JPH0766428B2 - IC card authentication method - Google Patents

Description

DETAILED DESCRIPTION OF THE INVENTION [Industrial field of application] The present invention relates to an IC card authentication method, and more particularly, to an IC card authentication in which a plurality of sets of authentication data and the priority of this authentication data are registered in the IC card. Regarding the method.

[Conventional technology]

It is expected that IC cards will spread as a medium to replace magnetic cards, but as the applications of IC cards expand,
Security becomes more important. Therefore, when using an IC card, a system that performs authentication each time is essential.

The usual authentication method is to register the authentication data in a specific memory area in the IC card and compare the authentication data given to the terminal by the user with the authentication data registered in the IC card. Is being done. Further, as a method for further improving security, for example, Japanese Patent Laid-Open No. 62-62
Japanese Patent Laid-Open No. 190583 discloses a method of registering a plurality of sets of authentication data in an IC card, and reading out the plurality of sets of authentication data in various priorities and collating them in accordance with various cases. There is.

[Problems to be Solved by the Invention]

The method using a plurality of sets of authentication data described above provides a considerable improvement in security as compared with the method using a single set of authentication data. However, the user needs to input the authentication data in a different order for each case, and there is a problem that operability is deteriorated. For example, in the method described in the above-mentioned publication as an example, ten different priorities are set according to the time when the IC card is accessed, but the user can change the priority depending on the time.
It is very inconvenient because the input order of authentication data has to be changed. In addition, when the authentication procedure is known to others, there is a 1/10 chance that the authentication procedure will be effective, which poses a security problem.

Therefore, an object of the present invention is to provide an IC card authentication method that has good operability and can ensure a high degree of security.

[Means for Solving the Problems]

(1) In the first invention of the present application, a plurality of sets of authentication data and a priority order of the authentication data are registered in the IC card, and the plurality of sets of authentication data prepared in the external terminal device are registered. , In the authentication method of the IC card that matches the registered multiple sets of authentication data in the registered priority, the identification data unique to each IC card is stored in the IC card.
The algorithm for decoding the encrypted data using this identification data and the encrypted data are stored.When the encrypted data is given from the external terminal device, the encrypted data is decoded based on the stored algorithm, and this decoding is performed. Based on the result, the priority registration is updated to a new one.

(2) In the second invention of the present application, in the first invention described above, encrypted data having the same number of digits n as the number n of sets of authentication data is used, and each digit forming the identification data is a matrix of n columns and a plurality of rows. , And perform a logical operation for each column to obtain n values.
A logical operation is performed between each of these values and each digit of the encrypted data to update n values, and a new priority order is determined based on the order of the magnitude of these n updated values. It is the one.

[Work]

(1) According to the first aspect of the present invention, it is possible to update the priority order registration from an external terminal. Therefore, even if the collation procedure is known to another person, if the priority order is changed, unauthorized access by another person is no longer received, and security is improved. Further, as long as the operation for changing the priority order is not performed, the access can be performed by the same verification procedure, and thus the operability is good.

Further, when performing the registration update operation of the priority order, the order data indicating the new priority order is transmitted from the terminal device to the IC card in the form of encrypted data, not as it is. Therefore, security is further improved.

(2) According to the second invention of the present application, the priority order is determined based on the matrix generated based on the identification data unique to the IC card and the given encrypted data. Therefore, it is possible to perform update work with high security.

〔Example〕

Hereinafter, the present invention will be described based on illustrated embodiments. FIG. 1 is a flow chart showing an access procedure of an IC card using an authentication method according to an embodiment of the present invention. Before describing this procedure in detail, the data structure in the IC card will be briefly described. FIG. 2 is a block diagram showing a state in which the IC card 20 is connected to the terminal device 10. Data is exchanged between the terminal device 10 and the IC card 20 as indicated by arrows in the figure. The IC card 20 is provided with the following areas for storing various data.

Directory area 21 Stores directory information such as address values for accessing other areas.

Authentication data area 22 Stores a plurality of sets of authentication data. In the example described here, there are four sets of authentication data as shown in FIG.
(Indicated by binary data).

Order data area 23 Sequential data indicating the order of priority of a plurality of sets of authentication data is stored. Each authentication data will be collated according to this priority. In this example, since four sets of authentication data are used as described above, the ranking data is
It indicates the collation order for the set. FIG. 4 shows an example of the order data, and according to this example, the verification is performed in the order of the authentication data.

Decoding algorithm area 24 The algorithm for decoding the encrypted data given from the terminal 10 is stored. Specifically, a program for decoding is stored.

Card number area 25 A card number, which is unique data for identifying each IC card, is stored. In this example, for example, 18 digits as shown in FIG. 5 (in this specification, one data unit forming a series of data is called one digit. In this example, one byte data unit is one digit. The card number that consists of the data is stored.

User data area 26 Stores user data that is original data to be stored in the IC card.

The IC card includes a processing unit such as a CPU in addition to the memory having the above-described areas, but it is not shown in FIG.

Now, referring to the flow chart of FIG. 1, the IC of this embodiment
The card access procedure will be described. First, the user
When the IC card is inserted into the reader / writer device for the IC card, the preparation process of step S1 is performed. This preparation process is a process for preparing for exchanging data between the terminal device 10 and the IC card 20, and for example, the terminal device 10
When a RESET signal is given from the IC card 20 to the IC card 20, the ANSWER TO RESET signal is returned from the IC card 20 to the terminal device 10 in response.

When the preparation process is completed, the terminal 10 waits for a command input to the IC card 20 in step S2. This command is classified into three types: authentication command, general command, and order change command.
The processing in the IC card 20 is different.

The authentication command is a command for authenticating whether or not the owner of this IC card is an authorized user, and normally this command is executed before accessing user data. When this authentication command is given from the terminal device 10, the authentication data is read from the authentication data area 22 in the IC card 20 as shown in step S3. According to the order of priority shown in the order data in the order data area 23, it is determined whether the read authentication data matches the authentication data input by the user to the terminal device 10 (step S4). In the case of this embodiment, four sets of authentication data shown in FIG. 3 are read out, and collation is performed in the order shown in FIG. 4, that is, the order of the authentication data. In other words, the two match only when the user inputs the authentication data to the terminal device 10 in this order. If they match, the collation flag is set to 1 in step S5. This collation flag becomes 1 when the collation results match, and 0 when they do not match or when the authentication work is not performed again. Further, in step S6, the normal status is set. On the other hand, if they do not match in step S4, the error status is set in step S7. Therefore, in this case, the collation flag remains 0. The above is the processing procedure for the authentication command.

The general command is an original access command for this IC card. For example, if user data is sent to the terminal 10
A general command is a command for reading to the side or rewriting user data. IC card 20
When this general command is given from the terminal device 10, first checks the collation flag in step S8. If the collation flag is 1, that is, if the verification command has already been processed and the collation results match, the process proceeds to step S9. In this step S9,
Processing for the given general command is performed. For example, processing such as reading or rewriting user data is actually performed. Then, in step S10, it is determined whether or not this process is normally performed, and if it is normally performed, a normal status is set in step S11. Further, in step S8, the collation flag is 0.
If it is, or if it is determined that an abnormality has occurred in step S10, the error status is set in step S12. In this way, unless the verification command is set and the verification flag is set to 1,
S9 command processing cannot be performed. In other words,
User data cannot be accessed unless the user enters the correct authentication data in the correct priority.

The rank changing command is a command for performing processing that is a feature of the present invention. The purpose of this command is to change the rank data in the rank data area 23. This is effective, for example, in the case where the user knows the operation of inputting the authentication data by another person. If the order data is changed, the priority order of the authentication data is different in the input operation known to others, so that collation matching cannot be performed and security can be improved. In the example shown in FIG. 4, the current ranking data is “2413”. Now, a case where the rank data is changed to "3412" will be described as an example. First, the terminal device 10 gives the IC card 20 the encrypted data corresponding to the new order data “3412”. This encrypted data is created using the card number of the IC card. The procedure for creating a cipher is the reverse of the procedure for decoding a cipher, which will be described later, and a description thereof will be omitted here. Upon receiving the encrypted data, the IC card 20 decodes the encrypted data in step S13. The decoding algorithm is written as a program in the decoding algorithm area 24. In the embodiment described here, the decoding is performed as follows. First, it is assumed that the encrypted data given from the terminal 10 side is X1, X2, X3, X4. In this algorithm, the number of digits of encrypted data matches the number of sets of authentication data. Therefore, in the case of this example, 4-digit encrypted data is created. First, the IC card 20 reads out a card number, which is unique identification data given to itself. In the example described here, the 18-digit card number shown in FIG. 5 (as described above, 1 byte is called 1 digit in this example) is read. The card numbers are arranged in a matrix as shown in FIG. Here, the number of columns in one row is made to match the number of sets of authentication data. That is, in the case of this example, one row is composed of four columns, the first four digits of the read card number are the first row, the next four digits are the second row, and so on. After all, in the case of this example, a matrix of 5 rows and 4 columns is formed, but since the card number has only 18 digits,
The matrix elements in the 5th row are insufficient by 2 digits. Therefore, padding processing is applied to this. In other words, what kind of data is used to make up for the shortfall. What kind of data will be used to supplement
As will be decided in advance, in this embodiment, the data which is always "20" is supplemented to the insufficient portion.
When the matrix of 5 rows and 4 columns as shown in FIG. 6 is completed in this way, logical operation is performed for each column. For example, for the first column, some logical operation is performed on the 5-digit data "A0, A4, A8, AC, B0", and Y1 is provided as the operation result. This logical operation may be any kind, but it must be decided in advance. For example, a logical sum, a logical product, an exclusive logical sum of all data may be taken.
In this way, a logical operation is performed on all the data in the four columns, and Y1, Y2, Y3, Y4 are obtained as the operation results. Next, these calculation results and the encrypted data X1, X2,
Predetermined logical operations are performed between X3 and X4 as shown in FIG. 7, and Z1, Z2, Z3 and Z4 are obtained as the operation results. When these are arranged in the descending order (or may be in the descending order), it is assumed that Z3>Z4>Z1> Z2 as shown in FIG. From this, the new ranking data can be determined to be "3412". In this way, by providing the encrypted data from the terminal device 10 to the IC card 20, the security can be further improved. In particular, when some kind of line is used between the terminal device 10 and the IC card 20, even if the communication via this line is tapped, it is possible to prevent the ranking data from leaking.

The above is an example of the decoding procedure of the encrypted data. When the decoding is completed, the order data is rewritten in step S14. That is, new order data “3412” is written in the order data area 23. Then, in step S15, it is determined whether or not this rewriting work has been normally performed. If normal, a normal status is set in step S16, and if there is any abnormality, an error status is set in step S17.

Although the procedure of three types of command processing has been described above, when each command processing ends, it is determined in step S18 whether or not to end all processing. For example, if a general command indicating that all the processes should be terminated is given, the entire procedure is terminated through step S18. If not ended, the process returns to the command input in step S2. At this time, since either the normal status or the error status is set, some message can be given to the terminal device 10 side when the next command is input.

The above-mentioned embodiment discloses one embodiment of the present invention, and the present invention is not limited to this embodiment. In particular, as the decoding method of the encrypted data, various methods other than this can be applied. Further, here, 1-byte unit data is treated as 1-digit data, but it is not always necessary to make 1-byte 1 digit.

〔The invention's effect〕

(1) According to the first invention of the present application, since the registration of the priority order can be updated from the external terminal, even if the collation procedure is known to another person, if the priority order is changed,
Security is improved by preventing unauthorized access by others. In addition, the operability is good because the access can be made by the same verification procedure unless the operation for changing the priority order is performed.

In addition, when the registration update operation of the priority order is performed, the order data indicating the new priority order is transmitted from the terminal device to the IC card in the form of encrypted data, not as it is, so that the security is further improved.

(2) According to the second invention of the present application, since the priority order is determined based on the matrix generated based on the identification data unique to the IC card and the given encrypted data, the update with high security is performed. Work becomes possible.

[Brief description of drawings]

FIG. 1 shows an IC using an authentication method according to an embodiment of the present invention.
FIG. 2 is a flow chart showing the card access procedure, and FIG.
FIG. 3 is a block diagram showing a state in which an IC card 20 is connected to FIG. 3, FIG. 3 is a diagram showing an example of authentication data, FIG. 4 is a diagram showing an example of order data, and FIG. 5 is a diagram showing an example of card number data. , FIG. 6 to FIG. 8 are diagrams showing logical operations necessary for a decoding procedure of encrypted data according to the present invention.

Claims (2)

[Claims] 1. A plurality of sets of authentication data and a priority order of the authentication data are registered in an IC card, and the registered plurality of sets of authentication data are prepared for a plurality of sets of authentication data prepared in an external terminal. In the IC card authentication method that collates a set of authentication data with the registered priority, identification data unique to each IC card is stored in the IC card.
An algorithm for decoding the encrypted data using this identification data, and stores the encrypted data, when the external terminal receives the encrypted data, decodes the encrypted data based on the algorithm,
A method of authenticating an IC card, characterized in that the registration of the priority is updated to a new one based on the decoding result. 2. The IC card authentication method according to claim 1, wherein encrypted data having the same number of digits n as the number n of sets of authentication data is used, and each digit forming the identification data is a matrix of n columns and a plurality of rows. , And perform a logical operation for each column to obtain n values.
Number of values and each digit of the encrypted data is logically operated to update the n values, and a new priority order is determined based on the order of magnitude of the n updated values. IC card authentication method characterized by: