WO2017029708A1 - Personal authentication system - Google Patents

Personal authentication system Download PDF

Info

Publication number
WO2017029708A1
WO2017029708A1 PCT/JP2015/073094 JP2015073094W WO2017029708A1 WO 2017029708 A1 WO2017029708 A1 WO 2017029708A1 JP 2015073094 W JP2015073094 W JP 2015073094W WO 2017029708 A1 WO2017029708 A1 WO 2017029708A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
user
service
service code
server
Prior art date
Application number
PCT/JP2015/073094
Other languages
French (fr)
Japanese (ja)
Inventor
大河 克好
Original Assignee
株式会社Pips
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社Pips filed Critical 株式会社Pips
Priority to JP2016502826A priority Critical patent/JPWO2017029708A1/en
Priority to PCT/JP2015/073094 priority patent/WO2017029708A1/en
Publication of WO2017029708A1 publication Critical patent/WO2017029708A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/42User authentication using separate channels for security data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication

Definitions

  • the present invention relates to a personal authentication system.
  • service-specific fixed user authentication data for example, a pair of user ID and password
  • service-specific fixed user authentication data for example, a pair of user ID and password
  • the present invention has been made in view of the above problems, and identifies a user without transmitting / receiving fixed user authentication data required for user authentication for service login via a communication path such as the Internet.
  • An object of the present invention is to obtain a personal authentication system that permits a service login to a regular user.
  • the personal authentication system includes an authentication server that determines whether or not a user can log in to a specific service, a terminal device that is operated by the user and receives data of the specific service, and a user authentication device that is associated with the user by the authentication server With.
  • the terminal device transmits a service login request for the specific service to the authentication server without transmitting fixed user authentication data.
  • the terminal device responds to the specific service.
  • a service code is generated and transmitted to the terminal device that is the source of the service login request.
  • the terminal device Upon receiving the service code, the terminal device outputs the received service code in a predetermined form, and (d) user authentication.
  • the device When the device receives the input of the service code output by the terminal device in a predetermined form, the device transmits the input service code to the authentication server without transmitting the fixed user authentication data, and (e) the authentication server
  • the service code When the service code is received, device authentication of the user authentication device that is the transmission source of the service code is performed, and user authentication is performed. Successful vice device authentication, the user associated with the user authentication device, permits login of the specific service specified by the service code received.
  • the authentication server includes a communication device, an authentication processing unit, and a service code generation unit.
  • the service code generation unit authenticates the service login request for the specific service without receiving the fixed user authentication data from the terminal device operated by the user and receiving the data of the specific service using the communication device of the authentication server.
  • the server When received by the server, it generates a service code corresponding to the specific service, and the authentication processing unit transmits the generated service code to the terminal device that is the transmission source of the service login request using the communication device,
  • the authentication processing unit uses (a) a service code output by the terminal device without receiving fixed user authentication data from the user authentication device associated with the user by the authentication server using the communication device. (B) execute device authentication of the user authentication device that is the transmission source of the received service code, Upon successful device authentication over The authentication device, the user associated with the user authentication device, permits login of the specific service specified by the service code received.
  • the authentication program causes a computer in the authentication server to function as a server-side authentication processing unit and a service code generation unit.
  • the service code generation unit authenticates the service login request for the specific service without receiving the fixed user authentication data from the terminal device operated by the user and receiving the data of the specific service using the communication device of the authentication server.
  • the server-side authentication processing unit uses the communication device of the authentication server to send the generated service code to the terminal that is the source of the service login request
  • the server-side authentication processing unit does not receive fixed user authentication data from the user authentication device associated with the user by the authentication server using the communication device of the authentication server (a). (B) the source of the received service code. Run the device authentication of the user authentication device, if successful the device authentication of the user authentication device, the user associated with the user authentication device, permits login of the specific service specified by the service code received.
  • the authentication program causes a computer in the terminal device to function as a service code output unit and an authentication processing unit.
  • the authentication processing unit (a) transmits a service login request for a specific service to the authentication server without transmitting fixed user authentication data, and (b) is transmitted from the authentication server in response to the service login request.
  • the service code output unit outputs the received service code in a predetermined form that can be input to the user authentication device.
  • the authentication device is associated with the user by the authentication server, and upon receiving the input of the service code output by the terminal device, transmits the input service code to the authentication server without transmitting user authentication data.
  • the authentication program causes a computer in the user authentication device to function as an authentication processing unit.
  • the authentication processing unit accepts, in a predetermined form, an input of a service code received from an authentication server and output in a predetermined form by a terminal apparatus operated by a user and receiving data of a specific service, and (b) a terminal apparatus
  • the input service code is transmitted to the authentication server without transmitting the fixed user authentication data, and the device authentication of the user authentication device that is the transmission source of the service code is performed.
  • the device authentication of the user authentication device is successful, the user associated with the user authentication device is permitted to log in the specific service specified by the received service code.
  • personal authentication that identifies a user and permits service login to a regular user without transmitting / receiving user authentication data required for user authentication for service login via a communication path such as the Internet.
  • a system is obtained.
  • FIG. 1 is a block diagram showing a configuration of a one-time authentication system according to an embodiment of the present invention.
  • FIG. 2 is a block diagram showing the configuration of the terminal device 1 in FIG.
  • FIG. 3 is a block diagram showing a processing unit realized in the terminal device 1 shown in FIG.
  • FIG. 4 is a block diagram showing the configuration of the authentication server 3 in FIG.
  • FIG. 5 is a block diagram showing a processing unit realized in the authentication server 3 shown in FIG.
  • FIG. 6 is a block diagram showing the configuration of the user authentication device 4 in FIG.
  • FIG. 7 is a block diagram showing a processing unit realized in the user authentication device 4 shown in FIG.
  • FIG. 8 is a sequence diagram for explaining processing at the time of service login in the system shown in FIG. FIG.
  • FIG. 9 is a sequence diagram illustrating details of one-time authentication between terminal device 1 and authentication server 3 in the embodiment of the present invention.
  • FIG. 10 is a sequence diagram illustrating details of one-time authentication between the user authentication device 4 and the authentication server 3 in the embodiment of the present invention.
  • FIG. 1 is a block diagram showing a configuration of a one-time authentication system according to an embodiment of the present invention.
  • a terminal device 1 as a client is connected to a network 2 such as the Internet, and an authentication server 3 is connected to the network 2.
  • the user possesses a user authentication device 4 that can be connected to the network 2, and can operate the terminal device 1 and the user authentication device 4.
  • the terminal device 1 is operated by the user and receives data of the specific service from the authentication server 3 or the like.
  • the authentication server 3 is a server device that determines whether a user can log in to a specific service.
  • the user authentication device 4 is a device associated with the user by the authentication server 3.
  • the terminal device 1 is a device incorporating a computer such as a personal computer or a kiosk terminal. In this embodiment, the terminal device 1 can be used by one or more specific or unspecified users.
  • the network 2 includes a wired and / or wireless LAN (Local Area Network) and / or a WAN (Wide Area Network) such as the Internet.
  • the user authentication device 4 is a portable device with a built-in computer that can be connected to the network 2.
  • a smartphone, a tablet terminal, or the like can be used as the user authentication device 4.
  • the user authentication device 4 is carried by each user, and one user is associated with one user authentication device 4 in the authentication server.
  • the authentication server 3 may determine whether or not to log in a specific service specified by the user among a plurality of specific services.
  • the terminal device 1 when the terminal device 1 accepts a predetermined user operation, the terminal device 1 transmits the fixed user authentication data (such as the user ID of the specific service) specific to the specific service via the network 2. Without sending a service login request for the specific service to the authentication server 3.
  • the fixed user authentication data such as the user ID of the specific service
  • the authentication server 3 Upon receiving the service login request, the authentication server 3 executes device authentication of the terminal device 1 that is the transmission source of the service login request. When the device authentication of the terminal device 1 is successful, the authentication server 3 corresponds to the specific service. A service code is generated and transmitted via the network 2 to the terminal device 1 that is the transmission source of the service login request. That is, the authentication server 3 has not specified the user at this point. The generated service code is held in association with the service login request and the terminal device 1.
  • the terminal device 1 When the terminal device 1 receives the service code, the terminal device 1 outputs the received service code in a predetermined form (a form corresponding to the service code input form in the user authentication device 4). For example, when the service code is input by the user in the user authentication device 4, the terminal device 1 displays or prints the received service code as text. For example, when the service code is input by reading a visible code such as a 2D code in the user authentication device 4, the terminal device 1 encodes the received service code into a visible code and displays the visible code. Or print. Further, for example, when the service code is input by wired communication or short-range wireless communication in the user authentication device 4, the terminal device 1 outputs the received service code as data by the wired communication or short-range wireless communication. To do.
  • the user authentication device 4 When the user authentication device 4 receives the input of the service code output from the terminal device 1 in a predetermined form, the user authentication device 4 authenticates the input service code without transmitting fixed user authentication data via the network 2. Send to server 3.
  • the authentication server 3 Upon receiving the service code, the authentication server 3 executes device authentication of the user authentication device 4 that is the transmission source of the service code, and if the device authentication of the user authentication device 4 is successful, the authentication server 3 associates with the user authentication device 4 Log-in of the specified service specified by the received service code (that is, the specified service specified by the service login request corresponding to the service code) is permitted. That is, the authentication server 3 has specified the user at this time.
  • one-time authentication is repeatedly executed as mutual device authentication between the authentication server 3 and the terminal device 1, and mutual authentication is performed between the authentication server 3 and the user authentication device 4.
  • One-time authentication is repeatedly executed as device authentication. Note that mutual device authentication may be realized by another authentication process.
  • each of the terminal device 1 and the authentication server 3 generates its own seed, encrypts the generated seed, transmits and receives each other, generates the generated seed, and receives and decrypts the communication partner seed.
  • a communication partner that has generated its own one-time authenticator (such as a one-time ID), sends and receives the generated one-time authenticator to each other, and based on the generated seed and the seed of the received and decrypted communication partner.
  • the one-time authenticator is authenticated, and each time the authentication is successful, the next authentication seed is generated and the own seed is updated. Authentication for this one-time authenticator is called one-time authentication.
  • the terminal device 1 transmits the seed generated by itself and the one-time authenticator generated by itself to the authentication server 3 through the network 2 together with the service login request.
  • the authentication server 3 encrypts the service code described above, and transmits the self-generated seed and the self-generated one-time authenticator together with the encrypted service code via the network 2 at the source of the service login request. It transmits to a certain terminal device 1.
  • the terminal device 1 receives the encrypted service code
  • the terminal device 1 decrypts the received encrypted service code.
  • the authentication server 3 succeeds in authenticating the received one-time identifier of the terminal device 1, the authentication server 3 considers that the device authentication of the terminal device 1 is successful.
  • the authentication server 3 and the user authentication device 4 perform the same one-time authentication independently of the one-time authentication of the authentication server 3 and the terminal device 1 and perform mutual device authentication.
  • each of the user authentication device 4 and the authentication server 3 generates its own seed, encrypts the generated self seed, transmits and receives each other, generates the generated self seed, and receives and decrypts the communication partner. Generate a one-time authenticator from the seed, send and receive the generated one-time authenticator to each other, and authenticate the received one-time authenticator based on the generated self seed and the received and decrypted communication partner seed Each time the authentication is successful, the next authentication seed is generated and the own seed is updated.
  • the user authentication device 4 encrypts the service code described above, and transmits the seed generated by itself and the one-time authenticator generated by itself to the authentication server 3 together with the encrypted service code.
  • the authentication server 3 receives the encrypted service code
  • the authentication server 3 decrypts the received encrypted service code. Then, if the authentication server 3 succeeds in authenticating the received one-time identifier of the user authentication device 4, the authentication server 3 regards that the device authentication of the user authentication device 4 is successful.
  • the terminal device 1 in the one-time authentication between the terminal device 1 and the authentication server 3, the terminal device 1 encrypts the generated seed with the common encryption key, transmits the encrypted seed, and the authentication server 3 decrypts the received encrypted seed with the common encryption key. Further, the authentication server 3 encrypts the service code with the common encryption key.
  • the terminal device 1 and the authentication server 3 respectively generate at least the generated seed and the received and decrypted seed of the communication partner (here, The current common encryption key, the generated self seed, and the received and decrypted communication partner seed). That is, the terminal device 1 and the authentication server 3 each update their own common encryption key, and key distribution of the updated common encryption key is not performed.
  • the user authentication device 4 in the one-time authentication between the user authentication device 4 and the authentication server 3, the user authentication device 4 encrypts the generated seed with a common encryption key, and encrypts the seed.
  • the authentication server 3 decrypts the received encrypted seed with the common encryption key.
  • the common encryption key in the one-time authentication between the user authentication device 4 and the authentication server 3 is generated and updated separately from the common encryption key in the one-time authentication between the terminal device 1 and the authentication server 3. To go.
  • the authentication server 3 decrypts the received encrypted service code with the common encryption key.
  • each time the user authentication device 4 and the authentication server 3 succeed in authenticating the one-time authenticator at least the generated self seed and the received and decrypted communication partner seed (current Common encryption key, generated self seed, and received and decrypted communication partner seed). That is, the terminal device 1 and the authentication server 3 each update their own common encryption key, and key distribution of the updated common encryption key is not performed.
  • FIG. 2 is a block diagram showing a configuration of the terminal device 1 in FIG.
  • the terminal device 1 includes a computer having a CPU (Central Processing Unit) 11, a ROM (Read Only Memory) 12, a RAM (Random Access Memory) 13, and the like.
  • CPU Central Processing Unit
  • ROM Read Only Memory
  • RAM Random Access Memory
  • the CPU 11 is a processor that executes a program and executes processing described in the program.
  • the ROM 12 is a nonvolatile memory that stores programs and data in advance.
  • the RAM 13 is a volatile memory that temporarily stores the program and data when the program is executed.
  • the interface 14 is an interface circuit to which the storage device 15 can be connected.
  • the storage device 15 is connected to the interface 14 and has a recording medium that stores an operating system (not shown), an authentication program 31, an application program 32, and the like. Device.
  • a nonvolatile storage device such as a hard disk drive or SSD (Solid State Disk) is used.
  • the interface 16 is an interface circuit to which the communication device 17 can be connected.
  • the communication device 17 is a device that can be connected to the network 2 such as a network interface or a modem.
  • the interface 18 is a peripheral device interface such as IEEE1394 or USB (Universal Serial Bus).
  • the interface 20 is an interface circuit to which the input device 21 can be connected.
  • the input device 21 is a device that receives a user operation such as a keyboard and a mouse and outputs a signal corresponding to the user operation.
  • the image processing circuit 22 is a circuit that outputs an image signal corresponding to the data when the image data is written.
  • a display device 23 that displays an image based on the image signal can be connected to the image processing circuit 22.
  • the CPU 11, ROM 12, RAM 13, interfaces 14, 16, 18, 20 and image processing circuit 22 are connected to each other via a bus or a controller chip so that data communication can be performed.
  • FIG. 3 is a block diagram showing a processing unit realized in the terminal device 1 shown in FIG. As shown in FIG. 3, in the terminal device 1, a communication processing unit 41, an authentication processing unit 42, and a service code output unit 43 are realized.
  • the communication processing unit 41 uses the communication device 17 to perform data communication with the authentication server 3 and the like via the network 2 using a predetermined communication protocol.
  • the authentication processing unit 42 is realized by the CPU 11 executing the authentication program 31, and uses the communication device 17 and the communication processing unit 41 to (a) transmit the above-described service login request, and (b) the authentication server 3. Is a processing unit that executes client-side processing and the like in mutual device authentication based on one-time authentication with the client.
  • the service code output unit 43 is a processing unit that is realized by the authentication program 31 being executed by the CPU 11 and outputs the above-described service code.
  • the application 44 is realized by the CPU 11 executing the application program 32. After the service login is permitted by the authentication server 3, the application 44 transmits a transmission request for data of a specific service, receives the data, and receives the data. A processing unit that performs data processing and the like.
  • FIG. 4 is a block diagram showing a configuration of the authentication server 3 in FIG.
  • a CPU 51 is a processor that executes a program and executes processing described in the program.
  • the ROM 52 is a nonvolatile memory that stores programs and data in advance.
  • the RAM 53 is a memory that temporarily stores the program and data when the program is executed.
  • the interface 54 is an interface circuit to which the storage device 55 can be connected.
  • the storage device 55 is connected to the interface 54 and stores an operating system (not shown), an authentication program 61, data used for authentication, and the like.
  • a device having a medium As the storage device 55, a nonvolatile storage device such as a hard disk drive or an SSD is used.
  • the storage device 55 stores a seed table 71a, an authenticator table 72a, and a terminal attribute table 73a as data used for one-time authentication between the terminal device 1 and the authentication server 3, and user authentication is performed.
  • a seed table 71b, an authenticator table 72b, and a device attribute table 73b are stored.
  • the seed table 71a has a next authentication seed and a next authentication common encryption key updated at the last authentication in the one-time authentication between the terminal device 1 and the authentication server 3.
  • the seed table 71b has a next authentication seed and a next authentication common encryption key updated at the last authentication in the one-time authentication between the user authentication device 4 and the authentication server 3.
  • the authenticator table 72 a has a client-side one-time authenticator for next authentication updated at the last authentication in the one-time authentication between the terminal device 1 and the authentication server 3.
  • the authenticator table 72b includes a client-side one-time authenticator for next authentication updated at the last authentication in the one-time authentication between the user authentication device 4 and the authentication server 3.
  • the terminal attribute table 73a is a table having a device ID of each terminal device 1 and attribute information (such as owner information) associated with the device ID.
  • the device ID of each terminal device 1 in the terminal attribute table 73a is associated with the one-time identifier of the terminal device 1 in the identifier table 72a.
  • the one-time identifier of each terminal device 1 may be used instead of the device ID of each terminal device 1.
  • the device attribute table 73b is a table having a device ID of each user authentication device 4 and attribute information (user ID, owner information, etc.) associated with the device ID.
  • the device ID of each user authentication device 4 in the device attribute table 73b is associated with the one-time identifier of the user authentication device 4 in the identifier table 72b.
  • the one-time identifier of each user authentication device 4 may be used instead of the device ID of each user authentication device 4.
  • the user attribute table 74 includes the user ID of each user and attribute information associated with the device ID (name, user ID used in the specific service, billing information when the specific service is a paid service, etc.). It is a table. Each user ID in the user attribute table 74 is associated with the same user ID in the device attribute table 73b.
  • the interface 56 is an interface circuit to which the communication device 57 can be connected.
  • the communication device 57 is a device connectable to the network 3 such as a network interface card or a modem.
  • the CPU 51, the ROM 52, the RAM 53, and the interfaces 54 and 56 are connected to each other by a bus or a controller chip so that data communication can be performed.
  • FIG. 5 is a block diagram showing a processing unit realized in the authentication server 3 shown in FIG.
  • a communication processing unit 81 a server-side authentication processing unit 82, a service code management unit 83, and a service providing unit 84 are realized.
  • the communication processing unit 81 uses the communication device 57 to perform data communication with the terminal device 1 and the user authentication device 4 via the network 2 using a predetermined communication protocol.
  • the server-side authentication processing unit 82 is realized by the CPU 51 executing the authentication program 61. Using the communication processing unit 81, server-side processing in mutual device authentication by one-time authentication with each terminal device 1, And server-side processing in mutual device authentication based on one-time authentication with each user authentication device 4.
  • the server side authentication processing unit 82 permits the service login when the service code is appropriately transmitted from the user authentication device 4 in response to the service login request, and otherwise, the service login. To refuse.
  • the service code management unit 83 generates a service code, sets a service code expiration date, associates a service login request (that is, the terminal device 1 that transmitted the service login request) with the generated service code, and the like. It is.
  • the service code management unit 83 validates the service code before the expiration date of the service code, invalidates the service code after the expiration date of the service code, and the server-side authentication processing unit 82 If the code is invalid, the service login is rejected even if the received service code is appropriate.
  • the service providing unit 84 uses the communication device 57 and the communication processing unit 81 after the service login is permitted by the server-side authentication processing unit 82, and the terminal device 1 that is permitted to log in by the server-side authentication processing unit 82.
  • the service data is transmitted to the terminal device 1 as a response to the service data request received from.
  • FIG. 6 is a block diagram showing the configuration of the user authentication device 4 in FIG.
  • the user authentication device 4 includes a computer having a CPU 111, a ROM 112, a RAM 113, and the like.
  • the CPU 111 is a processor that executes a program and executes processing described in the program.
  • the ROM 112 is a non-volatile memory that stores programs and data in advance.
  • the RAM 113 is a volatile memory that temporarily stores the program and data when the program is executed.
  • the interface 114 is an interface circuit to which the storage device 115 can be connected.
  • the storage device 115 is connected to the interface 114 and has a recording medium that stores an operating system (not shown), an authentication program 131, and the like.
  • a nonvolatile storage device such as a flash memory is used.
  • the interface 116 is an interface circuit to which the communication device 117 can be connected.
  • the communication device 117 is a device that can be connected to the network 2 such as a network interface, or a baseband unit of a mobile phone that can be connected to the network 2 via a mobile phone network.
  • the interface 118 is a peripheral device interface such as a USB.
  • the interface 120 is an interface circuit to which the input device 121 can be connected.
  • the input device 121 is a device that receives a user operation such as a hard key or a touch panel and outputs a signal corresponding to the user operation.
  • the image processing circuit 122 is a circuit that outputs an image signal corresponding to the data to the display device 123 when the image data is written.
  • the display device 123 is a liquid crystal display or the like, and displays an image based on the image signal.
  • the CPU 111, the ROM 112, the RAM 113, the interfaces 114, 116, 118, 120, and the image processing circuit 122 are connected to each other by a bus or a controller chip so that data communication is possible.
  • FIG. 7 is a block diagram showing a processing unit realized in the user authentication device 4 shown in FIG. As shown in FIG. 7, in this user authentication device 4, a communication processing unit 141 and an authentication processing unit 142 are realized.
  • the communication processing unit 141 uses the communication device 117 to perform data communication with the authentication server 3 and the like via the network 2 using a predetermined communication protocol.
  • the authentication processing unit 142 is realized by executing the authentication program 131 by the CPU 111, and using the communication device 117 and the communication processing unit 141, (a) receiving the service code input and transmitting the service code, (B) A processing unit that executes processing on the client side in mutual device authentication based on one-time authentication with the authentication server 3.
  • FIG. 8 is a sequence diagram for explaining processing at the time of service login in the system shown in FIG.
  • the user operates the terminal device 1 to select a specific service, and transmits a service login request for the selected specific service to the authentication server 3.
  • the authentication processing unit 42 encrypts the next seed R1 (n) of the terminal apparatus 1 with the encryption key K1 (n-1), and performs communication.
  • a service login request, a one-time authenticator C1 (n-1) of the terminal device 1 for device authentication, and an encrypted seed K1 (n-1) of the terminal device 1 ) * R1 (n) are collectively transmitted as one message (step S1).
  • the server-side authentication processing unit 82 uses the communication device 57 and the communication processing unit 81 to make a service login request, a one-time authenticator C1 (n ⁇ 1), and an encrypted seed K1 (n ⁇ 1)
  • * R1 (n) is received
  • the encrypted seed K1 (n-1) * R1 (n) is decrypted
  • the received seed R1 (n) of the terminal device 1 decrypted and the authentication held
  • the seed Q1 (n-1) of the server 3 it is determined whether or not the one-time authenticator C1 (n-1) is valid.
  • the one-time authenticator C1 (n-1) is calculated from the seed R1 (n) and the seed Q1 (n-1), and the calculated one-time authenticator C1 (n-1) and the received one-time authenticator It is determined whether or not the child C1 (n-1) matches.
  • server-side authentication processing unit 82 determines that the one-time authenticator C1 (n-1) is valid, it determines that the device authentication of the terminal device 1 as the transmission source has succeeded (step S2).
  • the service code management unit 83 When it is determined that the device authentication of the terminal device 1 as the transmission source has been successful, the service code management unit 83 generates a service code (step S3). For example, a random number is used as the service code.
  • the server-side authentication processing unit 82 encrypts the next seed Q1 (n) and service code of the authentication server 3 with the encryption key K1 (n ⁇ 1), and the communication device 57 and Using the communication processing unit 81, the encrypted service code, the one-time authenticator S 1 (n ⁇ 1) of the authentication server 3 for device authentication, and the seed K 1 (n ⁇ ) of the encrypted authentication server 3 1) * Q1 (n) are collectively transmitted as one message to the terminal device 1 (step S4).
  • the authentication processing unit 42 uses the communication device 17 and the communication processing unit 41 to encrypt the encrypted service code, the one-time authenticator S1 (n ⁇ 1), and the encrypted seed K1.
  • the encrypted service code and the encrypted seed K1 (n-1) * Q1 (n) are decrypted and held in the seed of the terminal device 1 Based on R1 (n ⁇ 1) and the received and decrypted authentication server 3 seed Q1 (n), it is determined whether or not the one-time authenticator S1 (n ⁇ 1) is valid.
  • the one-time authenticator S1 (n-1) is calculated from the seed R1 (n-1) and the seed Q1 (n), and the calculated one-time authenticator S1 (n-1) and the received one-time authenticator It is determined whether or not the child S1 (n-1) matches.
  • the authentication processing unit 42 determines that the one-time authenticator S1 (n-1) is valid, it determines that the device authentication of the authentication server 3 as the transmission source has succeeded (step S5).
  • the service code output unit 43 outputs the service code in a predetermined form (step S6).
  • the output service code is input to the user authentication device 4.
  • the service code output unit 43 uses the image processing circuit 22 to display the service code as text on the display device 23. Then, the user operates the input device 121 to input the service code as the displayed text into the user authentication device 4.
  • the authentication processing unit 142 is activated in accordance with a user operation (step S7).
  • a user ID and a password may be requested to activate the authentication processing unit 142.
  • the authentication processing unit 142 is activated, but when a user ID and password other than the regular user ID and password are input.
  • the authentication processing unit 142 is not activated. Note that the user ID and password input to the user authentication device 4 are not transmitted to the outside. Further, biometric authentication using biometric information such as a fingerprint may be performed instead of authentication using a user ID and password.
  • the authentication processing unit 142 acquires the input service code (step S8), the service code and the next seed R2 (n) of the user authentication device 4 are encrypted with the encryption key K2 (n ⁇ 1), Using the communication device 117 and the communication processing unit 141, a user authentication request, an encrypted service code, a one-time authenticator C2 (n-1) of the user authentication device 4 for device authentication, and an encrypted The seeds K2 (n ⁇ 1) * R2 (n) of the user authentication device 4 are collectively transmitted to the authentication server 3 as one message (step S9).
  • the server-side authentication processing unit 82 uses the communication device 57 and the communication processing unit 81 to use the user authentication request, the encrypted service code, the one-time authenticator C 2 (n ⁇ 1), and the encryption
  • the encrypted seed K2 (n-1) * R2 (n) is received
  • the encrypted service code and the encrypted seed K2 (n-1) * R2 (n) are decrypted, received and decrypted Whether or not the one-time authenticator C2 (n-1) is valid based on the seed R2 (n) of the user authentication device 4 and the seed Q2 (n-1) of the held authentication server 3 judge.
  • the one-time authenticator C2 (n-1) is calculated from the seed R2 (n) and the seed Q2 (n-1), and the calculated one-time authenticator C2 (n-1) and the received one-time authenticator It is determined whether or not the child C2 (n-1) matches.
  • the server-side authentication processing unit 82 determines that the one-time authenticator C2 (n ⁇ 1) is valid, it determines that the device authentication of the user authentication device 4 that is the transmission source has succeeded (step S10). A user authentication response is transmitted to the user authentication device 4 (step S11). At this time, the server-side authentication processing unit 82 determines that the user authentication of the user associated with the user authentication device 4 that has succeeded in device authentication has succeeded.
  • the server-side authentication processing unit 82 determines that the user authentication of the user has been successful, the server-side authentication processing unit 82 identifies the user as the user who transmitted the service login request, and permits login to the specific service specified by the service login request. Then, using the communication device 57 and the communication processing unit 81, a service login permission notification is transmitted to the terminal device 1 in which the service code is generated (step S12). Thereby, the user who enjoys the specific service is specified on the specific service side. Therefore, it is possible to transmit data for the user with a specific service or charge the user for a service usage fee.
  • the service login permission notification may not be transmitted to the terminal device 1. In this case, the terminal device 1 may transmit a service data request after a predetermined time has elapsed from the output of the service code (step S6).
  • the authentication processing unit 42 when the authentication processing unit 42 receives the service login permission notification using the communication device 17 and the communication processing unit 41, the authentication processing unit 42 notifies the application 44 that login is permitted.
  • the application 44 of the terminal device 1 uses the communication device 17 and the communication processing unit 41 to transmit a service data request for a specific service to the service providing unit 84 (in this case, the authentication server 3) (step S13). .
  • the service providing unit 84 when the service providing unit 84 receives the service data request using the communication device 57 and the communication processing unit 81, the service providing unit 84 transmits the data specified by the service data request to the application 44 of the terminal device 1 ( Step S14).
  • the user of the terminal device 1 can enjoy the specific service using the terminal device 1 after receiving the user authentication using the user authentication device 4.
  • FIG. 9 is a sequence diagram illustrating details of one-time authentication between the terminal device 1 and the authentication server 3 in the embodiment of the present invention.
  • the seed R 1 (n ⁇ 1) of the terminal device 1, the seed Q 1 (n ⁇ 1) of the authentication server 3, and the common encryption key K 1 (n ⁇ 1) are stored in the storage devices 15 and 55. Etc., each of which is held in a nonvolatile storage device.
  • the initial seed value R1 (0) of the terminal device 1, the initial seed value Q1 (0) of the authentication server 3, and the initial value K1 (0) of the common encryption key are set as appropriate.
  • a one-time identifier C1 (n-1) on the client side is calculated and held in advance.
  • the seed R1 (n-1) is a client-side seed for the one-time authentication of this time (n-1).
  • the seed Q1 (n-1) is a server-side seed for the current one-time authentication (n-1).
  • the common encryption key K1 (n-1) is used when the client side seed R1 (n) for next authentication is transmitted to the authentication server 3 during the one-time authentication of this time (n-1). This is a common encryption key for encryption.
  • the authentication processing unit 42 generates a random number R, and sets the random number R in the client side seed R1 (n) for the next authentication (step S21).
  • the authentication processing unit 42 generates a client-side one-time authenticator C1 (n-1) for the current one-time authentication (step S22).
  • the one-time authenticator C1 (n-1) is calculated with a one-way function.
  • This one-way function is a function that takes two arguments and has different function values depending on the order of the arguments.
  • the one-way function is a hash function hc.
  • the one-time authenticator C1 (n-1) is calculated according to the following equation, for example.
  • R1 (n-1) is used as the first argument of the hash function hc
  • Q1 (n-1) is used as the second argument.
  • the authentication processing unit 42 encrypts R1 (n) with the common encryption key K1 (n-1) according to a predetermined encryption method. Note that R1 (n) after encryption with the common encryption key K1 (n-1) is expressed as K1 (n-1) * R1 (n).
  • the authentication processing unit 42 transmits the one-time authenticators C1 (n-1) and K1 (n-1) * R1 (n) to the authentication server 3 (steps S23 and S1).
  • the communication processing unit 41 transmits the one-time authenticators C1 (n ⁇ 1) and K1 (n ⁇ 1) * R1 (n) as one message.
  • the server-side authentication processing unit 82 uses the communication processing unit 81 to receive the message, and from the message, the one-time authenticators C1 (n-1) and K1 (n-1) * R1 (N) is extracted, and the received one-time authenticator C1 (n ⁇ 1) holds the client-side one-time authenticator (that is, held seeds R1 (n ⁇ 1), Q1 (n ⁇ 1) to (the value obtained by the above equation (1)) is determined (steps S24 and S2).
  • the server-side authentication processing unit 82 determines that the authentication has failed and ends the process.
  • the server-side authentication processing unit 82 determines that the authentication is successful, A random number Q is generated, and the random number Q is set in the server side seed Q1 (n) for the next authentication (step S25).
  • the server-side authentication processing unit 82 decrypts K1 (n-1) * R1 (n) into R1 (n) using the common encryption key K1 (n-1) held in the seed table 71a. Then, the server-side authentication processing unit 82 generates a server-side one-time authenticator S1 (n-1) for the current (n-1) one-time authentication (step S26).
  • the one-time authenticator S1 (n-1) is calculated with a one-way function.
  • This one-way function is a function that takes two arguments and has different function values depending on the order of the arguments.
  • the one-way function is a hash function hs.
  • the one-time authenticator S1 (n-1) is calculated according to the following formula.
  • R1 (n) is used as the first argument of the hash function hs
  • Q1 (n-1) is used as the second argument.
  • the hash function hs may be the same function as the hash function hc or a different function.
  • the server side authentication processing unit 82 encrypts Q1 (n) with the common encryption key K1 (n-1) according to a predetermined encryption method. Note that Q1 (n) after encryption with the common encryption key K1 (n-1) is expressed as K1 (n-1) * Q1 (n).
  • the server side authentication processing unit 82 uses the communication processing unit 81 to transmit the one-time authenticators S1 (n-1) and K1 (n-1) * Q1 (n) to the terminal device 1 (Step S1). S27, S4). At this time, the communication processing unit 81 transmits the one-time authenticators S1 (n-1) and K1 (n-1) * Q1 (n) as one message.
  • the authentication processing unit 42 uses the communication processing unit 41 to receive the message and extract the one-time authenticators S1 (n-1) and K1 (n-1) * Q1 (n) To do.
  • the authentication processing unit 42 calculates the value of the valid one-time authenticator S1 (n-1) based on R1 (n) and Q1 (n-1) according to the above equation (2) and receives it. It is determined whether or not the one-time authenticator S1 (n-1) matches the calculated value (step S28).
  • the authentication processing unit 43 determines that the authentication has failed and ends the process.
  • the authentication processing unit 42 determines that the authentication is successful, and first holds K1 (n-1) * Q1 (n).
  • K1 (n-1) is decrypted to Q1 (n), and this value is set as the server-side seed for the next authentication.
  • the authentication processing unit 42 calculates a common encryption key K1 (n) for next authentication according to the following equation, and updates the common encryption key (step S29).
  • K1 (n) hk (K1 (n-1), R1 (n), Q1 (n)) (3)
  • hk is a one-way function and a hash function.
  • the authentication processing unit 42 uses the stored seeds R1 (n ⁇ 1), Q1 (n ⁇ 1) and the common encryption key K1 (n ⁇ 1) as R1. Update with (n) and Q1 (n) and K1 (n).
  • the server-side authentication processing unit 82 calculates the next authentication common encryption key K1 (n) according to the above-described equation (3). Then, the common encryption key is updated (step S30).
  • the server-side authentication processing unit 82 calculates a client-side one-time authenticator C1 (n) to be used at the next one-time authentication from R1 (n) and Q1 (n) according to the above equation (1). . And the server side authentication process part 82 updates the data about the terminal device 1 in the seed table 71a with R1 (n), Q1 (n), and K1 (n), and the authenticator table with C1 (n). The one-time authenticator for the terminal device 1 in 72a is updated. Thus, these values are held until the next session (that is, the next one-time authentication).
  • FIG. 10 is a sequence diagram illustrating details of the one-time authentication between the user authentication device 4 and the authentication server 3 in the embodiment of the present invention. Note that the processing shown in FIG. 9 and the processing shown in FIG. 10 are performed independently.
  • the seed R2 (n-1) of the user authentication device 4, the seed Q2 (n-1) of the authentication server 3, and the common encryption key K2 (n-1) are stored in the storage device 115. , 55 and so on, respectively.
  • the initial value R2 (0) of the seed of the user authentication device 4, the initial value Q2 (0) of the seed of the authentication server 3, and the initial value K2 (0) of the common encryption key are set as appropriate.
  • a one-time identifier C2 (n-1) on the client side is calculated and held in advance.
  • the seed R2 (n-1) is a client-side seed for the one-time authentication of this time (n-1).
  • the seed Q2 (n-1) is a server-side seed for the one-time authentication of this time (n-1).
  • the common encryption key K2 (n-1) is used when the client side seed R2 (n) for next authentication is transmitted to the authentication server 3 during the one-time authentication of this time (n-1). This is a common encryption key for encryption.
  • the authentication processing unit 142 generates a random number R and sets the random number R in the client side seed R2 (n) for next authentication (step S41).
  • the authentication processing unit 142 generates a client-side one-time authenticator C2 (n-1) for the current one-time authentication (step S42).
  • the one-time authenticator C2 (n-1) is calculated with a one-way function.
  • This one-way function is a function that takes two arguments and has different function values depending on the order of the arguments.
  • the one-way function is a hash function hc.
  • the one-time authenticator C2 (n-1) is calculated according to the following equation, for example.
  • R2 (n-1) is used as the first argument of the hash function hc
  • Q2 (n-1) is used as the second argument.
  • the hash function hc for generating the one-time authenticator C2 (n-1) may be the same as or different from the hash function hc for generating the one-time authenticator C1 (n-1). .
  • the authentication processing unit 42 encrypts R2 (n) with the common encryption key K2 (n-1) according to a predetermined encryption method. Note that R2 (n) after encryption with the common encryption key K2 (n-1) is expressed as K2 (n-1) * R1 (n).
  • the authentication processing unit 42 transmits the one-time authenticators C2 (n ⁇ 1) and K2 (n ⁇ 1) * R2 (n) to the authentication server 3 (Steps S43 and S9).
  • the communication processing unit 41 transmits the one-time authenticators C2 (n ⁇ 1) and K2 (n ⁇ 1) * R2 (n) as one message.
  • the server-side authentication processing unit 82 uses the communication processing unit 81 to receive the message, and from the message, the one-time authenticators C2 (n-1) and K2 (n-1) * R2 (N) is extracted, and the received one-time authenticator C2 (n-1) holds the client-side one-time authenticator (that is, held seeds R2 (n-1), Q2 (n- 1) to (the value obtained by the above equation (4)) is determined (step S44).
  • the server-side authentication processing unit 82 determines that the authentication has failed and ends the process.
  • the server-side authentication processing unit 82 determines that the authentication is successful, A random number Q is generated, and the random number Q is set in the server side seed Q2 (n) for the next authentication (step S45).
  • the server-side authentication processing unit 82 decrypts K2 (n ⁇ 1) * R2 (n) into R2 (n) using the common encryption key K2 (n ⁇ 1) held in the seed table 71b. Then, the server-side authentication processing unit 82 generates the server-side one-time authenticator S2 (n-1) for the current (n-1) one-time authentication (step S46).
  • the one-time authenticator S2 (n-1) is calculated with a one-way function.
  • This one-way function is a function that takes two arguments and has different function values depending on the order of the arguments.
  • the one-way function is a hash function hs.
  • the one-time authenticator S2 (n-1) is calculated according to the following formula.
  • R2 (n) is used for the first argument of the hash function hs
  • Q2 (n-1) is used for the second argument.
  • the hash function hs may be the same function as the hash function hc or a different function.
  • the hash function hs for generating the one-time authenticator S2 (n-1) may be the same as or different from the hash function hs for generating the one-time authenticator S1 (n-1). .
  • the server side authentication processing unit 82 encrypts Q2 (n) with the common encryption key K2 (n-1) according to a predetermined encryption method.
  • Q2 (n) after encryption with the common encryption key K2 (n-1) is expressed as K2 (n-1) * Q2 (n).
  • Server-side authentication processing unit 82 uses communication processing unit 81 to transmit one-time authenticators S2 (n ⁇ 1) and K2 (n ⁇ 1) * Q2 (n) to terminal device 1 (step S1). S47, S11). At this time, the communication processing unit 81 transmits the one-time authenticators S2 (n-1) and K2 (n-1) * Q2 (n) as one message.
  • the authentication processing unit 142 uses the communication processing unit 141 to receive the message, and sends one-time authenticators S2 (n ⁇ 1) and K2 (n ⁇ 1) * Q2 (n). Extract.
  • the authentication processing unit 142 calculates the value of the valid one-time authenticator S2 (n ⁇ 1) according to the above equation (5) based on R2 (n) and Q2 (n ⁇ 1) and receives it. It is determined whether or not the one-time authenticator S2 (n-1) matches the calculated value (step S48).
  • the authentication processing unit 143 determines that the authentication has failed and ends the process.
  • the authentication processing unit 142 determines that the authentication is successful, and first holds K2 (n ⁇ 1) * Q2 (n).
  • K2 (n-1) is decrypted to Q2 (n), and this value is set as the server-side seed for the next authentication.
  • the authentication processing unit 142 calculates the next authentication common encryption key K2 (n) according to the following equation, and updates the common encryption key (step S49).
  • K2 (n) hk (K2 (n ⁇ 1), R2 (n), Q2 (n)) (6)
  • hk is a one-way function and a hash function.
  • the hash function hk for generating K2 (n) may be the same as or different from the hash function hk for generating K1 (n).
  • the authentication processing unit 142 uses the stored seeds R2 (n ⁇ 1), Q2 (n ⁇ 1) and the common encryption key K2 (n ⁇ 1) as R2 Update with (n) and Q2 (n) and K2 (n).
  • the server-side authentication processing unit 82 calculates the next authentication common encryption key K2 (n) according to the above-described equation (6). Then, the common encryption key is updated (step S50).
  • the server-side authentication processing unit 82 calculates a client-side one-time authenticator C2 (n) to be used at the next one-time authentication from R2 (n) and Q2 (n) according to the above equation (4). . Then, the server-side authentication processing unit 82 updates data on the user authentication device 4 in the seed table 71b with R2 (n), Q2 (n), and K2 (n), and with C2 (n) The one-time authenticator for the user authentication device 4 in the table 72b is updated. Thus, these values are held until the next session (that is, the next one-time authentication).
  • the terminal device 1 transmits a service login request for a specific service to the authentication server 3 without transmitting fixed user authentication data, and (b) authentication.
  • the server 3 executes device authentication of the terminal device 1 that is the transmission source of the service login request, and generates a service code corresponding to the specific service when the device authentication of the terminal device 1 is successful.
  • C When the terminal device 1 receives the service code, the terminal device 1 outputs the received service code in a predetermined form.
  • the user authentication device 4 When the input of the service code output by the terminal device 1 is received in a predetermined form, the input service is not transmitted without transmitting the fixed user authentication data.
  • the authentication server 3 Upon receiving the service code, the authentication server 3 executes device authentication of the user authentication device 4 that is the source of the service code and succeeds in device authentication of the user authentication device 4 In such a case, the user associated with the user authentication device 4 is permitted to log in the specific service specified by the received service code.
  • the terminal device 1 on the client side is a terminal device that can be used by a plurality of users (for example, a terminal device in which a multiuser operating system is operating), even if the terminal device 1 is successfully authenticated, the terminal device 1 Although it is difficult to specify the user who is operating at the present time, according to the system of the above embodiment, the user of the terminal device 1 is specified.
  • the one-time authentication of the phase 2 described in Japanese Patent Application Laid-Open No. 2012-34292 that is, the above-mentioned One-time authentication, which is a different series from the one-time authentication described above, derived from the one-time authentication may be repeatedly performed.
  • the service providing unit 84 may be provided in a server different from the authentication server 3, and service data may be provided from the server to the terminal device 1 after service login permission.
  • the authentication programs 31, 61, 131 may be recorded on a portable computer-readable recording medium (such as a CD-ROM). In that case, the authentication programs 31, 61, 131 may be read from the recording medium and installed in the terminal device 1, the authentication server 3, or the user authentication device 4 described above. In the above embodiment, the authentication programs 31, 61, 131 may be downloaded from a server and installed in the terminal device 1, the authentication server 3, or the user authentication device 4 described above.
  • a portable computer-readable recording medium such as a CD-ROM
  • the authentication programs 31, 61, 131 may be read from the recording medium and installed in the terminal device 1, the authentication server 3, or the user authentication device 4 described above.
  • the authentication programs 31, 61, 131 may be downloaded from a server and installed in the terminal device 1, the authentication server 3, or the user authentication device 4 described above.
  • one user is associated with one user authentication device 4 in the authentication server 3, but a plurality of users are associated with one user authentication device 4. May be.
  • the user ID indicating the current user of the user authentication device 4 may be encrypted together with the service code and transmitted to the authentication server 3, and the user ID of the user authentication device 4 may be identified by decoding the user ID.
  • a plurality of one-time authenticators are set independently for a plurality of users of the user authentication device 4, and the current time of the user authentication device 4 is determined by one-time authentication using the one-time authenticator selected by the user authentication device 4. A user may be specified.
  • device authentication is mutually performed between the terminal device 1 and the authentication server 3 by one-time authentication.
  • the device is mutually or by SSL (Secure Sockets Layer) or the terminal device. 1 and the authentication of only one of the authentication servers 3 may be performed.
  • SSL Secure Sockets Layer
  • the present invention is applicable to user authentication in network services, for example.

Abstract

In this personal authentication system, when an authentication server 3 has received a login request for a particular service from a terminal device 1, the authentication server 3 generates a service code associated with the particular service, and transmits the service code to the terminal device 1. Upon receiving this service code, the terminal device 1 outputs the service code in a predetermined format. A user authentication device 4 receives the service code output from the terminal device 1 and transmits the received service code to the authentication server 3. Then if the authentication server 3 succeeds in authenticating the user authentication device 4, which has transmitted the service code to the authentication server 3, then the authentication server 3 permits the user associated with the user authentication device 4 to log in for the particular service.

Description

個人認証システムPersonal authentication system
 本発明は、個人認証システムに関するものである。 The present invention relates to a personal authentication system.
 クライアントおよびサーバのそれぞれにおいて乱数などのシードを認証に成功するたびに更新し、次回認証時に、それらのシードからワンタイムIDを生成し、クライアントとサーバとの間で相互に認証を行うシステムがある(例えば、特許文献1参照)。 There is a system in which a seed such as a random number is updated each time the client and the server are successfully authenticated, a one-time ID is generated from the seed at the next authentication, and the client and the server authenticate each other. (For example, refer to Patent Document 1).
特開2004-282295号公報JP 2004-282295 A
 上述のシステムでは、クライアントおよびサーバの機器特定および機器認証(つまり、通信相手の機器が正規の機器であることの認証)は可能である。 In the above-described system, it is possible to identify the client and server devices and authenticate the devices (that is, authenticate that the communication partner device is a legitimate device).
 しかしながら、クライアント側からサーバ側により提供される特定のサービスに対してログインする際に、その特定のサービスにおいてユーザ特定のためにサービス固有の固定的なユーザ認証データ(例えばユーザIDとパスワードの対)をクライアント側からサーバ側へ送信する場合、マンインザミドル攻撃、マンインザブラウザ攻撃、マルウェアによる画面キャプチャ攻撃、キーロガー攻撃などによって、ユーザ認証データが悪意の第三者に不正に取得される可能性がある。 However, when logging in to a specific service provided from the client side to the server side, service-specific fixed user authentication data (for example, a pair of user ID and password) for user identification in the specific service May be illegally acquired by a malicious third party by man-in-the-middle attacks, man-in-the-browser attacks, screen capture attacks by malware, keylogger attacks, etc. is there.
 本発明は、上記の問題に鑑みてなされたものであり、サービスログインのためのユーザ認証に要求される固定的なユーザ認証データをインターネットなどの通信経路を介して送受信することなく、ユーザを特定し正規ユーザに対してサービスログインを許可する個人認証システムを得ることを目的とする。 The present invention has been made in view of the above problems, and identifies a user without transmitting / receiving fixed user authentication data required for user authentication for service login via a communication path such as the Internet. An object of the present invention is to obtain a personal authentication system that permits a service login to a regular user.
 本発明に係る個人認証システムは、ユーザについて特定サービスのログイン可否を判定する認証サーバと、ユーザにより操作され特定サービスのデータを受信する端末装置と、認証サーバによってユーザに関連付けられているユーザ認証デバイスとを備える。(a)端末装置は、固定的なユーザ認証データを送信せずに特定サービスに対するサービスログイン要求を認証サーバへ送信し、(b)認証サーバは、サービスログイン要求を受信すると、特定サービスに対応するサービスコードを生成し、サービスログイン要求の送信元である端末装置へ送信し、(c)端末装置は、サービスコードを受信すると、受信したサービスコードを所定の形態で出力し、(d)ユーザ認証デバイスは、端末装置により出力されたサービスコードの入力を所定の形態で受け付けると、固定的なユーザ認証データを送信せずに、入力されたサービスコードを認証サーバへ送信し、(e)認証サーバは、サービスコードを受信すると、サービスコードの送信元であるユーザ認証デバイスの機器認証を実行し、ユーザ認証デバイスの機器認証に成功した場合、ユーザ認証デバイスに関連付けられているユーザについて、受信したサービスコードにより指定される特定サービスのログインを許可する。 The personal authentication system according to the present invention includes an authentication server that determines whether or not a user can log in to a specific service, a terminal device that is operated by the user and receives data of the specific service, and a user authentication device that is associated with the user by the authentication server With. (A) The terminal device transmits a service login request for the specific service to the authentication server without transmitting fixed user authentication data. (B) When the authentication server receives the service login request, the terminal device responds to the specific service. A service code is generated and transmitted to the terminal device that is the source of the service login request. (C) Upon receiving the service code, the terminal device outputs the received service code in a predetermined form, and (d) user authentication. When the device receives the input of the service code output by the terminal device in a predetermined form, the device transmits the input service code to the authentication server without transmitting the fixed user authentication data, and (e) the authentication server When the service code is received, device authentication of the user authentication device that is the transmission source of the service code is performed, and user authentication is performed. Successful vice device authentication, the user associated with the user authentication device, permits login of the specific service specified by the service code received.
 本発明に係る認証サーバは、通信装置と、認証処理部と、サービスコード生成部とを備える。サービスコード生成部は、認証サーバの通信装置を使用して、ユーザにより操作され特定サービスのデータを受信する端末装置から、固定的なユーザ認証データを受信せずに特定サービスに対するサービスログイン要求が認証サーバによって受信されると、特定サービスに対応するサービスコードを生成し、認証処理部は、通信装置を使用して、生成したサービスコードを、サービスログイン要求の送信元である端末装置へ送信し、認証処理部は、(a)通信装置を使用して、当該認証サーバによってユーザに関連付けられているユーザ認証デバイスから、固定的なユーザ認証データを受信せずに、端末装置により出力されたサービスコードを受信し、(b)受信したサービスコードの送信元であるユーザ認証デバイスの機器認証を実行し、ユーザ認証デバイスの機器認証に成功した場合、ユーザ認証デバイスに関連付けられているユーザについて、受信したサービスコードにより指定される特定サービスのログインを許可する。 The authentication server according to the present invention includes a communication device, an authentication processing unit, and a service code generation unit. The service code generation unit authenticates the service login request for the specific service without receiving the fixed user authentication data from the terminal device operated by the user and receiving the data of the specific service using the communication device of the authentication server. When received by the server, it generates a service code corresponding to the specific service, and the authentication processing unit transmits the generated service code to the terminal device that is the transmission source of the service login request using the communication device, The authentication processing unit uses (a) a service code output by the terminal device without receiving fixed user authentication data from the user authentication device associated with the user by the authentication server using the communication device. (B) execute device authentication of the user authentication device that is the transmission source of the received service code, Upon successful device authentication over The authentication device, the user associated with the user authentication device, permits login of the specific service specified by the service code received.
 本発明に係る認証プログラムは、認証サーバ内のコンピュータをサーバ側認証処理部と、サービスコード生成部として機能させる。サービスコード生成部は、認証サーバの通信装置を使用して、ユーザにより操作され特定サービスのデータを受信する端末装置から、固定的なユーザ認証データを受信せずに特定サービスに対するサービスログイン要求が認証サーバによって受信されると、特定サービスに対応するサービスコードを生成し、サーバ側認証処理部は、認証サーバの通信装置を使用して、生成したサービスコードを、サービスログイン要求の送信元である端末装置へ送信し、サーバ側認証処理部は、(a)認証サーバの通信装置を使用して、当該認証サーバによってユーザに関連付けられているユーザ認証デバイスから、固定的なユーザ認証データを受信せずに、端末装置により出力されたサービスコードを受信し、(b)受信したサービスコードの送信元であるユーザ認証デバイスの機器認証を実行し、ユーザ認証デバイスの機器認証に成功した場合、ユーザ認証デバイスに関連付けられているユーザについて、受信したサービスコードにより指定される特定サービスのログインを許可する。 The authentication program according to the present invention causes a computer in the authentication server to function as a server-side authentication processing unit and a service code generation unit. The service code generation unit authenticates the service login request for the specific service without receiving the fixed user authentication data from the terminal device operated by the user and receiving the data of the specific service using the communication device of the authentication server. When received by the server, it generates a service code corresponding to the specific service, and the server-side authentication processing unit uses the communication device of the authentication server to send the generated service code to the terminal that is the source of the service login request The server-side authentication processing unit does not receive fixed user authentication data from the user authentication device associated with the user by the authentication server using the communication device of the authentication server (a). (B) the source of the received service code. Run the device authentication of the user authentication device, if successful the device authentication of the user authentication device, the user associated with the user authentication device, permits login of the specific service specified by the service code received.
 本発明に係る認証プログラムは、端末装置内のコンピュータをサービスコード出力部と、認証処理部として機能させる。認証処理部は、(a)固定的なユーザ認証データを送信せずに特定サービスに対するサービスログイン要求を認証サーバへ送信し、(b)認証サーバから、そのサービスログイン要求に対応して送信されてくる特定サービスに対応するサービスコードを受信し、サービスコード出力部は、サービスコードが受信されると、受信されたサービスコードを、ユーザ認証デバイスに対して入力可能な所定の形態で出力し、ユーザ認証デバイスは、認証サーバによってユーザに関連付けられており、端末装置により出力されたサービスコードの入力を受け付けると、ユーザ認証データを送信せずに、入力されたサービスコードを認証サーバへ送信する。 The authentication program according to the present invention causes a computer in the terminal device to function as a service code output unit and an authentication processing unit. The authentication processing unit (a) transmits a service login request for a specific service to the authentication server without transmitting fixed user authentication data, and (b) is transmitted from the authentication server in response to the service login request. When the service code is received, the service code output unit outputs the received service code in a predetermined form that can be input to the user authentication device. The authentication device is associated with the user by the authentication server, and upon receiving the input of the service code output by the terminal device, transmits the input service code to the authentication server without transmitting user authentication data.
 本発明に係る認証プログラムは、ユーザ認証デバイス内のコンピュータを、認証処理部として機能させる。認証処理部は、(a)ユーザにより操作され特定サービスのデータを受信する端末装置により認証サーバから受信され所定の形態で出力されたサービスコードの入力を所定の形態で受け付け、(b)端末装置により出力されたサービスコードの入力を受け付けると、固定的なユーザ認証データを送信せずに、入力されたサービスコードを認証サーバへ送信し、サービスコードの送信元であるユーザ認証デバイスの機器認証を実行させ、ユーザ認証デバイスの機器認証に成功した場合、ユーザ認証デバイスに関連付けられているユーザについて、受信したサービスコードにより指定される特定サービスのログインを許可させる。 The authentication program according to the present invention causes a computer in the user authentication device to function as an authentication processing unit. The authentication processing unit accepts, in a predetermined form, an input of a service code received from an authentication server and output in a predetermined form by a terminal apparatus operated by a user and receiving data of a specific service, and (b) a terminal apparatus When the input of the service code output by is received, the input service code is transmitted to the authentication server without transmitting the fixed user authentication data, and the device authentication of the user authentication device that is the transmission source of the service code is performed. When the device authentication of the user authentication device is successful, the user associated with the user authentication device is permitted to log in the specific service specified by the received service code.
 本発明によれば、サービスログインのためのユーザ認証に要求されるユーザ認証データをインターネットなどの通信経路を介して送受信することなく、ユーザを特定し正規ユーザに対してサービスログインを許可する個人認証システムが得られる。 According to the present invention, personal authentication that identifies a user and permits service login to a regular user without transmitting / receiving user authentication data required for user authentication for service login via a communication path such as the Internet. A system is obtained.
 本発明の上記又は他の目的、特徴および優位性は、添付の図面とともに以下の詳細な説明から更に明らかになる。 The above and other objects, features and advantages of the present invention will become more apparent from the following detailed description when taken in conjunction with the accompanying drawings.
図1は、本発明の実施の形態に係るワンタイム認証システムの構成を示すブロック図である。FIG. 1 is a block diagram showing a configuration of a one-time authentication system according to an embodiment of the present invention. 図2は、図1における端末装置1の構成を示すブロック図である。FIG. 2 is a block diagram showing the configuration of the terminal device 1 in FIG. 図3は、図2に示す端末装置1において実現される処理部を示すブロック図である。FIG. 3 is a block diagram showing a processing unit realized in the terminal device 1 shown in FIG. 図4は、図1における認証サーバ3の構成を示すブロック図である。FIG. 4 is a block diagram showing the configuration of the authentication server 3 in FIG. 図5は、図4に示す認証サーバ3において実現される処理部を示すブロック図である。FIG. 5 is a block diagram showing a processing unit realized in the authentication server 3 shown in FIG. 図6は、図1におけるユーザ認証デバイス4の構成を示すブロック図である。FIG. 6 is a block diagram showing the configuration of the user authentication device 4 in FIG. 図7は、図6に示すユーザ認証デバイス4において実現される処理部を示すブロック図である。FIG. 7 is a block diagram showing a processing unit realized in the user authentication device 4 shown in FIG. 図8は、図1に示すシステムにおけるサービスログイン時の処理を説明するシーケンス図である。FIG. 8 is a sequence diagram for explaining processing at the time of service login in the system shown in FIG. 図9は、本発明の実施の形態における端末装置1と認証サーバ3との間のワンタイム認証の詳細について説明するシーケンス図である。FIG. 9 is a sequence diagram illustrating details of one-time authentication between terminal device 1 and authentication server 3 in the embodiment of the present invention. 図10は、本発明の実施の形態におけるユーザ認証デバイス4と認証サーバ3との間のワンタイム認証の詳細について説明するシーケンス図である。FIG. 10 is a sequence diagram illustrating details of one-time authentication between the user authentication device 4 and the authentication server 3 in the embodiment of the present invention.
 以下、図に基づいて本発明の実施の形態を説明する。 Hereinafter, embodiments of the present invention will be described with reference to the drawings.
 図1は、本発明の実施の形態に係るワンタイム認証システムの構成を示すブロック図である。 FIG. 1 is a block diagram showing a configuration of a one-time authentication system according to an embodiment of the present invention.
 図1に示すシステムでは、クライアントとしての端末装置1は、インターネットなどのネットワーク2に接続されており、そのネットワーク2には認証サーバ3が接続されている。ユーザは、ネットワーク2に接続可能なユーザ認証デバイス4を所持しており、端末装置1およびユーザ認証デバイス4を操作できる。 In the system shown in FIG. 1, a terminal device 1 as a client is connected to a network 2 such as the Internet, and an authentication server 3 is connected to the network 2. The user possesses a user authentication device 4 that can be connected to the network 2, and can operate the terminal device 1 and the user authentication device 4.
 端末装置1は、ユーザにより操作されその特定サービスのデータを認証サーバ3などから受信する。認証サーバ3は、ユーザについて特定サービスのログイン可否を判定するサーバ装置である。ユーザ認証デバイス4は、認証サーバ3によってユーザに関連付けられているデバイスである。 The terminal device 1 is operated by the user and receives data of the specific service from the authentication server 3 or the like. The authentication server 3 is a server device that determines whether a user can log in to a specific service. The user authentication device 4 is a device associated with the user by the authentication server 3.
 端末装置1は、パーソナルコンピュータ、キオスク端末などのコンピュータを内蔵した装置である。この実施の形態では、端末装置1は、1または複数の特定または不特定のユーザにより使用可能である。ネットワーク2は、有線および/または無線のLAN(Local Area Network)、および/またはインターネットなどのWAN(Wide Area Network)を含んでいる。 The terminal device 1 is a device incorporating a computer such as a personal computer or a kiosk terminal. In this embodiment, the terminal device 1 can be used by one or more specific or unspecified users. The network 2 includes a wired and / or wireless LAN (Local Area Network) and / or a WAN (Wide Area Network) such as the Internet.
 ユーザ認証デバイス4は、ネットワーク2に接続可能な、コンピュータを内蔵した携帯型デバイスである。例えば、スマートフォン、タブレット端末などをユーザ認証デバイス4として使用可能である。 The user authentication device 4 is a portable device with a built-in computer that can be connected to the network 2. For example, a smartphone, a tablet terminal, or the like can be used as the user authentication device 4.
 ユーザ認証デバイス4は、各ユーザに携帯され、認証サーバにおいて、1つのユーザ認証デバイス4に対して1ユーザが関連付けられている。 The user authentication device 4 is carried by each user, and one user is associated with one user authentication device 4 in the authentication server.
 なお、互いに同様の機能を有する複数の端末装置1がネットワーク2に接続されていてもよい。また、認証サーバ3は、複数の特定サービスのうちの、ユーザにより指定された特定サービスのログイン可否を判定するようにしてもよい。 Note that a plurality of terminal devices 1 having the same functions may be connected to the network 2. Further, the authentication server 3 may determine whether or not to log in a specific service specified by the user among a plurality of specific services.
 そして、図1に示すシステムにおいて、端末装置1は、所定のユーザ操作を受け付けると、ネットワーク2を介して、特定サービスに固有で固定的なユーザ認証データ(特定サービスのユーザIDなど)を送信せずに特定サービスに対するサービスログイン要求を認証サーバ3へ送信する。 In the system shown in FIG. 1, when the terminal device 1 accepts a predetermined user operation, the terminal device 1 transmits the fixed user authentication data (such as the user ID of the specific service) specific to the specific service via the network 2. Without sending a service login request for the specific service to the authentication server 3.
 認証サーバ3は、そのサービスログイン要求を受信すると、そのサービスログイン要求の送信元である端末装置1の機器認証を実行し、その端末装置1の機器認証に成功した場合、その特定サービスに対応するサービスコードを生成し、ネットワーク2を介して、そのサービスログイン要求の送信元である端末装置1へ送信する。つまり、認証サーバ3は、この時点では、ユーザを特定していない。なお、生成したサービスコードは、サービスログイン要求および端末装置1に関連付けて保持される。 Upon receiving the service login request, the authentication server 3 executes device authentication of the terminal device 1 that is the transmission source of the service login request. When the device authentication of the terminal device 1 is successful, the authentication server 3 corresponds to the specific service. A service code is generated and transmitted via the network 2 to the terminal device 1 that is the transmission source of the service login request. That is, the authentication server 3 has not specified the user at this point. The generated service code is held in association with the service login request and the terminal device 1.
 端末装置1は、そのサービスコードを受信すると、受信したサービスコードを所定の形態(ユーザ認証デバイス4におけるサービスコードの入力形態に応じた形態)で出力する。例えば、ユーザ認証デバイス4においてサービスコードがユーザによりテキスト入力される場合には、端末装置1は、受信したサービスコードをテキストとして表示したり、印刷したりする。また、例えば、ユーザ認証デバイス4においてサービスコードが2Dコードなどの可視コードの読み取りで入力される場合には、端末装置1は、受信したサービスコードを可視コードに符号化し、その可視コードを表示したり、印刷したりする。また、例えば、ユーザ認証デバイス4においてサービスコードが有線通信または近距離無線通信で入力される場合には、端末装置1は、その有線通信または近距離無線通信で、受信したサービスコードをデータとして出力する。 When the terminal device 1 receives the service code, the terminal device 1 outputs the received service code in a predetermined form (a form corresponding to the service code input form in the user authentication device 4). For example, when the service code is input by the user in the user authentication device 4, the terminal device 1 displays or prints the received service code as text. For example, when the service code is input by reading a visible code such as a 2D code in the user authentication device 4, the terminal device 1 encodes the received service code into a visible code and displays the visible code. Or print. Further, for example, when the service code is input by wired communication or short-range wireless communication in the user authentication device 4, the terminal device 1 outputs the received service code as data by the wired communication or short-range wireless communication. To do.
 ユーザ認証デバイス4は、端末装置1により出力されたサービスコードの入力を所定の形態で受け付けると、ネットワーク2を介して、固定的なユーザ認証データを送信せずに、入力されたサービスコードを認証サーバ3へ送信する。 When the user authentication device 4 receives the input of the service code output from the terminal device 1 in a predetermined form, the user authentication device 4 authenticates the input service code without transmitting fixed user authentication data via the network 2. Send to server 3.
 認証サーバ3は、そのサービスコードを受信すると、そのサービスコードの送信元であるユーザ認証デバイス4の機器認証を実行し、ユーザ認証デバイス4の機器認証に成功した場合、そのユーザ認証デバイス4に関連付けられているユーザについて、受信したサービスコードにより指定される特定サービス(つまり、サービスコードに対応するサービスログイン要求により指定された特定サービス)のログインを許可する。つまり、認証サーバ3は、この時点では、ユーザを特定している。 Upon receiving the service code, the authentication server 3 executes device authentication of the user authentication device 4 that is the transmission source of the service code, and if the device authentication of the user authentication device 4 is successful, the authentication server 3 associates with the user authentication device 4 Log-in of the specified service specified by the received service code (that is, the specified service specified by the service login request corresponding to the service code) is permitted. That is, the authentication server 3 has specified the user at this time.
 この実施の形態では、認証サーバ3と端末装置1との間で、相互的な機器認証としてワンタイム認証が繰り返し実行され、また、認証サーバ3とユーザ認証デバイス4との間で、相互的な機器認証としてワンタイム認証が繰り返し実行される。なお、相互的な機器認証は、別の認証処理によって実現してもよい。 In this embodiment, one-time authentication is repeatedly executed as mutual device authentication between the authentication server 3 and the terminal device 1, and mutual authentication is performed between the authentication server 3 and the user authentication device 4. One-time authentication is repeatedly executed as device authentication. Note that mutual device authentication may be realized by another authentication process.
 具体的には、端末装置1および認証サーバ3は、それぞれ、自己のシードを生成し、生成したシードを暗号化して相互に送受信し、生成した自己のシードおよび受信し復号した通信相手のシードから自己のワンタイム認証子(ワンタイムIDなど)を生成し、生成したワンタイム認証子を相互に送受信し、生成した自己のシードおよび受信し復号した通信相手のシードに基づいて、受信した通信相手のワンタイム認証子についての認証を行い、その認証に成功するたびに次回認証用シードを生成して自己のシードを更新していく。このワンタイム認証子についての認証のことを、ワンタイム認証という。 Specifically, each of the terminal device 1 and the authentication server 3 generates its own seed, encrypts the generated seed, transmits and receives each other, generates the generated seed, and receives and decrypts the communication partner seed. A communication partner that has generated its own one-time authenticator (such as a one-time ID), sends and receives the generated one-time authenticator to each other, and based on the generated seed and the seed of the received and decrypted communication partner. The one-time authenticator is authenticated, and each time the authentication is successful, the next authentication seed is generated and the own seed is updated. Authentication for this one-time authenticator is called one-time authentication.
 端末装置1は、自己の生成したシードおよび自己の生成したワンタイム認証子をサービスログイン要求とともにネットワーク2を介して認証サーバ3へ送信する。認証サーバ3は、上述のサービスコードを暗号化し、自己の生成したシードおよび自己の生成したワンタイム認証子を、暗号化されたサービスコードとともに、ネットワーク2を介して、サービスログイン要求の送信元である端末装置1へ送信する。なお、端末装置1は、暗号化されたサービスコードを受信すると、受信した暗号化されたサービスコードを復号する。そして、認証サーバ3は、受信した端末装置1のワンタイム識別子についての認証に成功した場合、端末装置1の機器認証に成功したとみなす。 The terminal device 1 transmits the seed generated by itself and the one-time authenticator generated by itself to the authentication server 3 through the network 2 together with the service login request. The authentication server 3 encrypts the service code described above, and transmits the self-generated seed and the self-generated one-time authenticator together with the encrypted service code via the network 2 at the source of the service login request. It transmits to a certain terminal device 1. When the terminal device 1 receives the encrypted service code, the terminal device 1 decrypts the received encrypted service code. When the authentication server 3 succeeds in authenticating the received one-time identifier of the terminal device 1, the authentication server 3 considers that the device authentication of the terminal device 1 is successful.
 また、認証サーバ3およびユーザ認証デバイス4は、認証サーバ3および端末装置1のワンタイム認証とは独立して、同様のワンタイム認証を行い、互いの機器認証を行う。 Further, the authentication server 3 and the user authentication device 4 perform the same one-time authentication independently of the one-time authentication of the authentication server 3 and the terminal device 1 and perform mutual device authentication.
 具体的には、ユーザ認証デバイス4および認証サーバ3は、それぞれ、自己のシードを生成し、生成した自己のシードを暗号化して相互に送受信し、生成した自己シードおよび受信し復号した通信相手のシードからワンタイム認証子を生成し、生成したワンタイム認証子を相互に送受信し、生成した自己のシードおよび受信し復号した通信相手のシードに基づいて、受信したワンタイム認証子についての認証を行い、その認証に成功するたびに次回認証用シードを生成して自己のシードを更新していく。 Specifically, each of the user authentication device 4 and the authentication server 3 generates its own seed, encrypts the generated self seed, transmits and receives each other, generates the generated self seed, and receives and decrypts the communication partner. Generate a one-time authenticator from the seed, send and receive the generated one-time authenticator to each other, and authenticate the received one-time authenticator based on the generated self seed and the received and decrypted communication partner seed Each time the authentication is successful, the next authentication seed is generated and the own seed is updated.
 ユーザ認証デバイス4は、上述のサービスコードを暗号化し、自己の生成したシードおよび自己の生成したワンタイム認証子を、暗号化されたサービスコードとともに認証サーバ3へ送信する。なお、認証サーバ3は、暗号化されたサービスコードを受信すると、受信した暗号化されたサービスコードを復号する。そして、認証サーバ3は、受信したユーザ認証デバイス4のワンタイム識別子についての認証に成功した場合、ユーザ認証デバイス4の機器認証に成功したとみなす。 The user authentication device 4 encrypts the service code described above, and transmits the seed generated by itself and the one-time authenticator generated by itself to the authentication server 3 together with the encrypted service code. When the authentication server 3 receives the encrypted service code, the authentication server 3 decrypts the received encrypted service code. Then, if the authentication server 3 succeeds in authenticating the received one-time identifier of the user authentication device 4, the authentication server 3 regards that the device authentication of the user authentication device 4 is successful.
 この実施の形態では、端末装置1と認証サーバ3との間でのワンタイム認証において、端末装置1は、生成したシードを共通暗号鍵で暗号化し、暗号化されたシードを送信し、認証サーバ3は、受信した暗号化されたシードを共通暗号鍵で復号する。また、認証サーバ3は、その共通暗号鍵でサービスコードを暗号化している。 In this embodiment, in the one-time authentication between the terminal device 1 and the authentication server 3, the terminal device 1 encrypts the generated seed with the common encryption key, transmits the encrypted seed, and the authentication server 3 decrypts the received encrypted seed with the common encryption key. Further, the authentication server 3 encrypts the service code with the common encryption key.
 さらに、この実施の形態では、端末装置1および認証サーバ3は、それぞれ、ワンタイム認証子についての認証が成功するたびに、少なくとも生成した自己のシードおよび受信し復号した通信相手のシード(ここでは、現時点の共通暗号鍵、生成した自己のシード、および受信し復号した通信相手のシード)に基づいてその共通暗号鍵を更新する。つまり、端末装置1および認証サーバ3は、自己の保持している共通暗号鍵をそれぞれ更新し、更新後の共通暗号鍵の鍵配送は行われない。 Furthermore, in this embodiment, each time the authentication for the one-time authenticator succeeds, the terminal device 1 and the authentication server 3 respectively generate at least the generated seed and the received and decrypted seed of the communication partner (here, The current common encryption key, the generated self seed, and the received and decrypted communication partner seed). That is, the terminal device 1 and the authentication server 3 each update their own common encryption key, and key distribution of the updated common encryption key is not performed.
 また、この実施の形態では、ユーザ認証デバイス4と認証サーバ3との間でのワンタイム認証において、ユーザ認証デバイス4は、生成した自己のシードを共通暗号鍵で暗号化し、暗号化されたシードを送信し、認証サーバ3は、受信した暗号化されたシードを共通暗号鍵で復号する。なお、ユーザ認証デバイス4と認証サーバ3との間でのワンタイム認証における共通暗号鍵は、端末装置1と認証サーバ3との間でのワンタイム認証における共通暗号鍵とは別に生成され更新されていく。また、認証サーバ3は、受信した暗号化されたサービスコードをその共通暗号鍵で復号する。 In this embodiment, in the one-time authentication between the user authentication device 4 and the authentication server 3, the user authentication device 4 encrypts the generated seed with a common encryption key, and encrypts the seed. The authentication server 3 decrypts the received encrypted seed with the common encryption key. The common encryption key in the one-time authentication between the user authentication device 4 and the authentication server 3 is generated and updated separately from the common encryption key in the one-time authentication between the terminal device 1 and the authentication server 3. To go. The authentication server 3 decrypts the received encrypted service code with the common encryption key.
 さらに、この実施の形態では、ユーザ認証デバイス4および認証サーバ3は、それぞれ、ワンタイム認証子についての認証が成功するたびに、少なくとも生成した自己のシードおよび受信し復号した通信相手のシード(現時点の共通暗号鍵、生成した自己のシード、および受信し復号した通信相手のシード)に基づいて共通暗号鍵を更新する。つまり、端末装置1および認証サーバ3は、自己の保持している共通暗号鍵をそれぞれ更新し、更新後の共通暗号鍵の鍵配送は行われない。 Furthermore, in this embodiment, each time the user authentication device 4 and the authentication server 3 succeed in authenticating the one-time authenticator, at least the generated self seed and the received and decrypted communication partner seed (current Common encryption key, generated self seed, and received and decrypted communication partner seed). That is, the terminal device 1 and the authentication server 3 each update their own common encryption key, and key distribution of the updated common encryption key is not performed.
 以下、上記システムにおける各装置の構成および動作について説明する。 Hereinafter, the configuration and operation of each device in the above system will be described.
(1)端末装置1 (1) Terminal device 1
 図2は、図1における端末装置1の構成を示すブロック図である。図2に示すように、端末装置1は、CPU(Central Processing Unit)11、ROM(Read Only Memory)12、RAM(Random Access Memory)13などを有するコンピュータを内蔵する。 FIG. 2 is a block diagram showing a configuration of the terminal device 1 in FIG. As shown in FIG. 2, the terminal device 1 includes a computer having a CPU (Central Processing Unit) 11, a ROM (Read Only Memory) 12, a RAM (Random Access Memory) 13, and the like.
 CPU11は、プログラムを実行し、プログラムに記述された処理を実行するプロセッサである。また、ROM12は、プログラムおよびデータを予め記憶した不揮発性のメモリである。また、RAM13は、プログラムを実行する際にそのプログラムおよびデータを一時的に記憶する揮発性のメモリである。 The CPU 11 is a processor that executes a program and executes processing described in the program. The ROM 12 is a nonvolatile memory that stores programs and data in advance. The RAM 13 is a volatile memory that temporarily stores the program and data when the program is executed.
 また、インターフェイス14は、記憶装置15を接続可能なインターフェイス回路であり、記憶装置15は、インターフェイス14に接続され、図示せぬオペレーティングシステム、認証プログラム31、アプリケーションプログラム32などを格納する記録媒体を有する装置である。記憶装置15としては、ハードディスクドライブ、SSD(Solid State Disk)などの不揮発性記憶装置が使用される。 The interface 14 is an interface circuit to which the storage device 15 can be connected. The storage device 15 is connected to the interface 14 and has a recording medium that stores an operating system (not shown), an authentication program 31, an application program 32, and the like. Device. As the storage device 15, a nonvolatile storage device such as a hard disk drive or SSD (Solid State Disk) is used.
 また、インターフェイス16は、通信装置17を接続可能なインターフェイス回路である。通信装置17は、ネットワークインターフェイス、モデムなどといったネットワーク2に接続可能な装置である。 The interface 16 is an interface circuit to which the communication device 17 can be connected. The communication device 17 is a device that can be connected to the network 2 such as a network interface or a modem.
 また、インターフェイス18は、IEEE1394、USB(Universal Serial Bus)などといった周辺機器インターフェイスである。 The interface 18 is a peripheral device interface such as IEEE1394 or USB (Universal Serial Bus).
 また、インターフェイス20は、入力装置21を接続可能なインターフェイス回路である。入力装置21は、キーボード、マウスなどといったユーザ操作を受け付けてそのユーザ操作に応じた信号を出力する装置である。 The interface 20 is an interface circuit to which the input device 21 can be connected. The input device 21 is a device that receives a user operation such as a keyboard and a mouse and outputs a signal corresponding to the user operation.
 また、画像処理回路22は、画像データを書き込まれると、そのデータに対応する画像信号を出力する回路である。この画像処理回路22には、その画像信号に基づいて画像を表示する表示装置23が接続可能である。 The image processing circuit 22 is a circuit that outputs an image signal corresponding to the data when the image data is written. A display device 23 that displays an image based on the image signal can be connected to the image processing circuit 22.
 CPU11、ROM12、RAM13、インターフェイス14,16,18,20および画像処理回路22は、バスやコントローラチップによって相互にデータ通信可能に接続されている。 The CPU 11, ROM 12, RAM 13, interfaces 14, 16, 18, 20 and image processing circuit 22 are connected to each other via a bus or a controller chip so that data communication can be performed.
 図3は、図2に示す端末装置1において実現される処理部を示すブロック図である。図3に示すように、この端末装置1において、通信処理部41、認証処理部42、サービスコード出力部43が実現される。 FIG. 3 is a block diagram showing a processing unit realized in the terminal device 1 shown in FIG. As shown in FIG. 3, in the terminal device 1, a communication processing unit 41, an authentication processing unit 42, and a service code output unit 43 are realized.
 通信処理部41は、通信装置17を使用して、所定の通信プロトコルで認証サーバ3などとネットワーク2を介してデータ通信を行う。 The communication processing unit 41 uses the communication device 17 to perform data communication with the authentication server 3 and the like via the network 2 using a predetermined communication protocol.
 認証処理部42は、CPU11で認証プログラム31が実行されることにより実現され、通信装置17および通信処理部41を使用して、(a)上述のサービスログイン要求の送信、(b)認証サーバ3との間のワンタイム認証による相互機器認証におけるクライアント側の処理などを実行する処理部である。 The authentication processing unit 42 is realized by the CPU 11 executing the authentication program 31, and uses the communication device 17 and the communication processing unit 41 to (a) transmit the above-described service login request, and (b) the authentication server 3. Is a processing unit that executes client-side processing and the like in mutual device authentication based on one-time authentication with the client.
 サービスコード出力部43は、CPU11で認証プログラム31が実行されることにより実現され、上述のサービスコードの出力を実行する処理部である。 The service code output unit 43 is a processing unit that is realized by the authentication program 31 being executed by the CPU 11 and outputs the above-described service code.
 アプリケーション44は、CPU11でアプリケーションプログラム32が実行されることにより実現され、認証サーバ3によってサービスログインが許可された後に、特定のサービスのデータの送信要求の送信、そのデータの受信、受信したデータに対するデータ処理などを行う処理部である。 The application 44 is realized by the CPU 11 executing the application program 32. After the service login is permitted by the authentication server 3, the application 44 transmits a transmission request for data of a specific service, receives the data, and receives the data. A processing unit that performs data processing and the like.
(2)認証サーバ3 (2) Authentication server 3
 図4は、図1における認証サーバ3の構成を示すブロック図である。 FIG. 4 is a block diagram showing a configuration of the authentication server 3 in FIG.
 図4において、CPU51は、プログラムを実行し、プログラムに記述された処理を実行するプロセッサである。また、ROM52は、プログラムおよびデータを予め記憶した不揮発性のメモリである。また、RAM53は、プログラムを実行する際にそのプログラムおよびデータを一時的に記憶するメモリである。 In FIG. 4, a CPU 51 is a processor that executes a program and executes processing described in the program. The ROM 52 is a nonvolatile memory that stores programs and data in advance. The RAM 53 is a memory that temporarily stores the program and data when the program is executed.
 また、インターフェイス54は、記憶装置55を接続可能なインターフェイス回路であり、記憶装置55は、インターフェイス54に接続され、図示せぬオペレーティングシステム、認証プログラム61、認証に使用されるデータなどを格納する記録媒体を有する装置である。記憶装置55としては、ハードディスクドライブ、SSDなどの不揮発性記憶装置が使用される。 The interface 54 is an interface circuit to which the storage device 55 can be connected. The storage device 55 is connected to the interface 54 and stores an operating system (not shown), an authentication program 61, data used for authentication, and the like. A device having a medium. As the storage device 55, a nonvolatile storage device such as a hard disk drive or an SSD is used.
 記憶装置55には、端末装置1と認証サーバ3との間でのワンタイム認証に使用されるデータとして、シードテーブル71a、認証子テーブル72a、および端末属性テーブル73aが格納されており、ユーザ認証デバイス4と認証サーバ3との間でのワンタイム認証に使用されるデータとして、シードテーブル71b、認証子テーブル72b、およびデバイス属性テーブル73bが格納されている。 The storage device 55 stores a seed table 71a, an authenticator table 72a, and a terminal attribute table 73a as data used for one-time authentication between the terminal device 1 and the authentication server 3, and user authentication is performed. As data used for one-time authentication between the device 4 and the authentication server 3, a seed table 71b, an authenticator table 72b, and a device attribute table 73b are stored.
 シードテーブル71aは、端末装置1と認証サーバ3との間でのワンタイム認証において最後の認証時に更新された次回認証用シードおよび次回認証用共通暗号鍵を有する。シードテーブル71bは、ユーザ認証デバイス4と認証サーバ3との間でのワンタイム認証において最後の認証時に更新された次回認証用シードおよび次回認証用共通暗号鍵を有する。 The seed table 71a has a next authentication seed and a next authentication common encryption key updated at the last authentication in the one-time authentication between the terminal device 1 and the authentication server 3. The seed table 71b has a next authentication seed and a next authentication common encryption key updated at the last authentication in the one-time authentication between the user authentication device 4 and the authentication server 3.
 認証子テーブル72aは、端末装置1と認証サーバ3との間でのワンタイム認証において最後の認証時に更新された次回認証用のクライアント側ワンタイム認証子を有する。認証子テーブル72bは、ユーザ認証デバイス4と認証サーバ3との間でのワンタイム認証において最後の認証時に更新された次回認証用のクライアント側ワンタイム認証子を有する。 The authenticator table 72 a has a client-side one-time authenticator for next authentication updated at the last authentication in the one-time authentication between the terminal device 1 and the authentication server 3. The authenticator table 72b includes a client-side one-time authenticator for next authentication updated at the last authentication in the one-time authentication between the user authentication device 4 and the authentication server 3.
 端末属性テーブル73aは、各端末装置1のデバイスID、およびそのデバイスIDに関連付けられている属性情報(所有者情報など)を有するテーブルである。なお、端末属性テーブル73aにおける各端末装置1のデバイスIDは、識別子テーブル72aにおけるその端末装置1のワンタイム識別子に関連付けられている。また、端末属性テーブル73aにおいて、各端末装置1のデバイスIDの代わりに、各端末装置1のワンタイム識別子を使用してもよい。 The terminal attribute table 73a is a table having a device ID of each terminal device 1 and attribute information (such as owner information) associated with the device ID. The device ID of each terminal device 1 in the terminal attribute table 73a is associated with the one-time identifier of the terminal device 1 in the identifier table 72a. In the terminal attribute table 73a, the one-time identifier of each terminal device 1 may be used instead of the device ID of each terminal device 1.
 デバイス属性テーブル73bは、各ユーザ認証デバイス4のデバイスID、およびそのデバイスIDに関連付けられている属性情報(ユーザID、所有者情報など)を有するテーブルである。なお、デバイス属性テーブル73bにおける各ユーザ認証デバイス4のデバイスIDは、識別子テーブル72bにおけるそのユーザ認証デバイス4のワンタイム識別子に関連付けられている。また、デバイス属性テーブル73bにおいて、各ユーザ認証デバイス4のデバイスIDの代わりに、各ユーザ認証デバイス4のワンタイム識別子を使用してもよい。 The device attribute table 73b is a table having a device ID of each user authentication device 4 and attribute information (user ID, owner information, etc.) associated with the device ID. The device ID of each user authentication device 4 in the device attribute table 73b is associated with the one-time identifier of the user authentication device 4 in the identifier table 72b. In the device attribute table 73b, the one-time identifier of each user authentication device 4 may be used instead of the device ID of each user authentication device 4.
 ユーザ属性テーブル74は、各ユーザのユーザID、およびそのデバイスIDに関連付けられている属性情報(氏名、特定サービスで使用されるユーザID、特定サービスが有料サービスである場合の課金情報など)を有するテーブルである。なお、ユーザ属性テーブル74における各ユーザIDは、デバイス属性テーブル73bにおける同一のユーザIDに関連付けられている。 The user attribute table 74 includes the user ID of each user and attribute information associated with the device ID (name, user ID used in the specific service, billing information when the specific service is a paid service, etc.). It is a table. Each user ID in the user attribute table 74 is associated with the same user ID in the device attribute table 73b.
 また、インターフェイス56は、通信装置57を接続可能なインターフェイス回路である。通信装置57は、ネットワークインターフェイスカード、モデムなどといったネットワーク3に接続可能な装置である。 The interface 56 is an interface circuit to which the communication device 57 can be connected. The communication device 57 is a device connectable to the network 3 such as a network interface card or a modem.
 CPU51、ROM52、RAM53、およびインターフェイス54,56は、バスやコントローラチップによって相互にデータ通信可能に接続されている。 The CPU 51, the ROM 52, the RAM 53, and the interfaces 54 and 56 are connected to each other by a bus or a controller chip so that data communication can be performed.
 図5は、図4に示す認証サーバ3において実現される処理部を示すブロック図である。図5に示す認証サーバ3では、通信処理部81、サーバ側認証処理部82、サービスコード管理部83、およびサービス提供部84が実現される。 FIG. 5 is a block diagram showing a processing unit realized in the authentication server 3 shown in FIG. In the authentication server 3 shown in FIG. 5, a communication processing unit 81, a server-side authentication processing unit 82, a service code management unit 83, and a service providing unit 84 are realized.
 通信処理部81は、通信装置57を使用して、所定の通信プロトコルで端末装置1およびユーザ認証デバイス4とネットワーク2を介してデータ通信を行う。 The communication processing unit 81 uses the communication device 57 to perform data communication with the terminal device 1 and the user authentication device 4 via the network 2 using a predetermined communication protocol.
 サーバ側認証処理部82は、CPU51で認証プログラム61が実行されることにより実現され、通信処理部81を使用して、各端末装置1とのワンタイム認証による相互機器認証におけるサーバ側の処理、および各ユーザ認証デバイス4とのワンタイム認証による相互機器認証におけるサーバ側の処理を実行する。 The server-side authentication processing unit 82 is realized by the CPU 51 executing the authentication program 61. Using the communication processing unit 81, server-side processing in mutual device authentication by one-time authentication with each terminal device 1, And server-side processing in mutual device authentication based on one-time authentication with each user authentication device 4.
 また、サーバ側認証処理部82は、サービスログイン要求に対して、サービスコードが適切にユーザ認証デバイス4から送信されて来た場合には、サービスログインを許可し、そうでない場合には、サービスログインを拒否する。 The server side authentication processing unit 82 permits the service login when the service code is appropriately transmitted from the user authentication device 4 in response to the service login request, and otherwise, the service login. To refuse.
 サービスコード管理部83は、サービスコードの生成、サービスコードの有効期限の設定、サービスログイン要求(つまり、サービスログイン要求を送信した端末装置1)と生成したサービスコードとの対応付けなどを行う処理部である。 The service code management unit 83 generates a service code, sets a service code expiration date, associates a service login request (that is, the terminal device 1 that transmitted the service login request) with the generated service code, and the like. It is.
 例えば、サービスコード管理部83は、サービスコードの有効期限前においては、サービスコードを有効とし、サービスコードの有効期限後においては、サービスコードを無効とし、サーバ側認証処理部82は、受信したサービスコードが無効である場合には、受信したサービスコードが適切なものであっても、サービスログインを拒否する。 For example, the service code management unit 83 validates the service code before the expiration date of the service code, invalidates the service code after the expiration date of the service code, and the server-side authentication processing unit 82 If the code is invalid, the service login is rejected even if the received service code is appropriate.
 サービス提供部84は、サーバ側認証処理部82によりサービスログインを許可された後に、通信装置57および通信処理部81を使用して、サーバ側認証処理部82によりサービスログインを許可された端末装置1から受信されたサービスデータ要求に対する応答として、サービスデータをその端末装置1へ送信する。 The service providing unit 84 uses the communication device 57 and the communication processing unit 81 after the service login is permitted by the server-side authentication processing unit 82, and the terminal device 1 that is permitted to log in by the server-side authentication processing unit 82. The service data is transmitted to the terminal device 1 as a response to the service data request received from.
(3)ユーザ認証デバイス4 (3) User authentication device 4
 図6は、図1におけるユーザ認証デバイス4の構成を示すブロック図である。図6に示すように、ユーザ認証デバイス4は、CPU111、ROM112、RAM113などを有するコンピュータを内蔵する。 FIG. 6 is a block diagram showing the configuration of the user authentication device 4 in FIG. As shown in FIG. 6, the user authentication device 4 includes a computer having a CPU 111, a ROM 112, a RAM 113, and the like.
 CPU111は、プログラムを実行し、プログラムに記述された処理を実行するプロセッサである。また、ROM112は、プログラムおよびデータを予め記憶した不揮発性のメモリである。また、RAM113は、プログラムを実行する際にそのプログラムおよびデータを一時的に記憶する揮発性のメモリである。 The CPU 111 is a processor that executes a program and executes processing described in the program. The ROM 112 is a non-volatile memory that stores programs and data in advance. The RAM 113 is a volatile memory that temporarily stores the program and data when the program is executed.
 また、インターフェイス114は、記憶装置115を接続可能なインターフェイス回路であり、記憶装置115は、インターフェイス114に接続され、図示せぬオペレーティングシステム、認証プログラム131などを格納する記録媒体を有する装置である。記憶装置115としては、フラッシュメモリなどの不揮発性記憶装置が使用される。 The interface 114 is an interface circuit to which the storage device 115 can be connected. The storage device 115 is connected to the interface 114 and has a recording medium that stores an operating system (not shown), an authentication program 131, and the like. As the storage device 115, a nonvolatile storage device such as a flash memory is used.
 また、インターフェイス116は、通信装置117を接続可能なインターフェイス回路である。通信装置117は、ネットワークインターフェイスなどといったネットワーク2に接続可能な装置、携帯電話網を介してネットワーク2に接続可能な携帯電話機のベースバンド部などである。また、インターフェイス118は、USBなどといった周辺機器インターフェイスである。 Further, the interface 116 is an interface circuit to which the communication device 117 can be connected. The communication device 117 is a device that can be connected to the network 2 such as a network interface, or a baseband unit of a mobile phone that can be connected to the network 2 via a mobile phone network. The interface 118 is a peripheral device interface such as a USB.
 また、インターフェイス120は、入力装置121を接続可能なインターフェイス回路である。入力装置121は、ハードキー、タッチパネルなどといったユーザ操作を受け付けてそのユーザ操作に応じた信号を出力する装置である。 The interface 120 is an interface circuit to which the input device 121 can be connected. The input device 121 is a device that receives a user operation such as a hard key or a touch panel and outputs a signal corresponding to the user operation.
 また、画像処理回路122は、画像データを書き込まれると、そのデータに対応する画像信号を表示装置123に出力する回路である。表示装置123は、液晶ディスプレイなどであって、その画像信号に基づいて画像を表示する。 The image processing circuit 122 is a circuit that outputs an image signal corresponding to the data to the display device 123 when the image data is written. The display device 123 is a liquid crystal display or the like, and displays an image based on the image signal.
 CPU111、ROM112、RAM113、インターフェイス114,116,118,120および画像処理回路122は、バスやコントローラチップによって相互にデータ通信可能に接続されている。 The CPU 111, the ROM 112, the RAM 113, the interfaces 114, 116, 118, 120, and the image processing circuit 122 are connected to each other by a bus or a controller chip so that data communication is possible.
 図7は、図6に示すユーザ認証デバイス4において実現される処理部を示すブロック図である。図7に示すように、このユーザ認証デバイス4において、通信処理部141、および認証処理部142が実現される。 FIG. 7 is a block diagram showing a processing unit realized in the user authentication device 4 shown in FIG. As shown in FIG. 7, in this user authentication device 4, a communication processing unit 141 and an authentication processing unit 142 are realized.
 通信処理部141は、通信装置117を使用して、所定の通信プロトコルで認証サーバ3などとネットワーク2を介してデータ通信を行う。 The communication processing unit 141 uses the communication device 117 to perform data communication with the authentication server 3 and the like via the network 2 using a predetermined communication protocol.
 認証処理部142は、CPU111で認証プログラム131が実行されることにより実現され、通信装置117および通信処理部141を使用して、(a)上述のサービスコードの入力の受け付けおよびサービスコードの送信、(b)認証サーバ3との間のワンタイム認証による相互機器認証におけるクライアント側の処理などを実行する処理部である。 The authentication processing unit 142 is realized by executing the authentication program 131 by the CPU 111, and using the communication device 117 and the communication processing unit 141, (a) receiving the service code input and transmitting the service code, (B) A processing unit that executes processing on the client side in mutual device authentication based on one-time authentication with the authentication server 3.
(4)サービスログイン時の処理 (4) Processing at service login
 図8は、図1に示すシステムにおけるサービスログイン時の処理を説明するシーケンス図である。 FIG. 8 is a sequence diagram for explaining processing at the time of service login in the system shown in FIG.
 ユーザは、端末装置1を操作して、特定サービスを選択し、選択した特定サービスについてのサービスログイン要求を認証サーバ3に送信させる。 The user operates the terminal device 1 to select a specific service, and transmits a service login request for the selected specific service to the authentication server 3.
 このとき、端末装置1では、認証処理部42は、そのユーザ操作を入力装置21で検出すると、端末装置1の次のシードR1(n)を暗号鍵K1(n-1)で暗号化し、通信装置17および通信処理部41を使用して、サービスログイン要求、機器認証のための端末装置1のワンタイム認証子C1(n-1)および暗号化された端末装置1のシードK1(n-1)*R1(n)をまとめて1つのメッセージとして送信する(ステップS1)。 At this time, in the terminal apparatus 1, when the user operation is detected by the input device 21, the authentication processing unit 42 encrypts the next seed R1 (n) of the terminal apparatus 1 with the encryption key K1 (n-1), and performs communication. Using the device 17 and the communication processing unit 41, a service login request, a one-time authenticator C1 (n-1) of the terminal device 1 for device authentication, and an encrypted seed K1 (n-1) of the terminal device 1 ) * R1 (n) are collectively transmitted as one message (step S1).
 認証サーバ3では、サーバ側認証処理部82が、通信装置57および通信処理部81を使用して、サービスログイン要求、ワンタイム認証子C1(n-1)および暗号化されたシードK1(n-1)*R1(n)を受信すると、暗号化されたシードK1(n-1)*R1(n)を復号し、受信し復号した端末装置1のシードR1(n)および保持している認証サーバ3のシードQ1(n-1)に基づいて、ワンタイム認証子C1(n-1)が正当なものであるか否かを判定する。つまり、シードR1(n)およびシードQ1(n-1)からワンタイム認証子C1(n-1)が計算され、計算されたワンタイム認証子C1(n-1)と受信されたワンタイム認証子C1(n-1)とが一致するか否かが判定される。 In the authentication server 3, the server-side authentication processing unit 82 uses the communication device 57 and the communication processing unit 81 to make a service login request, a one-time authenticator C1 (n−1), and an encrypted seed K1 (n− 1) When * R1 (n) is received, the encrypted seed K1 (n-1) * R1 (n) is decrypted, and the received seed R1 (n) of the terminal device 1 decrypted and the authentication held Based on the seed Q1 (n-1) of the server 3, it is determined whether or not the one-time authenticator C1 (n-1) is valid. That is, the one-time authenticator C1 (n-1) is calculated from the seed R1 (n) and the seed Q1 (n-1), and the calculated one-time authenticator C1 (n-1) and the received one-time authenticator It is determined whether or not the child C1 (n-1) matches.
 サーバ側認証処理部82が、ワンタイム認証子C1(n-1)が正当なものであると判定した場合、送信元の端末装置1の機器認証に成功したと判定する(ステップS2)。 If the server-side authentication processing unit 82 determines that the one-time authenticator C1 (n-1) is valid, it determines that the device authentication of the terminal device 1 as the transmission source has succeeded (step S2).
 送信元の端末装置1の機器認証に成功したと判定した場合、サービスコード管理部83は、サービスコードを生成する(ステップS3)。サービスコードには、例えば乱数が使用される。 When it is determined that the device authentication of the terminal device 1 as the transmission source has been successful, the service code management unit 83 generates a service code (step S3). For example, a random number is used as the service code.
 なお、送信元の端末装置1の機器認証に失敗した場合、サービスコードは生成されず、サービスログイン要求は拒否される。 In addition, when the device authentication of the transmission source terminal device 1 fails, the service code is not generated and the service login request is rejected.
 端末装置1の機器認証に成功した場合、サーバ側認証処理部82は、認証サーバ3の次のシードQ1(n)およびサービスコードを暗号鍵K1(n-1)で暗号化し、通信装置57および通信処理部81を使用して、その暗号化されたサービスコード、機器認証のための認証サーバ3のワンタイム認証子S1(n-1)および暗号化された認証サーバ3のシードK1(n-1)*Q1(n)をまとめて1つのメッセージとしてその端末装置1へ送信する(ステップS4)。 If the device authentication of the terminal device 1 is successful, the server-side authentication processing unit 82 encrypts the next seed Q1 (n) and service code of the authentication server 3 with the encryption key K1 (n−1), and the communication device 57 and Using the communication processing unit 81, the encrypted service code, the one-time authenticator S 1 (n−1) of the authentication server 3 for device authentication, and the seed K 1 (n−) of the encrypted authentication server 3 1) * Q1 (n) are collectively transmitted as one message to the terminal device 1 (step S4).
 端末装置1では、認証処理部42は、通信装置17および通信処理部41を使用して、その暗号化されたサービスコード、ワンタイム認証子S1(n-1)、および暗号化されたシードK1(n-1)*Q1(n)を受信すると、暗号化されたサービスコードおよび暗号化されたシードK1(n-1)*Q1(n)を復号し、保持している端末装置1のシードR1(n-1)および受信し復号した認証サーバ3のシードQ1(n)に基づいて、ワンタイム認証子S1(n-1)が正当なものであるか否かを判定する。つまり、シードR1(n-1)およびシードQ1(n)からワンタイム認証子S1(n-1)が計算され、計算されたワンタイム認証子S1(n-1)と受信されたワンタイム認証子S1(n-1)とが一致するか否かが判定される。 In the terminal device 1, the authentication processing unit 42 uses the communication device 17 and the communication processing unit 41 to encrypt the encrypted service code, the one-time authenticator S1 (n−1), and the encrypted seed K1. When (n-1) * Q1 (n) is received, the encrypted service code and the encrypted seed K1 (n-1) * Q1 (n) are decrypted and held in the seed of the terminal device 1 Based on R1 (n−1) and the received and decrypted authentication server 3 seed Q1 (n), it is determined whether or not the one-time authenticator S1 (n−1) is valid. That is, the one-time authenticator S1 (n-1) is calculated from the seed R1 (n-1) and the seed Q1 (n), and the calculated one-time authenticator S1 (n-1) and the received one-time authenticator It is determined whether or not the child S1 (n-1) matches.
 認証処理部42が、ワンタイム認証子S1(n-1)が正当なものであると判定した場合、送信元の認証サーバ3の機器認証に成功したと判定する(ステップS5)。 If the authentication processing unit 42 determines that the one-time authenticator S1 (n-1) is valid, it determines that the device authentication of the authentication server 3 as the transmission source has succeeded (step S5).
 認証サーバ3の機器認証に成功した場合、サービスコード出力部43は、サービスコードを所定の形態で出力する(ステップS6)。その出力されたサービスコードは、ユーザ認証デバイス4に入力される。 If the authentication server 3 succeeds in device authentication, the service code output unit 43 outputs the service code in a predetermined form (step S6). The output service code is input to the user authentication device 4.
 ここでは、サービスコード出力部43は、画像処理回路22を使用して、そのサービスコードをテキストとして表示装置23に表示する。そして、ユーザは、表示されているテキストとしてのサービスコードを、入力装置121を操作して、ユーザ認証デバイス4に入力する。 Here, the service code output unit 43 uses the image processing circuit 22 to display the service code as text on the display device 23. Then, the user operates the input device 121 to input the service code as the displayed text into the user authentication device 4.
 ユーザ認証デバイス4では、ユーザ操作に従って認証処理部142が起動される(ステップS7)。認証処理部142の起動に、ユーザIDおよびパスワードが要求されるようにしてもよい。その場合、予め登録した正規のユーザIDおよびパスワードがユーザ認証デバイス4に入力されれば、認証処理部142が起動するが、正規のユーザIDおよびパスワード以外のユーザIDおよびパスワードが入力された場合には、認証処理部142は起動しない。なお、ユーザ認証デバイス4に入力されたユーザIDおよびパスワードは外部へは送信されない。また、ユーザIDおよびパスワードによる認証の代わりに、指紋などの生体情報を利用した生体認証を行うようにしてもよい。 In the user authentication device 4, the authentication processing unit 142 is activated in accordance with a user operation (step S7). A user ID and a password may be requested to activate the authentication processing unit 142. In this case, if a regular user ID and password registered in advance are input to the user authentication device 4, the authentication processing unit 142 is activated, but when a user ID and password other than the regular user ID and password are input. The authentication processing unit 142 is not activated. Note that the user ID and password input to the user authentication device 4 are not transmitted to the outside. Further, biometric authentication using biometric information such as a fingerprint may be performed instead of authentication using a user ID and password.
 その後、認証処理部142は、入力されたサービスコードを取得すると(ステップS8)、そのサービスコードおよびユーザ認証デバイス4の次のシードR2(n)を暗号鍵K2(n-1)で暗号化し、通信装置117および通信処理部141を使用して、ユーザ認証要求、暗号化されたサービスコード、機器認証のためのユーザ認証デバイス4のワンタイム認証子C2(n-1)、および暗号化されたユーザ認証デバイス4のシードK2(n-1)*R2(n)をまとめて1つのメッセージとして認証サーバ3へ送信する(ステップS9)。 Thereafter, when the authentication processing unit 142 acquires the input service code (step S8), the service code and the next seed R2 (n) of the user authentication device 4 are encrypted with the encryption key K2 (n−1), Using the communication device 117 and the communication processing unit 141, a user authentication request, an encrypted service code, a one-time authenticator C2 (n-1) of the user authentication device 4 for device authentication, and an encrypted The seeds K2 (n−1) * R2 (n) of the user authentication device 4 are collectively transmitted to the authentication server 3 as one message (step S9).
 認証サーバ3では、サーバ側認証処理部82が、通信装置57および通信処理部81を使用して、ユーザ認証要求、暗号化されたサービスコード、ワンタイム認証子C2(n-1)、および暗号化されたシードK2(n-1)*R2(n)を受信すると、暗号化されたサービスコードおよび暗号化されたシードK2(n-1)*R2(n)を復号し、受信し復号したユーザ認証デバイス4のシードR2(n)および保持している認証サーバ3のシードQ2(n-1)に基づいて、ワンタイム認証子C2(n-1)が正当なものであるか否かを判定する。つまり、シードR2(n)およびシードQ2(n-1)からワンタイム認証子C2(n-1)が計算され、計算されたワンタイム認証子C2(n-1)と受信されたワンタイム認証子C2(n-1)とが一致するか否かが判定される。 In the authentication server 3, the server-side authentication processing unit 82 uses the communication device 57 and the communication processing unit 81 to use the user authentication request, the encrypted service code, the one-time authenticator C 2 (n−1), and the encryption When the encrypted seed K2 (n-1) * R2 (n) is received, the encrypted service code and the encrypted seed K2 (n-1) * R2 (n) are decrypted, received and decrypted Whether or not the one-time authenticator C2 (n-1) is valid based on the seed R2 (n) of the user authentication device 4 and the seed Q2 (n-1) of the held authentication server 3 judge. That is, the one-time authenticator C2 (n-1) is calculated from the seed R2 (n) and the seed Q2 (n-1), and the calculated one-time authenticator C2 (n-1) and the received one-time authenticator It is determined whether or not the child C2 (n-1) matches.
 サーバ側認証処理部82が、ワンタイム認証子C2(n-1)が正当なものであると判定した場合、送信元のユーザ認証デバイス4の機器認証に成功したと判定し(ステップS10)、ユーザ認証応答をユーザ認証デバイス4へ送信する(ステップS11)。このとき、サーバ側認証処理部82は、機器認証が成功したユーザ認証デバイス4に関連付けられているユーザのユーザ認証に成功したと判定する。 When the server-side authentication processing unit 82 determines that the one-time authenticator C2 (n−1) is valid, it determines that the device authentication of the user authentication device 4 that is the transmission source has succeeded (step S10). A user authentication response is transmitted to the user authentication device 4 (step S11). At this time, the server-side authentication processing unit 82 determines that the user authentication of the user associated with the user authentication device 4 that has succeeded in device authentication has succeeded.
 なお、送信元のユーザ認証デバイス4の機器認証に失敗した場合、サービスログイン要求は拒否される。 Note that if the device authentication of the user authentication device 4 of the transmission source fails, the service login request is rejected.
 サーバ側認証処理部82は、そのユーザのユーザ認証に成功したと判定した場合、そのユーザを、サービスログイン要求を送信したユーザとして特定し、サービスログイン要求により指定された特定サービスへのログインを許可し、通信装置57および通信処理部81を使用して、サービスログイン許可通知を、そのサービスコードが生成された端末装置1へ送信する(ステップS12)。これにより、その特定サービスを享受するユーザが特定サービス側で特定される。したがって、特定サービスでそのユーザ向けのデータを送信したり、そのユーザにサービス利用料を課金したりすることが可能となる。なお、サービスログイン許可通知は、端末装置1へ送信しなくてもよい。その場合、端末装置1は、サービスコードの出力(ステップS6)から所定時間経過後に、サービスデータ要求を送信するようにしてもよい。 If the server-side authentication processing unit 82 determines that the user authentication of the user has been successful, the server-side authentication processing unit 82 identifies the user as the user who transmitted the service login request, and permits login to the specific service specified by the service login request. Then, using the communication device 57 and the communication processing unit 81, a service login permission notification is transmitted to the terminal device 1 in which the service code is generated (step S12). Thereby, the user who enjoys the specific service is specified on the specific service side. Therefore, it is possible to transmit data for the user with a specific service or charge the user for a service usage fee. The service login permission notification may not be transmitted to the terminal device 1. In this case, the terminal device 1 may transmit a service data request after a predetermined time has elapsed from the output of the service code (step S6).
 端末装置1では、認証処理部42は、通信装置17および通信処理部41を使用して、サービスログイン許可通知を受信すると、ログインが許可された旨をアプリケーション44に通知する。 In the terminal device 1, when the authentication processing unit 42 receives the service login permission notification using the communication device 17 and the communication processing unit 41, the authentication processing unit 42 notifies the application 44 that login is permitted.
 その後、端末装置1のアプリケーション44は、通信装置17および通信処理部41を使用して、特定サービスのサービスデータ要求を、(ここでは認証サーバ3の)サービス提供部84へ送信する(ステップS13)。 Thereafter, the application 44 of the terminal device 1 uses the communication device 17 and the communication processing unit 41 to transmit a service data request for a specific service to the service providing unit 84 (in this case, the authentication server 3) (step S13). .
 認証サーバ3では、サービス提供部84は、通信装置57および通信処理部81を使用して、サービスデータ要求を受信すると、サービスデータ要求により指定されたデータを端末装置1のアプリケーション44へ送信する(ステップS14)。 In the authentication server 3, when the service providing unit 84 receives the service data request using the communication device 57 and the communication processing unit 81, the service providing unit 84 transmits the data specified by the service data request to the application 44 of the terminal device 1 ( Step S14).
 このようにして、端末装置1のユーザは、ユーザ認証デバイス4を使用してユーザ認証を受けた後、端末装置1を使用して特定サービスを享受することができる。 In this way, the user of the terminal device 1 can enjoy the specific service using the terminal device 1 after receiving the user authentication using the user authentication device 4.
(5)端末装置1と認証サーバ3との間のワンタイム認証の詳細 (5) Details of one-time authentication between the terminal device 1 and the authentication server 3
 図9は、本発明の実施の形態における端末装置1と認証サーバ3との間のワンタイム認証の詳細について説明するシーケンス図である。 FIG. 9 is a sequence diagram illustrating details of one-time authentication between the terminal device 1 and the authentication server 3 in the embodiment of the present invention.
 端末装置1および認証サーバ3では、端末装置1のシードR1(n-1)、認証サーバ3のシードQ1(n-1)、および共通暗号鍵K1(n-1)が、記憶装置15,55などの不揮発性記憶装置においてそれぞれ保持されている。なお、端末装置1のシードの初期値R1(0)、認証サーバ3のシードの初期値Q1(0)、および共通暗号鍵の初期値K1(0)は、適宜設定される。また、認証サーバ3には、クライアント側のワンタイム識別子C1(n-1)が予め計算され保持されている。 In the terminal device 1 and the authentication server 3, the seed R 1 (n−1) of the terminal device 1, the seed Q 1 (n−1) of the authentication server 3, and the common encryption key K 1 (n−1) are stored in the storage devices 15 and 55. Etc., each of which is held in a nonvolatile storage device. The initial seed value R1 (0) of the terminal device 1, the initial seed value Q1 (0) of the authentication server 3, and the initial value K1 (0) of the common encryption key are set as appropriate. In the authentication server 3, a one-time identifier C1 (n-1) on the client side is calculated and held in advance.
 シードR1(n-1)は、今回(n-1)のワンタイム認証についてのクライアント側シードである。シードQ1(n-1)は、今回(n-1)のワンタイム認証についてのサーバ側シードである。共通暗号鍵K1(n-1)は、今回(n-1)のワンタイム認証時に、次回認証用のクライアント側シードR1(n)を認証サーバ3へ送信する際に、そのR1(n)を暗号化するための共通暗号鍵である。 The seed R1 (n-1) is a client-side seed for the one-time authentication of this time (n-1). The seed Q1 (n-1) is a server-side seed for the current one-time authentication (n-1). The common encryption key K1 (n-1) is used when the client side seed R1 (n) for next authentication is transmitted to the authentication server 3 during the one-time authentication of this time (n-1). This is a common encryption key for encryption.
 まず、認証処理部42は、乱数Rを生成し、その乱数Rを、次回認証用のクライアント側シードR1(n)にセットする(ステップS21)。 First, the authentication processing unit 42 generates a random number R, and sets the random number R in the client side seed R1 (n) for the next authentication (step S21).
 そして、認証処理部42は、今回のワンタイム認証についての、クライアント側ワンタイム認証子C1(n-1)を生成する(ステップS22)。 Then, the authentication processing unit 42 generates a client-side one-time authenticator C1 (n-1) for the current one-time authentication (step S22).
 ワンタイム認証子C1(n-1)は、一方向性関数で計算される。この一方向性関数は、2つの引数をとり、引数の順序によって関数値の異なる関数である。この実施の形態では、この一方向性関数は、ハッシュ関数hcである。 The one-time authenticator C1 (n-1) is calculated with a one-way function. This one-way function is a function that takes two arguments and has different function values depending on the order of the arguments. In this embodiment, the one-way function is a hash function hc.
 ワンタイム認証子C1(n-1)は、例えば、次式に従って計算される。 The one-time authenticator C1 (n-1) is calculated according to the following equation, for example.
 C1(n-1)=hc(R1(n-1),Q1(n-1))  ・・・(1) C1 (n-1) = hc (R1 (n-1), Q1 (n-1)) (1)
 ここで、ハッシュ関数hcの第1引数には、R1(n-1)が使用され、第2引数には、Q1(n-1)が使用される。 Here, R1 (n-1) is used as the first argument of the hash function hc, and Q1 (n-1) is used as the second argument.
 また、認証処理部42は、所定の暗号化方式に従って、共通暗号鍵K1(n-1)で、R1(n)を暗号化する。なお、共通暗号鍵K1(n-1)での暗号化後のR1(n)を、K1(n-1)*R1(n)と表現する。 Further, the authentication processing unit 42 encrypts R1 (n) with the common encryption key K1 (n-1) according to a predetermined encryption method. Note that R1 (n) after encryption with the common encryption key K1 (n-1) is expressed as K1 (n-1) * R1 (n).
 そして、認証処理部42は、ワンタイム認証子C1(n-1)およびK1(n-1)*R1(n)を認証サーバ3へ送信する(ステップS23,S1)。このとき、通信処理部41は、ワンタイム認証子C1(n-1)およびK1(n-1)*R1(n)を1つのメッセージとして送信する。 Then, the authentication processing unit 42 transmits the one-time authenticators C1 (n-1) and K1 (n-1) * R1 (n) to the authentication server 3 (steps S23 and S1). At this time, the communication processing unit 41 transmits the one-time authenticators C1 (n−1) and K1 (n−1) * R1 (n) as one message.
 認証サーバ3では、サーバ側認証処理部82は、通信処理部81を使用して、そのメッセージを受信し、そのメッセージからワンタイム認証子C1(n-1)およびK1(n-1)*R1(n)を抽出し、受信したワンタイム認証子C1(n-1)が、保持しているクライアント側ワンタイム認証子(つまり、保持しているシードR1(n-1),Q1(n-1)から上述の式(1)で得られる値)に一致するか否かを判定する(ステップS24,S2)。 In the authentication server 3, the server-side authentication processing unit 82 uses the communication processing unit 81 to receive the message, and from the message, the one-time authenticators C1 (n-1) and K1 (n-1) * R1 (N) is extracted, and the received one-time authenticator C1 (n−1) holds the client-side one-time authenticator (that is, held seeds R1 (n−1), Q1 (n− 1) to (the value obtained by the above equation (1)) is determined (steps S24 and S2).
 受信したワンタイム認証子C1(n-1)が、不正なワンタイム認証子であると判定した場合、サーバ側認証処理部82は、認証失敗と判定し、処理を終了する。 When it is determined that the received one-time authenticator C1 (n-1) is an invalid one-time authenticator, the server-side authentication processing unit 82 determines that the authentication has failed and ends the process.
 受信したワンタイム認証子C1(n-1)が、認証子テーブル72aに保持しているクライアント側ワンタイム認証子に一致した場合、サーバ側認証処理部82は、認証成功と判定し、まず、乱数Qを生成し、その乱数Qを、次回認証用のサーバ側シードQ1(n)にセットする(ステップS25)。 When the received one-time authenticator C1 (n-1) matches the client-side one-time authenticator stored in the authenticator table 72a, the server-side authentication processing unit 82 determines that the authentication is successful, A random number Q is generated, and the random number Q is set in the server side seed Q1 (n) for the next authentication (step S25).
 また、サーバ側認証処理部82は、K1(n-1)*R1(n)を、シードテーブル71aに保持している共通暗号鍵K1(n-1)で、R1(n)へ復号する。そして、サーバ側認証処理部82は、今回(n-1)のワンタイム認証用のサーバ側ワンタイム認証子S1(n-1)を生成する(ステップS26)。 The server-side authentication processing unit 82 decrypts K1 (n-1) * R1 (n) into R1 (n) using the common encryption key K1 (n-1) held in the seed table 71a. Then, the server-side authentication processing unit 82 generates a server-side one-time authenticator S1 (n-1) for the current (n-1) one-time authentication (step S26).
 ワンタイム認証子S1(n-1)は、一方向性関数で計算される。この一方向性関数は、2つの引数をとり、引数の順序によって関数値の異なる関数である。この実施の形態では、この一方向性関数は、ハッシュ関数hsである。 The one-time authenticator S1 (n-1) is calculated with a one-way function. This one-way function is a function that takes two arguments and has different function values depending on the order of the arguments. In this embodiment, the one-way function is a hash function hs.
 ワンタイム認証子S1(n-1)は、次式に従って計算される。 The one-time authenticator S1 (n-1) is calculated according to the following formula.
 S1(n-1)=hs(R1(n),Q1(n-1))  ・・・(2) S1 (n-1) = hs (R1 (n), Q1 (n-1)) (2)
 ここで、ハッシュ関数hsの第1引数には、R1(n)が使用され、第2引数には、Q1(n-1)が使用される。なお、ハッシュ関数hsは、ハッシュ関数hcと同一の関数でもよいし、異なる関数でもよい。 Here, R1 (n) is used as the first argument of the hash function hs, and Q1 (n-1) is used as the second argument. The hash function hs may be the same function as the hash function hc or a different function.
 また、サーバ側認証処理部82は、所定の暗号化方式に従って、共通暗号鍵K1(n-1)で、Q1(n)を暗号化する。なお、共通暗号鍵K1(n-1)での暗号化後のQ1(n)を、K1(n-1)*Q1(n)と表現する。 Further, the server side authentication processing unit 82 encrypts Q1 (n) with the common encryption key K1 (n-1) according to a predetermined encryption method. Note that Q1 (n) after encryption with the common encryption key K1 (n-1) is expressed as K1 (n-1) * Q1 (n).
 そして、サーバ側認証処理部82は、通信処理部81を使用して、ワンタイム認証子S1(n-1)およびK1(n-1)*Q1(n)を端末装置1へ送信する(ステップS27,S4)。このとき、通信処理部81は、ワンタイム認証子S1(n-1)およびK1(n-1)*Q1(n)を1つのメッセージとして送信する。 Then, the server side authentication processing unit 82 uses the communication processing unit 81 to transmit the one-time authenticators S1 (n-1) and K1 (n-1) * Q1 (n) to the terminal device 1 (Step S1). S27, S4). At this time, the communication processing unit 81 transmits the one-time authenticators S1 (n-1) and K1 (n-1) * Q1 (n) as one message.
 端末装置1では、認証処理部42は、通信処理部41を使用して、そのメッセージを受信し、ワンタイム認証子S1(n-1)およびK1(n-1)*Q1(n)を抽出する。 In the terminal device 1, the authentication processing unit 42 uses the communication processing unit 41 to receive the message and extract the one-time authenticators S1 (n-1) and K1 (n-1) * Q1 (n) To do.
 そして、認証処理部42は、R1(n)およびQ1(n-1)に基づいて、上述の式(2)に従って正当なワンタイム認証子S1(n-1)の値を計算し、受信したワンタイム認証子S1(n-1)が、計算した値に一致するか否かを判定する(ステップS28)。 Then, the authentication processing unit 42 calculates the value of the valid one-time authenticator S1 (n-1) based on R1 (n) and Q1 (n-1) according to the above equation (2) and receives it. It is determined whether or not the one-time authenticator S1 (n-1) matches the calculated value (step S28).
 このとき、受信したワンタイム認証子S1(n-1)が、計算した値に一致しない場合、認証処理部43は、認証失敗と判定し、処理を終了する。 At this time, if the received one-time authenticator S1 (n-1) does not match the calculated value, the authentication processing unit 43 determines that the authentication has failed and ends the process.
 受信したワンタイム認証子S1(n-1)が、計算した値に一致した場合、認証処理部42は、認証成功と判定し、まず、K1(n-1)*Q1(n)を、保持している共通暗号鍵K1(n-1)で、Q1(n)へ復号し、この値を、次回認証用のサーバ側シードにセットする。 If the received one-time authenticator S1 (n-1) matches the calculated value, the authentication processing unit 42 determines that the authentication is successful, and first holds K1 (n-1) * Q1 (n). The common encryption key K1 (n-1) is decrypted to Q1 (n), and this value is set as the server-side seed for the next authentication.
 そして、認証処理部42は、次回認証用の共通暗号鍵K1(n)を次式に従って計算し、共通暗号鍵を更新する(ステップS29)。 Then, the authentication processing unit 42 calculates a common encryption key K1 (n) for next authentication according to the following equation, and updates the common encryption key (step S29).
 K1(n)=hk(K1(n-1),R1(n),Q1(n))  ・・・(3) K1 (n) = hk (K1 (n-1), R1 (n), Q1 (n)) (3)
 ここで、hkは、一方向性関数であって、かつハッシュ関数である。 Here, hk is a one-way function and a hash function.
 このようにして、ワンタイム認証に成功した後、認証処理部42は、保持しているシードR1(n-1),Q1(n-1)および共通暗号鍵K1(n-1)を、R1(n)およびQ1(n)、並びにK1(n)で更新する。 In this way, after successful one-time authentication, the authentication processing unit 42 uses the stored seeds R1 (n−1), Q1 (n−1) and the common encryption key K1 (n−1) as R1. Update with (n) and Q1 (n) and K1 (n).
 一方、認証サーバ3においても、ワンタイム認証子S1(n-1)の送信後、サーバ側認証処理部82は、次回認証用の共通暗号鍵K1(n)を上述の式(3)に従って計算し、共通暗号鍵を更新する(ステップS30)。 On the other hand, also in the authentication server 3, after transmitting the one-time authenticator S1 (n-1), the server-side authentication processing unit 82 calculates the next authentication common encryption key K1 (n) according to the above-described equation (3). Then, the common encryption key is updated (step S30).
 さらに、サーバ側認証処理部82は、次回のワンタイム認証時に使用するクライアント側ワンタイム認証子C1(n)を、R1(n)およびQ1(n)から、上述の式(1)に従って計算する。そして、サーバ側認証処理部82は、R1(n)、Q1(n)およびK1(n)で、シードテーブル71aにおける、端末装置1についてのデータを更新し、C1(n)で、認証子テーブル72aにおける、端末装置1についてのワンタイム認証子を更新する。これにより、これらの値が、次回のセッション(つまり、次回のワンタイム認証)まで保持される。 Further, the server-side authentication processing unit 82 calculates a client-side one-time authenticator C1 (n) to be used at the next one-time authentication from R1 (n) and Q1 (n) according to the above equation (1). . And the server side authentication process part 82 updates the data about the terminal device 1 in the seed table 71a with R1 (n), Q1 (n), and K1 (n), and the authenticator table with C1 (n). The one-time authenticator for the terminal device 1 in 72a is updated. Thus, these values are held until the next session (that is, the next one-time authentication).
 このようにして、端末装置1と認証サーバ3との間のワンタイム認証が実行される。 In this way, one-time authentication between the terminal device 1 and the authentication server 3 is executed.
(6)ユーザ認証デバイス4と認証サーバ3との間のワンタイム認証の詳細 (6) Details of one-time authentication between the user authentication device 4 and the authentication server 3
 図10は、本発明の実施の形態におけるユーザ認証デバイス4と認証サーバ3との間のワンタイム認証の詳細について説明するシーケンス図である。なお、図9に示す処理と図10に示す処理とは独立して行われる。 FIG. 10 is a sequence diagram illustrating details of the one-time authentication between the user authentication device 4 and the authentication server 3 in the embodiment of the present invention. Note that the processing shown in FIG. 9 and the processing shown in FIG. 10 are performed independently.
 ユーザ認証デバイス4および認証サーバ3では、ユーザ認証デバイス4のシードR2(n-1)、認証サーバ3のシードQ2(n-1)、および共通暗号鍵K2(n-1)が、記憶装置115,55などの不揮発性記憶装置においてそれぞれ保持されている。なお、ユーザ認証デバイス4のシードの初期値R2(0)、認証サーバ3のシードの初期値Q2(0)、および共通暗号鍵の初期値K2(0)は、適宜設定される。また、認証サーバ3には、クライアント側のワンタイム識別子C2(n-1)が予め計算され保持されている。 In the user authentication device 4 and the authentication server 3, the seed R2 (n-1) of the user authentication device 4, the seed Q2 (n-1) of the authentication server 3, and the common encryption key K2 (n-1) are stored in the storage device 115. , 55 and so on, respectively. Note that the initial value R2 (0) of the seed of the user authentication device 4, the initial value Q2 (0) of the seed of the authentication server 3, and the initial value K2 (0) of the common encryption key are set as appropriate. In the authentication server 3, a one-time identifier C2 (n-1) on the client side is calculated and held in advance.
 シードR2(n-1)は、今回(n-1)のワンタイム認証についてのクライアント側シードである。シードQ2(n-1)は、今回(n-1)のワンタイム認証についてのサーバ側シードである。共通暗号鍵K2(n-1)は、今回(n-1)のワンタイム認証時に、次回認証用のクライアント側シードR2(n)を認証サーバ3へ送信する際に、そのR2(n)を暗号化するための共通暗号鍵である。 The seed R2 (n-1) is a client-side seed for the one-time authentication of this time (n-1). The seed Q2 (n-1) is a server-side seed for the one-time authentication of this time (n-1). The common encryption key K2 (n-1) is used when the client side seed R2 (n) for next authentication is transmitted to the authentication server 3 during the one-time authentication of this time (n-1). This is a common encryption key for encryption.
 まず、認証処理部142は、乱数Rを生成し、その乱数Rを、次回認証用のクライアント側シードR2(n)にセットする(ステップS41)。 First, the authentication processing unit 142 generates a random number R and sets the random number R in the client side seed R2 (n) for next authentication (step S41).
 そして、認証処理部142は、今回のワンタイム認証についての、クライアント側ワンタイム認証子C2(n-1)を生成する(ステップS42)。 Then, the authentication processing unit 142 generates a client-side one-time authenticator C2 (n-1) for the current one-time authentication (step S42).
 ワンタイム認証子C2(n-1)は、一方向性関数で計算される。この一方向性関数は、2つの引数をとり、引数の順序によって関数値の異なる関数である。この実施の形態では、この一方向性関数は、ハッシュ関数hcである。 The one-time authenticator C2 (n-1) is calculated with a one-way function. This one-way function is a function that takes two arguments and has different function values depending on the order of the arguments. In this embodiment, the one-way function is a hash function hc.
 ワンタイム認証子C2(n-1)は、例えば、次式に従って計算される。 The one-time authenticator C2 (n-1) is calculated according to the following equation, for example.
 C2(n-1)=hc(R2(n-1),Q2(n-1))  ・・・(4) C2 (n-1) = hc (R2 (n-1), Q2 (n-1)) (4)
 ここで、ハッシュ関数hcの第1引数には、R2(n-1)が使用され、第2引数には、Q2(n-1)が使用される。なお、ワンタイム認証子C2(n-1)を生成するためのハッシュ関数hcは、ワンタイム認証子C1(n-1)を生成するためのハッシュ関数hcと同じでもよいし異なっていてもよい。 Here, R2 (n-1) is used as the first argument of the hash function hc, and Q2 (n-1) is used as the second argument. Note that the hash function hc for generating the one-time authenticator C2 (n-1) may be the same as or different from the hash function hc for generating the one-time authenticator C1 (n-1). .
 また、認証処理部42は、所定の暗号化方式に従って、共通暗号鍵K2(n-1)で、R2(n)を暗号化する。なお、共通暗号鍵K2(n-1)での暗号化後のR2(n)を、K2(n-1)*R1(n)と表現する。 Further, the authentication processing unit 42 encrypts R2 (n) with the common encryption key K2 (n-1) according to a predetermined encryption method. Note that R2 (n) after encryption with the common encryption key K2 (n-1) is expressed as K2 (n-1) * R1 (n).
 そして、認証処理部42は、ワンタイム認証子C2(n-1)およびK2(n-1)*R2(n)を認証サーバ3へ送信する(ステップS43,S9)。このとき、通信処理部41は、ワンタイム認証子C2(n-1)およびK2(n-1)*R2(n)を1つのメッセージとして送信する。 Then, the authentication processing unit 42 transmits the one-time authenticators C2 (n−1) and K2 (n−1) * R2 (n) to the authentication server 3 (Steps S43 and S9). At this time, the communication processing unit 41 transmits the one-time authenticators C2 (n−1) and K2 (n−1) * R2 (n) as one message.
 認証サーバ3では、サーバ側認証処理部82は、通信処理部81を使用して、そのメッセージを受信し、そのメッセージからワンタイム認証子C2(n-1)およびK2(n-1)*R2(n)を抽出し、受信したワンタイム認証子C2(n-1)が、保持しているクライアント側ワンタイム認証子(つまり、保持しているシードR2(n-1),Q2(n-1)から上述の式(4)で得られる値)に一致するか否かを判定する(ステップS44)。 In the authentication server 3, the server-side authentication processing unit 82 uses the communication processing unit 81 to receive the message, and from the message, the one-time authenticators C2 (n-1) and K2 (n-1) * R2 (N) is extracted, and the received one-time authenticator C2 (n-1) holds the client-side one-time authenticator (that is, held seeds R2 (n-1), Q2 (n- 1) to (the value obtained by the above equation (4)) is determined (step S44).
 受信したワンタイム認証子C2(n-1)が、不正なワンタイム認証子であると判定した場合、サーバ側認証処理部82は、認証失敗と判定し、処理を終了する。 When it is determined that the received one-time authenticator C2 (n-1) is an invalid one-time authenticator, the server-side authentication processing unit 82 determines that the authentication has failed and ends the process.
 受信したワンタイム認証子C2(n-1)が、認証子テーブル72bに保持しているクライアント側ワンタイム認証子に一致した場合、サーバ側認証処理部82は、認証成功と判定し、まず、乱数Qを生成し、その乱数Qを、次回認証用のサーバ側シードQ2(n)にセットする(ステップS45)。 When the received one-time authenticator C2 (n-1) matches the client-side one-time authenticator stored in the authenticator table 72b, the server-side authentication processing unit 82 determines that the authentication is successful, A random number Q is generated, and the random number Q is set in the server side seed Q2 (n) for the next authentication (step S45).
 また、サーバ側認証処理部82は、K2(n-1)*R2(n)を、シードテーブル71bに保持している共通暗号鍵K2(n-1)で、R2(n)へ復号する。そして、サーバ側認証処理部82は、今回(n-1)のワンタイム認証用のサーバ側ワンタイム認証子S2(n-1)を生成する(ステップS46)。 The server-side authentication processing unit 82 decrypts K2 (n−1) * R2 (n) into R2 (n) using the common encryption key K2 (n−1) held in the seed table 71b. Then, the server-side authentication processing unit 82 generates the server-side one-time authenticator S2 (n-1) for the current (n-1) one-time authentication (step S46).
 ワンタイム認証子S2(n-1)は、一方向性関数で計算される。この一方向性関数は、2つの引数をとり、引数の順序によって関数値の異なる関数である。この実施の形態では、この一方向性関数は、ハッシュ関数hsである。 The one-time authenticator S2 (n-1) is calculated with a one-way function. This one-way function is a function that takes two arguments and has different function values depending on the order of the arguments. In this embodiment, the one-way function is a hash function hs.
 ワンタイム認証子S2(n-1)は、次式に従って計算される。 The one-time authenticator S2 (n-1) is calculated according to the following formula.
 S2(n-1)=hs(R2(n),Q2(n-1))  ・・・(5) S2 (n-1) = hs (R2 (n), Q2 (n-1)) (5)
 ここで、ハッシュ関数hsの第1引数には、R2(n)が使用され、第2引数には、Q2(n-1)が使用される。なお、ハッシュ関数hsは、ハッシュ関数hcと同一の関数でもよいし、異なる関数でもよい。また、ワンタイム認証子S2(n-1)を生成するためのハッシュ関数hsは、ワンタイム認証子S1(n-1)を生成するためのハッシュ関数hsと同じでもよいし異なっていてもよい。 Here, R2 (n) is used for the first argument of the hash function hs, and Q2 (n-1) is used for the second argument. The hash function hs may be the same function as the hash function hc or a different function. Further, the hash function hs for generating the one-time authenticator S2 (n-1) may be the same as or different from the hash function hs for generating the one-time authenticator S1 (n-1). .
 また、サーバ側認証処理部82は、所定の暗号化方式に従って、共通暗号鍵K2(n-1)で、Q2(n)を暗号化する。なお、共通暗号鍵K2(n-1)での暗号化後のQ2(n)を、K2(n-1)*Q2(n)と表現する。 Further, the server side authentication processing unit 82 encrypts Q2 (n) with the common encryption key K2 (n-1) according to a predetermined encryption method. Note that Q2 (n) after encryption with the common encryption key K2 (n-1) is expressed as K2 (n-1) * Q2 (n).
 そして、サーバ側認証処理部82は、通信処理部81を使用して、ワンタイム認証子S2(n-1)およびK2(n-1)*Q2(n)を端末装置1へ送信する(ステップS47,S11)。このとき、通信処理部81は、ワンタイム認証子S2(n-1)およびK2(n-1)*Q2(n)を1つのメッセージとして送信する。 Server-side authentication processing unit 82 then uses communication processing unit 81 to transmit one-time authenticators S2 (n−1) and K2 (n−1) * Q2 (n) to terminal device 1 (step S1). S47, S11). At this time, the communication processing unit 81 transmits the one-time authenticators S2 (n-1) and K2 (n-1) * Q2 (n) as one message.
 ユーザ認証デバイス4では、認証処理部142は、通信処理部141を使用して、そのメッセージを受信し、ワンタイム認証子S2(n-1)およびK2(n-1)*Q2(n)を抽出する。 In the user authentication device 4, the authentication processing unit 142 uses the communication processing unit 141 to receive the message, and sends one-time authenticators S2 (n−1) and K2 (n−1) * Q2 (n). Extract.
 そして、認証処理部142は、R2(n)およびQ2(n-1)に基づいて、上述の式(5)に従って正当なワンタイム認証子S2(n-1)の値を計算し、受信したワンタイム認証子S2(n-1)が、計算した値に一致するか否かを判定する(ステップS48)。 Then, the authentication processing unit 142 calculates the value of the valid one-time authenticator S2 (n−1) according to the above equation (5) based on R2 (n) and Q2 (n−1) and receives it. It is determined whether or not the one-time authenticator S2 (n-1) matches the calculated value (step S48).
 このとき、受信したワンタイム認証子S2(n-1)が、計算した値に一致しない場合、認証処理部143は、認証失敗と判定し、処理を終了する。 At this time, if the received one-time authenticator S2 (n-1) does not match the calculated value, the authentication processing unit 143 determines that the authentication has failed and ends the process.
 受信したワンタイム認証子S2(n-1)が、計算した値に一致した場合、認証処理部142は、認証成功と判定し、まず、K2(n-1)*Q2(n)を、保持している共通暗号鍵K2(n-1)で、Q2(n)へ復号し、この値を、次回認証用のサーバ側シードにセットする。 If the received one-time authenticator S2 (n−1) matches the calculated value, the authentication processing unit 142 determines that the authentication is successful, and first holds K2 (n−1) * Q2 (n). The common encryption key K2 (n-1) is decrypted to Q2 (n), and this value is set as the server-side seed for the next authentication.
 そして、認証処理部142は、次回認証用の共通暗号鍵K2(n)を次式に従って計算し、共通暗号鍵を更新する(ステップS49)。 Then, the authentication processing unit 142 calculates the next authentication common encryption key K2 (n) according to the following equation, and updates the common encryption key (step S49).
 K2(n)=hk(K2(n-1),R2(n),Q2(n))  ・・・(6) K2 (n) = hk (K2 (n−1), R2 (n), Q2 (n)) (6)
 ここで、hkは、一方向性関数であって、かつハッシュ関数である。なお、K2(n)を生成するためのハッシュ関数hkは、K1(n)を生成するためのハッシュ関数hkと同じでもよいし異なっていてもよい。 Here, hk is a one-way function and a hash function. Note that the hash function hk for generating K2 (n) may be the same as or different from the hash function hk for generating K1 (n).
 このようにして、ワンタイム認証に成功した後、認証処理部142は、保持しているシードR2(n-1),Q2(n-1)および共通暗号鍵K2(n-1)を、R2(n)およびQ2(n)、並びにK2(n)で更新する。 After successful one-time authentication in this way, the authentication processing unit 142 uses the stored seeds R2 (n−1), Q2 (n−1) and the common encryption key K2 (n−1) as R2 Update with (n) and Q2 (n) and K2 (n).
 一方、認証サーバ3においても、ワンタイム認証子S2(n-1)の送信後、サーバ側認証処理部82は、次回認証用の共通暗号鍵K2(n)を上述の式(6)に従って計算し、共通暗号鍵を更新する(ステップS50)。 On the other hand, also in the authentication server 3, after transmitting the one-time authenticator S2 (n-1), the server-side authentication processing unit 82 calculates the next authentication common encryption key K2 (n) according to the above-described equation (6). Then, the common encryption key is updated (step S50).
 さらに、サーバ側認証処理部82は、次回のワンタイム認証時に使用するクライアント側ワンタイム認証子C2(n)を、R2(n)およびQ2(n)から、上述の式(4)に従って計算する。そして、サーバ側認証処理部82は、R2(n)、Q2(n)およびK2(n)で、シードテーブル71bにおける、ユーザ認証デバイス4についてのデータを更新し、C2(n)で、認証子テーブル72bにおける、ユーザ認証デバイス4についてのワンタイム認証子を更新する。これにより、これらの値が、次回のセッション(つまり、次回のワンタイム認証)まで保持される。 Further, the server-side authentication processing unit 82 calculates a client-side one-time authenticator C2 (n) to be used at the next one-time authentication from R2 (n) and Q2 (n) according to the above equation (4). . Then, the server-side authentication processing unit 82 updates data on the user authentication device 4 in the seed table 71b with R2 (n), Q2 (n), and K2 (n), and with C2 (n) The one-time authenticator for the user authentication device 4 in the table 72b is updated. Thus, these values are held until the next session (that is, the next one-time authentication).
 このようにして、ユーザ認証デバイス4と認証サーバ3との間のワンタイム認証が実行される。 In this way, one-time authentication between the user authentication device 4 and the authentication server 3 is executed.
 以上のように、上記実施の形態によれば、(a)端末装置1は、固定的なユーザ認証データを送信せずに特定サービスに対するサービスログイン要求を認証サーバ3へ送信し、(b)認証サーバ3は、サービスログイン要求を受信すると、サービスログイン要求の送信元である端末装置1の機器認証を実行し、端末装置1の機器認証に成功した場合、特定サービスに対応するサービスコードを生成し、サービスログイン要求の送信元である端末装置1へ送信し、(c)端末装置1は、サービスコードを受信すると、受信したサービスコードを所定の形態で出力し、(d)ユーザ認証デバイス4は、端末装置1により出力されたサービスコードの入力を所定の形態で受け付けると、固定的なユーザ認証データを送信せずに、入力されたサービスコードを認証サーバ3へ送信し、(e)認証サーバ3は、サービスコードを受信すると、サービスコードの送信元であるユーザ認証デバイス4の機器認証を実行し、ユーザ認証デバイス4の機器認証に成功した場合、ユーザ認証デバイス4に関連付けられているユーザについて、受信したサービスコードにより指定される特定サービスのログインを許可する。 As described above, according to the above embodiment, (a) the terminal device 1 transmits a service login request for a specific service to the authentication server 3 without transmitting fixed user authentication data, and (b) authentication. Upon receiving the service login request, the server 3 executes device authentication of the terminal device 1 that is the transmission source of the service login request, and generates a service code corresponding to the specific service when the device authentication of the terminal device 1 is successful. (C) When the terminal device 1 receives the service code, the terminal device 1 outputs the received service code in a predetermined form. (D) The user authentication device 4 When the input of the service code output by the terminal device 1 is received in a predetermined form, the input service is not transmitted without transmitting the fixed user authentication data. (E) Upon receiving the service code, the authentication server 3 executes device authentication of the user authentication device 4 that is the source of the service code and succeeds in device authentication of the user authentication device 4 In such a case, the user associated with the user authentication device 4 is permitted to log in the specific service specified by the received service code.
 これにより、サービスログインのためのユーザ認証に要求されるユーザ認証データをインターネットなどの通信経路を介して送受信することなく、ユーザが特定され正規ユーザに対してサービスログインが許可される。 This allows a user to be identified and authorized to log in to a regular user without transmitting / receiving user authentication data required for user authentication for service login via a communication path such as the Internet.
 例えば、クライアント側の端末装置1が複数ユーザにより使用可能な端末装置(例えばマルチユーザオペレーティングシステムが稼働している端末装置)である場合、端末装置1の機器認証に成功してもその端末装置1を現時点で操作しているユーザを特定することは困難であるが、上記実施の形態のシステムによれば、端末装置1のユーザが特定される。 For example, when the terminal device 1 on the client side is a terminal device that can be used by a plurality of users (for example, a terminal device in which a multiuser operating system is operating), even if the terminal device 1 is successfully authenticated, the terminal device 1 Although it is difficult to specify the user who is operating at the present time, according to the system of the above embodiment, the user of the terminal device 1 is specified.
 なお、上述の実施の形態に対する様々な変更および修正については、当業者には明らかである。そのような変更および修正は、その主題の趣旨および範囲から離れることなく、かつ、意図された利点を弱めることなく行われてもよい。つまり、そのような変更および修正が請求の範囲に含まれることを意図している。 It should be noted that various changes and modifications to the above-described embodiments will be apparent to those skilled in the art. Such changes and modifications may be made without departing from the spirit and scope of the subject matter and without diminishing its intended advantages. That is, such changes and modifications are intended to be included within the scope of the claims.
 例えば、上記実施の形態において、サービスログイン許可後に、サービス提供部84と端末装置1との間の通信のために、特開2012-34292号に記載のフェーズ2のワンタイム認証(つまり、上述のワンタイム認証から派生する、上述のワンタイム認証とは別系列のワンタイム認証)を繰り返し行うようにしてもよい。 For example, in the above-described embodiment, after the service login is permitted, for the communication between the service providing unit 84 and the terminal device 1, the one-time authentication of the phase 2 described in Japanese Patent Application Laid-Open No. 2012-34292 (that is, the above-mentioned One-time authentication, which is a different series from the one-time authentication described above, derived from the one-time authentication may be repeatedly performed.
 また、上記実施の形態において、サービス提供部84を認証サーバ3とは別のサーバに設け、サービスログイン許可後にそのサーバから端末装置1へサービスデータを提供するようにしてもよい。 Further, in the above embodiment, the service providing unit 84 may be provided in a server different from the authentication server 3, and service data may be provided from the server to the terminal device 1 after service login permission.
 また、上記実施の形態において、認証プログラム31,61,131は、それぞれ、可搬性のある、コンピュータ読み取り可能な記録媒体(CD-ROMなど)に記録されていてもよい。その場合、認証プログラム31,61,131は、その記録媒体から読み出され、上述の端末装置1、認証サーバ3、またはユーザ認証デバイス4にインストールされてもよい。また、上記実施の形態において、認証プログラム31,61,131は、それぞれ、サーバからダウンロードされ、上述の端末装置1、認証サーバ3、またはユーザ認証デバイス4にインストールされてもよい。 Further, in the above embodiment, the authentication programs 31, 61, 131 may be recorded on a portable computer-readable recording medium (such as a CD-ROM). In that case, the authentication programs 31, 61, 131 may be read from the recording medium and installed in the terminal device 1, the authentication server 3, or the user authentication device 4 described above. In the above embodiment, the authentication programs 31, 61, 131 may be downloaded from a server and installed in the terminal device 1, the authentication server 3, or the user authentication device 4 described above.
 また、上記実施の形態では、認証サーバ3において、1台のユーザ認証デバイス4に対して1人のユーザが関連付けられているが、1台のユーザ認証デバイス4に対して複数人のユーザが関連付けてもよい。その場合、ユーザ認証デバイス4の現時点のユーザを示すユーザIDをサービスコードとともに暗号化して認証サーバ3に送信し、そのユーザIDを復号化してユーザ認証デバイス4の現時点のユーザを特定すればよい。あるいは、ユーザ認証デバイス4の複数ユーザに対して複数のワンタイム認証子をそれぞれ独立に設定し、ユーザ認証デバイス4において選択されたワンタイム認証子によるワンタイム認証によって、ユーザ認証デバイス4の現時点のユーザを特定してもよい。 In the above-described embodiment, one user is associated with one user authentication device 4 in the authentication server 3, but a plurality of users are associated with one user authentication device 4. May be. In that case, the user ID indicating the current user of the user authentication device 4 may be encrypted together with the service code and transmitted to the authentication server 3, and the user ID of the user authentication device 4 may be identified by decoding the user ID. Alternatively, a plurality of one-time authenticators are set independently for a plurality of users of the user authentication device 4, and the current time of the user authentication device 4 is determined by one-time authentication using the one-time authenticator selected by the user authentication device 4. A user may be specified.
 また、上記実施の形態では、端末装置1と認証サーバ3との間でワンタイム認証によって相互的に機器認証を行っているが、その代わりにSSL(Secure Sockets Layer)で相互的にあるいは端末装置1および認証サーバ3の一方のみの機器認証を行うようにしてもよい。 In the above embodiment, device authentication is mutually performed between the terminal device 1 and the authentication server 3 by one-time authentication. Instead, the device is mutually or by SSL (Secure Sockets Layer) or the terminal device. 1 and the authentication of only one of the authentication servers 3 may be performed.
 本発明は、例えば、ネットワークサービスにおけるユーザ認証に適用可能である。 The present invention is applicable to user authentication in network services, for example.

Claims (10)

  1.  ユーザについて特定サービスのログイン可否を判定する認証サーバと、
     前記ユーザにより操作され前記特定サービスのデータを受信する端末装置と、
     前記認証サーバによって前記ユーザに関連付けられているユーザ認証デバイスとを備え、
     (a)前記端末装置は、固定的なユーザ認証データを送信せずに前記特定サービスに対するサービスログイン要求を前記認証サーバへ送信し、
     (b)前記認証サーバは、前記サービスログイン要求を受信すると、前記特定サービスに対応するサービスコードを生成し、前記サービスログイン要求の送信元である前記端末装置へ送信し、
     (c)前記端末装置は、前記サービスコードを受信すると、受信した前記サービスコードを所定の形態で出力し、
     (d)前記ユーザ認証デバイスは、前記端末装置により出力された前記サービスコードの入力を所定の形態で受け付けると、固定的なユーザ認証データを送信せずに、入力された前記サービスコードを前記認証サーバへ送信し、
     (e)前記認証サーバは、前記サービスコードを受信すると、前記サービスコードの送信元である前記ユーザ認証デバイスの機器認証を実行し、前記ユーザ認証デバイスの機器認証に成功した場合、前記ユーザ認証デバイスに関連付けられている前記ユーザについて、受信した前記サービスコードにより指定される前記特定サービスのログインを許可すること、
     を特徴とする個人認証システム。     An authentication server that determines whether a user can log in to a specific service;
    A terminal device operated by the user and receiving data of the specific service;
    A user authentication device associated with the user by the authentication server;
    (A) The terminal device transmits a service login request for the specific service to the authentication server without transmitting fixed user authentication data,
    (B) Upon receiving the service login request, the authentication server generates a service code corresponding to the specific service, and transmits the service code to the terminal device that is the transmission source of the service login request.
    (C) Upon receipt of the service code, the terminal device outputs the received service code in a predetermined form,
    (D) When the user authentication device receives the input of the service code output by the terminal device in a predetermined form, the user authentication device transmits the input service code without transmitting fixed user authentication data. To the server,
    (E) Upon receiving the service code, the authentication server executes device authentication of the user authentication device that is a transmission source of the service code, and when the device authentication of the user authentication device is successful, the user authentication device Permitting the user associated with the login of the specific service specified by the received service code;
    A personal authentication system.
  2.  前記認証サーバは、前記サービスログイン要求を受信すると、前記サービスログイン要求の送信元である前記端末装置の機器認証を実行し、前記端末装置の機器認証に成功した場合、前記特定サービスに対応するサービスコードを生成し、前記サービスログイン要求の送信元である前記端末装置へ送信することを特徴とする請求項1記載の個人認証システム。 When the authentication server receives the service login request, the authentication server executes device authentication of the terminal device that is the transmission source of the service login request, and when the device authentication of the terminal device is successful, the service corresponding to the specific service The personal authentication system according to claim 1, wherein a code is generated and transmitted to the terminal device that is a transmission source of the service login request.
  3.  前記端末装置および前記認証サーバは、それぞれ、シードを生成し、生成した前記シードを暗号化して相互に送受信し、生成した前記シードおよび受信し復号した前記シードからワンタイム認証子を生成し、生成した前記ワンタイム認証子を相互に送受信し、生成した前記シードおよび受信し復号した前記シードに基づいて、受信した前記ワンタイム認証子についての認証を行い、前記認証に成功するたびに次回認証用シードを生成して前記シードを更新していき、
     前記端末装置は、自己の生成した前記シードおよび自己の生成した前記ワンタイム認証子を前記サービスログイン要求とともに前記認証サーバへ送信し、
     前記認証サーバは、前記サービスコードを暗号化し、自己の生成した前記シードおよび自己の生成した前記ワンタイム認証子を、暗号化された前記サービスコードとともに前記端末装置へ送信し、
     前記端末装置は、暗号化された前記サービスコードを受信すると、受信した暗号化された前記サービスコードを復号し、
     前記認証サーバは、受信した前記端末装置の前記ワンタイム識別子についての認証に成功した場合、前記端末装置の機器認証に成功したとみなすこと、
     を特徴とする請求項2記載の個人認証システム。     The terminal device and the authentication server each generate a seed, encrypt the generated seed, transmit and receive each other, generate a one-time authenticator from the generated seed and the received and decrypted seed, and generate The one-time authenticator is mutually transmitted and received, and the received one-time authenticator is authenticated based on the generated seed and the received and decoded seed. Generate seed and update the seed,
    The terminal device sends the seed generated by itself and the one-time authenticator generated by itself to the authentication server together with the service login request,
    The authentication server encrypts the service code, transmits the seed generated by itself and the one-time authenticator generated by itself to the terminal device together with the encrypted service code,
    When the terminal device receives the encrypted service code, the terminal device decrypts the received encrypted service code,
    When the authentication server succeeds in authenticating the received one-time identifier of the terminal device, the authentication server considers that the device authentication of the terminal device is successful;
    The personal authentication system according to claim 2.
  4.  前記ユーザ認証デバイスおよび前記認証サーバは、それぞれ、シードを生成し、生成した前記シードを暗号化して相互に送受信し、生成した前記シードおよび受信し復号した前記シードからワンタイム認証子を生成し、生成した前記ワンタイム認証子を相互に送受信し、生成した前記シードおよび受信し復号した前記シードに基づいて、受信した前記ワンタイム認証子についての認証を行い、前記認証に成功するたびに次回認証用シードを生成して前記シードを更新していき、
     前記ユーザ認証デバイスは、前記サービスコードを暗号化し、自己の生成した前記シードおよび自己の生成した前記ワンタイム認証子を、暗号化された前記サービスコードとともに前記認証サーバへ送信し、
     前記認証サーバは、(a)暗号化された前記サービスコードを受信すると、受信した暗号化された前記サービスコードを復号し、(b)受信した前記ユーザ認証デバイスの前記ワンタイム識別子についての認証に成功した場合、前記ユーザ認証デバイスの機器認証に成功したとみなすこと、
     を特徴とする請求項1から請求項3のうちのいずれか1項記載の個人認証システム。     The user authentication device and the authentication server each generate a seed, encrypt the generated seed, transmit and receive each other, generate a one-time authenticator from the generated seed and the received and decrypted seed, The generated one-time authenticator is mutually transmitted and received, and the received one-time authenticator is authenticated based on the generated seed and the received and decrypted seed. Generate seeds for the above and update the seeds.
    The user authentication device encrypts the service code, transmits the self-generated seed and the self-generated one-time authenticator together with the encrypted service code to the authentication server,
    The authentication server (a) receives the encrypted service code, decrypts the received encrypted service code, and (b) authenticates the received one-time identifier of the user authentication device. If successful, the device authentication of the user authentication device is considered successful;
    The personal authentication system according to any one of claims 1 to 3, wherein:
  5.  前記端末装置は、生成した前記シードを共通暗号鍵で暗号化し、暗号化された前記シードを送信し、
     前記認証サーバは、(a)受信した暗号化された前記シードを前記共通暗号鍵で復号し、(b)前記サービスコードを前記共通暗号鍵で暗号化し、
     前記端末装置および前記認証サーバは、それぞれ、前記ワンタイム認証子についての認証が成功するたびに、少なくとも生成した前記シードおよび受信し復号した前記シードに基づいて前記共通暗号鍵を更新すること、
     を特徴とする請求項3記載の個人認証システム。     The terminal device encrypts the generated seed with a common encryption key, transmits the encrypted seed,
    The authentication server (a) decrypts the received encrypted seed with the common encryption key, (b) encrypts the service code with the common encryption key,
    Each of the terminal device and the authentication server each updates the common encryption key based on at least the generated seed and the received and decrypted seed each time authentication for the one-time authenticator is successful.
    The personal authentication system according to claim 3.
  6.  前記ユーザ認証デバイスは、生成した前記シードを共通暗号鍵で暗号化し、暗号化されたシードを送信し、
     前記認証サーバは、(a)受信した暗号化された前記シードを前記共通暗号鍵で復号し、(b)受信した暗号化された前記サービスコードを前記共通暗号鍵で復号し、
     前記ユーザ認証デバイスおよび前記認証サーバは、それぞれ、前記ワンタイム認証子についての認証が成功するたびに、少なくとも生成した前記シードおよび受信し復号した前記シードに基づいて前記共通暗号鍵を更新すること、
     を特徴とする請求項4記載の個人認証システム。     The user authentication device encrypts the generated seed with a common encryption key, transmits the encrypted seed,
    The authentication server (a) decrypts the received encrypted seed with the common encryption key, and (b) decrypts the received encrypted service code with the common encryption key,
    The user authentication device and the authentication server each update the common encryption key based on at least the generated seed and the received and decrypted seed each time authentication for the one-time authenticator is successful.
    The personal authentication system according to claim 4.
  7.  ユーザについて特定サービスのログイン可否を判定する認証サーバにおいて、
     通信装置と、
     認証処理部と、
     サービスコード生成部とを備え、
     前記サービスコード生成部は、前記通信装置を使用して、前記ユーザにより操作され前記特定サービスのデータを受信する端末装置から、固定的なユーザ認証データを受信せずに前記特定サービスに対するサービスログイン要求が前記認証サーバによって受信されると、前記特定サービスに対応するサービスコードを生成し、
     前記認証処理部は、前記通信装置を使用して、生成した前記サービスコードを、前記サービスログイン要求の送信元である前記端末装置へ送信し、
     前記認証処理部は、(a)前記通信装置を使用して、当該認証サーバによって前記ユーザに関連付けられているユーザ認証デバイスから、固定的なユーザ認証データを受信せずに、前記端末装置により出力された前記サービスコードを受信し、(b)受信した前記サービスコードの送信元である前記ユーザ認証デバイスの機器認証を実行し、前記ユーザ認証デバイスの機器認証に成功した場合、前記ユーザ認証デバイスに関連付けられている前記ユーザについて、受信した前記サービスコードにより指定される前記特定サービスのログインを許可すること、
     を特徴とする認証サーバ。     In an authentication server that determines whether a user can log in to a specific service,
    A communication device;
    An authentication processing unit;
    A service code generator,
    The service code generation unit uses the communication device to request a service login for the specific service without receiving fixed user authentication data from a terminal device operated by the user and receiving the data of the specific service. Is received by the authentication server, a service code corresponding to the specific service is generated,
    The authentication processing unit uses the communication device to transmit the generated service code to the terminal device that is a transmission source of the service login request,
    The authentication processing unit outputs (a) the terminal device without receiving fixed user authentication data from the user authentication device associated with the user by the authentication server using the communication device. And (b) performing device authentication of the user authentication device that is the transmission source of the received service code, and when the device authentication of the user authentication device is successful, the user authentication device Allowing the associated user to log in to the specific service specified by the received service code;
    An authentication server characterized by
  8.  ユーザについて特定サービスのログイン可否を判定する認証サーバにおいて実行される認証プログラムにおいて、
     前記認証サーバ内のコンピュータを
     サーバ側認証処理部と、
     サービスコード生成部として機能させ、
     前記サービスコード生成部は、前記認証サーバの通信装置を使用して、前記ユーザにより操作され前記特定サービスのデータを受信する端末装置から、固定的なユーザ認証データを受信せずに前記特定サービスに対するサービスログイン要求が前記認証サーバによって受信されると、前記端末装置の機器認証に成功した場合、前記特定サービスに対応するサービスコードを生成し、
     前記サーバ側認証処理部は、前記認証サーバの通信装置を使用して、生成した前記サービスコードを、前記サービスログイン要求の送信元である前記端末装置へ送信し、
     前記サーバ側認証処理部は、(a)前記認証サーバの通信装置を使用して、当該認証サーバによって前記ユーザに関連付けられているユーザ認証デバイスから、固定的なユーザ認証データを受信せずに、前記端末装置により出力された前記サービスコードを受信し、(b)受信した前記サービスコードの送信元である前記ユーザ認証デバイスの機器認証を実行し、前記ユーザ認証デバイスの機器認証に成功した場合、前記ユーザ認証デバイスに関連付けられている前記ユーザについて、受信した前記サービスコードにより指定される前記特定サービスのログインを許可すること、
     を特徴とするコンピュータ読取可能な認証プログラム。     In an authentication program executed in an authentication server that determines whether or not a user can log in to a specific service,
    A computer in the authentication server and a server-side authentication processing unit;
    Function as a service code generator,
    The service code generation unit uses the communication device of the authentication server to respond to the specific service without receiving fixed user authentication data from a terminal device operated by the user and receiving the data of the specific service. When a service login request is received by the authentication server, if the terminal device is successfully authenticated, a service code corresponding to the specific service is generated,
    The server-side authentication processing unit uses the communication device of the authentication server to transmit the generated service code to the terminal device that is a transmission source of the service login request,
    The server-side authentication processing unit (a) uses the communication device of the authentication server, without receiving fixed user authentication data from the user authentication device associated with the user by the authentication server, When receiving the service code output by the terminal device, (b) performing device authentication of the user authentication device that is the transmission source of the received service code, and succeeding in device authentication of the user authentication device, Allowing the user associated with the user authentication device to log in the specific service specified by the received service code;
    A computer-readable authentication program.
  9.  ユーザにより操作され、認証サーバによりユーザについてのログイン可否が判定される特定サービスのデータを受信する端末装置において実行される認証プログラムにおいて、
     前記端末装置内のコンピュータを、
     認証処理部と、
     サービスコード出力部として機能させ、
     前記認証処理部は、
     (a)固定的なユーザ認証データを送信せずに前記特定サービスに対するサービスログイン要求を前記認証サーバへ送信し、
     (b)前記認証サーバから、前記サービスログイン要求に対応して送信されてくる前記特定サービスに対応するサービスコードを受信し、
     前記サービスコード出力部は、前記サービスコードが受信されると、受信された前記サービスコードを、ユーザ認証デバイスに対して入力可能な所定の形態で出力し、前記ユーザ認証デバイスは、前記認証サーバによって前記ユーザに関連付けられており、前記端末装置により出力された前記サービスコードの入力を受け付けると、固定的なユーザ認証データを送信せずに、入力された前記サービスコードを前記認証サーバへ送信すること、
     を特徴とする認証プログラム。     In an authentication program that is operated by a user and is executed in a terminal device that receives data of a specific service that is determined by the authentication server as to whether or not the user can log in,
    A computer in the terminal device;
    An authentication processing unit;
    Function as a service code output unit,
    The authentication processing unit
    (A) Sending a service login request for the specific service to the authentication server without sending fixed user authentication data;
    (B) receiving a service code corresponding to the specific service transmitted in response to the service login request from the authentication server;
    When the service code is received, the service code output unit outputs the received service code in a predetermined form that can be input to a user authentication device. The user authentication device is output by the authentication server. When receiving the input of the service code that is associated with the user and output by the terminal device, the input service code is transmitted to the authentication server without transmitting fixed user authentication data. ,
    An authentication program characterized by
  10.  ユーザについて特定サービスのログイン可否を判定する認証サーバによって前記ユーザに関連付けられているユーザ認証デバイスにおいて実行される認証プログラムにおいて、
     前記ユーザ認証デバイス内のコンピュータを、
     認証処理部として機能させ、
     前記認証処理部は、
     (a)前記ユーザにより操作され前記特定サービスのデータを受信する端末装置により前記認証サーバから受信され所定の形態で出力されたサービスコードの入力を所定の形態で受け付け、
     (b)前記端末装置により出力された前記サービスコードの入力を受け付けると、固定的なユーザ認証データを送信せずに、入力された前記サービスコードを前記認証サーバへ送信し、前記サービスコードの送信元である前記ユーザ認証デバイスの機器認証を実行させ、前記ユーザ認証デバイスの機器認証に成功した場合、前記ユーザ認証デバイスに関連付けられている前記ユーザについて、受信した前記サービスコードにより指定される前記特定サービスのログインを許可させること、
     を特徴とする認証プログラム。     In an authentication program executed in a user authentication device associated with the user by an authentication server that determines whether or not to log in a specific service for the user,
    A computer in the user authentication device;
    Function as an authentication processing unit,
    The authentication processing unit
    (A) receiving in a predetermined form an input of a service code received from the authentication server and output in a predetermined form by a terminal device operated by the user and receiving data of the specific service;
    (B) Upon receiving the input of the service code output by the terminal device, the input service code is transmitted to the authentication server without transmitting fixed user authentication data, and the service code is transmitted. When the device authentication of the original user authentication device is executed and the device authentication of the user authentication device is successful, the identification specified by the received service code for the user associated with the user authentication device Allow service login,
    An authentication program characterized by
PCT/JP2015/073094 2015-08-18 2015-08-18 Personal authentication system WO2017029708A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2016502826A JPWO2017029708A1 (en) 2015-08-18 2015-08-18 Personal authentication system
PCT/JP2015/073094 WO2017029708A1 (en) 2015-08-18 2015-08-18 Personal authentication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2015/073094 WO2017029708A1 (en) 2015-08-18 2015-08-18 Personal authentication system

Publications (1)

Publication Number Publication Date
WO2017029708A1 true WO2017029708A1 (en) 2017-02-23

Family

ID=58051601

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2015/073094 WO2017029708A1 (en) 2015-08-18 2015-08-18 Personal authentication system

Country Status (2)

Country Link
JP (1) JPWO2017029708A1 (en)
WO (1) WO2017029708A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108964921A (en) * 2017-05-26 2018-12-07 三星Sds株式会社 Verification System, authentication method and service server
CN111259358A (en) * 2020-01-07 2020-06-09 数字广东网络建设有限公司 Login method, login device, computer equipment and storage medium
JP7430817B2 (en) 2020-03-13 2024-02-13 華為技術有限公司 COMMUNICATION METHODS, DEVICES AND SYSTEMS

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004282295A (en) * 2003-03-14 2004-10-07 Sangaku Renkei Kiko Kyushu:Kk One-time id generating method, authentication method, authentication system, server, client, and program
WO2009054165A1 (en) * 2007-10-22 2009-04-30 Oki Electric Industry Co., Ltd. Log-in authentication method, log-in authentication server, and log-in authentication program
JP2009230432A (en) * 2008-03-21 2009-10-08 Toshiba Corp User authentication system, program and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2004282295A (en) * 2003-03-14 2004-10-07 Sangaku Renkei Kiko Kyushu:Kk One-time id generating method, authentication method, authentication system, server, client, and program
WO2009054165A1 (en) * 2007-10-22 2009-04-30 Oki Electric Industry Co., Ltd. Log-in authentication method, log-in authentication server, and log-in authentication program
JP2009230432A (en) * 2008-03-21 2009-10-08 Toshiba Corp User authentication system, program and method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108964921A (en) * 2017-05-26 2018-12-07 三星Sds株式会社 Verification System, authentication method and service server
CN111259358A (en) * 2020-01-07 2020-06-09 数字广东网络建设有限公司 Login method, login device, computer equipment and storage medium
JP7430817B2 (en) 2020-03-13 2024-02-13 華為技術有限公司 COMMUNICATION METHODS, DEVICES AND SYSTEMS

Also Published As

Publication number Publication date
JPWO2017029708A1 (en) 2017-08-17

Similar Documents

Publication Publication Date Title
CN109088889B (en) SSL encryption and decryption method, system and computer readable storage medium
JP6517359B2 (en) Account restoration protocol
JP6803326B2 (en) Systems and methods for implementing one-time passwords using asymmetric cryptography
JP5981610B2 (en) Network authentication method for electronic transactions
JP6017650B2 (en) How to use one device to unlock another
JP6399382B2 (en) Authentication system
WO2017071496A1 (en) Method and device for realizing session identifier synchronization
JP7202688B2 (en) Authentication system, authentication method, application providing device, authentication device, and authentication program
US10924289B2 (en) Public-private key pair account login and key manager
EP4274165A2 (en) System and method for efficiently enrolling, registering, and authenticating with multiple authentication devices
CN111615105B (en) Information providing and acquiring method, device and terminal
CN109510802B (en) Authentication method, device and system
JP6012888B2 (en) Device certificate providing apparatus, device certificate providing system, and device certificate providing program
CN112425114A (en) Password manager protected by public-private key pair
US20120311331A1 (en) Logon verification apparatus, system and method for performing logon verification
CN106796630A (en) User authentication
JPWO2020070807A1 (en) Authentication system, authentication method, application provider, authentication device, authentication program
KR20150135032A (en) System and method for updating secret key using physical unclonable function
WO2017029708A1 (en) Personal authentication system
KR102242720B1 (en) An OTP configuration method of setting time seed with unique cycle by using active time offset window per each client
EP3289724B1 (en) A first entity, a second entity, an intermediate node, methods for setting up a secure session between a first and second entity, and computer program products
JP6240102B2 (en) Authentication system, authentication key management device, authentication key management method, and authentication key management program
CN113826096A (en) User authentication and signature apparatus and method using user biometric identification data
JP5793593B2 (en) Network authentication method for securely verifying user identification information
JP6631210B2 (en) Terminal device authentication program, terminal device authentication method, server device, and authentication system

Legal Events

Date Code Title Description
ENP Entry into the national phase

Ref document number: 2016502826

Country of ref document: JP

Kind code of ref document: A

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15901690

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15901690

Country of ref document: EP

Kind code of ref document: A1