WO2015156622A2 - Appareil et procédé d'authentification - Google Patents

Appareil et procédé d'authentification Download PDF

Info

Publication number
WO2015156622A2
WO2015156622A2 PCT/KR2015/003577 KR2015003577W WO2015156622A2 WO 2015156622 A2 WO2015156622 A2 WO 2015156622A2 KR 2015003577 W KR2015003577 W KR 2015003577W WO 2015156622 A2 WO2015156622 A2 WO 2015156622A2
Authority
WO
WIPO (PCT)
Prior art keywords
chip
die
secure
authentication
data
Prior art date
Application number
PCT/KR2015/003577
Other languages
English (en)
Korean (ko)
Other versions
WO2015156622A3 (fr
Inventor
김동규
최병덕
지광현
Original Assignee
(주) 아이씨티케이
한양대학교 산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주) 아이씨티케이, 한양대학교 산학협력단 filed Critical (주) 아이씨티케이
Priority to US15/302,932 priority Critical patent/US10958451B2/en
Priority to EP15777341.7A priority patent/EP3131032B1/fr
Priority to EP21188298.0A priority patent/EP3920058A1/fr
Priority to JP2017505026A priority patent/JP2017514421A/ja
Priority to CN201580025731.4A priority patent/CN106575324A/zh
Priority claimed from KR1020150050163A external-priority patent/KR101744388B1/ko
Publication of WO2015156622A2 publication Critical patent/WO2015156622A2/fr
Publication of WO2015156622A3 publication Critical patent/WO2015156622A3/fr
Priority to US17/185,856 priority patent/US11876917B2/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • It relates to an authentication device and method, and more particularly to an apparatus and method for authenticating a device, data stored in the device, and / or data transmitted and received by the device.
  • IoT Internet of Things
  • various objects such as various sensors, home appliances, automobiles, as well as conventional communication devices such as smart phones and tablets are connected to the network
  • security and authentication are recognized as the most important technologies.
  • Such security and authentication is understood to include authentication of things or devices, security of data stored on the device, and / or protection of information transmitted and received by the device.
  • security is also a factor that hinders performance and convenience, many devices that are already in the market lack security or are vulnerable.
  • PUF Physical Unclonable Function
  • PUF Physical One-Way Function practically impossible to be duplicated
  • This non-replicable characteristic of the PUF may be used to generate an identifier of the device for security and / or authentication.
  • PUF may be used to provide a unique key to distinguish devices from one another.
  • Korean Patent Registration No. 10-1139630 (hereinafter '630 patent) has been presented a method for implementing the PUF.
  • the '630 patent proposes a method in which a process variation of a semiconductor is used to probabilistically determine whether an inter-layer contact or a via is formed between conductive layers of the semiconductor. It became.
  • an apparatus and method are provided to enable hardware-based authentication in a device that does not have an authentication function.
  • the authentication of the device, the protection of data stored in the device, and / or the security of data communication transmitted and received by the device are implemented at a high level.
  • an interface element for interfacing with the device; And a secure die-chip packaged with the interface element and providing hardware-based authentication to the interface element in the package.
  • the secure die-chip may include a physically unclonable function (PUF) for providing a private key; And a hardware wired security module that performs encryption and decryption using the private key.
  • PAF physically unclonable function
  • the authentication device further comprises a control chip for controlling the secure die-chip to interface with the device.
  • the control chip comprises a smart card die-chip.
  • the interface element may be SD (Secure Digital).
  • the secure die-chip may encrypt data stored in the SD.
  • the interface element may be a Subscriber Identity Module (SIM).
  • SIM Subscriber Identity Module
  • the secure die-chip may perform authentication on the device with respect to a server that is networked with the device.
  • a storage device comprising: a flash memory; A controller controlling data reading from the flash memory and a data program to the flash memory; And a hardware-based secure die-chip that encrypts the first data written by the controller to the flash memory to produce encrypted second data, the controller storing the second data in the flash memory.
  • the secure die-chip may include a physically unclonable function (PUF) for providing an authentication key; And a hardware wired security module that encrypts the first data using the authentication key.
  • PAF physically unclonable function
  • this authentication key may be a key value used in a symmetric key encryption algorithm.
  • the storage device may further include a smart card die-chip controlling the secure die chip to interface with the controller and a device external to the storage device.
  • the secure die-chip may decrypt the second data back to the first data using the authentication key.
  • the storage device may be any one of an SD card and a micro SD card.
  • the storage device may include the hardware-based secure die-chip in a package conforming to the SD card or the micro SD card standard.
  • the hardware wired security module of the security die-chip packaged in the storage device when the first data to be stored in the storage device is received, the hardware wired security module of the security die-chip packaged in the storage device, the security die- Generating second data by encrypting the first data using a private key provided by a physically unclonable function (PUF) in a chip; And programming, by the controller of the storage device, the second data in the flash memory of the storage device.
  • PAF physically unclonable function
  • a hardware wired security module included in a security die-chip packaged together with the interface element is PUF (Physically Unclonable) in the security die-chip.
  • PUF Physical Unclonable
  • Generating an electronic signature using a private key provided by the function And transmitting the electronic signature to the external device via the interface element and the device such that the electronic signature is verified by an external device coupled with the device.
  • the interface element includes at least one of Secure Digital (SD), Subscriber Identity Module (SIM), RFID, BlueTooth, NFC, and USB.
  • a method of secure communication using an interface element connected to a device comprising: receiving an encrypted session key encrypted with a public key from an external device and received through the interface element;
  • the hardware wired security module included in the secure die chip packaged together with the interface element decrypts the encrypted session key using a private key provided by a physically unclonable function (PUF) in the secure die chip, thereby allowing the session to be decrypted.
  • PAF physically unclonable function
  • the hardware wired security module encrypts a message with the session key to generate an encrypted message; And transmitting the encrypted message via the interface element.
  • the interface element includes at least one of Secure Digital (SD), Subscriber Identity Module (SIM), Bluetooth, Universal Serial Bus (USB), and Near Field Communication (NFC).
  • SD Secure Digital
  • SIM Subscriber Identity Module
  • USB Universal Serial Bus
  • NFC Near Field Communication
  • FIG. 1 is a block diagram of an authentication apparatus according to an embodiment.
  • FIG 2 illustrates an SD card according to an embodiment.
  • FIG. 3 illustrates authentication devices that interface with a device in accordance with embodiments.
  • FIG. 4 is a conceptual diagram illustrating an interface of an authentication apparatus and a device according to embodiments.
  • FIG. 5 is a flowchart illustrating a method of operating a storage device, according to an exemplary embodiment.
  • FIG. 6 is a flowchart illustrating a device authentication method according to an embodiment.
  • FIG. 7 and 8 are flowcharts illustrating a secure communication method according to an embodiment.
  • the authentication device 100 includes an interface element 110 that interfaces with a device.
  • the device may be any device connected to the outside via a wired and / or wireless network, such as a smartphone, tablet, conventional computing terminal, Internet of Things (IoT) terminal, vehicle, and the like.
  • IoT Internet of Things
  • the interface element may correspond to any one of SD, micro-SD, SIM, USIM, nano-SIM, NFC, USB, Blurtooth TM, and the like.
  • the interface element 110 may be defined.
  • various standards such as external dimensions and functions of terminals are defined as standards or industry standards, and frequency bands or protocols for communicating with the outside may be defined.
  • the authentication device 100 may be packaged together as one substrate in the outer housing of the interface element 110 within a range that does not change the standard so defined, and thus permits the general operation of the interface element 110. have. Therefore, the authentication device 100 may be seen as a conventional SD card, SIM chip, NFC module, USB stick, etc. in appearance, and functions such as a general SD card, SIM chip, etc. may be performed as it is.
  • secure die-chip 130 provides hardware-based security authentication to devices and / or interface elements that do not have such reliable security / authentication means.
  • Security / authentication includes authentication of a device, protection of data stored on the device, and / or security of data communications transmitted and received by the device.
  • hardware-based refers to a circuit in which the key value used for secure authentication is held by a physical PUF, and the execution of the encryption / decryption algorithm is not true a software application but rather true hardware logic. It can be understood to be performed by. It can also be referred to as dedicated hardware (HW) or hardware-wired logic because the encryption / decryption algorithm is operated only by hardware logic.
  • HW dedicated hardware
  • the secure die-chip 130 may include a PUF 131 for providing a private key unique to the authentication device 110 and a hardware wire for performing encryption and decryption using the private key.
  • Security module 132 (hardware-based).
  • the PUF 131 may be implemented using a process variation of a semiconductor manufacturing process.
  • the PUF 131 may be implemented by vias or inter-layer contacts disposed between conductive layers, as described in detail in the '630 patent specification. The content has been presented and is incorporated herein by reference.
  • the PUF 131 may be implemented in a portion of a semiconductor for implementing the security die-chip 130, such as the hardware security module 132. Therefore, when observing from the outside, it may be impossible to identify the exact position of the PUF 131. Since vias or inter-layer contacts are numerous in the semiconductor circuit, it is difficult to know which part is used as the PUF 131, which is advantageous in terms of security.
  • a plurality of PUFs 131 may be provided instead of one.
  • the PUF that is actually used may be one of them, and even if it is fully understood the wiring and operation of the security module 130, it is more difficult to determine which private key provided by the PUF is actually used for decryption.
  • a higher level of hardware-based security can be implemented.
  • the authentication device 100 may further include a control chip for controlling the security die-chip 130 to interface with an external device and / or the interface element 110.
  • this chip may be the smart card die-chip 120 shown in FIG. 1.
  • the smart card die-chip 120 is a hardware chip, there is a risk that the software itself, which may be stored in the smart card, is leaked, a risk that an internal program may be contaminated by malicious code in the process of updating the smart card firmware, etc. Because of concerns about physical attacks, such as probing, there is a vulnerability in itself for performing security authentication.
  • the smart card contains information providers (IPs) such as CPU, ROM, and RAM, and these IPs are vulnerable to physical attacks, bus probing, and memory scan attacks that analyze the layout by reverse engineering after depackaging.
  • IPs information providers
  • the smart card die-chip 120 controls the interface between the secure die-chip 130 and the external device, or between the secure die-chip 130 and the interface element 110. Operation of each component of the authentication device 100 and various security applications will be described in more detail later.
  • the SD card 200 may include an SD card controller 230 and a flash memory 240.
  • the standard, appearance, terminal function, controller 230 and flash memory 240 of the SD card 200 may be the same as those according to the normal SD card standard.
  • the secure die-chip 210 and the smart card die-chip 220 are packaged together in the SD card 200 to enable hardware-based security authentication.
  • the secure die-chip 210 may include a PUF that provides a private key and a hardware wired (hardware-based) security module that performs encryption and decryption using the private key.
  • the secure die chip 210 and the smart card die chip 220 are packaged together in the SD card 200, the sensitive data that should be stored in the flash memory 240 can be encrypted and stored safely. (Protected data stored), the device to which the SD card 200 is inserted or the SD card 200 itself can be identified / authenticated (device authentication), and / or the data or SD card stored in the SD card 200 ( It is possible to secure the communication to send the data held by the device 200 is inserted into a trusted agency (secure communication).
  • the stored data protection process will be described in detail with reference to FIG. 5, the device authentication process will be described with reference to FIG. 6, and the secure communication process will be described in detail with reference to FIGS. 7 and 8.
  • the authentication device may be implemented in the form of a USIM card 310 inserted into the device 300.
  • the authentication device detachable to the device through an interface provided in the device, such as a card slot, is commercially available in that it can provide hardware-based security authentication to a device manufactured without such hardware-based security authentication.
  • a card slot is commercially available in that it can provide hardware-based security authentication to a device manufactured without such hardware-based security authentication.
  • the present invention can be applied to smartphones and tablets, and also general-purpose computers and automobiles having USB terminals.
  • the authentication device may be implemented in the secure element (SE) 330 to be embedded.
  • SE secure element
  • FIG. 4 is a conceptual diagram illustrating an interface of an authentication apparatus and a device according to embodiments.
  • Hardware-based authentication devices are implemented in various forms, such as a credit card 401 including a smart card, a USB stick 402, an SD card 403, and a SIM chip 404.
  • security authentication implementations according to embodiments do not preclude or interfere with the functionality of conventional contact or contactless credit cards, USB, SD cards, SIM chips. Packaged in one, it provides hardware security certification for these credit cards, USB, SD cards, and SIM chips, thus enabling data protection, device authentication, and secure communications.
  • Smart card die-chip 410 supports a PUF-based secure die-chip 420.
  • an interface to the outside of the chip can be provided.
  • the interface may be a contact interface such as USB or SDIO that can be mounted in a small chip, a close communication interface such as NFC, or a short range communication interface such as Bluetooth.
  • the smart card die-chip 410 may support various types of applications that allow the connection program or the PUF-based secure die-chip 420 to provide a security function.
  • the PUF-based secure die-chip 420 performs an authentication function such as encryption and decryption, and may provide a security (data security) function, device authentication, and communication security function for a trusted storage space. As described above, the PUF-based secure die-chip 420 may be packaged with a single chip and a PUF for providing a private key and a hardware wired security module.
  • PUF can also be understood as a non-replicable hardware fingerprint. It is almost impossible to figure out the value by physical attack. In addition, it is very difficult to find all of the PUF cells since they are randomly placed in a secure die-chip, mixed with general cells other than the PUF. In addition, since the PUF value is read only during operation, it is very difficult to perform a physical attack such as depacking while maintaining a valid operation. Furthermore, even if the binary values provided by the PUF have been read, arranging them in a valid order is also more difficult to use effectively because of the large number of combinations.
  • PUF the source key (or seed key) used to encrypt other values
  • the PUF itself is safe from physical attacks (secure key management), while enabling a high level of security authentication.
  • the private key of the public key pair used for device authentication is implemented as a PUF, this value is not exposed outside the device, so the secure device authentication and denial regardless of the type, type, and communication method of the mobile device equipped with the security chip. Ensure prevention (secure device certification).
  • HW-based security modules are made purely in HW, and are designed and manufactured by applying side channel attack response techniques. Since it is implemented in hardware, software attacks such as malicious code attacks are not effective, and even if it is possible to modify the hardware circuit itself with equipment such as Focused Ion Beam (FIB), it is possible to ensure the original operation while ensuring effective operation results. It is hard to come out. This ensures the integrity of the security chip.
  • FIB Focused Ion Beam
  • FIG. 5 is a flowchart illustrating a method of operating a storage device, according to an exemplary embodiment.
  • the illustrated embodiment relates to data security.
  • data 501 is received from the device (or from outside) on the smart card die-chip, it is passed to the secure die-chip (502).
  • the secure die-chip encrypts this data using the PUF value
  • step 520 stores the encrypted data in a medium such as a flash memory (step 520). Since the data stored at this stage is already encrypted, it may not be stored in an isolated space such as a nonvolatile memory of a PUF-based chip, but may be stored in an accessible flash memory or stored outside the device.
  • such a storage device may be a means for encrypting and transmitting data.
  • an access request for encrypted data 503 When an access request for encrypted data 503 is received from an authenticated external server or device, it may be forwarded 504 in an encrypted state. If the external server or device has a public key corresponding to the PUF-based private key used in the encryption process of step 510, the encrypted data may be decrypted.
  • the security die chip included in the authentication device 600 performs device authentication with the support of the smart card die chip.
  • the hardware wired security module included in the secure die-chip generates a digital signature using a private key provided by the PUF in the secure die-chip.
  • This electronic signature 601 is then transmitted to the device via a smart card die-chip via various methods such as an external interface, such as Bluetooth, USB, NFC, SD card interface.
  • the above interfaces correspond to relatively short-range communication or contact communication, and thus use a communication function of a device, such as a smartphone, to be connected to a network or the Internet for providing a service.
  • the device transmits the provided electronic signature 602 to a server or another device using a broadband network such as Wi-Fi or 4G (603).
  • This electronic signature may be verified with a public key corresponding to the private key in step 620, and device authentication is possible through this process.
  • the electronic payment may be used to identify a terminal of a user registered in advance.
  • it can be used for simple payment, automatic payment, etc. for activation of electronic commerce.
  • it can be used for electronic signatures that replace authorized certificates when transferring funds in smart banking.
  • This application is useful because it can replace and / or supplement a software-based conventional certificate with a fully hardware-based certificate.
  • the public certificate meant to supplement the knowledge-based certificate represented by ID and password with the ownership-based certificate. Since the public certificate is stored in the form of an electronic file, there was a problem of illegal leakage of the public certificate.
  • a complete hardware-based digital signature is possible according to this embodiment, a very high level of device authentication is possible.
  • financial institutions have the expected effect of preventing the user's denial of transactions that are digitally signed and completed according to the uniqueness and uniqueness of PUF itself.
  • FIG. 7 and 8 are flowcharts illustrating a secure communication method according to an embodiment.
  • the secure die chip included in the authentication device performs secure communication with the support of the smart card die chip.
  • FIG. 7 shows a process of receiving a session key for secure communication
  • FIG. 8 shows a secure transmission of data using this session key.
  • a server or another device to securely communicate with the authentication device 700 encrypts the session key to be used for communication with a public key corresponding to the private key of the authentication device 700.
  • the encrypted session key 701 is transmitted to the device through the wide band, and the device transmits it to the authentication device 700 (702).
  • An interface, such as Bluetooth, SD card slot, NFC, USB, etc., of the smart card die-chip included in the authentication apparatus 700 may be used in this transfer.
  • decryption of this session key is performed at step 720 via the private key provided by the PUF. In this way, the authentication device 700 obtains a session key used for secure communication.
  • a message 801 that the device wishes to send via secure communication is delivered to the smart card die-chip using the interfaces, and then back to the secure die-chip 802. Then, in step 810, the secure die-chip of the authentication device 800 performs encryption of the message 802 using the session key obtained above.
  • the encrypted message 803 is delivered to the smart card die-chip, which in turn is delivered 804 to the device via the interface.
  • the device again transmits the encrypted message 805 to the server or other device via wide band communication, and in step 820 the decryption of the message using the session key is performed.
  • the interface through which the smart card die-chip is connected to the device is not limited, and examples thereof include SD, SIM, Bluetooth, USB, NFC, and the like.
  • the illustrated embodiment provides important advantages. It is the protection of open communication sections. As mentioned above, in IoT and M2M environments, there is a threat that an unauthorized subject listens to a message sent and received between devices, and this embodiment prevents the threat. In addition, IoT devices, especially devices such as small sensors, may be hijacked or lost, so there may be physical attacks, such as side channel attacks, and security die-chips including PUF and hardware security modules Tough Therefore, such hardware security may play an important role in the activation of the IoT.
  • the conventional interface elements 910 each use their own interface (micro-SD card slot 921, USIM slot 922, USB port 923, NFC communication interface 924) to the device 920. You can see it connected.
  • the interface element 910 By interworking with the interface element 910 with a supporting chip such as a smart card die-chip, the device 920 and the interface elements 910, which had no hardware-based security authentication means, have hardware-based security authentication means. do.
  • a conventional micro-SD card 901, USIM chip 902, USB storage medium 903, NFC-enabled card 904 is a hardware-based secure element that is portable and / or removable from the device (SE: Secure Element).
  • SE Secure Element
  • the user is not embedded in the device 920, but is carried by the user, and selectively interfaces the corresponding SE to the device only when security authentication is required, thereby performing data protection, device authentication, and secure communication with the server 930. Can be. If applied further, it can be applied to vehicles or other connection fields.
  • FIG. 10 illustrates packaging a smart card die-chip 1010 and a PUF-based secure die-chip 1020 according to the above embodiments into a single chip in an automotive smart key 1000.
  • the connection with the vehicle 1040 is made through the interface of the smart card die-chip 1010 and / or the interface 1030 of the smart key itself, such as Bluetooth and UHF RFID.
  • device authentication of the smart key 1000 and / or the vehicle 1040 connected with the smart key is possible, and thus a selective service can be provided.
  • An application 1052 for authenticating the device in smart driving is also possible.
  • device authentication for smart tolling or personalized information may be possible.
  • FIG. 11 illustrates an application in which embodiments are used for authentication of a Wi-Fi AP.
  • a mobile terminal such as a smartphone
  • WiFi AP Access Point
  • the hardware-based SE 1120 according to the embodiment is mounted on the WiFi AP 1121 to authenticate the device, an unauthorized security attack can be prevented.
  • the hardware-based SE 1110 according to the above embodiment is connected to the terminal 1111, the above-described services such as device authentication, secure communication, and data protection are possible.
  • this paradigm-based device-to-device connection will be an inexpensive and reliable solution to address the security threats raised by M2M or IoT.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Telephone Function (AREA)

Abstract

L'invention concerne un élément d'interface relié à un dispositif et une puce de matrice de sécurité qui sont fabriqués dans un emballage unique. La puce de matrice de sécurité peut fournir une fonction d'authentification à l'élément d'interface qui ne peut pas avoir de fonction d'authentification. Par exemple, la puce de matrice de sécurité peut comprendre une fonction physique non clonable (PUF) pour fournir une clé personnelle et un module de sécurité câblé pour exécuter des chiffrements et des déchiffrements au moyen de la clé personnelle.
PCT/KR2015/003577 2014-04-09 2015-04-09 Appareil et procédé d'authentification WO2015156622A2 (fr)

Priority Applications (6)

Application Number Priority Date Filing Date Title
US15/302,932 US10958451B2 (en) 2014-04-09 2015-04-09 Authentication apparatus and method
EP15777341.7A EP3131032B1 (fr) 2014-04-09 2015-04-09 Appareil et procédé d'authentification
EP21188298.0A EP3920058A1 (fr) 2014-04-09 2015-04-09 Appareil et procédé d'authentification
JP2017505026A JP2017514421A (ja) 2014-04-09 2015-04-09 認証装置及び方法
CN201580025731.4A CN106575324A (zh) 2014-04-09 2015-04-09 认证设备及方法
US17/185,856 US11876917B2 (en) 2014-04-09 2021-02-25 Authentication apparatus and method

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR10-2014-0042362 2014-04-09
KR20140042362 2014-04-09
KR1020150050163A KR101744388B1 (ko) 2014-04-09 2015-04-09 인증 장치 및 방법
KR10-2015-0050163 2015-04-09

Related Child Applications (2)

Application Number Title Priority Date Filing Date
US15/302,932 A-371-Of-International US10958451B2 (en) 2014-04-09 2015-04-09 Authentication apparatus and method
US17/185,856 Division US11876917B2 (en) 2014-04-09 2021-02-25 Authentication apparatus and method

Publications (2)

Publication Number Publication Date
WO2015156622A2 true WO2015156622A2 (fr) 2015-10-15
WO2015156622A3 WO2015156622A3 (fr) 2017-01-12

Family

ID=54288504

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2015/003577 WO2015156622A2 (fr) 2014-04-09 2015-04-09 Appareil et procédé d'authentification

Country Status (1)

Country Link
WO (1) WO2015156622A2 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2018113680A (ja) * 2016-12-14 2018-07-19 ザ・ボーイング・カンパニーThe Boeing Company オンボード電子機器間の検知可能な差異を用いた航空機データ交換の承認
CN109245904A (zh) * 2018-10-17 2019-01-18 南京航空航天大学 一种基于puf的轻量级车联网系统安全认证方法
CN113613197A (zh) * 2021-07-08 2021-11-05 中汽创智科技有限公司 车辆与数字钥匙的配对方法及装置
US11283632B2 (en) 2017-12-28 2022-03-22 Mitsubishi Heavy Industries, Ltd. Integrated circuit, control device, information distribution method, and information distribution system

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101139630B1 (ko) 2010-12-09 2012-05-30 한양대학교 산학협력단 식별키 생성 장치 및 방법

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9214183B2 (en) * 2007-06-12 2015-12-15 Nxp B.V. Secure storage
KR101107790B1 (ko) * 2010-05-19 2012-01-20 에스케이씨앤씨 주식회사 스마트 카드를 탑재한 마이크로 sd 장치
EP2747335B1 (fr) * 2011-08-16 2017-01-11 ICTK Co., Ltd. Dispositif et procédé pour l'authentification de sécurité entre dispositifs basée sur une puf lors de la communication entre machines
KR101425711B1 (ko) * 2011-10-13 2014-08-04 (주) 아이씨티케이 스마트 모바일 환경에서의 정보 보안 시스템
KR101882289B1 (ko) * 2013-10-28 2018-07-30 주식회사 아이씨티케이 홀딩스 인증 정보 처리 장치 및 방법

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101139630B1 (ko) 2010-12-09 2012-05-30 한양대학교 산학협력단 식별키 생성 장치 및 방법

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2018113680A (ja) * 2016-12-14 2018-07-19 ザ・ボーイング・カンパニーThe Boeing Company オンボード電子機器間の検知可能な差異を用いた航空機データ交換の承認
JP7121482B2 (ja) 2016-12-14 2022-08-18 ザ・ボーイング・カンパニー オンボード電子機器間の検知可能な差異を用いた航空機データ交換の承認
US11283632B2 (en) 2017-12-28 2022-03-22 Mitsubishi Heavy Industries, Ltd. Integrated circuit, control device, information distribution method, and information distribution system
CN109245904A (zh) * 2018-10-17 2019-01-18 南京航空航天大学 一种基于puf的轻量级车联网系统安全认证方法
CN113613197A (zh) * 2021-07-08 2021-11-05 中汽创智科技有限公司 车辆与数字钥匙的配对方法及装置
CN113613197B (zh) * 2021-07-08 2023-09-15 中汽创智科技有限公司 车辆与数字钥匙的配对方法及装置

Also Published As

Publication number Publication date
WO2015156622A3 (fr) 2017-01-12

Similar Documents

Publication Publication Date Title
KR102340616B1 (ko) 인증 장치 및 방법
ES2672340T3 (es) Sistema y método para asegurar las comunicaciones Máquina a Máquina
US11432150B2 (en) Method and apparatus for authenticating network access of terminal
US10652738B2 (en) Authentication module
EP3460503B1 (fr) Télémétrie sans fil sécurisée
CN102725995B (zh) 在节点之间建立安全通信信道的装置、设备及执行方法
CN105450406A (zh) 数据处理的方法和装置
US9445269B2 (en) Terminal identity verification and service authentication method, system and terminal
CN109218263A (zh) 一种控制方法及装置
CN114710351A (zh) 用于在通信过程中改进数据安全性的方法和系统
EP3461100B1 (fr) Authentification d'une caméra en réseau utilisant un certificat comprenant des informations de liaison de dispositif
US11563730B2 (en) Method and electronic device for managing digital keys
WO2015156622A2 (fr) Appareil et procédé d'authentification
Urien Introducing TLS/DTLS secure access modules for IoT frameworks: concepts and experiments
CN115868189A (zh) 建立车辆安全通信的方法、车辆、终端及系统
KR101745482B1 (ko) 스마트홈 시스템에서의 통신 방법 및 그 장치
KR20220155867A (ko) Uwb 보안 레인징을 수행하기 위한 방법 및 장치
KR20040088137A (ko) 전송 암호화키 값 생성방법과 이를 적용한 상호인증보안방법
CN116915418A (zh) 基于集群化部署的udp代理方法、装置以及设备
KR20130027387A (ko) 복수 카테고리 인증 시스템 및 방법
US20170302650A1 (en) Method of sending a data from a secure token to a server
Kou et al. An efficient Authentication Scheme Using Token Distribution for Cloud-based Smart Home
Nafey et al. A study on Rijndael algorithm for providing confidentiality to mobile devices
WO2017151080A1 (fr) Système d'identification personnelle

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15777341

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2017505026

Country of ref document: JP

Kind code of ref document: A

REEP Request for entry into the european phase

Ref document number: 2015777341

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2015777341

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 15302932

Country of ref document: US