Command processing unit, 62...Encryption processing unit, 81...I/F information storage unit, 91...Secret data storage Part, 100...IC chip, 200...IC card system, 811...contact I/F information, 812...non-contact I/F information, PT...card base material

Claims (8)

a communication unit capable of communicating with the same external device through multiple interfaces;
The plurality of interfaces in response to a first key generation request, which is a processing request related to processing for generating a first encryption key, received by the communication unit from the external device through the first interface of the plurality of interfaces. generating a second encryption key to be used for secure communication with the external device through a second interface different from the first interface ;
The plurality of interfaces in response to a second key generation request, which is a processing request related to processing for generating a second encryption key, received by the communication unit from the external device by the second interface of the plurality of interfaces. a control unit that generates the first encryption key to be used for secure communication with the external device through the first interface ;
Equipped with
The control unit transmits the generated second encryption key from the communication unit to the external device through the first interface , and transmits the generated first encryption key from the communication unit through the second interface. transmitting to the external device;
The first interface is a contact interface, and the second interface is a contactless interface.
Portable electronic devices. The portable electronic device according to claim 1, wherein the control unit switches the interface with which the communication unit communicates in response to a switching request that is a processing request for switching the plurality of interfaces. The switching request includes information indicating communication parameters of the interface after switching,
The portable electronic device according to claim 2, wherein the control unit sets communication parameters of the switched interface in response to the switching request. The portable electronic device according to claim 2 or 3, wherein the control unit causes the communication unit to return a processing response to the switching request via the switched interface. The communication unit is always capable of accepting communications via the plurality of interfaces while waiting to receive any processing request;
The portable device according to claim 1, wherein the control unit switches an interface from which the communication unit has received the arbitrary processing request from among the plurality of interfaces as an interface to be used for communication with the external device. electronic equipment. The control unit divides transmission information to be transmitted to the external device into at least two pieces of divided information, and transmits the divided divided information to a communication unit of two or more different interfaces among the plurality of interfaces. The portable electronic device according to any one of claims 1 to 5 , wherein the portable electronic device is transmitted by secret communication. The portable electronic device according to claim 6 , wherein the control unit transmits the divided information based on random numbers through secret communication between the two or more different interfaces. a communication unit capable of communicating with the same external device through multiple interfaces;
The plurality of interfaces in response to a first key generation request, which is a processing request related to processing for generating a first encryption key, received by the communication unit from the external device by the first interface of the plurality of interfaces. generating a second encryption key to be used for secure communication with the external device through a second interface different from the first interface ;
The plurality of interfaces in response to a second key generation request, which is a processing request related to processing for generating a second encryption key, received by the communication unit from the external device by the second interface of the plurality of interfaces. a control unit that generates the first encryption key used for secure communication with the external device through the first interface ;
Equipped with
The control unit transmits the generated second encryption key from the communication unit to the external device through the first interface , and transmits the generated first encryption key from the communication unit through the second interface. transmitting to the external device;
The first interface is a contact interface, and the second interface is a contactless interface.
IC module and
An IC card comprising: a card body in which the IC module is embedded;

Images