WO2007108397A1 - Systeme de communication, serveur, dispositif de terminal client et procede de communication - Google Patents

Systeme de communication, serveur, dispositif de terminal client et procede de communication Download PDF

Info

Publication number
WO2007108397A1
WO2007108397A1 PCT/JP2007/055230 JP2007055230W WO2007108397A1 WO 2007108397 A1 WO2007108397 A1 WO 2007108397A1 JP 2007055230 W JP2007055230 W JP 2007055230W WO 2007108397 A1 WO2007108397 A1 WO 2007108397A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
identification information
client terminal
user identification
user
Prior art date
Application number
PCT/JP2007/055230
Other languages
English (en)
Japanese (ja)
Inventor
Moriya Chikata
Keiichi Hibi
Original Assignee
Sharp Kabushiki Kaisha
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sharp Kabushiki Kaisha filed Critical Sharp Kabushiki Kaisha
Publication of WO2007108397A1 publication Critical patent/WO2007108397A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Definitions

  • the present invention relates to a technique for user authentication via a network.
  • PKI public key infrastructure
  • the above authentication system has, for example, the following mechanism!
  • plaintext a predetermined unencrypted sentence
  • server a communication partner
  • user the person who wishes to authenticate
  • ciphertext that is encrypted with your private key.
  • the server that receives the plaintext and ciphertext set authenticates the user by decrypting the ciphertext with the user's public key authenticated by the certificate authority and comparing the decrypted text with the plaintext.
  • ciphertext Only a user who has a private key that is paired with the public key can create a ciphertext (thus, this ciphertext is called a “digital signature”). If the decrypted text matches, the server can authenticate the user. In some cases, instead of plaintext, plaintext power is also generated by encrypting the generated hash value.
  • the user since the secret key has a large number of digits and is difficult to store, the user usually stores and manages the secret key in a storage device such as an IC card, or a third party stores the secret key in the storage device of the client terminal. To prevent access, for example, a password is used to lock the storage area.
  • biometric information biometric data
  • the nanometric data does not change over many years like voice prints and handwriting.
  • voice prints and handwriting There are many types of behavior attributes.
  • FIG. 18 is a schematic configuration diagram of a conventional communication system.
  • FIG. 19 is a diagram showing the overall processing and data flow of a conventional communication system.
  • FIG. 20 is a diagram showing a function and data configuration provided in a conventional communication system.
  • 21 and 22 are flowcharts showing the processing procedure of the conventional communication system.
  • the user places a finger on the sensor 25. Then, the user's fingerprint image force S is scanned, and the personal identification information generating means 9 of the client terminal 1 performs processing such as extraction of feature points and shapes from the fingerprint image, and features and feature parameters (hereinafter referred to as “user”). "Identification information" is extracted.
  • a template 43 in which a fingerprint image from which the user power has been collected in advance is represented by a feature amount, a feature parameter, and the like is recorded in the personal identification information storage unit 44.
  • the template 43 and the user identification information 26 are inputted to the personal identification information collation judgment means 45 and collated, and it is judged whether or not they match.
  • the user-powered client terminal 1 is operated to transmit a client HELLO message (not shown) for notifying the server 2 of the start of communication.
  • the server 2 receives the HELLO message from the client terminal 1 and transmits the server HELLO message 22 and the server public key 18 to the client terminal 1.
  • the server public key 18 is transmitted from the server 2 for each communication.
  • the server public key 18 is stored in advance in the client terminal 1 such as when it is distributed in advance from the certificate authority. There is also
  • the client terminal 1 transmits the received server hello message 22 to the user.
  • a digital signature generated by encrypting with the private key 19 is added to the server hello message 22.
  • the client terminal 1 generates an arbitrary character string, for example, a random seed 23 as a generated value for generating the common key.
  • the client terminal 1 encrypts with the public key 18 of the server. To do.
  • the digitally signed server hello message 27 and the encrypted random seed 28 are transmitted to the server 2 for authentication.
  • the server 2 decrypts the signature part of the server HELLO message 27 with a digital signature received from the client terminal 1 with the user public key 17, and in S111, the server 2 first Authentication is performed by checking the sent server HELLO message 22. If the decrypted server HELLO message 30 and the server HELLO message 22 match, in S1 12, server 2 decrypts the encrypted random seed 28 received at the same time with the server private key 20, and decrypts it in S113. A common key 24 is generated from the random seed 31. On the other hand, the client terminal 1 also generates a common key 24 from the random seed 23 in S114 using the same method as S113. In S115, encrypted communication using the common key 24 between the client terminal 1 and the server 2 is performed. Can be performed.
  • Biometrics data is transmitted from the user power client terminal, and the biometrics verification server transmits the biometric data transmitted from the user and the biometric data of the user registered in advance. Alternatively, individual verification is performed by checking the template. Biometrics verification server power Upon notification that user authentication is complete, the client terminal reads the user private key used for PKI authentication. Can do. Also in this example, the use of biometric data for unlocking the secret key storage means is the same as described above, and the biometrics data matching function is used in the biometrics verification server. Is just a matter of processing.
  • Patent Document 1 Japanese Patent Laid-Open No. 2001-216270
  • the template data used for biometrics authentication needs to be in a state where the data can be read at any time by the power client terminal built in the client terminal.
  • the user stores the biometrics authentication template in a storage device such as an IC card in the same way as a private key / public key pair used in PKI. Although it will be managed on its own, it must be managed so that important items are not always kept at hand, so it is a burden for the user!
  • biometrics authentication is used by the client terminal to authenticate the user, so that the biometric information of the user collected using a scanner or the like is compared with the template data.
  • the data matching process for neumetrics authentication requires accurate calculation processing in a short time, and also requires image matching processing, which has the problem that the processing load becomes a burden on the client terminal. is there.
  • the accuracy depends on the value of personal information handled by the system, but when high security is required, small client terminals such as mobile phones require data processing that exceeds their processing capabilities. This is likely to be a big burden.
  • biometrics authentication is performed by a biometrics verification server, but the biometrics data functions as a password that permits the use of the user's private key in the client terminal. Therefore, the user's private key / public key pair and the user's biometrics data are linked inside one client terminal.
  • the service cannot be used unless the client terminal that inputs user strength S biometric data has the user's private key.
  • the present invention is a client terminal that does not necessarily store a user's private key and public key in a client terminal that does not need to manage a template that is referred to during user authentication. This reduces the processing amount and processing load of the client terminal without checking biometric data, and the two types of encryption of user identification information and between the server and the client and between the server and the user.
  • the aim is to provide a reliable communication system, server, client terminal, and communication method with a stronger security function than before to prevent eavesdropping, impersonation, and falsification through authentication.
  • the communication system is a communication system in which a servo and a client terminal mutually authenticate with an electronic key via a network.
  • the client terminal includes data conversion control means for converting user identification information unique to a user, and communication control means for transmitting the data-converted user identification information to the server.
  • the server includes personal identification information storage means for storing verification user identification information, personal identification information verification for comparing and verifying the verification user identification information and the user identification information received and acquired from the client terminal.
  • a determination unit that determines whether or not the verification user identification information and the user identification information match, and the two-way authentication between the client terminal and the server is established by an electronic key; And a control means for permitting communication.
  • a server according to the second invention is used in a communication system in which a server and a client terminal mutually authenticate with an electronic key via a network, and stores personal identification information for storing user identification information for verification.
  • a server according to a third invention is characterized in that the verification user identification information is data converted by parameter data determined with the client terminal.
  • a server uses encryption using an electronic key for communication of the user identification information with the client terminal, and decrypts the data received from the client terminal with the electronic key to identify the user. It is characterized by comprising data decoding means for acquiring information.
  • a server according to a fifth invention is characterized in that a common key encryption with the client terminal is used for encryption with the electronic key.
  • the server according to the sixth invention transmits authentication completion information to another server, and communication between the client terminal and the other server is performed. It is possible to make it possible.
  • a client terminal provides a server and a client terminal via a network. Used in a communication system in which terminals are mutually authenticated by electronic keys, data conversion control means for converting user identification information unique to a user, and communication control for transmitting the converted user identification information to the server Means for enabling communication when the authentication by the user identification information is established and the two-way authentication with the server by the electronic key is established.
  • a client terminal is characterized in that the data conversion control means performs irreversible conversion on the user identification information using parameter data determined with the server.
  • a client terminal is characterized in that the data conversion control means performs data conversion by encrypting the user identification information with an electronic key.
  • a client terminal uses a common key encryption with the server for encryption with the electronic key.
  • a client terminal is characterized in that the user identification information is added to a digitally signed message for authentication with the server and transmitted to the server.
  • a client terminal according to a twelfth aspect of the invention is characterized in that after authentication with the server is established, the user identification information is transmitted to the server.
  • a client terminal uses electronic data stored in a wearable device as the user identification information.
  • a client terminal is characterized in that it includes personal identification information generating means for reading the user's biological information as the user identification information and generating user identification information.
  • a communication method is a communication method in which a server and a client terminal mutually authenticate with an electronic key via a network.
  • the client terminal includes a step of converting user identification information unique to a user, and transmitting the data-converted user identification information to the server;
  • the server includes verification user identification information stored in the server and the client.
  • a communication method is characterized in that the client terminal performs data conversion by irreversibly converting the user identification information with parameter data determined with the server.
  • the client terminal and the server use encryption using an electronic key for communication of the user identification information, and the client terminal uses the user identification information.
  • Data conversion is performed by encrypting with an electronic key, and the server decrypts the data received from the client terminal with the electronic key to obtain user identification information.
  • a communication method is characterized in that a common key encryption of the client terminal and the server is used for the encryption with the electronic key.
  • the client terminal adds the user identification information to a message digitally signed in an authentication procedure with the server and transmits the message to the server.
  • a communication method is characterized in that the client terminal transmits the user identification information to the server after authentication with the server is established.
  • the user identification information is electronic data input by a device force that can be attached to the client terminal.
  • the user identification information uses a user's biological information.
  • the client terminal is the user-specific information.
  • the identification information is converted into data and sent to the server.
  • the server is a user identification information for verification that is a template for user-specific information stored in the server.
  • the user terminal information are also compared with the received user identification information. Therefore, the authentication between the server and the client terminal using the electronic key and the authentication between the server and the user based on the user identification information are executed together, and the entire authentication is not performed until both types of authentication processing are established.
  • the security strength can be increased comprehensively if each secures the same security strength as before.
  • the server performs and manages validity confirmation by user authentication and client terminal authentication, and further manages a combination of these authentications.
  • communication using a client terminal by an unauthorized user other than the owner or an authorized user can be prevented, and unauthorized use or theft of the terminal can be prevented.
  • the server can also independently manage and confirm the validity by the authentication of the client terminal and the confirmation of the validity by the authentication of the user. This allows you and your friends to use the same service company even if you use a terminal that is different from the client terminal that you normally use for authentication, such as when you borrow a friend's terminal. If you are registered as a user and enter your user identification information, user authentication is performed by the server. From a friend's terminal, while maintaining the same security environment as a normally used client terminal, Communication is possible, and the server can identify the person who used the service. Therefore, it is possible to provide a service that can be used by the person and to charge the user.
  • the client terminal information of the communication partner is notified to the user who is using the server during communication.
  • the user information of the communication partner itself can be transmitted. Even if data is transmitted even if the client terminal power authorized by the service company is transmitted, if it is different from the assumed partner, the service will be refused if necessary. Is possible. For example, spoofing of the communication partner can be prevented.
  • the user can transfer important information such as a template of biometric information used for authentication to the inside of the client terminal or the IC card. This eliminates the need to store the data in an auxiliary storage medium such as the above, so that the user does not have to feel bothered to manage it.
  • the present invention is performed on the server side instead of the data processing power client terminal for authentication, it can be realized even with a small client terminal with low processing capacity.
  • the client terminal performs irreversible conversion of the user identification information with the parameter data determined between the server and the server, and transmits it to the server. Also in the server, the matching template for the user identification information is the parameter data. Therefore, even if information is leaked, it is difficult to predict or restore the original information, which can enhance the security of the system.
  • FIG. 1 is a diagram showing a schematic configuration of a communication system according to a first embodiment of the present invention.
  • FIG. 2 is a diagram showing a relationship between data and a processing flow in the communication system according to the first embodiment of the present invention.
  • FIG. 3 is a block configuration diagram showing a relationship between data arrangement and processing in the communication system according to the first embodiment of the present invention.
  • FIG. 4 is a flowchart showing an example of an implementation procedure in the communication system according to the first embodiment of the present invention.
  • FIG. 5 is a flowchart showing an example of an implementation procedure in the communication system according to the first embodiment of the present invention.
  • FIG. 6 is a flowchart showing an example of an implementation procedure in the communication system according to the second embodiment of the present invention.
  • FIG. 7 is a flowchart showing an example of an implementation procedure in the communication system according to the second embodiment of the present invention.
  • FIG. 8 is a diagram showing a schematic configuration of a communication system according to a third embodiment of the present invention.
  • FIG. 9 is a diagram showing a relationship between data and a processing flow in a communication system according to a third embodiment of the present invention.
  • FIG. 10 is a block configuration diagram showing a relationship between data arrangement and processing in a communication system according to a third embodiment of the present invention.
  • FIG. 11 is a diagram showing a schematic configuration of a communication system according to a fifth embodiment of the present invention.
  • FIG. 12 is a diagram showing a relationship between data and a processing flow in a communication system according to a fifth embodiment of the present invention.
  • FIG. 13 is a block configuration diagram showing the relationship between data arrangement and processing in a communication system according to a fifth embodiment of the present invention.
  • FIG. 14 is a flowchart showing an example of an implementation procedure in the communication system according to the fifth embodiment of the present invention.
  • FIG. 15 is a flowchart showing an example of an implementation procedure in the communication system according to the fifth embodiment of the present invention.
  • FIG. 16 is a flowchart showing an example of an implementation procedure in the communication system according to the fifth embodiment of the present invention.
  • FIG. 17 is a flowchart showing an example of an implementation procedure in the communication system according to the fifth embodiment of the present invention.
  • FIG. 18 is a diagram showing a schematic configuration of a conventional communication system.
  • FIG. 19 is a diagram showing the relationship between data and processing flow in a conventional communication system.
  • FIG. 20 is a block configuration diagram showing the relationship between data arrangement and processing in a conventional communication system.
  • FIG. 21 is a flowchart showing a processing procedure of a conventional communication system.
  • FIG. 22 is a flowchart showing a processing procedure of a conventional communication system.
  • FIGS. 1 to 7 show examples of embodiments of the present invention.
  • the same reference numerals denote the same parts, and the basic configuration is the same as the conventional one shown in FIGS. It is.
  • FIG. 1 is a diagram showing a schematic configuration of a communication system according to the first embodiment of the present invention.
  • a client terminal 1 and a server 2 are connected via a network, and a scanner 3 for reading biological information of a user who is a user of this system is connected to the client terminal 1.
  • the client terminal 1 includes an encryption control means 4 for controlling encryption, decryption, etc., a public key storage means 5 for storing a public key, a secret key storage means 6 for storing a secret key, and a control means 7 for controlling the client terminal 1. It comprises communication control means 8 for controlling communication, personal identification information generating means 9 for extracting user identification information which is a feature quantity and a feature parameter from the user's biological information, and the like.
  • the server 2 includes an encryption control means 10, a public key storage means 11, a secret key storage means 12, a control means 13, a communication control means 14 and a personal identification information storage means 15 for storing a template of identification information for identifying a user, It consists of personal identification information collation judgment means 16 etc.
  • FIG. 2 is a diagram showing a relationship between data and a process flow in the communication system according to the first embodiment of the present invention.
  • FIG. 3 is a block diagram showing the relationship between data arrangement and processing in the communication system according to the first embodiment of the present invention.
  • a public key 17, 18 and a secret key 19, 20 are prepared for the client terminal 1 and the server 2, and the client terminal 1 They are stored in the public key storage means 5 and 11 and the secret key storage means 6 and 12 of the server 2, respectively.
  • parameters of the physical characteristics of the user are acquired as biological information electronic data.
  • the service provider managing the server 2 obtains in advance biometric information electronic data that is a physical feature of the user and stores it in the personal identification information storage means 15 of the server 2. This data is referred to for comparison when identifying the identity of the biometric information user, and is called template biometric electronic data (hereinafter referred to as “template”) 21.
  • FIGS. 4 and 5 show an example of a procedure for carrying out the present invention in this system.
  • the client terminal 1 displays an input screen for allowing the user to input a password or the like on a display device (not shown).
  • the control means 7 recognizes the permission from the user to use the user private key 19 stored in the private key storage means 6 by inputting the user's password and the like, and the user private key 19 is unlocked.
  • Steps S2 to S6 are the same as steps S104 to S108 in FIG.
  • the client terminal 1 when the authentication procedure start is controlled by the communication control means 8 of the client terminal 1, the client terminal 1 generates a client HELLO message (not shown) for notifying the start of communication in S2, and the client terminal 1 This is sent to server 2 by means of the transmission (not shown).
  • the server 2 receives the HELLO message of the client terminal 1 by the receiving means (not shown), in S3, the server 2 generates the server HELLO message 22, which is stored in the public key storage means 11 of the server 2,
  • the server public key 18 is read out and transmitted to the client terminal 1 together with the server Hello message 22 by the transmission means (not shown) of the server 2.
  • the server public key 18 is transmitted from the server 2 for every communication.
  • the server public key 18 is stored in advance in the client terminal 1 such as when it is distributed in advance. There is also.
  • the encryption control means 4 of the client terminal 1 reads the user's private key 19 read from the private key storage means 6. Is used to encrypt the server hello message 22 and generate a digital signature.
  • the client terminal 1 uses the encryption control means 4 to generate an arbitrary character string called a random seed 23 used for generating a common key.
  • the client terminal 1 encrypts the generated random seed 23 by the encryption control means 4 in S 6 using the received server public key 18.
  • the client terminal 1 generates a random number using the random seed 23 by the encryption control means 4, and generates a common key 24 based on the random number.
  • the scanner 3 attached to the client terminal 1 scans the user's biological information by the sensor 25 of the scanner 3 and inputs the information.
  • the client terminal 1 uses the personal identification information generating means 9 to Performs processing such as recognition and extraction of feature points of the acquired biometric information
  • Feature quantity and feature parameter data (hereinafter referred to as “user identification information”) 26.
  • the client terminal 1 encrypts the user identification information 26 by the encryption control means 4 using the common key 24 created in S7.
  • the client terminal 1 transmits the server HELLO message 27 digitally signed, the random seed 28 encrypted, and the user identification information 29 encrypted using the transmission means to the server 2.
  • the server 2 that has received the digitally signed server HELLO message 27, the encrypted random seed 28, and the encrypted user identification information 29 is S11, and in the cryptographic control unit 10, first the signed server HELLO message.
  • the 27 digital signatures are decrypted with the user public key 17 read from the public key storage means 11.
  • the server 2 verifies in the control means 13 whether or not it is the same as the server HELLO message 22 transmitted to the client terminal 1 stored in the server 2 in the decrypted server HELLO message 30 And verify.
  • server HELLO message 30 obtained by decryption and the server HELLO message 22 are the same, it is possible to determine that the received message is definitely transmitted from a valid client terminal. If the above is not established, the authentication is unsuccessful, and the control means 13 of the server 2 causes the communication control means 14 to stop communication.
  • server 2 starts with client terminal 1
  • the encrypted random seed 28 that has been transmitted is read from the secret key storage means 12 and the server secret key 20 is read out and decrypted by the encryption control means 10.
  • the server 2 further generates the common key 24 based on the random seed 31 decrypted by the encryption control means 10 in S14.
  • the method of generating the common key 24 from the decrypted random seed 31 in the encryption control means 10 is the same as the method in which the encryption control means 4 of the client terminal 1 generates the common key 24 from the random seed 23 in S7. It is. In this way, the client terminal 1 and the server 2 have the same common key 24.
  • the encryption control means 10 of the server 2 decrypts the encrypted user identification information 29 transmitted from the client terminal 1 using the common key 24 generated in S14.
  • the server 2 uses the template that is the user identification information for collation stored in advance in the personal identification information storage unit 15 of the server 2 for the user identification information 32 decrypted by the encryption control unit 10. Whether or not the same as 21 is compared and verified by the personal identification information verification judgment means 16.
  • the authentication between the server and the client terminal using the electronic key and the authentication between the server and the user based on the user identification information are executed together, and both types of authentication processing are established.
  • the entire authentication process for the first time If the same security strength is secured, the overall security strength can be increased.
  • the server performs and manages validity confirmation by user authentication and validity confirmation by client terminal authentication, and further manages a combination of these authentications.
  • communication using a client terminal by an unauthorized user other than the owner or an authorized user can be prevented, and unauthorized use or theft of the terminal can be prevented.
  • the user stores important information such as a template of biometric information used for authentication in the client terminal or in an auxiliary storage medium such as an IC card. You don't have to worry about the hassle of managing it yourself.
  • the present invention is performed on the server side instead of the authentication data processing power client terminal, even a small client terminal with low processing capacity can be realized.
  • the above procedure is executed each time communication is started, and in the above example, authentication is performed by this procedure and communication is performed with one user at a time and one client. Assuming that there is a terminal and one server, this is also true when a single user uses multiple client terminals and a single client terminal is used by multiple users.
  • the common key 24 is used for the encryption of the user identification information 26.
  • the public key encryption method is more encrypted than the common key encryption method. Therefore, to reduce the amount of processing and simplify it, and to avoid the risk of impersonation caused by eavesdropping and stealing the user identification information 26 encrypted with the server's public key 18.
  • the server has sufficient processing capability, the network is configured so that eavesdropping and unauthorized interception by a third party cannot be performed.
  • other encryption keys may be used.
  • the common key 24 may be stored in advance in the secret key storage unit 6 of the client terminal 1 and the secret key storage unit 12 of the server 2. In this case, in the above, the steps such as generation of random seed 23, encryption and transmission to the server, generation of random numbers are omitted. can do.
  • the user authentication method shown here can be used as long as it is a personal authentication method that can be realized with high accuracy and accuracy that is based on the assumption of using biometric information.
  • a plurality of authentication methods may be used in combination. By collating multiple types of data, it is possible to respond flexibly to various user requests.
  • the server HELLO message 27 signed by the client terminal 1, the encrypted random seed 28, and the encrypted user identification information 29 are simultaneously transmitted to the server 2.
  • the encrypted user identification information 29 is The signed server hello message 27 and the encrypted random seed 28 may be sent separately and independently.
  • Figure 6 and Figure 7 show examples of procedures that take this into account. The processes up to S6 are the same as in the first embodiment.
  • the transmission means of the client terminal 1 transmits the signed server hello message 27 and the encrypted random seed 28 to the server 2.
  • the server 2 that has received the digitally signed server HELLO message 27 and the encrypted random seed 28 is the same as that of the first embodiment.
  • the digital signature of the HELLO message 27 is decrypted with the user public key 17 read from the public key storage means 11.
  • the server 2 verifies in the control means 13 whether or not it is the same as the server HELLO message 22 transmitted to the client terminal 1 stored in the server 2 in the decrypted server HELLO message 30 To verify.
  • server HELLO message 30 obtained by decryption and the server HELLO message 22 are the same, it is possible to determine that the received message is definitely transmitted by a valid client terminal. If the above is not established, the authentication is unsuccessful, and the control means 13 of the server 2 causes the communication control means 14 to stop communication.
  • the encryption control means 4 of the client terminal 1 generates a common key 24 from the generated random seed 23 in S20, and encrypts the user identification information 26 with the generated common key 24 in S21.
  • the transmission means of the client terminal 1 transmits the encrypted user identification information 29 to the server. Send to 2.
  • the subsequent processing from S13 is the same as in the first embodiment.
  • the server can independently manage and check the validity by the authentication of the client terminal and the validity by the authentication of the user. It becomes. This allows you and your friends to use the same service company even if you use a terminal that is different from the client terminal that you normally use for authentication, such as when you borrow a friend's terminal. If the user is registered, the user authentication is performed separately from the client terminal authentication. Even if the user identification information is input to a different client terminal, the user is authenticated by the server. Since authentication is performed, it is possible to communicate while maintaining the same security environment as a client terminal during normal use by using a friend's terminal as if it were its own terminal. In addition, since the server can identify the person who uses the service, it is possible to provide services that can be used by the person himself / herself and to charge the user.
  • the server is a server that provides content and the user is a registered member of the company that provides the content
  • the above authentication is performed on the content server side of the company, so that the member This can prevent problems such as impersonation.
  • the server can be specified for each user in the configuration of the present invention.
  • Use history power Extracting data such as preference trends and storing them in association with templates for personal identification information can present appropriate content and expect effects such as not missing business opportunities be able to.
  • the member by specifying the member, if the content of the contract varies depending on the member, even if the client terminal is shared by multiple people, it can be provided for each member by limiting the service content that can be used Different service contents can be used.
  • a communication partner's class is By adopting a configuration that can transmit user information of the communication partner itself that is communicated with the client terminal information, even if legitimate client terminal capability data approved by the service company is transmitted, In other cases, it becomes possible to refuse to continue the service if necessary. For example, spoofing of the other party of communication can be prevented.
  • FIG. 8 is a diagram showing a schematic configuration of a communication system according to the third embodiment of the present invention.
  • FIG. 9 is a flow of data and processing in the communication system according to the third embodiment of the present invention.
  • FIG. 10 is a block configuration diagram showing the relationship between data arrangement and processing in the communication system according to the third embodiment of the present invention.
  • the parts denoted by the same reference numerals as in FIGS. 1 to 3 represent the same thing.
  • the user identification information 26 which is the biometric information used in the first embodiment
  • data unique to the user and uniquely identifiable is used as the user identification information 33.
  • a password set and stored by the user is used.
  • a card-type card that has excellent tamper-proof performance that is always carried and used by the user (no data can be seen by being broken).
  • the electronic device 34 is described as being stored as user identification information 33, which is, for example, electronic data having a string of alphanumeric characters with a large number of digits.
  • the client terminal 1 reads the electronic data from the electronic device 34 by the interface unit 35 and acquires the user identification information 33. Then, the user identification information 33 is encrypted with the generated common key 24.
  • the template 36 stored in the server 2 is also the same electronic data as the user identification information 33. Other configurations are the same as those of the first embodiment. [0106] Here, it is assumed that the user identification information 33 is obtained from the electronic device 34. However, this is a data that can uniquely identify the user, such as a character string with a large number of digits or electronic data. This is to prevent theft by others using data that is difficult to store.
  • the user identification information 33 is directly input using means such as keys, buttons, touch panel, and handwriting input of the user power client terminal 1. You can also enter it. Further, based on information input by the user, the client terminal 1 may appropriately acquire the user identification information 33 by processing and processing the information appropriately.
  • the server 2 transmits the authentication completion information and the encrypted random seed 28 to the content server which is another server, and the content server decrypts the encrypted random seed 28 to generate the random seed. If the configuration is such that the common key 24 is generated more, encrypted communication can be performed between the client terminal 1 and the content server using the common key 24. In other words, the server that performs the authentication and the server that provides the service may be further U.
  • the user identification information 26 is encrypted and transmitted.
  • an appropriate method for encryption it is possible to prevent information from being read on the communication path.
  • the possibility of information leakage due to carelessness of related parties is not zero.
  • cancelable biometrics There is a technology called cancelable biometrics.
  • user identification information obtained for authentication is transformed by a one-way function having a many-to-one correspondence so that the original data cannot be restored, and then compared with verification authentication data.
  • the function depends on arbitrary parameter data, and this parameter data is stored between the two performing authentication without any other person's effort and is called and used during conversion.
  • the template data for verification is also stored in the storage medium on the verification side after being transformed with the same one-way function and the same parameter data, and at the time of authentication, the acquired user identification information and template are Match in the deformed state.
  • Examples of data conversion processing that satisfies this condition include image morphing and block clamping.
  • Image morphing is a technique that geometrically deforms a figure by shortening or extending the distance between two points on the screen of image data. This is a technique of dividing the position into small blocks and replacing the positions in units of blocks.
  • FIG. 11 is a diagram showing a schematic configuration of a communication system according to the fifth embodiment of the present invention.
  • FIG. 12 is a diagram showing a relationship between data and a process flow in the communication system according to the fifth embodiment of the present invention.
  • FIG. 13 is a block configuration diagram showing the relationship between data arrangement and processing in the communication system according to the fifth embodiment of the present invention.
  • FIG. 14 to FIG. 17 are flowcharts showing an example of an implementation procedure in the communication system according to the fifth embodiment of the present invention.
  • the one-way function used for data conversion and the parameter data 37 on which this function depends are electronic data with sufficient capacity for data conversion, as shown in Fig. 12.
  • the parameter data 37 is prepared and managed in the client terminal 1 and the server 2 before communicatively communicating. In most cases, it is considered that the server generates data and distributes it to users. However, the client terminal may generate the data and send it to the server. The data must be managed so that it is not used by others, and parameter data 37 is stored in the conversion information storage means 38 and 39 of the client terminal 1 and server 2 shown in FIG. As another example, it is conceivable that the user manages the client terminal 1 in the tamper resistant device in the same manner as the user's private key.
  • the data conversion means 40 of the server 2 beforehand converts the data using the parameter data 37 to the template 21 which is the user identification information for verification, and then identifies the individual.
  • the information is stored in the information storage means 15.
  • the processes from S1 to S8 are the same as those described in FIG. 14.
  • the data conversion means 41 converts the user identification information 26 into data.
  • the converted user identification information 42 is sent to the signed server HELL.
  • O message 27 and encrypted random seed 28 are sent to server 2.
  • the server 2 performs the same processing as described in FIG. 5 because the difference in the power of the template 21 converted into data and the user identification information 42 converted in S16 is the same.
  • the personal identification information collation judging means 16 is compared and collated.
  • FIGS. 16 and 17 perform basically the same processing as FIGS. 6 and 7, except that the data conversion means of the client terminal 1 is S25 as described above.
  • the user identification information 26 is converted by the parameter data 37, and in S26, the communication control means 8 sends the user identification information 42 converted to the server 2, and in S16, the personal identification information matching judgment means of the server 2 16 is that the converted template 21 and the converted user identification information 42 are compared.
  • the client terminal 1 transmits the converted user identification information 42 to the server 2 without encrypting it. However, the client terminal 1 does not encrypt the user identification information 42. As described above, the client terminal 1 may encrypt the converted user identification information 42 using the common key 24 and then transmit it to the server 2. This can further enhance the security effect.
  • the converted user identification information 42 can conceal information representing user characteristics. . In this way, even if the converted user identification information 42 sent from the client terminal 1 to the server 2 extracts the feature amount from the transmitted data cover, it is difficult to estimate the user-specific information. A similar effect appears even if the template 21 stored in the server 2 is used.
  • the client terminal uses the user-specific information.
  • Data of certain user identification information is converted and transmitted to the server.
  • the server collates the user identification information for collation, which is a template of user-specific information stored in the server, with the user identification information also received by the client terminal. Therefore, the authentication between the server and the client terminal using the electronic key and the authentication between the server and the user based on the user identification information are executed together.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Small-Scale Networks (AREA)

Abstract

La présente invention concerne un système de communication, un serveur, un serveur clients et un procédé de communication dotés de caractéristiques fiables avec lesquels les utilisateurs n'ont pas besoin de gérer eux-mêmes un modèle auquel on se réfère lors de l'authentification d'utilisateur, les données d'authentification ne sont pas vérifiées par un dispositif de terminal client afin de réduire une charge de traitement imposée sur le dispositif de terminal client, et une fonction de sécurité plus forte qu'avant est installée. Un dispositif de terminal client (1) acquiert des informations inhérentes à l'utilisateur et génère des informations d'identification d'utilisateur (26). Le dispositif de terminal client convertit les informations d'identification d'utilisateur (26) et transmet les données converties à un serveur (2). Le serveur (2) reçoit les informations d'identification d'utilisateur converties en données (29) et les compare à un modèle (21) afin de vérifier les informations d'identification d'utilisateur grâce aux informations d'identification d'utilisateur (32). Lorsque l'authentification des informations d'identification d'utilisateur (26) et l'authentification bilatérale entre le dispositif de terminal client (1) et le serveur (2) sont acceptées, on considère que l'authentification est acceptée.
PCT/JP2007/055230 2006-03-17 2007-03-15 Systeme de communication, serveur, dispositif de terminal client et procede de communication WO2007108397A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
JP2006-075132 2006-03-17
JP2006075132 2006-03-17
JP2006258914 2006-09-25
JP2006-258914 2006-09-25

Publications (1)

Publication Number Publication Date
WO2007108397A1 true WO2007108397A1 (fr) 2007-09-27

Family

ID=38522427

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2007/055230 WO2007108397A1 (fr) 2006-03-17 2007-03-15 Systeme de communication, serveur, dispositif de terminal client et procede de communication

Country Status (1)

Country Link
WO (1) WO2007108397A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016064263A1 (fr) * 2014-10-03 2016-04-28 Mimos Berhad Procédé de traitement à divulgation nulle de connaissance sur des données biométriques en représentation vectorielle discrétisée
CN114169013A (zh) * 2021-12-06 2022-03-11 镁佳(北京)科技有限公司 一种用户注册、验证方法和验证系统
US11533180B1 (en) * 2017-11-28 2022-12-20 Shanghai Harvest Intelligence Technology Co., Ltd. Storage device and electronic device

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003224562A (ja) * 2002-01-28 2003-08-08 Toshiba Corp 個人認証システム及びプログラム

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003224562A (ja) * 2002-01-28 2003-08-08 Toshiba Corp 個人認証システム及びプログラム

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016064263A1 (fr) * 2014-10-03 2016-04-28 Mimos Berhad Procédé de traitement à divulgation nulle de connaissance sur des données biométriques en représentation vectorielle discrétisée
US11533180B1 (en) * 2017-11-28 2022-12-20 Shanghai Harvest Intelligence Technology Co., Ltd. Storage device and electronic device
CN114169013A (zh) * 2021-12-06 2022-03-11 镁佳(北京)科技有限公司 一种用户注册、验证方法和验证系统
CN114169013B (zh) * 2021-12-06 2022-07-01 镁佳(北京)科技有限公司 一种用户注册、验证方法和验证系统

Similar Documents

Publication Publication Date Title
US9338163B2 (en) Method using a single authentication device to authenticate a user to a service provider among a plurality of service providers and device for performing such a method
US10142114B2 (en) ID system and program, and ID method
US8739266B2 (en) Universal authentication token
US7024562B1 (en) Method for carrying out secure digital signature and a system therefor
US9384338B2 (en) Architectures for privacy protection of biometric templates
US10574466B1 (en) Authenticated external biometric reader and verification device
US8302176B2 (en) Validity checking system, validity checking method, information processing card, checking device, and authentication apparatus
US7366904B2 (en) Method for modifying validity of a certificate using biometric information in public key infrastructure-based authentication system
JP2009510644A (ja) 安全な認証のための方法及び構成
JP2006209697A (ja) 個人認証システム、この個人認証システムに使用される認証装置、および個人認証方法
WO2009101549A2 (fr) Procédé et dispositif mobile permettant d'enregistrer et d'authentifier un utilisateur auprès d'un fournisseur de services
KR100449484B1 (ko) 공개키 기반 구조 인증시스템에서 생체정보를 이용한인증서 발급 방법
JP6900643B2 (ja) 電子錠システム
US20230133418A1 (en) Personalised, server-specific authentication mechanism
JPWO2020121458A1 (ja) 照合システム、クライアントおよびサーバ
JP2001312477A (ja) 認証システム、並びに、認証装置およびその方法
WO2007108397A1 (fr) Systeme de communication, serveur, dispositif de terminal client et procede de communication
JP4303952B2 (ja) 多重認証システム、コンピュータプログラムおよび多重認証方法
JP2021050556A (ja) 認証システム
US20240129139A1 (en) User authentication using two independent security elements
JP2006268228A (ja) 生体情報を利用した認証システム
JP2007258789A (ja) エージェント認証システム、エージェント認証方法、及びエージェント認証プログラム
JP2021111925A (ja) 電子署名システム
JP2006293473A (ja) 認証システム及び認証方法、端末装置及び認証装置
JP2004310202A (ja) 個人認証システムおよび方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07738680

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07738680

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)