WO2013111251A1 - 鍵管理システム、鍵管理方法、および通信装置 - Google Patents
鍵管理システム、鍵管理方法、および通信装置 Download PDFInfo
- Publication number
- WO2013111251A1 WO2013111251A1 PCT/JP2012/008397 JP2012008397W WO2013111251A1 WO 2013111251 A1 WO2013111251 A1 WO 2013111251A1 JP 2012008397 W JP2012008397 W JP 2012008397W WO 2013111251 A1 WO2013111251 A1 WO 2013111251A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- key
- encrypted
- storage area
- home appliance
- master
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B15/00—Systems controlled by a computer
- G05B15/02—Systems controlled by a computer electric
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- G—PHYSICS
- G05—CONTROLLING; REGULATING
- G05B—CONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
- G05B2219/00—Program-control systems
- G05B2219/20—Pc systems
- G05B2219/26—Pc applications
- G05B2219/2614—HVAC, heating, ventillation, climate control
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
- H04L2209/805—Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
Definitions
- the present invention relates to a key management system and a key management method for securely updating a key in a home appliance using communication between a mobile information terminal and the home appliance.
- home appliance information various information related to the home appliance accumulated and held in the home appliance (hereinafter simply referred to as “home appliance information”) can be read by the smartphone.
- home appliance information read from home appliances is not stored in the smartphone but is transmitted to the cloud server via the smartphone communication function and stored. Accordingly, various services suitable for the user can be provided based on the home appliance information stored on the server side.
- the above-described home appliance information is privacy information such as an operation history of home appliances or information on power consumption of home appliances, it is necessary to encrypt and transmit the home appliance information in order to prevent leakage of privacy information. .
- the key used for the end-to-end encrypted communication is stored in advance between the server and the home appliance, so that it is shared between the home appliance and the server, and is usually updated to ensure safety. is required.
- the key update as described above is performed by an administrator (management server) that manages the service platform. Specifically, the key is updated as follows.
- a master key known only to the administrator is stored in advance in each of the management server and the home appliance.
- the management server transmits an encryption key, which is a key encrypted with the master key, to the home appliance.
- the encryption key received by the home appliance is decrypted using the master key stored in the home appliance in advance.
- the decrypted key is written in a predetermined storage area in the home appliance.
- the key update is performed as described above.
- a service company other than the above administrator may provide a service independently using a service platform managed by the administrator.
- the key when updating a key (3rd party key) used between the 3rd party server and the home appliance, the key needs to be encrypted with the master key and transmitted to the home appliance. That is, when updating the 3rd party key, the 3rd party server needs to provide the 3rd party key to the management server and request encryption using the master key.
- the 3rd party should not disclose the 3rd party key to the management server. In other words, the 3rd party cannot update the 3rd party key without exposing the 3rd party key to the management server.
- an object of the present invention is to provide a key management system or the like that can safely write a 3rd party key in a home appliance without exposing the 3rd party key to the management server.
- a key management system includes a mobile that communicates with a first server that manages a master key and a second server that manages a first key and a second key.
- An encryption / decryption processing unit that performs encryption / decryption processing using one key or the second key, and the mobile information terminal receives the master managed by the first server from the first server or the second server.
- a first key write request is transmitted to the communication unit together with the encrypted first key, and the communication unit
- the encryption / decryption processing unit uses the master key stored in the master key storage area.
- the encrypted first key is decrypted
- the key writing processing unit writes the decrypted first key into the service key storage area
- the mobile information terminal is connected to the second server from the second server.
- the second key encrypted with the first key managed by the first key is received, the second key encrypted with the first key is transmitted to the communication unit, and the communication unit transmits the first key to the first key.
- the encryption / decryption processing unit uses the first key stored in the service key storage area to Decrypting the second key encrypted in step S1, the home appliance holding the decrypted second key, and the mobile information terminal holding the communication unit with respect to the communication unit A second key read request is transmitted, and the communication unit transmits the second key
- the encryption / decryption processing unit uses the master key stored in the master key storage area, and the home appliance holds the first key. 2 generates an encrypted second key obtained by encrypting the two keys, transmits the generated encrypted second key to the mobile information terminal, and the mobile information terminal receives the encrypted second key from the communication unit.
- the encryption / decryption processing unit decrypts the encrypted second key using the master key stored in the master key storage area
- the key writing processing unit decrypts the second encrypted key. Key to the service It is written in the key storage area.
- a recording medium such as an apparatus, a method, an integrated circuit, a computer program, or a computer-readable CD-ROM, and the apparatus, method, integrated circuit, and computer program. And any combination of recording media.
- the 3rd party key can be safely written in the home appliance without exposing the 3rd party key to the management server that manages the service platform.
- FIG. 1 is a configuration diagram of an RFID tag service system according to the first embodiment.
- FIG. 2 is a configuration diagram of the mobile information terminal according to Embodiment 1.
- FIG. 3 is a configuration diagram of the home appliance according to the first embodiment.
- FIG. 4 is a configuration diagram of the RFID tag according to the first embodiment.
- FIG. 5 is a relationship diagram of keys used for encryption / decryption processing in the RFID tag service system according to the first embodiment.
- FIG. 6 is an encrypted communication sequence diagram between the RFID tag and the management server according to the first embodiment.
- FIG. 7 is an encrypted communication sequence diagram between the RFID tag and the 3rd party server according to the first embodiment.
- FIG. 8 is a diagram illustrating a home appliance information management database managed by the management server according to the first embodiment.
- FIG. 9 is a schematic diagram of a 3rd party key writing sequence according to the first embodiment.
- FIG. 10 is a detailed diagram of the 3rd party key writing sequence according to the first embodiment.
- FIG. 11 is a detailed diagram of a 3rd party key writing sequence according to the first embodiment.
- FIG. 12 is a detailed diagram of a 3rd party key writing sequence according to the first embodiment.
- FIG. 13 is a configuration diagram of an RFID tag according to the second embodiment.
- FIG. 14 is a sequence diagram when the service key storage area according to the second embodiment is set to the locked state.
- FIG. 15 is a sequence diagram when releasing the lock state of the service key storage area according to the second embodiment.
- Non-Patent Document 1 In smartphones, the above NFC is adopted, and accordingly, the possibility of NFC being incorporated in devices other than smartphones (for example, wellness devices, white goods, etc.) is increasing (see Non-Patent Document 1). .
- an NFC tag is incorporated in a home appliance
- a service in which a smartphone and the home appliance are linked can be realized.
- a service for transmitting home appliance information to a cloud-side server via a smartphone communication function and storing the home appliance information is also conceivable.
- Non-patent document 1 discloses, for example, a method for updating a key of an IC card as a technique related to key update.
- a key encrypted with a management key corresponding to an IC card is sent to the IC card.
- the sent key is decrypted using the management key.
- the decrypted key is written at a predetermined position.
- Patent Document 2 discloses a technique different from that of Patent Document 1. Also in Patent Document 2, the update key is encrypted with the same key as the key in the IC card. The encrypted update key is sent to the IC card. The encrypted update key is decrypted in the IC card. Here, it is compared whether the result obtained by decoding is equal to a specific condition. If the result obtained by decryption is equal to a specific condition, the decrypted update key is written in a predetermined storage area.
- Patent Document 1 and Patent Document 2 a key encrypted with a master key embedded in an IC card is sent to the IC card, and decrypted in the IC card to update the key. That is, the key is written into the IC card only when the IC card receives the key encrypted with the master key.
- the key can be updated by using the above-described technique for updating the key stored in the NFC tag.
- the master key stored in advance in the NFC tag is a key held by the management server that manages the service platform using the NFC tag.
- the 3rd party provides a service uniquely using the service platform
- the 3rd party server needs to provide the 3rd party key to the management server and request encryption using the master key. is there.
- the 3rd party cannot update the 3rd party key without exposing the 3rd party key to the management server.
- a key management system communicates with a first server that manages a master key and a second server that manages a first key and a second key.
- a key management system for writing the second key used for encrypted communication between the second server and the home appliance into the home appliance comprising: The mobile information terminal and the home appliance, the home appliance includes a communication unit that communicates with the mobile information terminal, a master key storage area in which the master key is stored in advance, the first key, and the A service key storage area for storing a second key, and the communication unit when receiving the first key encrypted with the master key or the second key encrypted with the master key.
- An encryption / decryption processing unit that performs encryption / decryption processing using the first key or the second key, and the mobile information terminal is managed by the first server from the first server or the second server.
- a first key write request is transmitted to the communication unit together with the encrypted first key, and the communication unit
- the encryption / decryption processing unit stores the master key stored in the master key storage area.
- the key writing processing unit writes the decrypted first key into the service key storage area, and the mobile information terminal receives the second key from the second server.
- the second key encrypted with the first key managed by the server is received
- the second key encrypted with the first key is transmitted to the communication unit, and the communication unit
- the encryption / decryption processing unit uses the first key stored in the service key storage area to
- the second key encrypted with a key is decrypted
- the household electrical appliance holds the decrypted second key
- the mobile information terminal holds the mobile information terminal with respect to the communication unit
- the second key read request is transmitted, and the communication unit
- the encryption / decryption processing unit holds the home appliance using the master key stored in the master key storage area.
- An encrypted second key obtained by encrypting the second key is generated, and the generated encrypted second key is transmitted to the mobile information terminal.
- the mobile information terminal receives the encrypted second key from the communication unit. , And transmits a second key write request together with the encrypted second key to the communication unit, and the communication unit sends the second key write request together with the encrypted second key from the mobile information terminal.
- the encryption / decryption processing unit decrypts the encrypted second key using the master key stored in the master key storage area, and the key write processing unit The second key is Write to the bis-key storage area.
- the 3rd party key (second key) managed by the 3rd party server (second server), which is different from the management server (first server) that manages the service platform, is not disclosed to the management server. It is possible to safely write in the service key storage area in the home appliance.
- the mobile communication device in this way, even in a home appliance that does not have a sufficient function for communicating with the server, the 3rd party key can be safely written in the home appliance.
- the mobile information terminal includes a plurality of application programs for performing encrypted communication between each of the plurality of servers as the second server and the home appliance, and each of the plurality of servers The plurality of application programs corresponding to the plurality of application programs are installed, and the mobile information terminal receives the plurality of encrypted second keys corresponding to the plurality of application programs from the communication unit, and The mobile information terminal holds the encryption second key, and when the mobile information terminal performs switching between the plurality of application programs, the target encryption second that is the encryption second key corresponding to the application program after switching.
- a key is transmitted to the communication unit together with the second key write request;
- the encryption / decryption processing unit uses the master key stored in the master key storage area.
- the target encryption second key may be decrypted, and the key writing processing unit may write the decrypted second key in the service key storage area.
- the mobile information terminal can hold a plurality of encrypted second keys corresponding to a plurality of applications. And the mobile information terminal can transmit the encryption 2nd key hold
- the mobile information terminal can reduce the time for the second key writing process after switching the application programs.
- the memory size of the service key storage area is only one key.
- the encryption / decryption processing unit Using the master key stored in a key storage area, the home appliance information is encrypted, and the home appliance information encrypted with the master key is transmitted to the mobile information terminal.
- the home appliance information encrypted with a key may be received from the communication unit, and the home appliance information encrypted with the master key may be transmitted to the first server.
- This configuration enables encrypted communication between the management server and the home appliance using the master key stored in the master key storage area in the home appliance. For this reason, wiretapping of home appliance information including privacy information stored in the home appliance can be prevented.
- the encryption / decryption processing unit Using the second key stored in the key storage area, the home appliance information is encrypted, and the home appliance information encrypted with the second key is transmitted to the mobile information terminal.
- the home appliance information encrypted with the second key may be received from the communication unit, and the home appliance information encrypted with the second key may be transmitted to the second server.
- the management server and the 3rd party server can perform end-to-end communication with the home appliance using the keys stored in different storage areas in the home appliance. Therefore, the user can simultaneously use the application corresponding to the management server and the application corresponding to the 3rd party server in the mobile information terminal.
- the home appliance further has a state of the service key storage area in one of a locked state where the key cannot be rewritten and an unlocked state where the key can be rewritten.
- a lock state holding unit for holding lock information for setting to the lock state, and updating the lock information held in the lock state holding unit to change the state of the service key storage area to the locked state or the unlocked state.
- a lock state setting unit configured to set a state, the mobile information terminal transmits first authentication information to the communication unit together with a key rewrite request stored in the service key storage area, The home appliance holds the first authentication information received by the communication unit, and the lock state setting unit rewrites the key by the mobile information terminal.
- the state of the service key storage area is set to the locked state, and the mobile information terminal transmits second authentication information together with the request for releasing the locked state to the communication unit.
- the home appliance transmits a request for releasing the lock state to the lock state setting unit only when the first authentication information and the second authentication information are the same, and the lock state
- the setting unit may set the state of the service key storage area to the unlocked state after receiving the request for releasing the locked state from the home appliance.
- the communication unit may be an RFID (Radio Frequency IDentification) tag that performs short-range wireless communication with the mobile information terminal.
- RFID Radio Frequency IDentification
- a communication apparatus is a communication apparatus that communicates with a first server that manages a master key and a second server that manages a first key and a second key.
- a communication unit that communicates with a second communication device, a master key storage area in which the master key is stored in advance, a service key storage area for storing the first key and the second key, and the communication unit Only when the first key encrypted with the master key or the second key encrypted with the master key is received, the first key or the second key is stored in the service key storage area.
- the encryption / decryption processing is performed using the key writing processing unit to be written and the master key stored in the master key storage area or the first key or the second key stored in the service key storage area.
- Encryption / decryption An encrypted first key that is the first key encrypted with the master key managed by the first server by the first server and a first key write request.
- the encryption / decryption processing unit decrypts the encrypted first key using the master key stored in the master key storage area, and writes the key
- the processing unit writes the decrypted first key in the service key storage area, and the communication unit is encrypted by the second server with the first key managed by the second server.
- the encryption / decryption processing unit uses the first key stored in the service key storage area to encrypt the first key encrypted with the first key.
- the communication device decrypts The second key is held, and when the communication unit receives a request for reading the second key held by the communication device from the second communication device, the encryption / decryption processing unit Using the master key stored in the master key storage area, an encrypted second key is generated by encrypting the second key held by the communication device, and the generated encrypted second key is When the communication unit receives the encrypted second key and the second key write request transmitted to the second communication device from the second communication device.
- the encryption / decryption processing unit decrypts the encrypted second key using the master key stored in the master key storage area, and the key write processing unit stores the decrypted second key. Write in the service key storage area.
- the communication device further sets the state of the service key storage area to either a locked state where the key cannot be rewritten or an unlocked state where the key can be rewritten.
- a lock state holding unit for holding lock information for setting to the lock state, and updating the lock information held in the lock state holding unit to change the state of the service key storage area to the locked state or the unlocked state.
- a lock state setting unit for setting the state, and when the communication unit receives the first authentication information from the second communication device together with a key rewrite request stored in the service key storage area, The communication device holds the first authentication information received by the communication unit, and the lock state setting unit rewrites the key by the second communication device.
- the state of the service key storage area is set to the locked state, and the communication unit receives second authentication information from the second communication device together with the request to release the locked state
- the communication device transmits the lock state release request to the lock state setting unit only when the first authentication information and the second authentication information are the same, and the lock The state setting unit may set the state of the service key storage area to the unlocked state after receiving a request for releasing the locked state from the communication device.
- the communication device may be a home appliance, and the second communication device may be a mobile information terminal.
- the communication unit may be an RFID (Radio Frequency I Dentification) tag that performs short-range wireless communication with the second communication device.
- RFID Radio Frequency I Dentification
- the communication device communicates with a first server that manages a master key and a second server that manages a first key and a second key, and the second server and a second server A communication device for writing the second key used for encrypted communication with a communication device in the second communication device, wherein the first server is connected to the first server or the second server.
- a first key write request is transmitted to the second communication device together with the encrypted first key
- the second key encrypted with the first key managed by the second server is received from the second server, the second key encrypted with the first key is transmitted to the second communication.
- the encryption is performed.
- the communication device transmits a second key write request together with the second key to the second communication device.
- the communication device is, for example, a mobile information terminal
- the second communication device is, for example, a home appliance.
- a recording medium such as an apparatus, a method, an integrated circuit, a computer program, or a computer-readable CD-ROM, and the apparatus, method, integrated circuit, and computer program. And any combination of recording media.
- FIG. 1 is a configuration diagram of an RFID tag service system 10 that provides services between home appliances and servers using RFID tag communication according to the first embodiment.
- the RFID tag service system 10 corresponds to a key management system.
- the RFID tag service system 10 includes a management server 20 (first server), a 3rd party server 30 (second server), a mobile information terminal 40, and a home appliance 60 on which an RFID tag 70 (communication unit) is mounted. Is done.
- the mobile information terminal 40 is a mobile device such as a mobile phone or a smartphone equipped with a short-range wireless communication function.
- the short-range wireless communication function in the present embodiment is a communication function defined in the RFID standard using a frequency of 13.56 MHz band, for example.
- the RFID standard is defined in ISO 14443 Type A, ISO 14443 Type B, and ISO 15693.
- the short-range wireless communication function may be an NFC standard that is an international standard for short-range wireless communication technology that is formulated so that these RFID standards can be handled collectively.
- NFC standard is an international standard for short-range wireless communication technology that is formulated so that these RFID standards can be handled collectively.
- the management server 20 is a server operated by a company that provides a service platform using the RFID tag 70.
- the 3rd party server 30 is a server operated by a service provider who wants to independently develop services on this platform.
- the mobile information terminal 40, the management server 20, and the 3rd party server 30 are connected via a network.
- the network here is, for example, a mobile phone communication network.
- an application 50 using an RFID tag reader / writer function is installed in the mobile information terminal 40.
- the application 50 reads home appliance information stored in the home appliance 60 via the RFID tag 70.
- the mobile information terminal 40 transmits home appliance information in the home appliance 60 read by RFID communication to the management server 20 or the 3rd party server 30.
- the management server 20 and the 3rd party server 30 provide services to the user based on the accumulated home appliance information.
- Examples of services include presenting a history such as the power consumption of each home appliance to the user, or transmitting a home appliance control command, home appliance setting information, or the like from the server side. Note that details of such services are not described in the present embodiment because they are not the essence of the present invention.
- FIG. 2 is a configuration diagram of the mobile information terminal 40 according to the first embodiment.
- the mobile information terminal 40 includes a network control unit 410, an RFID tag reader / writer control unit 420, and an application 50.
- the network control unit 410 controls a network device for connecting to an external network device.
- the external network device is a wireless network device or a wired network device. That is, the network control unit 410 controls connection to the IP network or connection to the mobile phone communication network.
- the RFID tag reader / writer control unit 420 controls a reader / writer function for the RFID tag 70.
- the application 50 includes a management application 510 released by a tag service platform provider, and 3rd party applications 520 and 530 released by a 3rd party service provider different from the tag service platform provider.
- the management application 510 and the 3rd party applications 520 and 530 are specifically RFID applications that use the RFID tag reader / writer function. These applications may be preinstalled in the mobile information terminal 40, or may be installed after being downloaded from the application distribution server (not shown) to the mobile information terminal 40.
- the 3rd party application 520 and the 3rd party application 530 are applications released by different 3rd party service providers. Further, each 3rd party service provider is assumed to be a regular 3rd party service provider permitted to use the RFID tag service platform. Access control is performed so that only the management application 510 and the 3rd party applications 520 and 530 issued by the authorized 3rd party service provider can access the home appliance 60 via the RFID tag 70. This access control mechanism will be described with reference to the key relationship diagram of FIG.
- Each service provider has a server that can be managed by each service provider, and collects home appliance information of the home appliance 60 through an application created by the service provider. Specifically, the home appliance information collected by the management application 510 is transmitted to the management server 20. Further, the home appliance information collected by the 3rd party application 520 is transmitted to the 3rd party server 30. The home appliance information collected by the 3rd party application 530 is transmitted to a 3rd party server corresponding to the 3rd party application 530 (not shown).
- FIG. 3 is a configuration diagram of the home appliance 60 according to the first embodiment.
- the home appliance 60 includes an RFID tag 70, a tag communication unit 620 that controls communication with the RFID tag 70, a home appliance command reception unit 630 that receives a home appliance command, and a home appliance command processing unit 640 that processes the received command.
- the home appliance information control unit 650 that controls information held in the home appliance information holding unit 660, the key rewrite control unit 670 that performs rewrite control of the key set in the RFID tag 70, and a key for rewriting temporarily.
- a key information storage unit 680 to be stored.
- the household appliance information holding unit 660 holds household appliance information 661 and a device ID 662 for identifying the household appliance.
- the home appliance information 661 includes, for example, home appliance setting information, home appliance history information, and home appliance power consumption information.
- the home appliance command receiving unit 630 receives a home appliance command from the application 50 in the mobile information terminal 40 via the RFID tag 70. Furthermore, when the user presses a button on the home appliance 60, the home appliance command reception unit 630 performs a command process corresponding to the pressed button. Specifically, the home appliance command receiving unit 630 receives a user command via, for example, a remote controller.
- the home appliances 60 are AV home appliances such as TVs, DVD players, and BD players, home appliances such as refrigerators, washing machines, vacuum cleaners, microwave ovens, rice cookers, sphygmomanometers, body composition meters, activity meter Wellness appliances such as, and medical equipment such as blood glucose meter.
- home appliance 60 is not connected to a network such as an IP network. That is, the home appliance 60 does not directly communicate with the management server 20 and the 3rd party server 30.
- FIG. 4 is a configuration diagram of the RFID tag.
- the RFID tag 70 is an area for storing a non-contact communication unit 710 that controls RFID communication with the mobile information terminal 40, a home appliance communication unit 740 that controls communication between the RFID tag 70 and the home appliance 60, and a master key.
- a master key storage area 720, a service key storage area 730 that is an area for storing a 3rd party service key, an encryption / decryption processing unit 750, and a process of rewriting the key stored in the service key storage area 730 are performed.
- a key writing processing unit 760 A key writing processing unit 760.
- the service key storage area 730 is an area where the key is not written only when the RFID tag 70 receives the key encrypted with the master key. This is so that only the key requested to be written by the authorized 3rd party application is written in the service key storage area 730. In the present embodiment, it is assumed that the number of keys that can be stored in the service key storage area 730 is one.
- the RFID tag 70 receives encrypted data using the non-contact communication unit 710.
- the encryption / decryption processing unit 750 decrypts the encrypted data using the key stored in the master key storage area 720 or the key stored in the service key storage area 730. Data obtained as a result of the decryption is transmitted to the home appliance 60 via the home appliance communication unit 740.
- the RFID tag 70 receives the home appliance information 661 held in the home appliance information holding unit 660 from the home appliance 60 using the home appliance communication unit 740.
- the received home appliance information 661 is encrypted by the encryption / decryption processing unit 750 of the RFID tag 70 using the key stored in the master key storage area 720 or the key stored in the service key storage area 730.
- the encrypted home appliance information 661 is transmitted to the mobile information terminal 40 by RFID communication performed via the non-contact communication unit 710. Furthermore, the mobile information terminal 40 transmits the received encrypted home appliance information 661 to the management server 20 or the 3rd party server 30.
- the management server 20 or the 3rd party server 30 decrypts the received encrypted home appliance information 661, stores it in the database as plain text data, and uses it for various services.
- FIG. 5 is a relationship diagram of keys used for encryption / decryption processing in the RFID tag service system 10.
- the management server 20 holds a master key 21.
- the management server 20 maintains a list of regular 3rd parties (not shown). If there is a request for encryption of the first key 31 from the regular 3rd party server, the management server 20 uses the first key 31 encrypted with the master key 21 held by the management server 20 as the encrypted first key. Return to regular 3rd party server.
- the RFID tag 70 holds a master key 721.
- the master key 721 is written in the master key storage area 720 in the manufacturing process of the home appliance 60.
- the master key 721 and the master key 21 are the same key.
- the service key storage area 730 of the RFID tag 70 is empty at the stage of the manufacturing process.
- the first key 31 or the second key 32 held by the 3rd party server 30 is written in the service key storage area 730 by the write request processing from the 3rd party application 520 released by the 3rd party service provider.
- the key written in the service key storage area 730 is limited to a key obtained by decrypting the key encrypted with the master key 21. Therefore, in order for the first key 31 and the second key 32 to be written in the service key storage area 730, the RFID tag 70 is encrypted with the first key 31 and the master key 21 encrypted with the master key 21. Each of the second keys 32 needs to be received together with the respective key write request.
- the first key 31 is a key disclosed to the management server 20 and is encrypted by the management server 20 with the master key 21.
- the first key 31 is temporarily stored in the service key storage area 730.
- the second key 32 is a key that is not disclosed to the management server 20 and is used for end-to-end encrypted communication between the 3rd party server 30 and the RFID tag 70.
- the second key encrypted with the master key 21 (hereinafter also simply referred to as “encrypted second key”) in the same manner as the first key 31. Needs to be input to the RFID tag 70.
- the second key encrypted with the master key is generated using the RFID communication of the RFID tag 70 instead of the management server 20.
- the writing process of the first key 31 and the second key 32 including the generation process to the service key storage area 730 will be described in detail with reference to the sequence diagrams of FIGS. 9, 10, 11, and 12. Therefore, the description of the writing process is omitted here.
- the legitimate 3rd party application can perform encrypted communication using the second key which is a private key to the management server 20 and is known only to itself. Therefore, the risk of leakage of the second key from the management server 20 is low, and information can be prevented from being stolen from the management server 20.
- the home appliance information 661 stored in the home appliance information holding unit 660 is transmitted to the management server 20 or the 3rd party server 30 by the application 50 installed in the mobile information terminal 40.
- the home appliance information 661 is encrypted by the encryption / decryption processing unit 750 in the RFID tag 70 and transmitted to the mobile information terminal 40 by RFID communication.
- Network communication is used to transmit encrypted home appliance information from the mobile information terminal 40 to the management server 20 or the 3rd party server 30.
- the encrypted home appliance information transmitted from the management application 510 to the management server 20 is encrypted by the encryption / decryption processing unit 750 of the RFID tag 70 using the master key 721 stored in the master key storage area 720. It is the information generated by doing.
- the encrypted home appliance information received by the management server 20 is decrypted by the master key 21 and then stored in the home appliance information management database 23.
- the encrypted home appliance information transmitted from the 3rd party application 520 to the 3rd party server 30 is processed by the encryption / decryption processing unit 750 of the RFID tag 70 using the second key 732 stored in the service key storage area 730. This is information generated by encrypting the information 661.
- the encrypted home appliance information received by the 3rd party server 30 is decrypted by the second key 32 and then stored in the home appliance information management database 33.
- the end-to-end encrypted communication between the RFID tag 70 and the management server 20 and the end-to-end encrypted communication between the RFID tag 70 and the 3rd party server 30 are performed.
- FIG. 6 is an encrypted communication sequence diagram between the RFID tag 70 and the management server 20.
- the management server 20 manages a user ID and a password as user registration information.
- the home appliance 60 will be described below assuming that the home appliance operation history is stored in the home appliance information holding unit 660 as home appliance information by user operation (S101).
- the management application 510 installed in the mobile information terminal 40 is activated (S102).
- the management application 510 requests the user to log in, and the user inputs a user ID and a password.
- the management server 20 collates the user ID and password received from the management application 510 with a user registration database managed by the management server 20.
- the management server 20 transmits a login completion notification to the management application 510.
- the communication between the management server 20 and the mobile information terminal 40 in step S103 is an encrypted communication such as SSL (Secure Socket Layer), for example.
- the management application 510 transmits a device ID read request to the RFID tag 70 by RFID communication using the RFID tag reader / writer control unit 420 (S104).
- the RFID tag 70 accepts a device ID read request using the non-contact communication unit 710. Then, the RFID tag 70 transmits the device ID read request to the tag communication unit 620 of the home appliance 60 using the home appliance communication unit 740 (S105).
- the home appliance information control unit 650 of the home appliance 60 reads the device ID 662 held in the home appliance information holding unit 660 and transmits the device ID 662 to the RFID tag 70 using the tag communication unit 620 (S106).
- the RFID tag 70 receives the device ID 662 by the home appliance communication unit 740 and transmits it to the management application 510 using the non-contact communication unit 710 (S107).
- the management application 510 transmits a home appliance information read request using the master key 721 to the RFID tag 70 by RFID communication using the RFID tag reader / writer control unit 420 (S108).
- the RFID tag 70 accepts a home appliance information read request by the master key 721 at the non-contact communication unit 710. Then, the RFID tag 70 transmits the home appliance information read request to the tag communication unit 620 of the home appliance 60 using the home appliance communication unit 740 (S109).
- the home appliance information control unit 650 of the home appliance 60 reads the home appliance information 661 held in the home appliance information holding unit 660, and transmits the home appliance information 661 to the RFID tag 70 using the tag communication unit 620 (S110). .
- the encryption / decryption processing unit 750 of the RFID tag 70 encrypts the home appliance information 661 received by the home appliance communication unit 740 with the master key 721 stored in the master key storage area 720, thereby encrypting the home appliance information. Generate (S111). Then, the encryption / decryption processing unit 750 transmits the generated encrypted home appliance information to the management application 510 using the non-contact communication unit 710 (S112).
- the management application 510 transmits the device ID 662 received in step S107 and the encrypted home appliance information received in step S112 to the management server 20 via the network control unit 410 (S113).
- the management server 20 decrypts the encrypted home appliance information received in step S113 with the master key 21 managed by the management server 20 (S114).
- the management server 20 associates the home appliance information 661 decrypted in step S114, the user ID input in step S103, and the device ID 662 received in step S113, and records them in the home appliance information management database 23 (S115). .
- the device ID 662 is output without being encrypted with the master key 721 in the RFID tag 70, but may be encrypted with the master key 721 in the same manner as the home appliance information 661.
- FIG. 7 is an encrypted communication sequence diagram between the RFID tag 70 and the 3rd party server 30.
- the third point is that the destination of the encrypted home appliance information is the 3rd party server 30.
- the sequence other than these three points is basically the same as in FIG. 6 mainly in the following three points.
- the first point is that the application to be used is the 3rd party application 520.
- the second point is that the key for encrypting the home appliance information 661 is a key stored in the service key storage area 730.
- the third point is that the destination of the encrypted home appliance information is the 3rd party server 30.
- the sequence other than these three points is basically the same as in FIG.
- the user who uses the RFID tag service system 10 has completed user registration for using the service, and the 3rd party server 30 manages the user ID and password as user registration information. The case where it is doing is demonstrated.
- the home appliance 60 will be described below assuming that the home appliance operation history is stored in the home appliance information holding unit 660 as home appliance information by user operation (S201).
- the 3rd party application 520 installed in the mobile information terminal 40 is activated (S202).
- the 3rd party application 520 requests the user to log in, and the user inputs the user ID and password.
- the 3rd party server 30 collates the user ID and password received from the 3rd party application 520 with a user registration database managed by the 3rd party server 30.
- the 3rd party server 30 transmits a login completion notification to the 3rd party application 520.
- the communication between the 3rd party server 30 and the mobile information terminal 40 in step S203 is, for example, encrypted communication such as SSL.
- the user brings the mobile information terminal 40 close to the RFID tag 70 with the 3rd party application 520 activated.
- the 3rd party application 520 transmits a device ID read request to the RFID tag 70 by RFID communication using the RFID tag reader / writer control unit 420 (S204).
- the RFID tag 70 accepts a device ID read request using the non-contact communication unit 710. Then, the RFID tag 70 transmits the device ID read request to the tag communication unit 620 of the home appliance 60 using the home appliance communication unit 740 (S205).
- the home appliance information control unit 650 of the home appliance 60 reads the device ID 662 held in the home appliance information holding unit 660 and transmits the device ID 662 to the RFID tag 70 using the tag communication unit 620 (S206).
- the RFID tag 70 receives the device ID 662 by the home appliance communication unit 740 and transmits it to the 3rd party application 520 using the non-contact communication unit 710 (S207).
- the user brings the mobile information terminal 40 close to the RFID tag 70 with the 3rd party application 520 activated. Accordingly, the 3rd party application 520 makes a home appliance information read request with the 3rd party key (second key 732) to the RFID tag 70 by RFID communication using the RFID tag reader / writer control unit 420 (S208).
- the 3rd party application 520 makes a home appliance information read request with the 3rd party key (second key 732) to the RFID tag 70 by RFID communication using the RFID tag reader / writer control unit 420 (S208).
- the RFID tag 70 accepts a home appliance information read request using a 3rd party key at the non-contact communication unit 710. Then, the RFID tag 70 transmits the home appliance information read request to the tag communication unit 620 of the home appliance 60 using the home appliance communication unit 740 (S209).
- the home appliance information control unit 650 of the home appliance 60 reads the home appliance information 661 held in the home appliance information holding unit 660, and transmits the home appliance information 661 to the RFID tag 70 using the tag communication unit 620 (S210). .
- the encryption / decryption processing unit 750 of the RFID tag 70 encrypts the home appliance information 661 received by the home appliance communication unit 740 with the second key 732 stored in the service key storage area 730, thereby encrypting the home appliance information. Is generated (S211). Then, the encryption / decryption processing unit 750 transmits the generated encrypted home appliance information to the 3rd party application 520 using the non-contact communication unit 710 (S212).
- the 3rd party application 520 transmits the device ID 662 received in step S207 and the encrypted home appliance information received in step S212 to the 3rd party server 30 via the network control unit 410 (S213).
- the 3rd party server 30 decrypts the encrypted home appliance information received in step S213 with the second key 732 managed by the 3rd party server 30 (S214).
- the management server 20 associates the home appliance information 661 decrypted in step S214 with the user ID input in step S103 and the device ID 662 received in step S213 and records them in the home appliance information management database 33 (S215). .
- the device ID 662 is output without being encrypted with the second key 732 in the RFID tag 70, but may be encrypted with the second key 732 as with the home appliance information 661. .
- the encryption processing in the encryption / decryption processing unit 750 in the RFID tag 70 in the sequence in which the home appliance information is transmitted to the management server 20 or the 3rd party server 30 has been described.
- data encrypted on the server side is transmitted to the RFID tag 70.
- the encryption / decryption processing unit 750 performs decryption processing of the data encrypted on the server side.
- the second key 32 is written in the service key storage area 730 after the first key 31 is written.
- the key writing process to the service key storage area 730 will be described in detail with reference to the sequence diagrams of FIG. 9, FIG. 10, FIG. 11, and FIG.
- FIG. 8 is a diagram showing the home appliance information management database 23 managed by the management server 20 in step S115 of FIG.
- the home appliance information management database 23 includes a user ID 24, a device ID 25, and home appliance information 26.
- two users whose user ID 24 is UserA or UserB are registered as users in the management server 20.
- User A owns a microwave oven whose device ID 25 is 10001, a refrigerator whose device ID is 20001, and a rice cooker whose device ID is 30001.
- microwave history information 1 and microwave history information 2 are recorded as home appliance information 26 of the microwave oven.
- refrigerator history information 1 and refrigerator history information 2 are recorded as home appliance information 26 of the refrigerator.
- rice cooker history information 1 is recorded as home appliance information 26 of the rice cooker in the management database. Since the household appliance information about UserB is the same, description is abbreviate
- the home appliance information management database 33 managed by the 3rd party server 30 has the same configuration as that shown in FIG.
- FIG. 9 is a schematic sequence of 3rd party key writing.
- FIG. 10 to FIG. 12 are sequences showing each step shown in FIG. 9 in more detail.
- the 3rd party server 30 transmits the first key 31 to the management server 20, and acquires from the management server 20 the first key 31 encrypted with the master key 21 as an encrypted first key (S301).
- the mobile information terminal 40 acquires the encrypted first key from the 3rd party server 30 and transmits the encrypted first key to the RFID tag 70.
- the RFID tag 70 decrypts the received encrypted first key with the master key 721 stored in the master key storage area 720, and stores the first key 731 in the service key storage area 730 (S302).
- the 3rd party server 30 transmits the second key 32 encrypted with the first key 31 to the mobile information terminal 40 as the encrypted second key (S303).
- the mobile information terminal 40 transmits the encrypted second key to the RFID tag 70.
- the RFID tag 70 decrypts the received encrypted second key with the first key stored in the service key storage area 730 and transmits the second key in plain text to the home appliance 60.
- the home appliance 60 temporarily holds the second key decrypted by the RFID tag 70 (S304).
- the mobile information terminal 40 transmits a read request for the second key held by the home appliance 60 to the RFID tag 70 in step S304. Then, the RFID tag 70 generates an encrypted second key by encrypting the second key held by the home appliance 60 with the master key 721. The mobile information terminal 40 acquires the encrypted second key generated by the RFID tag 70 (S305).
- the mobile information terminal 40 transmits the encrypted second key (second key encrypted with the master key 721) acquired in step S305 to the RFID tag 70.
- the RFID tag 70 decrypts the received encrypted second key with the master key 721 stored in the master key storage area 720, and stores the second key 732 in the service key storage area 730 (S306).
- Step S301 in FIG. 9 corresponds to step S1001 to step S1005 in FIG.
- Step S302 in FIG. 9 corresponds to step S1006 to step S1014 in FIG.
- Step S303 in FIG. 9 corresponds to step S1015 to step S1018 in FIG.
- Step S304 in FIG. 9 corresponds to step S1019 to step S1025.
- Step S305 in FIG. 9 corresponds to step S1026 to step S1031 in FIG.
- Step S306 in FIG. 9 corresponds to step S1032 to step S1038 in FIG.
- step S301 in FIG. 9 will be described with reference to FIG.
- the 3rd party server 30 generates a first key 31 that is a 3rd party key (S1001).
- the 3rd party server 30 transmits an encryption request for the first key 31 to the management server 20 (S1002).
- the management server 20 generates a message authentication code (MAC) value of the first key 31 (S1003).
- the management server 20 generates an encrypted first key by encrypting the first key 31 with the master key 21 (S1004).
- MAC message authentication code
- the management server 20 transmits the encrypted first key generated in step S1004 and the MAC value of the first key 31 generated in step S1003 to the 3rd party server 30 (S1005).
- the management server 20 may transmit the encrypted first key and the MAC value of the first key 31 to the mobile information terminal 40. In this case, step S1007 described later is omitted.
- step S302 in FIG. 9 From here, the detailed sequence of step S302 in FIG. 9 will be described with reference to FIG.
- the mobile information terminal 40 activates the 3rd party application 520 (S1006).
- the mobile information terminal 40 receives the encrypted first key and the MAC value of the first key 31 from the management server 20 (S1007).
- the 3rd party application 520 sends the 3rd party key write request together with the encrypted first key and the MAC value of the first key 31 received in step S1007 by RFID communication using the RFID tag reader / writer control unit 420 to the RFID. It transmits to the tag 70 (S1008).
- the encryption / decryption processing unit 750 of the RFID tag 70 decrypts the received encrypted first key with the master key 721 in the master key storage area 720 (S1009).
- the encryption / decryption processing unit 750 of the RFID tag 70 generates a MAC value of the decrypted first key (S1010).
- the encryption / decryption processing unit 750 compares the MAC value received in step S1008 with the MAC value generated in step S1010 (S1010). If the MAC values are not equal as a result of the comparison in step S1010, the RFID tag 70 outputs an error notification (S1011).
- the key writing processing unit 760 of the RFID tag 70 acquires the first key from the encryption / decryption processing unit 750 and writes the first key 731 in the service key storage area 730 ( S1013).
- the RFID tag 70 After completing the writing of the first key 731 in step S1010, the RFID tag 70 transmits a write completion notification to the 3rd party application 520 (S1014).
- step S303 in FIG. 9 From here, the detailed sequence of step S303 in FIG. 9 will be described with reference to FIG.
- the 3rd party server 30 generates a second key 32 that is a 3rd party key (S1015).
- the 3rd party server 30 generates the MAC value of the second key 32 (S1016).
- the 3rd party server 30 generates an encrypted second key by encrypting the second key 32 with the first key 31 managed by the 3rd party server 30 (S1017).
- the 3rd party server 30 transmits the encrypted second key generated in step S1017 and the MAC value generated in step S1016 to the 3rd party application 520 of the mobile information terminal 40 (S1018).
- step S304 in FIG. 9 From here, the detailed sequence of step S304 in FIG. 9 will be described with reference to FIG.
- the 3rd party application 520 sends the 3rd party key write request to the RFID tag 70 together with the encrypted second key and the MAC value of the second key 32 received in step S1018 by RFID communication using the RFID tag reader / writer control unit 420. Transmit (S1019).
- the encryption / decryption processing unit 750 of the RFID tag 70 decrypts the received encrypted second key with the first key 731 in the service key storage area 730 (S1020).
- the encryption / decryption processing unit 750 of the RFID tag 70 generates the MAC value of the decrypted second key (S1021).
- the encryption / decryption processing unit 750 compares the MAC value received in step S1019 with the MAC value generated in step S1021 (S1022). If the MAC values are not equal as a result of the comparison in step S1022, the RFID tag 70 outputs an error notification (S1023).
- the key writing processing unit 760 of the RFID tag 70 acquires the second key from the encryption / decryption processing unit 750, and uses the acquired second key via the home appliance communication unit 740. It transmits to the household appliance 60 (S1024).
- the home appliance information control unit 650 of the home appliance 60 acquires the second key from the tag communication unit 620, and temporarily records the second key in the home appliance information holding unit 660 (S1025).
- step S305 in FIG. 9 From here, the detailed sequence of step S305 in FIG. 9 will be described with reference to FIG.
- the 3rd party application 520 needs to acquire the second key encrypted with the master key in order to store the second key in the service key storage area 730. Therefore, the 3rd party application 520 transmits a read request for the second key held in the home appliance 60 to the RFID tag 70 (S1026).
- the home appliance 60 that has received a read request from the RFID tag 70 reads the second key recorded in the home appliance information holding unit 660 (S1027).
- the home appliance 60 transmits the read second key to the RFID tag 70 via the tag communication unit 620 (S1028).
- the encryption / decryption processing unit 750 of the RFID tag 70 generates the MAC value of the second key received in step S1028 (S1029). Further, the encryption / decryption processing unit 750 generates an encrypted second key by encrypting the second key with the master key 721 in the master key storage area 720 (S1030). The RFID tag 70 transmits the encrypted second key generated in step S1030 and the MAC value generated in step S1029 to the 3rd party application 520 by RFID communication using the non-contact communication unit 710 (S1031). ).
- step S306 in FIG. 9 From here, the detailed sequence of step S306 in FIG. 9 will be described with reference to FIG.
- the 3rd party application 520 uses the RFID communication using the RFID tag reader / writer control unit 420 to transmit the 3rd party key together with the encrypted second key (second key encrypted with the master key) and the MAC value received in step S1031.
- a write request is transmitted to the RFID tag 70 (S1032).
- the encryption / decryption processing unit 750 of the RFID tag 70 decrypts the received encrypted second key with the master key 721 in the master key storage area 720 (S1033).
- the encryption / decryption processing unit 750 of the RFID tag 70 generates a MAC value of the decrypted second key (S1034).
- the encryption / decryption processing unit 750 compares the MAC value received in step S1032 with the MAC value generated in step S1034 (S1035). If the MAC values are not equal as a result of the comparison in step S1035, the RFID tag 70 outputs an error notification (S1036).
- the key writing processing unit 760 of the RFID tag 70 acquires the second key from the encryption / decryption processing unit 750 and writes the second key 732 in the service key storage area 730. (S1037).
- the RFID tag 70 After the writing is completed, the RFID tag 70 transmits a writing completion notification to the 3rd party application 520 (S1038).
- the second key that is not disclosed to the management server 20 can be used for the end-to-end encrypted communication between the 3rd party server 30 and the RFID tag 70. .
- the risk that the second key is leaked from the management server 20 is low, and information can be prevented from being wiretapped from the management server 20.
- the second key held by the home appliance 60 in step S1025 is preferably deleted after being read. By doing so, it is possible to prevent the second key from being illegally obtained by illegally analyzing the home appliance 60.
- step S1031 the 3rd party application 520 acquires the second key (encrypted second key) encrypted with the master key and the MAC value.
- the 3rd party application 520 preferably holds the encrypted second key and the MAC value.
- each 3rd party application holds the encrypted second key and MAC value received in step S1031 corresponding to the 3rd party application. It is preferable. In this case, if only the process of step S306 in FIG. 9 is performed at the timing of switching the 3rd party application, the second key writing process corresponding to the switched 3rd party application is performed. Therefore, it is possible to shorten the time for switching the 3rd party application.
- the home appliance 60 may directly write the second key in the service key storage area 730 of the RFID tag 70.
- the second key corresponding to the 3rd party application must be stored in the home appliance or RFID tag.
- the home appliance 60 and the RFID tag 70 usually do not have sufficient resources, and often cannot store a plurality of second keys respectively corresponding to a plurality of 3rd party applications.
- the mobile information terminal 40 having sufficient resources is used and the second key is written from the mobile information terminal 40 side, so that it is possible to support a plurality of 3rd party applications. is there.
- the mobile information as in the present embodiment can also generate the second key in the home appliance 60 or the RFID tag 70 that does not have sufficient resources by updating the application of the mobile information terminal 40 later. A method using the terminal 40 is effective.
- the MAC value is used to confirm the validity of the key.
- a generally well-known technique such as a digital signature or a hash function may be used instead of the MAC value.
- the 3rd party server 30 provides, as a service, power consumption information, usage history, cooking menu recipes, or home appliance information of home appliances owned by each user.
- the home appliance 60 is a wellness home appliance (for example, a sphygmomanometer, a body composition meter, or an activity meter) or a medical device (for example, a blood glucose meter)
- the 3rd party may be a medical institution.
- privacy information for example, the user's weight or blood pressure
- a medical institution that provides a service protects privacy information for the user. Can be provided.
- the home appliance information collected by the management server 20 is managed only by the management server 20.
- the home appliance information from the management server 20 to the 3rd party server 30 is obtained from the management server 20 in advance. Information may be provided. Various services can be realized by such cooperation processing between servers.
- encrypted communication using the master key is performed between the management server 20 and the RFID tag 70.
- the master key is transmitted between the management application 510 of the mobile information terminal 40 and the RFID tag 70. Encrypted communication may be performed. In this case, the management application 510 holds the master key.
- encrypted communication is performed between the 3rd party server 30 and the RFID tag 70 using the second key that is the 3rd party key, but the 3rd party application 520 of the mobile information terminal 40 Encrypted communication with the RFID tag 70 using a 3rd party key may be performed. In this case, the 3rd party application 520 holds the second key.
- the mobile information terminal 40 when transmitting a control command to the home appliance 60, the mobile information terminal 40 can generate an encrypted command within the application without inquiring the server to generate the encrypted command. Therefore, the overhead caused by the inquiry to the server can be reduced.
- the number of keys stored in the service key storage area 730 is one, but a plurality of keys may be stored in the service key storage area 730. In this case, the keys may be stored in the service key storage area 730 so that the keys can be distinguished from each other.
- the service is performed so that the 3rd party application 530 other than the rewritten 3rd party application cannot rewrite the key in the service key storage area 730 illegally.
- Lock control of the key storage area 730 is performed. Since processes other than the lock control are the same as those in the first embodiment, only portions different from those in the first embodiment will be described.
- FIG. 13 is a configuration diagram of the RFID tag according to the second embodiment.
- the RFID tag 70 includes, in addition to the components included in the RFID tag 70 shown in FIG. 4, a lock state holding unit 770 that holds lock information used for determining whether or not key writing is possible, and a lock state holding A lock state setting unit 780 that sets a lock state or an unlock state by updating the lock information held in the unit 770;
- the locked state is a state in which the key in the service key storage area 730 cannot be rewritten. That is, in the locked state, writing of the key to the service key storage area 730 is prohibited.
- the unlocked state is a state in which the key in the service key storage area 730 can be rewritten.
- FIG. 14 is a sequence diagram when the service key storage area 730 is set to the locked state.
- FIG. 14 shows a sequence after the 3rd party application 520 completes the writing process shown in step S306 of FIG.
- the 3rd party application 520 in the mobile information terminal 40 generates a random number (S2001).
- the 3rd party application 520 transmits the generated random number to the 3rd party server 30 (S2002).
- the communication between the 3rd party server 30 and the 3rd party application 520 is preferably encrypted communication such as SSL.
- the 3rd party server 30 generates an encrypted random number by encrypting the random number received in step S2002 using the second key 32 (S2003).
- the 3rd party server 30 transmits the encrypted random number to the 3rd party application 520 (S2004).
- the 3rd party application 520 transmits the encrypted random number received in step S2004 to the RFID tag 70 together with a request to decrypt with the key stored in the service key storage area 730 (S2005).
- the encryption / decryption processing unit 750 of the RFID tag 70 decrypts the encrypted random number with the second key 732 in the service key storage area 730 (S2006).
- the encryption / decryption processing unit 750 transmits the decrypted random number to the home appliance 60 (S2007).
- the home appliance 60 stores the random number received in step S2007 in the home appliance information holding unit 660.
- the home appliance 60 transmits a lock request to the RFID tag 70 (S2009).
- the lock request is information requesting to set the service key storage area 730 to the locked state.
- the RFID tag 70 accepts a lock request only from the home appliance communication unit 740. That is, the RFID tag 70 does not accept a lock request from the non-contact communication unit 710. As a result, when the lock request is leaked, it is possible to prevent the service key storage area 730 from being locked by an arbitrary 3rd party application.
- the lock state setting unit 780 of the RFID tag 70 sets the lock information held by the lock state holding unit 770 to “lock state” (S2010). That is, the lock state setting unit 780 sets the state of the service key storage area 730 to the lock state. Then, the lock state setting unit 780 transmits a lock completion notification to the 3rd party application 520 (S2011).
- FIG. 15 is a sequence diagram when the service key storage area 730 is unlocked.
- the 3rd party application 520 performs service processing (S2012). For example, the 3rd party application 520 collects home appliance information via the RFID tag 70 and transmits the collected home appliance information to the 3rd party server 30. In addition, the 3rd party application 520 transmits a command from the 3rd party server 30 to the home appliance 60 via the RFID tag 70. Note that the communication between the 3rd party server and the RFID tag 70 in step S2012 is an end-to-end encrypted communication as described in the first embodiment.
- the 3rd party application 520 transmits a lock release request to the RFID tag 70 together with the encrypted random number received in step S2004 when encryption communication is no longer necessary (S2013).
- the lock release request is a request for releasing the lock state. That is, it is information requesting to set the state of the service key storage area 730 to the unlocked state.
- the encryption / decryption processing unit 750 of the RFID tag 70 decrypts the encrypted random number using the second key 732 stored in the service key storage area 730 (S2014).
- the encryption / decryption processing unit 750 transmits the decrypted random number to the home appliance 60 (S2015).
- the home appliance 60 compares the random number received in step S2015 with the random number stored in the home appliance information holding unit 660 in step S2008 (S2016). If the random numbers are not equal as a result of the comparison in step 2016, the home appliance 60 notifies the RFID tag 70 of an error (S2017). Then, the RFID tag 70 notifies the 3rd party application 520 of an unlock error (S2018).
- the home appliance 60 transmits an unlock request to the RFID tag 70 (S2019).
- the lock state setting unit 780 of the RFID tag 70 sets the lock information held by the lock state holding unit 770 to “unlocked state” (S2020). That is, the lock state setting unit 780 sets the state of the service key storage area 730 to the unlocked state. Then, the lock state setting unit 780 transmits a lock release completion notification to the 3rd party application 530 (S2021).
- the 3rd party application 520 that has received the unlock completion notification ends the service process (application) being executed (S2022).
- the lock release processing of the service key storage area 730 can be performed only from the 3rd application in which the service key storage area 730 is set to the locked state. Therefore, it is possible to prevent the service from being interrupted by the key being overwritten by another unauthorized application during the execution of the service of one 3rd party application.
- the 3rd party application 520 generates a random number in step S2001, but the 3rd party application 520 may use authentication information other than the random number.
- the 3rd party application 520 may generate a digital signature, for example.
- the authentication information may be authentication information that is not known to applications other than the 3rd party application 520.
- the 3rd party server 30 encrypts the random number, but the mobile information terminal 40 may encrypt the random number.
- the RFID tag service system has been described as equivalent to a key management system, but the key management system can also be applied to other service systems. Further, the management server 20 and the 3rd party server 30 may not be included in the key management system.
- the home appliance 60 and the mobile information terminal 40 communicate using RFID tag communication, but other communication methods may be used.
- the home appliance 60 and the mobile information terminal 40 may communicate using an IP network or a mobile phone communication network.
- the home appliance 60 may be a communication device that can communicate with the mobile information terminal 40.
- the mobile information terminal 40 may be a communication device that can communicate with the home appliance 60, the management server 20, and the 3rd party server 30.
- each of the above devices is a computer system including a microprocessor, ROM, RAM, a hard disk unit, a display unit, a keyboard, a mouse, and the like.
- a computer program is stored in the RAM or hard disk unit.
- Each device achieves its functions by the microprocessor operating according to the computer program.
- the computer program is configured by combining a plurality of instruction codes indicating instructions for the computer in order to achieve a predetermined function.
- a part or all of the components constituting each of the above devices may be configured by one system LSI (Large Scale Integration).
- the system LSI is an ultra-multifunctional LSI manufactured by integrating a plurality of components on a single chip.
- the system LSI is a computer system including a microprocessor, a ROM, a RAM, and the like.
- a computer program is stored in the RAM.
- the system LSI achieves its functions by the microprocessor operating according to the computer program.
- each part of the constituent elements constituting each of the above devices may be individually made into one chip, or may be made into one chip so as to include a part or all of them.
- the system LSI is used here, it may be called IC, LSI, super LSI, or ultra LSI depending on the degree of integration. Further, the method of circuit integration is not limited to LSI's, and implementation using dedicated circuitry or general purpose processors is also possible.
- An FPGA Field Programmable Gate Array
- a reconfigurable processor that can reconfigure the connection and setting of circuit cells inside the LSI may be used.
- a part or all of the constituent elements constituting each of the above devices may be constituted by an IC card or a single module that can be attached to and detached from each device.
- the IC card or the module is a computer system including a microprocessor, a ROM, a RAM, and the like.
- the IC card or the module may include the super multifunctional LSI described above.
- the IC card or the module achieves its function by the microprocessor operating according to the computer program. This IC card or this module may have tamper resistance.
- the present invention may be the method described above. Further, the present invention may be a computer program that realizes these methods by a computer, or may be a digital signal composed of the computer program.
- the present invention also provides a computer-readable recording medium such as a flexible disk, hard disk, CD-ROM, MO, DVD, DVD-ROM, DVD-RAM, BD (Blu-ray Disc). Or recorded in a semiconductor memory or the like.
- the digital signal may be recorded on these recording media.
- the computer program or the digital signal may be transmitted via an electric communication line, a wireless or wired communication line, a network represented by the Internet, a data broadcast, or the like.
- the present invention may be a computer system including a microprocessor and a memory, the memory storing the computer program, and the microprocessor operating according to the computer program.
- program or the digital signal is recorded on the recording medium and transferred, or the program or the digital signal is transferred via the network or the like and executed by another independent computer system. You may do that.
- the key management system according to one or more aspects has been described based on the embodiment.
- the present invention is not limited to this embodiment. Unless it deviates from the gist of the present invention, various modifications conceived by those skilled in the art have been made in this embodiment, and forms constructed by combining components in different embodiments are also within the scope of one or more aspects. May be included.
- the present invention can be used as an RFID tag service system that provides a service using an RFID tag.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Automation & Control Theory (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Telephonic Communication Services (AREA)
- Telephone Function (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
Description
背景技術で説明したように、スマートフォンと家電とを連携させたサービスが実現可能となってきている。ここで、スマートフォンと家電とが近距離無線通信技術を用いて通信を行う場合が考えられる。
<RFIDタグサービスシステムの構成>
図1は、実施の形態1に係るRFIDタグ通信を利用して家電・サーバー間でサービスを行うRFIDタグサービスシステム10の構成図である。
図2は、実施の形態1に係るモバイル情報端末40の構成図である。
図3は、実施の形態1に係る家電60の構成図である。
図4は、RFIDタグの構成図である。
図5は、RFIDタグサービスシステム10における暗復号処理に利用する鍵の関係図である。
図6は、RFIDタグ70と管理サーバー20間の暗号化通信シーケンス図である。
図7は、RFIDタグ70と3rdパーティサーバー30間の暗号化通信シーケンス図である。
図8は、図6のステップS115において、管理サーバー20が管理する家電情報管理データベース23を示す図である。
以降、図9、図10、図11、および図12を用いてサービス鍵格納領域730への3rdパーティ鍵である第1鍵31と第2鍵32との書き込みシーケンスについて説明する。
ここからは、図10、図11、図12を用いて、3rdパーティ鍵書き込みの詳細シーケンスについて説明する。
続いて、実施の形態2に係るRFIDタグサービスシステムについて説明する。
20 管理サーバー
21、721 マスター鍵
23、33 家電情報管理データベース
24 ユーザID
25、662 機器ID
26、661 家電情報
30 3rdパーティサーバー
31、731 第1鍵
32、732 第2鍵
40 モバイル情報端末
50 アプリケーション
60 家電
70 RFIDタグ
410 ネットワーク制御部
420 RFIDタグリーダ・ライタ制御部
510 管理アプリケーション
520、530 3rdパーティアプリケーション
620 タグ通信部
630 家電コマンド受付部
640 家電コマンド処理部
650 家電情報制御部
660 家電情報保持部
670 鍵書き換え制御部
680 鍵情報格納部
710 非接触通信部
720 マスター鍵格納領域
730 サービス鍵格納領域
740 家電通信部
750 暗復号処理部
760 鍵書き込み処理部
770 ロック状態保持部
780 ロック状態設定部
Claims (14)
- マスター鍵を管理する第1サーバー、および第1鍵と第2鍵とを管理する第2サーバーと通信を行うモバイル情報端末を用いて、前記第2サーバーと家電機器との間の暗号化通信に用いられる前記第2鍵を前記家電機器内に書き込むための鍵管理システムであって、
前記鍵管理システムは、前記モバイル情報端末と、前記家電機器とを備え、
前記家電機器は、
前記モバイル情報端末と通信を行う通信部と、
前記マスター鍵が予め格納されたマスター鍵格納領域と、
前記第1鍵および前記第2鍵を格納するためのサービス鍵格納領域と、
前記通信部が、前記マスター鍵で暗号化された前記第1鍵または前記マスター鍵で暗号化された前記第2鍵を受信した場合にのみ、前記サービス鍵格納領域に前記第1鍵または前記第2鍵を書き込む鍵書き込み処理部と、
前記マスター鍵格納領域に格納されている前記マスター鍵、または前記サービス鍵格納領域に格納されている前記第1鍵もしくは前記第2鍵を用いて、暗復号処理を行う暗復号処理部とを備え、
前記モバイル情報端末は、前記第1サーバーまたは前記第2サーバーから、前記第1サーバーが管理する前記マスター鍵で暗号化された前記第1鍵である暗号化第1鍵を受信した場合、前記暗号化第1鍵とともに第1の鍵書き込み要求を前記通信部へ送信し、
前記通信部が、前記暗号化第1鍵とともに前記第1の鍵書き込み要求を前記モバイル情報端末から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて前記暗号化第1鍵を復号し、前記鍵書き込み処理部は、復号された前記第1鍵を前記サービス鍵格納領域に書き込み、
前記モバイル情報端末は、前記第2サーバーから、前記第2サーバーが管理する前記第1鍵で暗号化された前記第2鍵を受信した場合、前記第1鍵で暗号化された前記第2鍵を前記通信部へ送信し、
前記通信部が、前記第1鍵で暗号化された前記第2鍵を前記モバイル情報端末から受信した場合に、前記暗復号処理部は、前記サービス鍵格納領域に格納されている前記第1鍵を用いて、前記第1鍵で暗号化された前記第2鍵を復号し、
前記家電機器は、復号した前記第2鍵を保持し、
前記モバイル情報端末は、前記通信部に対して、前記家電機器が保持している前記第2鍵の読み出し要求を送信し、
前記通信部が、前記第2鍵の読み出し要求を前記モバイル情報端末から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて、前記家電機器が保持している前記第2鍵を暗号化した暗号化第2鍵を生成し、生成した前記暗号化第2鍵を前記モバイル情報端末に送信し、
前記モバイル情報端末は、前記通信部から前記暗号化第2鍵を受信し、前記暗号化第2鍵とともに第2の鍵書き込み要求を前記通信部へ送信し、
前記通信部が、前記暗号化第2鍵とともに前記第2の鍵書き込み要求を前記モバイル情報端末から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて、前記暗号化第2鍵を復号し、前記鍵書き込み処理部は、復号された前記第2鍵を前記サービス鍵格納領域に書き込む
鍵管理システム。 - 前記モバイル情報端末には、前記第2のサーバである複数のサーバーそれぞれと前記家電機器との間の暗号化通信を行うための複数のアプリケーションプログラムであって、前記複数のサーバーそれぞれに対応する前記複数のアプリケーションプログラムがインストールされており、
前記モバイル情報端末は、前記通信部から前記複数のアプリケーションプログラムそれぞれに対応する複数の前記暗号化第2鍵を受信し、受信した前記複数の前記暗号化第2鍵を保持し、
前記モバイル情報端末は、前記複数のアプリケーションプログラムの切り替えを行った時に、切り替え後の前記アプリケーションプログラムに対応する前記暗号化第2鍵である対象暗号化第2鍵を前記第2の鍵書き込み要求とともに前記通信部に送信し、
前記通信部が、前記対象暗号化第2鍵とともに鍵書き込み要求を前記モバイル情報端末から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて、前記対象暗号化第2鍵を復号し、前記鍵書き込み処理部は、復号された前記第2鍵を前記サービス鍵格納領域に書き込む
請求項1に記載の鍵管理システム。 - 前記家電機器は、前記家電機器に関する情報である家電情報を保持しており、
前記通信部が前記家電機器から前記家電情報を受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて、前記家電情報を暗号化し、前記マスター鍵で暗号化された前記家電情報を前記モバイル情報端末に送信し、
前記モバイル情報端末は、前記マスター鍵で暗号化された前記家電情報を前記通信部から受信し、前記マスター鍵で暗号化された前記家電情報を前記第1サーバーに送信する
請求項1または2に記載の鍵管理システム。 - 前記家電機器は、前記家電機器に関する情報である家電情報を保持しており、
前記通信部が前記家電機器から前記家電情報を受信した場合に、前記暗復号処理部は、前記サービス鍵格納領域に格納されている前記第2鍵を用いて、前記家電情報を暗号化し、前記第2鍵で暗号化された前記家電情報を前記モバイル情報端末に送信し、
前記モバイル情報端末は、前記第2鍵で暗号化された前記家電情報を前記通信部から受信し、前記第2鍵で暗号化された前記家電情報を前記第2サーバーに送信する
請求項1または2に記載の鍵管理システム。 - 前記家電機器は、さらに、
前記サービス鍵格納領域の状態を、鍵の書き換えが不可能な状態であるロック状態および鍵の書き換えが可能な状態であるアンロック状態のいずれかの状態に設定するためのロック情報を保持するロック状態保持部と、
前記ロック状態保持部に保持されている前記ロック情報を更新することにより、前記サービス鍵格納領域の状態を前記ロック状態または前記アンロック状態に設定するロック状態設定部とを備え、
前記モバイル情報端末は、前記通信部に対して、前記サービス鍵格納領域に格納されている鍵の書き換え要求とともに第1の認証情報を送信し、
前記家電機器は、前記通信部が受信した前記第1の認証情報を保持し、
前記ロック状態設定部は、前記モバイル情報端末による鍵の書き換え要求に対する処理の完了後に、前記サービス鍵格納領域の状態を前記ロック状態に設定し、
前記モバイル情報端末は、前記通信部に対して、前記ロック状態の解除要求とともに第2の認証情報を送信し、
前記家電機器は、前記第1の認証情報と前記第2の認証情報とが同一である場合にのみ、前記ロック状態設定部に対して、前記ロック状態の解除要求を送信し、
前記ロック状態設定部は、前記家電機器から前記ロック状態の解除要求を受信した後に、前記サービス鍵格納領域の状態を前記アンロック状態に設定する
請求項1~4のいずれか1項に記載の鍵管理システム。 - 前記通信部は、前記モバイル情報端末と近距離無線通信を行うRFID(Radio Frequency IDentification)タグである
請求項1~5のいずれか1項に記載の鍵管理システム。 - 通信装置であって、
マスター鍵を管理する第1サーバー、および第1鍵と第2鍵とを管理する第2サーバーと通信を行う装置である第2の通信装置と通信を行う通信部と、
前記マスター鍵が予め格納されたマスター鍵格納領域と、
前記第1鍵および前記第2鍵を格納するためのサービス鍵格納領域と、
前記通信部が、前記マスター鍵で暗号化された前記第1鍵または前記マスター鍵で暗号化された前記第2鍵を受信した場合にのみ、前記サービス鍵格納領域に前記第1鍵または前記第2鍵を書き込む鍵書き込み処理部と、
前記マスター鍵格納領域に格納されている前記マスター鍵、または前記サービス鍵格納領域に格納されている前記第1鍵もしくは前記第2鍵を用いて、暗復号処理を行う暗復号処理部とを備え、
前記通信部が、前記第1サーバーにより、前記第1サーバーが管理する前記マスター鍵で暗号化された前記第1鍵である暗号化第1鍵と第1の鍵書き込み要求とを前記第2の通信装置から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて前記暗号化第1鍵を復号し、前記鍵書き込み処理部は、復号された前記第1鍵を前記サービス鍵格納領域に書き込み、
前記通信部が、前記第2サーバーにより、前記第2サーバーが管理する前記第1鍵で暗号化された前記第2鍵を前記第2の通信装置から受信した場合に、前記暗復号処理部は、前記サービス鍵格納領域に格納されている前記第1鍵を用いて、前記第1鍵で暗号化された前記第2鍵を復号し、前記通信装置は、復号した前記第2鍵を保持し、
前記通信部が、前記通信装置が保持している前記第2鍵の読み出し要求を前記第2の通信装置から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて、前記通信装置が保持している前記第2鍵を暗号化した暗号化第2鍵を生成し、生成した前記暗号化第2鍵を前記第2の通信装置に送信し、
前記通信部が、前記第2の通信装置に送信した前記暗号化第2鍵と第2の鍵書き込み要求とを前記第2の通信装置から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて、前記暗号化第2鍵を復号し、前記鍵書き込み処理部は、復号された前記第2鍵を前記サービス鍵格納領域に書き込む
通信装置。 - 前記通信装置は、さらに、
前記サービス鍵格納領域の状態を、鍵の書き換えが不可能な状態であるロック状態および鍵の書き換えが可能な状態であるアンロック状態のいずれかの状態に設定するためのロック情報を保持するロック状態保持部と、
前記ロック状態保持部に保持されている前記ロック情報を更新することにより、前記サービス鍵格納領域の状態を前記ロック状態または前記アンロック状態に設定するロック状態設定部とを備え、
前記通信部が、前記サービス鍵格納領域に格納されている鍵の書き換え要求とともに第1の認証情報を前記第2の通信装置から受信した場合に、
前記通信装置は、前記通信部が受信した前記第1の認証情報を保持し、
前記ロック状態設定部は、前記第2の通信装置による鍵の書き換え要求に対する処理の完了後に、前記サービス鍵格納領域の状態を前記ロック状態に設定し、
前記通信部が、前記ロック状態の解除要求とともに第2の認証情報を前記第2の通信装置から受信した場合に、
前記通信装置は、前記第1の認証情報と前記第2の認証情報とが同一である場合にのみ、前記ロック状態設定部に対して、前記ロック状態の解除要求を送信し、
前記ロック状態設定部は、前記通信装置から前記ロック状態の解除要求を受信した後に、前記サービス鍵格納領域の状態を前記アンロック状態に設定する
請求項7に記載の通信装置。 - 前記通信装置は、家電機器であり、
前記第2の通信装置は、モバイル情報端末である
請求項7または8に記載の通信装置。 - 前記通信部は、前記第2の通信装置と近距離無線通信を行うRFID(Radio Frequency IDentification)タグである
請求項7~9のいずれか1項に記載の通信装置。 - マスター鍵を管理する第1サーバー、および第1鍵と第2鍵とを管理する第2サーバーと通信を行うモバイル情報端末を用いて、前記第2サーバーと家電機器との間の暗号化通信に用いられる前記第2鍵を前記家電機器内に書き込むための鍵管理方法であって、
前記家電機器は、
前記モバイル情報端末と通信を行う通信部と、
前記マスター鍵が予め格納されたマスター鍵格納領域と、
前記第1鍵および前記第2鍵を格納するためのサービス鍵格納領域と、
前記通信部が、前記マスター鍵で暗号化された前記第1鍵または前記マスター鍵で暗号化された前記第2鍵を受信した場合にのみ、前記サービス鍵格納領域に前記第1鍵または前記第2鍵を書き込む鍵書き込み処理部と、
前記マスター鍵格納領域に格納されている前記マスター鍵、または前記サービス鍵格納領域に格納されている前記第1鍵もしくは前記第2鍵を用いて、暗復号処理を行う暗復号処理部とを備え、
前記モバイル情報端末は、前記第1サーバーまたは前記第2サーバーから、前記第1サーバーが管理する前記マスター鍵で暗号化された前記第1鍵である暗号化第1鍵を受信した場合、前記暗号化第1鍵とともに第1の鍵書き込み要求を前記通信部へ送信し、
前記通信部が、前記暗号化第1鍵とともに前記第1の鍵書き込み要求を前記モバイル情報端末から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて前記暗号化第1鍵を復号し、前記鍵書き込み処理部は、復号された前記第1鍵を前記サービス鍵格納領域に書き込み、
前記モバイル情報端末は、前記第2サーバーから、前記第2サーバーが管理する前記第1鍵で暗号化された前記第2鍵を受信した場合、前記第1鍵で暗号化された前記第2鍵を前記通信部へ送信し、
前記通信部が、前記第1鍵で暗号化された前記第2鍵を前記モバイル情報端末から受信した場合に、前記暗復号処理部は、前記サービス鍵格納領域に格納されている前記第1鍵を用いて、前記第1鍵で暗号化された前記第2鍵を復号し、
前記家電機器は、復号した前記第2鍵を保持し、
前記モバイル情報端末は、前記通信部に対して、前記家電機器が保持している前記第2鍵の読み出し要求を送信し、
前記通信部が、前記第2鍵の読み出し要求を前記モバイル情報端末から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて、前記家電機器が保持している前記第2鍵を暗号化した暗号化第2鍵を生成し、生成した前記暗号化第2鍵を前記モバイル情報端末に送信し、
前記モバイル情報端末は、前記通信部から前記暗号化第2鍵を受信し、前記暗号化第2鍵とともに第2の鍵書き込み要求を前記通信部へ送信し、
前記通信部が、前記暗号化第2鍵とともに前記第2の鍵書き込み要求を前記モバイル情報端末から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて、前記暗号化第2鍵を復号し、前記鍵書き込み処理部は、復号された前記第2鍵を前記サービス鍵格納領域に書き込む
鍵管理方法。 - 通信装置における鍵管理方法であって、
前記通信装置は、
マスター鍵を管理する第1サーバー、および第1鍵と第2鍵とを管理する第2サーバーと通信を行う装置である第2の通信装置と通信を行う通信部と、
前記マスター鍵が予め格納されたマスター鍵格納領域と、
前記第1鍵および前記第2鍵を格納するためのサービス鍵格納領域と、
前記通信部が、前記マスター鍵で暗号化された前記第1鍵または前記マスター鍵で暗号化された前記第2鍵を受信した場合にのみ、前記サービス鍵格納領域に前記第1鍵または前記第2鍵を書き込む鍵書き込み処理部と、
前記マスター鍵格納領域に格納されている前記マスター鍵、または前記サービス鍵格納領域に格納されている前記第1鍵もしくは前記第2鍵を用いて、暗復号処理を行う暗復号処理部とを備え、
前記通信部が、前記第1サーバーにより、前記第1サーバーが管理する前記マスター鍵で暗号化された前記第1鍵である暗号化第1鍵と第1の鍵書き込み要求とを前記第2の通信装置から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて前記暗号化第1鍵を復号し、前記鍵書き込み処理部は、復号された前記第1鍵を前記サービス鍵格納領域に書き込み、
前記通信部が、前記第2サーバーにより、前記第2サーバーが管理する前記第1鍵で暗号化された前記第2鍵を前記第2の通信装置から受信した場合に、前記暗復号処理部は、前記サービス鍵格納領域に格納されている前記第1鍵を用いて、前記第1鍵で暗号化された前記第2鍵を復号し、前記通信装置は、復号した前記第2鍵を保持し、
前記通信部が、前記通信装置が保持している前記第2鍵の読み出し要求を前記第2の通信装置から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて、前記通信装置が保持している前記第2鍵を暗号化した暗号化第2鍵を生成し、生成した前記暗号化第2鍵を前記第2の通信装置に送信し、
前記通信部が、前記第2の通信装置に送信した前記暗号化第2鍵と第2の鍵書き込み要求とを前記第2の通信装置から受信した場合に、前記暗復号処理部は、前記マスター鍵格納領域に格納されている前記マスター鍵を用いて、前記暗号化第2鍵を復号し、前記鍵書き込み処理部は、復号された前記第2鍵を前記サービス鍵格納領域に書き込む
鍵管理方法。 - 請求項12に記載の鍵管理方法をコンピュータに実行させるためのプログラム。
- 請求項13に記載のプログラムが記録された非一時的な記録媒体。
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201280011043.9A CN103404075B (zh) | 2012-01-25 | 2012-12-27 | 密钥管理系统、密钥管理方法以及通信装置 |
US14/002,126 US9258283B2 (en) | 2012-01-25 | 2012-12-27 | Key management system, key management method, and communication device |
JP2013523806A JP5967549B2 (ja) | 2012-01-25 | 2012-12-27 | 鍵管理システム、鍵管理方法、および通信装置 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2012013413 | 2012-01-25 | ||
JP2012-013413 | 2012-01-25 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2013111251A1 true WO2013111251A1 (ja) | 2013-08-01 |
Family
ID=48873025
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2012/008397 WO2013111251A1 (ja) | 2012-01-25 | 2012-12-27 | 鍵管理システム、鍵管理方法、および通信装置 |
Country Status (4)
Country | Link |
---|---|
US (1) | US9258283B2 (ja) |
JP (1) | JP5967549B2 (ja) |
CN (1) | CN103404075B (ja) |
WO (1) | WO2013111251A1 (ja) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103826221A (zh) * | 2013-12-31 | 2014-05-28 | 广东岭南通股份有限公司 | 基于蓝牙的加密通信方法、相关系统及方法 |
CN104714508A (zh) * | 2013-12-13 | 2015-06-17 | 国民技术股份有限公司 | 家用电器、控制装置和基于电磁测距的控制系统 |
JP2018506084A (ja) * | 2015-12-22 | 2018-03-01 | 小米科技有限責任公司Xiaomi Inc. | スマート家電製品の複数のサーバにアクセスするための方法、装置、システム、プログラム及び記録媒体 |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR102015108B1 (ko) * | 2013-03-12 | 2019-10-22 | 한국전자통신연구원 | 이종 서비스 간 서비스 제공 방법과 사용자 단말 및 웹 서버 |
CH708199A2 (de) * | 2013-05-29 | 2014-12-15 | Kaba Ag | Verfahren zur Verwaltung von Medien für die drahtlose Kommunikation. |
WO2016079371A1 (en) * | 2014-11-18 | 2016-05-26 | Nokia Technologies Oy | Secure access to remote data |
DE102015000895B3 (de) * | 2015-01-23 | 2016-07-07 | Giesecke & Devrient Gmbh | Verteiltes Bearbeiten von zentral verschlüsselt gespeicherten Daten |
US9992172B2 (en) * | 2015-05-01 | 2018-06-05 | Microsoft Technology Licensing, Llc | Secure key management in a data storage system |
US10728043B2 (en) * | 2015-07-21 | 2020-07-28 | Entrust, Inc. | Method and apparatus for providing secure communication among constrained devices |
CN106549966B (zh) * | 2016-10-31 | 2020-09-04 | 美的智慧家居科技有限公司 | 通信安全等级切换的方法、系统、家电设备和移动终端 |
CN106954211B (zh) * | 2017-03-08 | 2019-08-20 | Oppo广东移动通信有限公司 | 一种密钥写入方法及移动终端 |
US10459990B1 (en) * | 2018-12-27 | 2019-10-29 | Silver Rocket Data Technology (Shanghai) Co., Ltd | Data processing method and device, medium and terminal thereof |
US11509637B2 (en) * | 2018-12-27 | 2022-11-22 | Silver Rocket Data Technology (Shanghai) Co., Ltd. | Data transmission method, system and platform using blockchain, and storage medium |
US11354439B2 (en) * | 2020-06-03 | 2022-06-07 | International Business Machines Corporation | Content control through third-party data aggregation services |
US11438745B2 (en) * | 2020-06-25 | 2022-09-06 | Haier Us Appliance Solutions, Inc. | Household appliance provisioning |
CN117201204B (zh) * | 2023-11-07 | 2024-03-29 | 阿里云计算有限公司 | 云存储系统与数据读写方法、设备及存储介质 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006039616A1 (en) * | 2004-10-01 | 2006-04-13 | Intel Corporation | System and method for user certificate initiation, distribution, and provisioning in converged wlan-wwan interworking networks |
JP2008312200A (ja) * | 2007-05-15 | 2008-12-25 | Ntt Docomo Inc | ワイヤレスホームエリアネットワークを動作させる方法及び装置 |
WO2010073732A1 (ja) * | 2008-12-26 | 2010-07-01 | パナソニック株式会社 | 通信装置 |
WO2012004939A1 (ja) * | 2010-07-07 | 2012-01-12 | パナソニック株式会社 | 通信装置及び通信方法 |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2549324B2 (ja) | 1991-06-14 | 1996-10-30 | 鹿島建設株式会社 | 軌条走行リニア式懸垂搬送装置の制動装置 |
JPH10200522A (ja) | 1997-01-08 | 1998-07-31 | Hitachi Software Eng Co Ltd | Icカード利用暗号化方法およびシステムおよびicカード |
JP4368274B2 (ja) | 1997-03-26 | 2009-11-18 | ソニー株式会社 | 更新方法 |
JP4268690B2 (ja) * | 1997-03-26 | 2009-05-27 | ソニー株式会社 | 認証システムおよび方法、並びに認証方法 |
US7848905B2 (en) * | 2000-12-26 | 2010-12-07 | Troxler Electronic Laboratories, Inc. | Methods, systems, and computer program products for locating and tracking objects |
WO2002093826A1 (fr) * | 2001-05-14 | 2002-11-21 | Matsushita Electric Industrial Co., Ltd. | Appareil de commande d'un dispositif electronique |
JP2004363724A (ja) * | 2003-06-02 | 2004-12-24 | Toshiba Corp | 受信管理装置、放送受信装置、情報配信装置、情報配信方法およびプログラム |
US7412063B2 (en) * | 2004-03-31 | 2008-08-12 | International Business Machines Corporation | Controlling delivery of broadcast encryption content for a network cluster from a content server outside the cluster |
US20060010007A1 (en) * | 2004-07-09 | 2006-01-12 | Denman John F | Process for using smart card technology in patient prescriptions, medical/dental/DME services processing and healthcare management |
JP4451378B2 (ja) * | 2005-11-08 | 2010-04-14 | 株式会社日立製作所 | 機器設定情報通知方法及び機器 |
JP5683485B2 (ja) * | 2009-11-30 | 2015-03-11 | パナソニック インテレクチュアル プロパティ コーポレーション オブアメリカPanasonic Intellectual Property Corporation of America | 通信装置 |
CN102301353A (zh) | 2009-11-30 | 2011-12-28 | 松下电器产业株式会社 | 便携型通信装置、通信方法、集成电路、程序 |
US9214128B2 (en) * | 2011-08-10 | 2015-12-15 | Panasonic Intellectual Property Corporation Of America | Information display device |
-
2012
- 2012-12-27 JP JP2013523806A patent/JP5967549B2/ja not_active Expired - Fee Related
- 2012-12-27 CN CN201280011043.9A patent/CN103404075B/zh not_active Expired - Fee Related
- 2012-12-27 WO PCT/JP2012/008397 patent/WO2013111251A1/ja active Application Filing
- 2012-12-27 US US14/002,126 patent/US9258283B2/en not_active Expired - Fee Related
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2006039616A1 (en) * | 2004-10-01 | 2006-04-13 | Intel Corporation | System and method for user certificate initiation, distribution, and provisioning in converged wlan-wwan interworking networks |
JP2008312200A (ja) * | 2007-05-15 | 2008-12-25 | Ntt Docomo Inc | ワイヤレスホームエリアネットワークを動作させる方法及び装置 |
WO2010073732A1 (ja) * | 2008-12-26 | 2010-07-01 | パナソニック株式会社 | 通信装置 |
WO2012004939A1 (ja) * | 2010-07-07 | 2012-01-12 | パナソニック株式会社 | 通信装置及び通信方法 |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104714508A (zh) * | 2013-12-13 | 2015-06-17 | 国民技术股份有限公司 | 家用电器、控制装置和基于电磁测距的控制系统 |
CN103826221A (zh) * | 2013-12-31 | 2014-05-28 | 广东岭南通股份有限公司 | 基于蓝牙的加密通信方法、相关系统及方法 |
CN103826221B (zh) * | 2013-12-31 | 2017-06-20 | 广东岭南通股份有限公司 | 基于蓝牙的加密通信方法、相关系统及方法 |
JP2018506084A (ja) * | 2015-12-22 | 2018-03-01 | 小米科技有限責任公司Xiaomi Inc. | スマート家電製品の複数のサーバにアクセスするための方法、装置、システム、プログラム及び記録媒体 |
Also Published As
Publication number | Publication date |
---|---|
US20140059352A1 (en) | 2014-02-27 |
CN103404075B (zh) | 2016-10-05 |
CN103404075A (zh) | 2013-11-20 |
US9258283B2 (en) | 2016-02-09 |
JP5967549B2 (ja) | 2016-08-10 |
JPWO2013111251A1 (ja) | 2015-05-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5967549B2 (ja) | 鍵管理システム、鍵管理方法、および通信装置 | |
CN110264182B (zh) | 电子凭证管理系统 | |
US9210133B2 (en) | Method and system of providing authentication of user access to a computer resource via a mobile device using multiple separate security factors | |
JP4755189B2 (ja) | コンテンツ暗号化方法、これを利用したネットワークによるコンテンツ提供システム及びその方法 | |
US20160248738A1 (en) | Method and system for facilitating network joining | |
CN101689240B (zh) | 信息安全装置及信息安全系统 | |
US20140149746A1 (en) | Method and system of providing authentication of user access to a computer resource on a mobile device | |
JP6363032B2 (ja) | 鍵付替え方向制御システムおよび鍵付替え方向制御方法 | |
US20130007467A1 (en) | Binding of cryptographic content using unique device characteristics with server heuristics | |
KR101834504B1 (ko) | 암복호화 장치 및 방법 | |
CN110708291B (zh) | 分布式网络中数据授权访问方法、装置、介质及电子设备 | |
CN1798021B (zh) | 通信支持服务器、通信支持方法、及通信支持系统 | |
JP6192495B2 (ja) | 半導体素子、情報端末および半導体素子の制御方法、情報端末の制御方法 | |
CN112560118A (zh) | 用于提供可重置的标识符的配置装置和配置方法 | |
CN113282945B (zh) | 智能锁权限管理方法、装置、电子设备及存储介质 | |
Schürmann et al. | Openkeychain: an architecture for cryptography with smart cards and nfc rings on android | |
KR20190007336A (ko) | 보안채널 생성 방법 및 그 장치와 이를 이용한 보안정보의 송수신 방법 및 그 장치 | |
CN113169862B (zh) | 信息处理方法、终端设备及网络系统 | |
KR101829423B1 (ko) | 암복호화 장치 및 이를 이용한 암복호화 방법 | |
Hörandner et al. | Cloud data sharing and device-loss recovery with hardware-bound keys | |
KR101834515B1 (ko) | 입력부를 포함하는 암복호화 장치 | |
KR101834514B1 (ko) | 고객측 단말과 서비스 제공 단말 간의 통신에 보안을 제공하는 보안 관리 장치 | |
JP6350997B2 (ja) | 端末装置、端末管理システム、データ保護方法、データ保護プログラム | |
JP6492832B2 (ja) | 暗号化装置、暗号化方法、暗号化プログラム、データ構造、及び、暗号化システム | |
JP2016045619A (ja) | 認証制御システム、制御サーバ、認証制御方法、プログラム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
ENP | Entry into the national phase |
Ref document number: 2013523806 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14002126 Country of ref document: US |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 12866914 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 12866914 Country of ref document: EP Kind code of ref document: A1 |