WO2017033442A1 - 情報処理装置、認証システム、認証方法、並びにコンピュータ・プログラムを記録する記録媒体 - Google Patents
情報処理装置、認証システム、認証方法、並びにコンピュータ・プログラムを記録する記録媒体 Download PDFInfo
- Publication number
- WO2017033442A1 WO2017033442A1 PCT/JP2016/003777 JP2016003777W WO2017033442A1 WO 2017033442 A1 WO2017033442 A1 WO 2017033442A1 JP 2016003777 W JP2016003777 W JP 2016003777W WO 2017033442 A1 WO2017033442 A1 WO 2017033442A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- information
- authentication
- distributed
- input
- information processing
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
Definitions
- the present invention relates to an authentication system using an information processing apparatus (computer).
- a password management method called an online password manager is used as a technology to alleviate such danger.
- a server hereinafter referred to as “password management server” that centrally manages ID and password information for each service used by the user is used.
- the user is authenticated by the password management server before using the service. When the authentication is successful, the user can receive an ID and password corresponding to the desired service.
- the user only needs to have information (master password) sufficient to receive authentication from the password management server. Therefore, in the online password manager, the user has less time for password management.
- Patent Document 1 discloses a data distribution storage system that prevents unauthorized acquisition of partial data generated from important data by a secret sharing technique.
- the authentication processing unit of each server storing partial data holds a hashed password obtained by hashing a password for each user and a user seed unique to the user.
- the authentication process part of each server authenticates a user using each server specific server seed
- Patent Document 2 discloses an authentication unit that manages authentication information necessary for user authentication using a secret sharing method.
- the terminal authentication unit described in Patent Document 2 stores a plurality of pieces of distributed information obtained by distributing authentication information by a secret sharing method in a plurality of terminals.
- the authentication unit restores the authentication information based on the distributed information collected from a predetermined number of terminals.
- the authentication unit performs authentication by comparing the restored authentication information with the input authentication information. In this way, this authentication unit can prevent leakage of authentication information when any of the terminals is lost.
- the password management server stores all information necessary for user authentication. When such information is leaked, there is a problem that the user's master password can be specified by the information.
- the authentication unit disclosed in Patent Document 2 has a problem that it is necessary to collect shared information at the timing when the user's validity has not been confirmed yet at the time of authentication. Therefore, the terminal impersonating the terminal can collect the distributed information. Then, there is a problem that the spoofed terminal can use the collected distributed information as a material for specifying authentication information.
- One object of the present invention is to provide an information processing apparatus and the like that can authenticate distributed authentication information from each apparatus that individually stores them without collecting them in any one apparatus included in the system. There is.
- a second information processing apparatus includes the following configuration.
- the second information processing apparatus is provided.
- a first information processing apparatus is connected to a system including the plurality of first information processing apparatuses having the above-described configuration.
- Secret sharing means for distributing authentication information based on the input first input information into a plurality of distributed authentication information by a secret sharing method;
- Communication control means for transmitting the distributed authentication information so as to be distributed to the plurality of second information processing apparatuses.
- an authentication method is performed by an information processing apparatus.
- the distributed authentication information is transmitted from the information processing apparatus so as to be distributed,
- a secret calculation is performed via communication between at least some of the plurality of second information processing apparatuses.
- At least one of the plurality of second information processing apparatuses that executed the secret calculation executes a predetermined process according to the result of the determination.
- the object is to read the first and second information processing apparatuses having the above-described configurations, and a computer program for realizing the corresponding method by a computer, respectively, and a computer reading in which the computer program is stored. It is also achieved with possible storage media.
- the present invention has an effect that, even if information leakage occurs from any information processing apparatus constituting the system, the user's master password cannot be specified from the leaked information.
- FIG. 15 is a flowchart illustrating operations performed by a client 400 and each distributed authentication device 500 during a user registration process according to the third embodiment.
- 14 is a flowchart illustrating operations performed by a client 400 and each distributed authentication device 500 during a service registration process according to the third embodiment.
- 14 is a flowchart illustrating operations performed by a client 400 and each distributed authentication device 500 during a service use process in the third embodiment.
- It is a figure which illustrates composition of a computer (information processor) applicable to each embodiment of the present invention, and an authentication system or a service access information management system concerning the modification.
- the secret sharing method is a technique for generating a plurality of shared information from secret information.
- the shared information is created so that secret information can be restored from a predetermined combination, but secret information cannot be restored from other combinations.
- Secret sharing methods are described, for example, by Adi Shamir, “How to Share a Secret”, Commun. ACM 22 (11), pp. 612-613, 1979.
- Various other secret sharing methods are known.
- the process of generating shared information from secret information is also referred to as “distributed process”.
- the process of restoring secret information by inputting a plurality of shared information is also referred to as “restoration process”.
- the secret calculation method is a technique capable of executing calculation related to data distributed by the secret sharing method.
- the secret calculation method for example, Michael Ben-Or, Shafi Goldwasser, Avi Wigderson al., "Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract)", Proceedings of the 20th Annual ACM Symposium on Theory of Computing, 1988 Proposed in the year.
- Various other secret calculation methods are known.
- According to the secret calculation method it is possible to execute any operation on the distributed data group distributed by the secret sharing method and distributed and stored in a plurality of servers without data restoration. That is, since it is not necessary to restore data, according to the secret calculation method, it is possible to perform an operation without collecting the dispersed data group in one place.
- FIG. 1 is a block diagram showing a configuration of an authentication system according to the first embodiment of the present invention.
- the authentication system according to the present embodiment includes a first information processing apparatus 1 and a plurality of second information processing apparatuses 10.
- the first information processing apparatus 1 and each second information processing apparatus 10 can communicate via a communication network (hereinafter simply referred to as a network) 1000 such as the Internet or a local area network (LAN).
- a network 1000 such as the Internet or a local area network (LAN).
- the first information processing apparatus 1 and the second information processing apparatus 10 are generally operated by control of a computer program (software program) executed using a CPU (Central Processing Unit: not shown).
- a simple information processing apparatus (computer) may be used.
- each unit of the first information processing apparatus 1 and the second information processing apparatus 10 may be configured by a dedicated hardware device or a logic circuit.
- a hardware configuration example in which the first information processing apparatus 1 and the second information processing apparatus 10 are realized by a computer will be described later with reference to FIG.
- the first information processing apparatus 1 includes a secret sharing unit 2 and a communication control unit 3.
- the secret sharing unit 2 distributes the authentication information based on the input information 20 input by, for example, a user operation into a plurality of distributed authentication information by a secret sharing method.
- the input information 20 is information sufficient to execute authentication such as a set of passwords corresponding to IDs in ID password authentication.
- the authentication information is information generated based on the input information 20.
- the authentication information may be a part or all of the input information 20, for example.
- the communication control unit 3 can control communication between the first information processing apparatus 1 (self apparatus) and each second information processing apparatus 10.
- the communication control unit 3 transmits each piece of distributed authentication information generated by the secret sharing unit 2 to each of the plurality of second information processing apparatuses 10.
- the second information processing apparatus 10 includes a communication control unit 11, a secret calculation unit 12, a processing execution unit 13, and a storage device 14.
- the storage device 14 can store the distributed master authentication information 15.
- the storage device 14 is realized by, for example, a semiconductor memory device or a disk device.
- the distributed master authentication information 15 is one of a plurality of pieces of information in which the master authentication information is distributed by distributed processing.
- the master authentication information is one piece of information that is collated with the authentication information at the time of authentication. It can be said that the authentication information generated in the first information processing apparatus 1 is the other information that is collated with the master authentication information during authentication.
- the master authentication information is, for example, information based on information such as a master password that is an original to be compared with authentication information based on the input information 20 such as a password.
- the distributed master authentication information 15 is stored in the storage device 14 in advance.
- the communication control unit 11 can control communication between the own apparatus and the first information processing apparatus 1 and the other second information processing apparatus 10.
- the secret calculation unit 12 Based on the distributed master authentication information 15 and one of the distributed authentication information received from the first information processing device 1 via the communication control unit 11, the secret calculation unit 12 communicates with the other second information processing devices 10. Performs secret computation via communication between the two.
- the secret calculation unit 12 determines whether the authentication information that is the basis of the distributed authentication information matches the master authentication information that is the basis of the distributed master authentication information 15 by the secret calculation.
- the secret calculation performed by the secret calculation unit 12 is executed between at least some of the second information processing apparatuses 10 included in the present embodiment. Due to the characteristics of the secret calculation method described above, this secret calculation (calculation for determining coincidence) is executed without collecting the distributed master authentication information 15 and the distributed authentication information in any one of the second information processing apparatuses 10. .
- the process execution unit 13 executes a predetermined process according to the result of the determination (authentication) whether the authentication information by the secret calculation unit 12 matches the master authentication information. For example, the process execution unit 13 may provide predetermined information to the first information processing apparatus 1 when it is determined that the authentication information matches the master authentication information (authentication success). Alternatively, the process execution unit 13 may simply notify the first information processing apparatus 1 of the determination result (that is, the success or failure of authentication).
- the distributed master authentication information 15 is collected from each of the second information processing apparatuses 10 storing them individually to any one of the apparatuses included in the system. It can authenticate without.
- the information processing apparatus that can authenticate the distributed authentication information without collecting the authentication information from each apparatus that stores them individually in any one apparatus included in the system.
- the present embodiment has an effect that the master authentication information of the user cannot be specified from the information of a single information processing device, even if information leakage occurs from any information processing device constituting the system.
- the terminal pretending to be the first information processing apparatus 1 cannot acquire the distributed master authentication information 15.
- the first information processing apparatus 1 and one of the second information processing apparatuses 10 may be mounted in the same information processing apparatus.
- the service access information is a general term for information used when accessing each service, such as user authentication information for various services and information on encryption keys.
- the service access information management system is generally called a password management system.
- FIG. 2 is a block diagram showing the configuration of the service access information management system according to the second embodiment of the present invention.
- the service access information management system includes a client (first information processing apparatus) 100, a plurality of distributed authentication apparatuses (second information processing apparatuses) 200, and service access information management.
- a device 300 The client 100 is based on the first information processing apparatus 1 in the first embodiment.
- the distributed authentication device 200 is based on the second information processing device 10 in the first embodiment.
- the distributed authentication device 200 and the service access information management device 300 correspond to a device (group) that manages service access information in the password management system.
- a password management system in which the client 100 and a device (group) for managing service access information are connected via a network is particularly called an online password manager.
- the service access management system according to the present embodiment is referred to as an online password manager.
- the online password manager in the present embodiment can execute three processes of user registration, service registration, and service use.
- the user registers the master password, which is a character string used for user authentication when using the online password manager, and user ID information representing the user ID in the online password manager.
- This master password is an example of master authentication information in the first embodiment.
- the user registers the master password distributed by the secret sharing method as information (distributed master authentication information 215) associated with the user ID information with respect to each distributed authentication apparatus 200 via the client 100. .
- the distributed master authentication information 215 is based on the distributed master authentication information 15 in the first embodiment. That is, the user registration process in the present embodiment corresponds to a process of registering the distributed master authentication information 15 in the storage device 14 of the second information processing apparatus 10 in the first embodiment. It can be said that the user registration process is a process for preparing a system environment capable of executing authentication in the first embodiment.
- the user can also register salt information representing a salt used for encryption and decryption of service access information in the online password manager. Similar to the master password, the salt information is registered in each distributed authentication apparatus 200 as distributed salt information 216 distributed by the secret sharing method. Hereinafter, the distributed salt information is referred to as distributed salt information 216.
- the user manages service access information for a plurality of services using the client 100 in the service registration process and the service use process.
- the user registers the service access information in the online password manager.
- the user registers the encrypted service access information (encrypted service access information 304) in the service access information management apparatus 300 via the client 100.
- the user acquires encrypted service access information 304 corresponding to the desired service from the online password manager as a service use process.
- the user acquires the encrypted service access information 304 registered in the service access information management apparatus 300 as decrypted service access information via the client 100.
- the user receives user authentication when using the online password manager using the master password and user ID information registered by the user registration process as the first stage of the service registration process and the service use process.
- This user authentication is authentication based on the first embodiment. That is, the online password manager in the present embodiment executes authentication based on the first embodiment as user authentication included in the service registration process and the service use process.
- the term “user authentication” refers to user authentication in both the service registration process and the service use process, unless otherwise specified.
- a password (character string) that matches the master password as an example of the input information 20 in the first embodiment.
- This password is an example of authentication information in the first embodiment.
- a character string input by a user in user authentication is simply referred to as a “password” to be distinguished from a “master password” registered in user registration.
- the user When the user authentication is successful, the user is permitted to register or obtain service access information by receiving the distributed salt information 216 from each distributed authentication device 200. That is, the client 100 can execute the above-described processing for encrypting and decrypting the service access information by using the salt information restored from the distributed salt information 216.
- the user can use a desired service using the decrypted service access information.
- a user With such an online password manager process, a user can use various services as long as a set of user ID information and a master password are stored.
- the user registration process is performed before the service registration process and the service use process. That is, the user registration process is performed before authentication.
- the service registration process is performed before the service use process.
- the client 100, each distributed authentication device 200, and the service access information management device 300 can communicate with each other via a communication network (hereinafter simply referred to as a network) 1000 such as the Internet or a local area LAN.
- a network 1000 such as the Internet or a local area LAN.
- the client 100, the distributed authentication device 200, and the service access information management device 300 are general information processing devices that operate under the control of a computer program (software program) that is executed using a CPU (not shown). Computer).
- each unit of the client 100, the distributed authentication device 200, and the service access information management device 300 may be configured by a dedicated hardware device or a logic circuit.
- a hardware configuration example in which the client 100, the distributed authentication device 200, and the service access information management device 300 are realized by a computer will be described later with reference to FIG.
- the client 100 further includes an authentication information generation unit 101, an encryption unit 103, a secret restoration unit 104, a decryption unit 105, An input unit 110 and an output unit 111 are included.
- the input unit 110 can accept information input from the user in each process of the online password manager described above. That is, the input unit 110 includes a user ID, a master password (second input information), salt information (third input information), a password (first input information), and service access information (fourth input information). Can be accepted.
- the first to fourth input information and the user ID described above are examples of the input information 20 in the first embodiment.
- the input unit 110 may accept an input via a keyboard, a pointing device, a touch panel, or the like (not shown).
- the input unit 110 may accept an input by communication from, for example, the communication control unit 3 or an external device connected by a communication function (not shown).
- the authentication information generation unit 101 can generate authentication information and master authentication information, which are information sufficient to execute authentication, based on information input via the input unit 110.
- the master authentication information and authentication information in this embodiment are based on the master authentication information and authentication information in the first embodiment, respectively.
- the authentication information generation unit 101 generates master authentication information by performing a predetermined calculation on the input master password in the user registration process. Further, as an example, the authentication information generation unit 101 generates authentication information by performing a predetermined calculation on an input password during user authentication in service registration processing and service use processing.
- the authentication information generation unit 101 calculates a hash value by inputting a master password or a password as an example of a predetermined calculation. That is, the master authentication information and the authentication information in the present embodiment are information generated based on the hash value. Various methods other than the above can be adopted as a predetermined calculation method performed by the authentication information generation unit 101. That is, in the authentication method according to the present embodiment, the hash value based on the master password that is the first character string and the hash value based on the input password that is the second character string are respectively distributed by the secret calculation method. It is a method of collating as it is.
- the secret sharing unit 102 is based on the secret sharing unit 2 in the first embodiment.
- the secret sharing unit 102 distributes a plurality of authentication information generated by the authentication information generating unit 101 during user authentication by a secret sharing method. Distributed in authentication information.
- the secret sharing unit 102 also uses the secret sharing method for the master authentication information generated by the authentication information generating unit 101 and the salt information input via the input unit 110 during the user registration process. scatter.
- the communication control unit 3 is based on the communication control unit 3 in the first embodiment. As with the communication control unit 3 in the first embodiment, the communication control unit 3 distributes each distributed authentication information distributed by the secret sharing unit 102 to each of the plurality of distributed authentication devices 200 during user authentication. It is transmitted in association with the user ID information.
- the communication control unit 3 uses the distributed master authentication information 215 and the distributed salt information 216 distributed by the secret sharing unit 102 for each of the plurality of distributed authentication devices 200 during the user registration process. Is transmitted in association with the user ID information. In other words, the communication control unit 3 transmits each distributed salt information 216 to each distributed authentication device 200 as “custody information” stored in advance. This deposit information is later returned to the client 100 under the conditions and timing determined by each distributed authentication device 200. In this embodiment, as an example, the communication control unit 3 receives the custody information (distributed salt information 216) from each distributed authentication device 200 when it is determined that the authentication is successful.
- the communication control unit 3 can control communication regarding each information exchanged between each distributed authentication device 200 and the service access information management device 300 in the service registration process and the service use process.
- the secret restoration unit 104 inputs each distributed salt information 216 received from each distributed authentication device 200 via the communication control unit 3 when the user authentication in the service registration process and the service use process is successful, and receives the salt information. Can be restored.
- the encryption unit 103 encrypts the input service access information in the service registration process.
- the encrypted service access information is referred to as encrypted service access information 304.
- the encryption unit 103 performs encryption using the encryption key generated based on the salt information restored by the secret restoration unit 104. Also, the encryption unit 103 transmits the encrypted service access information 304 to the service access information management apparatus 300 via the communication control unit 3.
- the decryption unit 105 decrypts the encrypted service access information 304 acquired from the service access information management device 300 via the communication control unit 3 in the service use process.
- the decryption unit 105 performs decryption using the decryption key generated based on the salt information restored by the secret restoration unit 104.
- the encryption method is a common key method, the encryption key and the decryption key may be the same.
- the encrypted service access information 304 is decrypted to return to the service access information input in the service registration process.
- the output unit 111 outputs the service access information decoded by the decoding unit 105.
- the output unit 111 may display service access information on a display (not shown) or a touch panel.
- the output unit 111 may output service access information to a storage device (not shown) or an external device connected via the communication control unit 3 or the like.
- the output unit 111 may be used for displaying a message when receiving an input to the input unit 110.
- the distributed authentication device 200 further includes a registration unit 201 in addition to the communication control unit 11, the secret calculation unit 212, the process execution unit 213, and the storage device 14 each based on the first embodiment.
- the storage device 14 in the present embodiment can store distributed master authentication information 215 and distributed salt information 216.
- the storage device 14 is realized by, for example, a semiconductor memory device or a disk device.
- the distributed master authentication information 215 and the distributed salt information 216 are stored in the storage device 14 by the registration unit 201 during user registration.
- the communication control unit 11 is based on the communication control unit 11 in the first embodiment.
- the communication control unit 11 can control communication between the own device and the client 100 and other distributed authentication devices 200.
- the secret calculation unit 212 is based on the secret calculation unit 212 in the first embodiment.
- the secret calculation unit 212 uses another distributed authentication device 200 based on the distributed master authentication information 215 and one of the distributed authentication information received from the client 100 via the communication control unit 11 in user authentication. Executes secret computation via communication with The secret calculation unit 212 uses the secret calculation to match the authentication information that is the basis of the distributed authentication information received from the client 100 with the master authentication information that is the basis of the distributed master authentication information 215 stored in the storage device 14. Determine whether or not. That is, the secret calculation unit 212 determines whether the authentication information based on the password input in the user authentication of the service registration process and the service use process matches the master authentication information based on the master password input in the user registration process. To do.
- the secret calculation unit 212 can execute a combination of a secret calculation for calculating a hash and a secret calculation for determining a match. Since the structure and function of the secret calculation unit 212 are the same as those of the first embodiment except for the points described above, a detailed description thereof is omitted.
- the process execution unit 213 is based on the process execution unit 13 in the first embodiment.
- the process execution unit 213 executes a predetermined process according to a determination (authentication) result indicating whether the authentication information by the secret calculation unit 212 matches the master authentication information.
- the process execution unit 213 transmits the distributed salt information 216 to the client 100 when it is determined that the authentication is successful.
- the process execution unit 213 according to the present embodiment can transmit storage information (distributed salt information 216), which is information stored in advance, to the authentication requester. .
- the registration unit 201 receives one of the distributed master authentication information 215 and one of the distributed salt information 216 from the client 100 via the communication control unit 11 during the user registration process. Then, the registration unit 201 can store one of the received distributed master authentication information 215 and one of the distributed salt information 216 in the storage device 14 in association with the user ID information.
- the service access information management device 300 includes a communication control unit 301, a management unit 302, and a storage device 303.
- the storage device 303 can store the encrypted service access information 304.
- the encrypted service access information 304 is stored in the storage device 303 by the management unit 302 during the service registration process.
- the communication control unit 301 can control communication between the own device and the client 100.
- the management unit 302 stores the encrypted service access information 304 received from the client 100 via the communication control unit 301 during the service registration process in the storage device 303 in association with the user ID information and the service name information. Can do. In addition, the management unit 302 can transmit the encrypted service access information 304 to the client 100 via the communication control unit 301 during the service use process.
- the online password manager according to the present embodiment performs three processes: the user registration process, the service registration process, and the service use process described above. Below, operation
- FIG. 3 is a flowchart illustrating operations performed by the client 100 and each distributed authentication device 200 during the user registration process in the second embodiment.
- the user inputs user ID information, master password, and salt information to the client 100.
- the input unit 110 receives input of user ID information, a master password, and salt information (step A10). These pieces of information may be automatically generated by the input unit 110 or a functional unit (not shown) instead of being input by the user.
- the amount of information (character string length) obtained by combining the master password and the user ID information is set to an amount of information that can be stored by the user.
- the authentication information generation unit 101 generates master authentication information based on the input information.
- the authentication information generation unit 101 calculates a hash value of the master password (step A11).
- the authentication information generation unit 101 may use a hash function for encryption such as SHA (Secure Hash Algorithm) -1 or a common key encryption method as a hash value calculation method.
- the authentication information generation unit 101 may include, for example, user ID information in addition to the master password as an input for calculating the hash value.
- an auxiliary input may be included in addition to the input from the user.
- a well-known general method can be used as the hash value calculation method, detailed description in this embodiment will be omitted.
- the secret sharing unit 102 performs a sharing process by the secret sharing method on each of the generated master authentication information and the salt information input in step A11. Specifically, the secret sharing unit 102 performs a sharing process on each of the hash value of the master password and the salt information (step A12).
- the communication control unit 3 transmits the user ID information, the distributed hash value (distributed master authentication information 215), and the distributed salt information (distributed salt information 216) to each distributed authentication apparatus 200 (distributed). (Step A13). Specifically, the communication control unit 3 transmits one of the distributed master authentication information 215 and one of the distributed salt information 216 so as to be distributed to each distributed authentication device 200 together with the user ID information. .
- each distributed authentication device 200 receives user ID information, distributed master authentication information 215, and distributed salt information 216 via the communication control unit 11.
- Each registration unit 201 stores the distributed master authentication information 215 and the distributed salt information 216 in the storage device 14 in association with the user ID information (step B20).
- FIG. 4 is a flowchart showing operations performed by the client 100, each distributed authentication device 200, and the service access information management device 300 during the service registration process in the second embodiment.
- the user inputs the user ID information, password, service name information, and service access information registered in the user registration process to the client 100.
- the service name information is information representing the name of the service that the user registers.
- the user inputs a password so as to match the master password registered in the user registration process.
- input unit 110 accepts input of user ID information, password, service name information, and service access information (step A30).
- the service access information can be information that the user wants to store externally in relation to the service name.
- the service access information may be an ID (service ID) and a password (service password) used in a service registered by the user.
- service ID an ID
- service password a password used in a service registered by the user.
- the service password may be prepared by the user or the service side. When the user prepares, for example, the user may use a random number generation program or the like as a service password.
- the client 100 receives user authentication.
- the authentication information generation unit 101 generates authentication information based on the input information (step A31). Specifically, the authentication information generation unit 101 calculates a hash value of the input password. Since the hash value calculation method is the same as the hash value calculation method (step A11) in the user registration process, a detailed description thereof will be omitted.
- the secret sharing unit 102 performs a sharing process by the secret sharing method on the generated authentication information (password hash value) (step A32).
- password hash value generated authentication information
- distributed authentication information information in which password hash values are distributed.
- the communication control unit 3 transmits (distributes) user ID information and distributed authentication information to each distributed authentication apparatus 200 (step A33). Specifically, the communication control unit 3 transmits one piece of distributed authentication information to each distributed authentication apparatus 200 so as to be distributed to each distributed authentication apparatus 200 together with the user ID information. For example, the communication control unit 3 may determine the transmission method of the user ID information and the distributed authentication information based on the transmission destination and the transmission method that transmitted the distributed master authentication information 215 in Step A13 of the user registration process. .
- the communication control unit 11 receives the user ID information and the distributed authentication information (step B40).
- the secret calculation unit 212 performs communication with another distributed authentication device 200 based on the received distributed authentication information and the distributed master authentication information 215 stored in association with the received user ID information.
- the secret calculation is executed (step B41). Specifically, the secret calculation unit 212 determines whether the hash value of the password that is the basis of the distributed authentication information matches the hash value of the master password that is the basis of the distributed master authentication information 215 by the secret calculation (calculation). Determine if.
- the secret calculation performed by the secret calculation unit 212 is executed among at least some of the distributed authentication devices 200 included in the present embodiment.
- the secret calculation unit 212 executes a combination of a secret calculation for calculating a hash and a secret calculation for determining a match.
- a calculation method for performing a secret calculation Yehuda Lindell, Benny Pinkas, Nigel P. Smart, written by Avishay Yanai, “Efficient Constant Round Multi-Party Combining Combining BMR and SPDZ”, [Online], Cryptology ePrint 7th, April 15 iacr. org / 2015/523. pdf>.
- the secret calculation unit 212 may execute a hash algorithm by a secret calculation that executes the common key encryption described in the above-mentioned document.
- CMAC Cipher-based Message Authentication Code
- CMAC is well known as an example of a hash algorithm.
- CMAC is, for example, written by Morris Dworkin, “Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication, which is the NIST (National Institute of Standard 5) .
- the calculation method for determining coincidence is the same as that described at the beginning of the section “DETAILED DESCRIPTION OF THE INVENTION”, and a detailed description thereof is omitted.
- the secret calculation unit 212 determines that the authentication is successful.
- the authentication determination method may be, for example, successful authentication when a determination result that matches is obtained in all the distributed authentication devices 200 participating in the secret calculation of the authentication process.
- the authentication result may be determined by a majority vote of the distributed authentication device 200 participating in the secret calculation of the authentication process.
- One secret calculation unit 212 may perform authentication determination as a representative.
- the plurality of secret calculation units 212 may each perform authentication determination. Since various well-known general techniques including the above-described method can be used for the authentication determination method, detailed description in this embodiment will be omitted.
- the process execution unit 213 executes a predetermined process. Specifically, as an example, the process execution unit 213 transmits the distributed salt information 216 stored in association with the received user ID to the client 100 (step B43). This process is executed by at least the number of distributed authentication apparatuses 200 that satisfy the condition that the distributed salt information 216 that can restore the salt information is provided to the client 100. Since the method for determining the number of distributed authentication apparatuses 200 that execute processing can use a well-known general technique of secret sharing, detailed description in this embodiment will be omitted.
- the process execution unit 213 executes a predetermined process. Specifically, as an example, the process execution unit 213 simply ends the process without transmitting the distributed salt information 216.
- the process execution unit 213 may execute another “predetermined process” such as, for example, notifying the client 100 of an authentication failure and then terminating the process.
- the communication control unit 3 receives the distributed salt information 216 from each distributed authentication device 200 (step A34).
- the client 100 can know the success of authentication by receiving this distributed salt information 216. This is the user authentication that the client 100 receives.
- the secret restoration unit 104 performs a restoration process on the received plurality of distributed salt information 216 (step A35). As a result of the restoration process, the salt information input in the user registration process is restored.
- the encryption unit 103 encrypts the input service access information in step A30 (step A36). Specifically, first, the encryption unit 103 calculates a secret key used for encryption by inputting the input password and the restored salt information to a key derivation function.
- the encryption unit 103 can use a hash function for encryption such as SHA-1 or a method using a common key encryption such as AES (Advanced Encryption Standard) as the key derivation function.
- the encryption unit 103 may add a service name or the like to the input to the key derivation function so that a different key is used for each service. Then, the encryption unit 103 encrypts the service access information using the calculated secret key.
- the encryption unit 103 transmits user ID information, service name information, and encrypted service access information (encrypted service access information 304) to the service access information management apparatus 300 via the communication control unit 3. (Step A37).
- the management unit 302 stores the received encrypted service access information 304 in the storage device 303 in association with the user ID information and the service name information (step C50).
- the service access information management apparatus 300 may store the encrypted service access information 304 after confirming that the client 100 has succeeded in user authentication. For example, the service access information management apparatus 300 may confirm the result of user authentication through communication with one of the distributed authentication apparatuses 200. Alternatively, when requesting registration of the encrypted service access information 304, the service access information management apparatus 300 confirms without communication via information based on the information certifying successful authentication added by the client 100. Also good. Since various well-known general techniques including the above-described method can be used as the method for confirming the result of user authentication, detailed description in this embodiment will be omitted.
- FIG. 5 is a flowchart illustrating operations performed by the client 100, each distributed authentication device 200, and the service access information management device 300 during the service use process according to the second embodiment.
- the user inputs user ID information, password, and service name information to the client 100.
- the service name information is information representing the name of the service for which the user wants to obtain service access information, such as the name of the service that the user wants to use.
- the user inputs user ID information and a password as in the service registration process.
- the input unit 110 receives input of user ID information, password, and service name information (step A60).
- the client 100 first receives user authentication. If the user authentication is successful, the client 100 restores the salt information by a restoration process for the distributed salt information.
- the steps of user authentication (steps A31 to A34 and steps B40 to B43) and the salt information restoration process (step A35) are the same as the service registration process, and a detailed description thereof will not be repeated.
- the decryption unit 105 requests the service access information management apparatus 300 for the encrypted service access information 304 (step A61). Specifically, the decryption unit 105 requests the service access information management apparatus 300 to send the corresponding encrypted service access information 304 by notifying the service access information management device 300 of the user ID information and the service name information.
- the management unit 302 transmits the encrypted service access information 304 corresponding to the user ID information and the service name information to the client 100 based on the request from the client 100 (step C70).
- the service access information management apparatus 300 may transmit the encrypted service access information 304 after confirming that the client 100 has succeeded in user authentication.
- the method for confirming the result of the user authentication is the same as that in step C50 of the service registration process, and a detailed description thereof will be omitted.
- the service access information management apparatus 300 may transmit the encrypted service access information 304 without confirming the success of the user authentication. .
- the decryption unit 105 receives the encrypted service access information 304. Then, the decryption unit 105 decrypts the received encrypted service access information 304 (step A62). Specifically, the decryption unit 105 calculates a secret key in the same manner as Step A36 of the service registration process. Then, the decryption unit 105 decrypts the encrypted service access information 304 using the calculated secret key. As a result of decoding, the decoding unit 105 can obtain the same information as the service access information input in the service registration process.
- the output unit 111 outputs the decrypted service access information (step A63).
- the user can use a desired service using the output service access information.
- this embodiment has an effect of further improving the security of the master password.
- the secret sharing unit 102 of the client 100 uses the hash value of the master password calculated via the authentication information generating unit 101 instead of the master password itself as the basis of the distributed master authentication information 215. Because it does.
- this embodiment has an effect that service access information can be managed safely.
- the secret sharing unit 102 generates the distributed salt information 216 in which the salt information is distributed by the secret sharing method in the client 100.
- the secret restoration unit 104 collects (acquires) the distributed salt information 216 stored in each distributed authentication device 200 and restores the distributed salt information 216 as salt information. That is, in the present embodiment, even if information leakage occurs from any information processing device constituting the online password manager, the information cannot be used for specifying salt information necessary for decryption of the encrypted service access information 304. .
- this embodiment has an effect that various services can be used if the user stores a set of user ID information and a password.
- the reason is that the distributed salt information 216 necessary for generating a secret key for decrypting the encrypted service access information 304 after the plurality of distributed authentication devices 200 succeeds in user authentication with a set of user ID information and password. This is because it is provided to the client 100.
- the client 100 can acquire service access information for various services by decrypting the encrypted service access information 304 based on the salt information obtained by decrypting the distributed salt information 216.
- this embodiment has an effect that the client 100 can be easily provided.
- the client 100 and one of the distributed authentication devices 200 may be implemented in the same information processing device.
- the service access information management device 300 and one of the distributed authentication devices 200 may be mounted in the same information processing device.
- the master authentication information and the authentication information may be used as they are, or all or part of the input master password.
- the input unit 110 may accept some information at timings other than those described above. That is, the input unit 110 may accept information other than the user ID information and the password after the success of user authentication is found instead of step A30 in FIG. 4 or step A60 in FIG. Also, for example, in the service use process, the secret restoration unit 104 restores the distributed salt information 216 (step A35 in FIG. 5), or at any timing until the encrypted service access information 304 is decrypted (step A62). May be executed.
- ⁇ Third Embodiment> Next, a third embodiment based on the above-described second embodiment will be described.
- FIG. 6 is a block diagram showing a configuration of a service access information management system according to the third embodiment of the present invention.
- the service access information management system according to the present embodiment includes a client (first information processing apparatus) 400 and a plurality of distributed authentication apparatuses (second information processing apparatuses) 500.
- the client 400 is based on the client 100 in the second embodiment.
- the distributed authentication apparatus 500 is based on the distributed authentication apparatus 200 in the second embodiment.
- This embodiment is different from the second embodiment in that service access information is managed in a distributed manner.
- the service access information is protected by a cryptographic technique.
- the service access information is protected by applying the secret sharing method instead of the encryption technique.
- distributed service access information is stored in each distributed authentication apparatus 500 together with distributed master authentication information 215. Therefore, this embodiment is different from the second embodiment in that an apparatus corresponding to the service access information management apparatus 300 is not included.
- the service access information management system is an online password manager, as in the second embodiment.
- the online password manager can execute three processes of user registration, service registration, and service use.
- the client 400 and each distributed authentication device 500 can communicate with each other via a network 1000 such as the Internet or a local area LAN.
- a network 1000 such as the Internet or a local area LAN.
- the client 400 and the distributed authentication device 500 may be configured by a general information processing device (computer) that operates under the control of a computer program (software program) that is executed using a CPU (not shown). good.
- each unit of the client 400 and the distributed authentication device 500 may be configured by a dedicated hardware device or a logic circuit.
- a hardware configuration example in which the client 400 and the distributed authentication device 500 are realized by a computer will be described later with reference to FIG.
- the client 400 includes a communication control unit 3, an authentication information generation unit 101, a secret sharing unit 402, a secret restoration unit 404, an input unit 410, and an output unit 111, each based on the second embodiment. Since the structures and functions of the authentication information generation unit 101 and the output unit 111 are the same as those in the second embodiment, redundant description is omitted.
- the input unit 410 is different from the second embodiment in that it does not receive input of salt information. That is, the input unit 410 can accept a user ID, a master password (second input information), a password (first input information), and service access information (third input information).
- the secret sharing unit 402 and the secret restoration unit 404 are different from the second embodiment in that service access information is used as a target of the distribution process or restoration process of the secret sharing method instead of the salt information.
- the communication control unit 3 transmits / receives the distributed service access information 517 to / from each distributed authentication device 500 instead of the distributed salt information 216 and does not handle the encrypted service access information 304. Different from the embodiment.
- the secret sharing unit 402 distributes the distributed service access information 517, which is information in which the service access information is distributed, by the distributed process.
- the secret restoration unit 404 restores the distributed service access information 517 received from each distributed authentication apparatus 500 as service access information by the restoration process.
- the structures and functions of the input unit 410, the secret sharing unit 402, the secret restoration unit 404, and the communication control unit 3 are the same as those of the second embodiment except for the points described above.
- the distributed authentication device 500 includes a communication control unit 11, a secret calculation unit 212, a process execution unit 513, a registration unit 501, and a storage device 14 based on the second embodiment. Since the structure and function of the secret calculation unit 212 are the same as those in the second embodiment, a detailed description thereof is omitted.
- Each of the units other than the secret calculation unit 212 handles the distributed service access information 517 in place of the distributed salt information 216.
- the storage device 14 can store the distributed master authentication information 215 and the distributed service access information 517.
- the communication control unit 11 transmits / receives distributed service access information 517 to / from the client 400 instead of the distributed salt information 216.
- the registration unit 501 receives the distributed service access information 517 in the service registration process instead of the user registration process, and stores it in the storage device 14.
- the process execution unit 513 transmits the distributed service access information 517 to the client 400 instead of the distributed salt information 216 as an example of a predetermined process when the user authentication is successful.
- the distributed service access information 517 corresponds to the custody information in the second embodiment. Also in this embodiment, this custody information is later returned to the client 400 under the conditions and timing determined by each distributed authentication device 500.
- the communication control unit 3 receives this custody information (distributed service access information 517) from each distributed authentication device 500 when it is determined that the authentication is successful.
- the plurality of custody information received from each distributed authentication device 500 is restored as service access information by the secret restoration unit 404. Then, the secret restoration unit 404 outputs the restored service access information via the output unit 111.
- the online password manager also performs three processes: a user registration process, a service registration process, and a service use process. Below, operation
- FIG. 7 is a flowchart illustrating operations performed by the client 400 and each distributed authentication device 500 during the user registration process according to the third embodiment.
- the user inputs user ID information and a master password to the client 400.
- input unit 410 accepts input of user ID information and a master password (step A100).
- the authentication information generation unit 101 generates master authentication information based on the input information. As in the second embodiment, the authentication information generation unit 101 calculates a hash value of the master password (step A101).
- the secret sharing unit 402 performs a sharing process by the secret sharing method on the generated master authentication information (step A102).
- the communication control unit 3 transmits (distributes) the user ID information and the distributed hash value (distributed master authentication information 215) to each distributed authentication device 500 (step A103).
- each distributed authentication device 500 the registration unit 501 receives the user ID information and the distributed master authentication information 215 via the communication control unit 11. Each registration unit 501 stores the distributed master authentication information 215 in the storage device 14 in association with the user ID information (step B110).
- FIG. 8 is a flowchart illustrating operations performed by the client 400 and each distributed authentication device 500 during the service registration process according to the third embodiment.
- the user inputs the user ID information, password, service name information, and service access information registered in the user registration process to the client 400. Thereafter, each step (steps A31 to A33 and steps B40 to B42) up to reception of input from the input unit 410 in the client 400 (step A30) and determination of the result of user authentication is the same as in the second embodiment. Therefore, the detailed description which overlaps is omitted.
- the process execution unit 513 executes a predetermined process. Specifically, the process execution unit 513 notifies the client 400 of an authentication result (success) as an example (step B130). This notification may be executed by at least one distributed authentication device 500.
- the process execution unit 513 may simply end the process without transmitting the authentication result (failure), for example.
- the communication control unit 3 receives a notification of an authentication result (success) from at least one distributed authentication device 500 (step A120).
- the client 400 can know the success of the authentication by receiving the notification of the authentication result (success). This is the user authentication that the client 400 receives.
- the secret sharing unit 402 performs a sharing process by the secret sharing method on the input service access information (step A121).
- the communication control unit 3 transmits (distributes) the user ID information, service name information, and distributed service access information (distributed service access information 517) to each distributed authentication apparatus 500 (step A122). .
- each distributed authentication device 500 the registration unit 501 receives user ID information, service name information, and distributed service access information 517 via the communication control unit 11.
- Each registration unit 501 stores the distributed service access information 517 in the storage device 14 in association with the user ID information and the service name information (step B131).
- FIG. 9 is a flowchart illustrating operations performed by the client 400 and each distributed authentication device 500 during the service use process according to the third embodiment.
- the user inputs user ID information, password, and service name information to the client 400.
- each step steps A31 to A33 and steps B40 to B42 up to reception of the input of the input unit 410 in the client 400 (step A60) and determination of the result of user authentication is basically the second embodiment. It is the same.
- service name information is added as information transmitted from the client 400 to each distributed device 500 (step A140).
- Each distributed authentication apparatus 500 also receives service name information (step B150).
- the operations steps A60, A31, A32, B41, and B42
- the detailed description that overlaps is omitted.
- the process execution unit 513 executes a predetermined process. Specifically, as an example, the process execution unit 513 transmits the distributed service access information 517 corresponding to the user ID information and the service name information to the client 400 (step B151).
- the communication control unit 3 receives the distributed service access information 517 from each distributed authentication device 500 (step A141).
- the secret restoration unit 404 performs a restoration process on the received plurality of distributed service access information 517 (step A142). As a result of the restoration process, the service access information input in the service registration process is restored.
- the output unit 111 outputs the restored service access information (step A143).
- the user can use a desired service using the output service access information.
- this embodiment also has an effect that service access information can be managed safely.
- the secret sharing unit 402 distributes and stores the distributed service access information 517 in which the service access information is distributed to each distributed authentication device 500 by the secret sharing method. is there. That is, in this embodiment, it can be said that any information leakage from any distributed authentication device 500 constituting this system has an effect that the information cannot be used for specifying service access information.
- this embodiment has an effect that the system configuration can be simplified as compared with the second embodiment described above.
- the client 400 and one of the distributed authentication devices 500 may be implemented in the same information processing device.
- the master authentication information and the authentication information may be used as they are, or all or part of the input master password.
- the input unit 410 may accept some information at timings other than those described above. That is, the input unit 410 may accept information other than the user ID information and the password after the success of user authentication is found instead of step A30 in FIG. 8 or step A60 in FIG. In this case, the authentication result (success) may be notified by the distributed authentication apparatus 500 also in the service use process (FIG. 9). Thereafter, the communication control unit 3 of the client 400 may transmit service name information to each distributed authentication device 500.
- ⁇ Example of HW configuration explanation> 1, 2, and 6 in each of the above-described embodiments may be configured by independent hardware circuits, or a function (processing) unit (software module) of a software program. Can be caught.
- the division of each part shown in these drawings is a configuration for convenience of explanation, and various configurations can be assumed for mounting. An example of the hardware environment in such a case will be described with reference to FIG.
- FIG. 10 is a diagram illustrating a configuration of a computer (information processing apparatus) applicable to each embodiment of the present invention and the authentication system and the service access information management system according to the modification. That is, FIG. 10 can realize at least one of the first information processing apparatuses 1, 100 and 400, the second information processing apparatuses 10, 200 and 500, and the service access information management apparatus 300 in each embodiment described above. This shows a hardware environment that can implement each function in each of the above-described embodiments.
- the computer 900 shown in FIG. 10 includes a CPU (Central Processing Unit) 901, a ROM (Read Only Memory) 902, a RAM (Random Access Memory) 903, a communication interface (IF) 904, a display 905, and a hard disk device (HDD) 906. And these are connected via a bus 907.
- a CPU Central Processing Unit
- ROM Read Only Memory
- RAM Random Access Memory
- IF communication interface
- HDD hard disk device
- the communication interface 904 is a general communication means for realizing communication between the computers in each of the above-described embodiments.
- the hard disk device 906 stores a program group 906A and various storage information 906B.
- the program group 906A is, for example, a computer program for realizing a function corresponding to each block (each unit) shown in FIG. 1, FIG. 2, and FIG.
- the various storage information 906B includes, for example, distributed master authentication information 15 and 215, distributed salt information 216, encrypted service access information 304, and distributed service access information 517 shown in FIGS.
- the CPU 901 governs the overall operation of the computer 900.
- FIG. 1 A block diagram
- FIG. 3 to 5, and 7 to 7 A block diagram
- FIG. 3 to 5 to 5 A block diagram
- FIG. 3 to 5 to 5 A block diagram
- FIG. 3 to 5 to 7 A block diagram
- FIG. 3 to 5 to 5 A block diagram
- FIG. 3 to 5 to 7 A block diagram
- FIG. 3 to 5 to 7 A block diagram
- FIG. 3 to 5 to 7 A block diagram
- FIG. 3 to 5 to 7 to 7 The present invention described by taking each of the above embodiments as an example is a block diagram
- FIG. 3 to 5 to 7 to 7 A block diagram
- FIG. 3 to 5 to 7 to 7 A block diagram
- FIG. 3 to 5 to 7 to 7 A block diagram
- FIG. 3 to 5 to 7 to 7 A block diagram
- FIG. 3 to 5 to 7 to 7 A block diagram
- FIG. 3 to 5 to 7 to 7 A block diagram
- FIG. 3 to 5 to 7 to 7 A block diagram
- FIG. 3 to 5 to 7 to 7 A block diagram
- the computer program can be supplied to each device via a recording medium such as a floppy disk (registered trademark) or a CD-ROM (Compact Disc-ROM).
- a recording medium such as a floppy disk (registered trademark) or a CD-ROM (Compact Disc-ROM).
- a general procedure can be adopted.
- a method of supplying a computer program into each device a method of downloading from the outside via a communication network 1000 such as the Internet is also common.
- the present invention can be understood to be configured by a computer-readable storage medium in which the code constituting the computer program or the code is recorded.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
Description
利用するサービス毎にパスワードを変えた場合、ユーザのパスワード管理の手間が、増大してしまう。一方、1つのパスワードを複数のサービスで使いまわした場合、あるサービスから漏えいしたパスワードが、他のサービスの不正利用に用いられるという危険性がある。
あらかじめ保存する、認証に際して照合される一方の情報であるマスター認証情報が秘密分散法によって分散された分散マスター認証情報の1つと、
通信を介して接続される第1の情報処理装置から受信した、前記認証に際して照合される他方の情報である認証情報が秘密分散法によって分散された分散認証情報の1つとに基づいて、
他の第2の情報処理装置との間における通信を介する秘密計算を実行することによって、前記認証情報が前記マスター認証情報と一致するかどうかを判定する秘密計算手段と、
前記判定の結果に応じて所定の処理を実行する処理実行手段と
を含む。
入力された第1の入力情報に基づく認証情報を、秘密分散法によって複数の分散認証情報に分散する秘密分散手段と、
前記複数の第2の情報処理装置に対して、前記各分散認証情報を分散するように送信する通信制御手段と
を含む。
第1の情報処理装置に対して入力された第1の入力情報に基づく認証情報を、秘密分散法によって複数の分散認証情報に分散し、
認証に際して照合される情報であるマスター認証情報が秘密分散法によって分散された情報である各分散マスター認証情報を分散してあらかじめ保存する、複数の第2の情報処理装置に対して、前記第1の情報処理装置から、前記各分散認証情報を分散するように送信し、
前記第1の情報処理装置から受信した前記分散認証情報と、前記分散マスター認証情報とに基づいて、前記複数の第2の情報処理装置の少なくとも一部の装置間における通信を介する秘密計算を実行することによって、前記認証情報が前記マスター認証情報と一致するかどうかを判定し、
前記秘密計算を実行した前記複数の第2の情報処理装置の少なくとも1つが、前記判定の結果に応じて所定の処理を実行する。
図1は、本発明の第1の実施形態に係る認証システムの構成を示すブロック図である。
図1を参照すると、本実施形態に係る認証システムは、第1の情報処理装置1、および複数の第2の情報処理装置10を含む。
次に、上述した第1の実施形態を基本とする第2の実施形態について説明する。
すなわち、クライアント100は、分散ソルト情報216から復元したソルト情報を用いることにより、上述したサービスアクセス情報の暗号化および復号の各処理を実行することができる。ユーザは、復号されたサービスアクセス情報を用いて、所望のサービスを利用することができる。このようなオンラインパスワードマネージャの処理によって、ユーザは、1組のユーザID情報とマスターパスワードとを記憶していれば、様々なサービスを利用することが可能となる。
出力部111は、図示しないディスプレイ、またはタッチパネルなどに対してサービスアクセス情報を表示してもよい。出力部111は、図示しない記憶装置、または、通信制御部3などを介して接続される外部装置などに対して、サービスアクセス情報を出力してもよい。出力部111は、入力部110に対して入力を受け付ける際のメッセージ表示などに利用されてもよい。
以下に、図3を参照して、ユーザ登録処理における動作を説明する。図3は、第2の実施形態におけるユーザ登録処理の際に、クライアント100および各分散認証装置200が行う動作を示すフローチャートである。
以下に、図4を参照して、サービス登録処理における動作を説明する。図4は、第2の実施形態におけるサービス登録処理の際に、クライアント100、各分散認証装置200、およびサービスアクセス情報管理装置300が行う動作を示すフローチャートである。
以下に、図5を参照して、サービス利用処理における動作を説明する。図5は、第2の実施形態におけるサービス利用処理の際に、クライアント100、各分散認証装置200、およびサービスアクセス情報管理装置300が行う動作を示すフローチャートである。
また、例えば、サービス利用処理において、秘密復元部104は、分散ソルト情報216の復元(図5のステップA35)を、暗号化サービスアクセス情報304を復号する(ステップA62)までのいずれかのタイミングで実行してもよい。
<第3の実施形態>
次に、上述した第2の実施形態を基本とする第3の実施形態について説明する。以下では、第3の実施形態に係る特徴的な部分を中心に説明し、第2の実施形態と同様な構成を有する第3の実施形態の構成要素には、第2の実施形態で付した参照符号と同一の参照符号を付し、その構成要素について重複する詳細な説明は省略する。
ただし、本実施形態では、各分散認証装置500から受信した複数の預かり情報は、秘密復元部404によってサービスアクセス情報として復元される。そして、秘密復元部404は、復元したサービスアクセス情報を、出力部111を介して出力する。
以下に、図7を参照して、ユーザ登録処理における動作を説明する。図7は、第3の実施形態におけるユーザ登録処理の際に、クライアント400および各分散認証装置500が行う動作を示すフローチャートである。
以下に、図8を参照して、サービス登録処理における動作を説明する。図8は、第3の実施形態におけるサービス登録処理の際に、クライアント400、および各分散認証装置500が行う動作を示すフローチャートである。
この通知は、少なくとも1台の分散認証装置500が実行すればよい。秘密計算部212によって認証失敗と判定された場合(ステップB42のNO)、処理実行部513は、一例として、認証結果(失敗)を送信せずに、単に処理を終了してもよい。
以下に、図9を参照して、サービス利用処理における動作を説明する。図9は、第3の実施形態におけるサービス利用処理の際に、クライアント400、および各分散認証装置500が行う動作を示すフローチャートである。
この場合、サービス利用処理(図9)でも、分散認証装置500による認証結果(成功)の通知を行ってもよい。その後に、クライアント400の通信制御部3が、各分散認証装置500に対して、サービス名情報を送信してもよい。
<HW構成説明例>
なお、上述した各実施形態において図1、図2および図6に示した各部は、それぞれ独立したハードウェア回路で構成されていてもよいし、ソフトウェアプログラムの機能(処理)単位(ソフトウェアモジュール)と捉えることができる。ただし、これらの図面に示した各部の区分けは、説明の便宜上の構成であり、実装に際しては、様々な構成が想定され得る。このような場合のハードウェア環境の一例を、図10を参照して説明する。
2、102、402 秘密分散部
3、11、301 通信制御部
10 第2の情報処理装置
12、212 秘密計算部
13、213、513 処理実行部
14、303 記憶装置
15、215 分散マスター認証情報
20 入力情報
100、400 クライアント(第1の情報処理装置)
101 認証情報生成部
103 暗号化部
104、404 秘密復元部
105 復号部
110、410 入力部
111 出力部
200、500 分散認証装置(第2の情報処理装置)
201、501 登録部
216 分散ソルト情報
300 サービスアクセス情報管理装置
302 管理部
304 暗号化サービスアクセス情報
517 分散サービスアクセス情報
Claims (31)
- あらかじめ保存する、認証に際して照合される一方の情報であるマスター認証情報が秘密分散法によって分散された分散マスター認証情報の1つと、
通信を介して接続される第1の情報処理装置から受信した、前記認証に際して照合される他方の情報である認証情報が秘密分散法によって分散された分散認証情報の1つとに基づいて、
他の第2の情報処理装置との間における通信を介する秘密計算を実行することによって、前記認証情報が前記マスター認証情報と一致するかどうかを判定する秘密計算手段と、
前記判定の結果に応じて所定の処理を実行する処理実行手段と
を含む第2の情報処理装置。 - 前記第1の情報処理装置から、受信した前記分散マスター認証情報の1つを記憶装置に保存する登録手段を、さらに含み、
前記秘密計算手段は、前記記憶装置から読み出した前記分散マスター認証情報の1つに基づいて、前記秘密計算を実行する
請求項1記載の第2の情報処理装置。 - 前記登録手段は、前記第1の情報処理装置から、あらかじめ預かっておく情報である預かり情報を受信し、受信した前記預かり情報を記憶装置に保存し、
前記処理実行手段は、前記判定の結果が、前記認証情報と前記マスター認証情報とが一致したことを表す認証成功である場合に、前記所定の処理として、前記預かり情報を、前記第1の情報処理装置に対して送信する
請求項2記載の第2の情報処理装置。 - 前記マスター認証情報は、第1の文字列に基づくハッシュ値であり、
前記認証情報は、第2の文字列に基づくハッシュ値であり、
前記秘密計算手段は、ハッシュの計算を行う秘密計算と、一致の判定を行う秘密計算とを組み合わせることにより、前記認証情報が前記マスター認証情報と一致するかどうかを判定する
請求項1乃至3のいずれか1つに記載の第2の情報処理装置。 - 前記マスター認証情報は、文字列を含むマスターパスワードであり、
前記認証情報は前記第1の情報処理装置に対して入力された文字列を含むパスワードである
請求項1乃至4のいずれか1つに記載の第2の情報処理装置。 - 前記預かり情報は、前記第1の情報処理装置における暗号処理に係るソルト情報が秘密分散法によって分散された情報の1つである
請求項3乃至5のいずれか1つに記載の第2の情報処理装置。 - 複数の、請求項1乃至6のいずれか1つに記載の第2の情報処理装置を含むシステムに接続される第1の情報処理装置において、
入力された第1の入力情報に基づく認証情報を、秘密分散法によって複数の分散認証情報に分散する秘密分散手段と、
前記複数の第2の情報処理装置に対して、前記各分散認証情報を分散するように送信する通信制御手段と
を含む第1の情報処理装置。 - 入力された第2の入力情報に基づいて前記マスター認証情報を生成し、前記第1の入力情報に基づいて前記認証情報を生成する認証情報生成手段を、さらに含み、
前記秘密分散手段は、生成された前記マスター認証情報を、秘密分散法によって複数の分散マスター認証情報に分散する処理をさらに行い、
前記通信制御手段は、前記複数の第2の情報処理装置に対して、前記各分散マスター認証情報を分散するように送信する処理をさらに行う
請求項7記載の第1の情報処理装置。 - 前記認証情報生成手段は、前記第2の入力情報に基づくハッシュ値を前記マスター認証情報として生成し、前記第1の入力情報に基づくハッシュ値を前記認証情報として生成する
請求項8記載の第1の情報処理装置。 - 前記秘密分散手段は、入力された第3の入力情報を、秘密分散法によって複数の前記預かり情報として分散する処理をさらに行い、
前記通信制御手段は、さらに、前記複数の第2の情報処理装置に対して、前記各預かり情報を分散するように送信し、前記複数の第2の情報処理装置から前記各預かり情報を受信し、
受信した複数の前記預かり情報を、秘密分散法によって、前記第3の入力情報に復元し、復元した前記第3の入力情報を出力する秘密復元手段を、さらに含む
請求項7乃至9のいずれか1つに記載の第1の情報処理装置。 - 前記復元された第3の入力情報に基づいて暗号鍵を生成し、入力された第4の入力情報を前記暗号鍵を用いて暗号化する暗号化手段を、さらに含み、
前記通信制御手段は、さらに、前記暗号化された第4の入力情報を、第3の情報処理装置に対して送信し、前記複数の第2の情報処理装置から前記預かり情報を受信した場合に、前記第3の情報処理装置から前記暗号化された第4の入力情報を受信し、
前記復元された第3の入力情報に基づいて、復号鍵を生成し、受信した前記暗号化された第4の入力情報を、前記復号鍵によって、前記第4の入力情報に復号し、復号した前記第4の入力情報を出力する復号手段を、さらに含む
請求項10記載の第1の情報処理装置。 - 前記第1の入力情報は、認証に際して入力された文字列を含むパスワードである
請求項7乃至11のいずれか1つに記載の第1の情報処理装置。 - 前記第2の入力情報は、認証より前に入力された文字列を含むマスターパスワードである
請求項8乃至12のいずれか1つに記載の第1の情報処理装置。 - 前記第3の入力情報は、サービスにアクセスする際に使用される情報であるサービスアクセス情報である
請求項10、12、または13のいずれか1つに記載の第1の情報処理装置。 - 前記第3の入力情報は、前記暗号鍵および前記復号鍵の生成に用いられるソルト情報であり、
前記第4の入力情報は、サービスにアクセスする際に使用される情報であるサービスアクセス情報である
請求項11乃至13のいずれか1つに記載の第1の情報処理装置。 - 請求項7乃至15のいずれか1つに記載の第1の情報処理装置と、
前記第1の情報処理装置と接続される請求項1乃至6のいずれか1つに記載の複数の第2の情報処理装置とを含む認証システム。 - 前記第1の情報処理装置として、請求項11または15記載の第1の情報処理装置を含み、
さらに、前記第3の情報処理装置を含む
請求項16記載の認証システム。 - 第1の情報処理装置に対して入力された第1の入力情報に基づく認証情報を、秘密分散法によって複数の分散認証情報に分散し、
認証に際して照合される情報であるマスター認証情報が秘密分散法によって分散された情報である各分散マスター認証情報を分散してあらかじめ保存する、複数の第2の情報処理装置に対して、前記第1の情報処理装置から、前記各分散認証情報を分散するように送信し、
前記第1の情報処理装置から受信した前記分散認証情報と、前記分散マスター認証情報とに基づいて、前記複数の第2の情報処理装置の少なくとも一部の装置間における通信を介する秘密計算を実行することによって、前記認証情報が前記マスター認証情報と一致するかどうかを判定し、
前記秘密計算を実行した前記複数の第2の情報処理装置の少なくとも1つが、前記判定の結果に応じて所定の処理を実行する
認証方法。 - 前記第1の情報処理装置に対して入力された第2の入力情報に基づいて前記マスター認証情報を、さらに生成し、
前記マスター認証情報を、秘密分散法によって複数の分散マスター認証情報に、さらに分散し、
前記複数の第2の情報処理装置に対して、前記第1の情報処理装置から、前記各分散マスター認証情報を分散するように、さらに送信し、
前記各第2の情報処理装置において、前記第1の情報処理装置から受信した前記分散マスター認証情報を、さらに保存する
請求項18記載の認証方法。 - 前記第2の入力情報に基づくハッシュ値を前記マスター認証情報として生成し、
前記第1の入力情報に基づくハッシュ値を前記認証情報として生成し、
ハッシュの計算を行う秘密計算と、一致の判定を行う秘密計算とを組み合わせることにより、前記認証情報が前記マスター認証情報と一致するかどうかを判定する
請求項19記載の認証方法。 - 前記第1の情報処理装置に対して入力された第3の入力情報を、秘密分散法によって複数の預かり情報として、さらに分散し、
前記複数の第2の情報処理装置に対して、前記第1の情報処理装置から、前記各預かり情報を分散するように、さらに送信し、
前記各第2の情報処理装置において、前記第1の情報処理装置から受信した前記預かり情報を、さらに保存し、
前記所定の処理として、前記複数の第2の情報処理装置の少なくとも1つから、保存された前記預かり情報を、前記第1の情報処理装置に対して送信し、
受信した複数の前記預かり情報を、秘密分散法によって、前記第3の入力情報に、さらに復元し、
復元した前記第3の入力情報を、さらに出力する
請求項18乃至20のいずれか1つに記載の認証方法。 - 前記復元された第3の入力情報に基づいて暗号鍵を、さらに生成し、
前記第1の情報処理装置に対して入力された第4の入力情報を前記暗号鍵を用いて、さらに暗号化し、
前記暗号化された第4の入力情報を、第3の情報処理装置に対して、さらに送信し、
前記複数の第2の情報処理装置から前記預かり情報を受信した場合に、前記第3の情報処理装置から前記暗号化された第4の入力情報を、さらに受信し、
前記復元された第3の入力情報に基づいて、復号鍵を、さらに生成し、
受信した前記暗号化された第4の入力情報を、前記復号鍵によって、前記第4の入力情報に、さらに復号し、
復号した前記第4の入力情報を、さらに出力する
請求項21記載の認証方法。 - あらかじめ保存する、認証に際して照合される一方の情報であるマスター認証情報が秘密分散法によって分散された分散マスター認証情報の1つと、
通信を介して接続される第1の情報処理装置から受信した、前記認証に際して照合される他方の情報である認証情報が秘密分散法によって分散された分散認証情報の1つとに基づいて、
他の第2の情報処理装置との間における通信を介する秘密計算を実行することによって、前記認証情報が前記マスター認証情報と一致するかどうかを判定する秘密計算処理と、
前記判定の結果に応じて所定の処理を実行する判定実行処理と
を第2の情報処理装置であるコンピュータに実行させる第1のコンピュータ・プログラムを記録する記録媒体。 - 前記第1の情報処理装置から、受信した前記分散マスター認証情報の1つを記憶装置に保存する登録処理を、さらに含み、
前記秘密計算処理において、前記記憶装置から読み出した前記分散マスター認証情報の1つに基づいて、前記秘密計算を実行する
請求項23記載の第1のコンピュータ・プログラムを記録する記録媒体。 - 前記第1の情報処理装置から、あらかじめ預かっておく情報である預かり情報を受信し、受信した前記預かり情報を記憶装置に保存する預かり情報登録処理を、さらに含み、
前記判定実行処理において、前記判定の結果が、前記認証情報と前記マスター認証情報とが一致したことを表す認証成功である場合に、前記所定の処理として、前記預かり情報を、前記第1の情報処理装置に対して送信する
請求項23または24記載の第1のコンピュータ・プログラムを記録する記録媒体。 - 前記マスター認証情報は、第1の文字列に基づくハッシュ値であり、
前記認証情報は、第2の文字列に基づくハッシュ値であり、
前記秘密計算処理において、ハッシュの計算を行う秘密計算と、一致の判定を行う秘密計算とを組み合わせることにより、前記認証情報が前記マスター認証情報と一致するかどうかを判定する
請求項23乃至25のいずれか1つに記載の第1のコンピュータ・プログラムを記録する記録媒体。 - 入力された第1の入力情報に基づく認証情報を、秘密分散法によって複数の分散認証情報に分散する秘密分散処理と、
請求項23乃至26のいずれか1つに記載の第1のコンピュータ・プログラムが実行される、複数の情報処理装置に対して、前記各分散認証情報を分散するように送信する通信制御処理と
をコンピュータに実行させる第2のコンピュータ・プログラムを記録する記録媒体。 - 入力された第2の入力情報に基づいて前記マスター認証情報を生成し、前記第1の入力情報に基づいて前記認証情報を生成する認証情報生成処理と、
生成された前記マスター認証情報を、秘密分散法によって複数の分散マスター認証情報に分散する処理と、
前記複数の情報処理装置に対して、前記各分散マスター認証情報を分散するように送信する処理とを、さらにコンピュータに実行させる
請求項27記載の第2のコンピュータ・プログラムを記録する記録媒体。 - 前記認証情報生成処理において、前記第2の入力情報に基づくハッシュ値を前記マスター認証情報として生成し、前記第1の入力情報に基づくハッシュ値を前記認証情報として生成する
請求項28記載の第2のコンピュータ・プログラムを記録する記録媒体。 - 入力された第3の入力情報を、秘密分散法によって複数の前記預かり情報として分散する処理と
前記複数の情報処理装置に対して、前記各預かり情報を分散するように送信する処理とをさらにコンピュータに実行させ、
前記複数の情報処理装置から前記各預かり情報を受信した場合に、
受信した複数の前記預かり情報を、秘密分散法によって、前記第3の入力情報に復元し、復元した前記第3の入力情報を、さらに出力する
請求項27乃至29のいずれか1つに記載の第2のコンピュータ・プログラムを記録する記録媒体。 - 前記復元された第3の入力情報に基づいて暗号鍵を生成し、入力された第4の入力情報を前記暗号鍵を用いて暗号化する暗号化処理と、
前記暗号化された第4の入力情報を、第3の情報処理装置に対して送信する処理と、
前記複数の第2の情報処理装置から前記預かり情報を受信した場合に、前記第3の情報処理装置から前記暗号化された第4の入力情報を受信する処理と、
前記復元された第3の入力情報に基づいて、復号鍵を生成し、受信した前記暗号化された第4の入力情報を、前記復号鍵によって、前記第4の入力情報に復号し、復号した前記第4の入力情報を出力する復号処理とを、さらにコンピュータに時刻させる
請求項30記載の第2のコンピュータ・プログラムを記録する記録媒体。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US15/753,053 US11050745B2 (en) | 2015-08-26 | 2016-08-18 | Information processing apparatus, authentication method, and recording medium for recording computer program |
JP2017536609A JP6753403B2 (ja) | 2015-08-26 | 2016-08-18 | 情報処理装置、認証システム、認証方法、並びにコンピュータ・プログラム |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2015166696 | 2015-08-26 | ||
JP2015-166696 | 2015-08-26 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017033442A1 true WO2017033442A1 (ja) | 2017-03-02 |
Family
ID=58099796
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2016/003777 WO2017033442A1 (ja) | 2015-08-26 | 2016-08-18 | 情報処理装置、認証システム、認証方法、並びにコンピュータ・プログラムを記録する記録媒体 |
Country Status (3)
Country | Link |
---|---|
US (1) | US11050745B2 (ja) |
JP (1) | JP6753403B2 (ja) |
WO (1) | WO2017033442A1 (ja) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019012268A1 (en) * | 2017-07-10 | 2019-01-17 | Cloud-pin Limited | METHOD FOR RECORDING AND AUTHENTICATING A USER OF AN ONLINE SYSTEM |
WO2019115697A1 (en) * | 2017-12-14 | 2019-06-20 | Robert Bosch Gmbh | Method for faster secure multiparty inner product with spdz |
WO2019204366A1 (en) | 2018-04-16 | 2019-10-24 | Xage Security, Inc. | Decentralized information protection for confidentiality and tamper-proofing on distributed database |
KR20200030885A (ko) * | 2018-09-13 | 2020-03-23 | 삼육대학교산학협력단 | 광학 문자 인식을 이용한 사용자 인증 시스템 |
CN111133719A (zh) * | 2017-09-29 | 2020-05-08 | 罗伯特·博世有限公司 | 用于利用spdz的更快速的安全多方内积计算的方法 |
CN112769742A (zh) * | 2019-11-06 | 2021-05-07 | 电科云(北京)科技有限公司 | Spdz系列协议中的消息验证方法、装置及存储介质 |
KR20230046107A (ko) * | 2021-09-29 | 2023-04-05 | 한국전자통신연구원 | 분산 아이디 기반 서비스에서의 위임 크리덴셜 발급 장치 및 방법 |
JP7555349B2 (ja) | 2019-03-25 | 2024-09-24 | アイデンティーク プロトコル リミテッド | ネットワーク上の複数のノード間でクエリの匿名検証を提供するシステムおよび方法 |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105205386A (zh) * | 2014-06-25 | 2015-12-30 | 腾讯科技(深圳)有限公司 | 移动终端应用程序密码保护方法和装置 |
US10862908B2 (en) | 2018-08-09 | 2020-12-08 | Hrl Laboratories, Llc | System and method for consensus ordering of broadcast messages |
US10887092B2 (en) * | 2018-08-09 | 2021-01-05 | Hrl Laboratories, Llc | Anonymous allocation and majority voting in a compromised environment |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007312128A (ja) * | 2006-05-18 | 2007-11-29 | Toshiba Corp | 電子データ閲覧システム、装置及びプログラム |
WO2015114947A1 (ja) * | 2014-01-28 | 2015-08-06 | 日本電信電話株式会社 | 秘密計算方法、秘密計算システム、秘密計算サーバ、登録者端末、利用者端末及びプログラム |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6959394B1 (en) * | 2000-09-29 | 2005-10-25 | Intel Corporation | Splitting knowledge of a password |
CN101375284B (zh) * | 2004-10-25 | 2012-02-22 | 安全第一公司 | 安全数据分析方法和系统 |
US20070283161A1 (en) * | 2006-06-06 | 2007-12-06 | Kabushiki Kaisha Toshiba | System and method for generating verifiable device user passwords |
US8769637B2 (en) * | 2007-03-23 | 2014-07-01 | Sap Ag | Iterated password hash systems and methods for preserving password entropy |
JP2010011109A (ja) | 2008-06-27 | 2010-01-14 | Kddi Corp | 認証ユニット、認証端末、認証システム、認証方法およびプログラム |
US8638926B2 (en) * | 2009-02-26 | 2014-01-28 | Red Hat, Inc. | Sharing a secret with modular inverses |
JP4860779B1 (ja) | 2011-07-08 | 2012-01-25 | 株式会社野村総合研究所 | データ分散保管システム |
US8731203B2 (en) * | 2012-02-13 | 2014-05-20 | Alephcloud Systems, Inc. | Securing a secret of a user |
WO2014052474A1 (en) * | 2012-09-25 | 2014-04-03 | Google Inc. | Securing personal identification numbers for mobile payment applications by combining with random components |
US9386018B2 (en) * | 2014-04-11 | 2016-07-05 | Hangzhou Dianzi University | Distributed cryptography system |
US9258117B1 (en) * | 2014-06-26 | 2016-02-09 | Amazon Technologies, Inc. | Mutual authentication with symmetric secrets and signatures |
GB2513260B (en) * | 2014-06-27 | 2018-06-13 | PQ Solutions Ltd | System and method for quorum-based data recovery |
EP4325770A3 (en) * | 2017-08-15 | 2024-04-24 | nChain Licensing AG | Threshold ecdsa for securing bitcoin wallet |
US20200213135A1 (en) * | 2018-12-31 | 2020-07-02 | Unbound Tech Ltd | System and method for secure manufacturing of articles |
-
2016
- 2016-08-18 WO PCT/JP2016/003777 patent/WO2017033442A1/ja active Application Filing
- 2016-08-18 US US15/753,053 patent/US11050745B2/en active Active
- 2016-08-18 JP JP2017536609A patent/JP6753403B2/ja active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2007312128A (ja) * | 2006-05-18 | 2007-11-29 | Toshiba Corp | 電子データ閲覧システム、装置及びプログラム |
WO2015114947A1 (ja) * | 2014-01-28 | 2015-08-06 | 日本電信電話株式会社 | 秘密計算方法、秘密計算システム、秘密計算サーバ、登録者端末、利用者端末及びプログラム |
Non-Patent Citations (1)
Title |
---|
MASAYUKI FUKUMITSU ET AL.: "A Proposal of a Password Manager Satisfying Security and Usability by Using the Secret Sharing and a Personal Server", CSS2014 COMPUTER SECURITY SYMPOSIUM 2014 RONBUNSHU GODO KAISAI ANTI MALWARE ENGINEERING WORKSHOP (MWS) 2014 IPSJ SYMPOSIUM SERIES, vol. 2014, no. 2, 22 October 2014 (2014-10-22), pages 619 - 626, XP032903587 * |
Cited By (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2564442B (en) * | 2017-07-10 | 2022-03-02 | Shayype Global Ltd | Method of registering and authenticating a user of an online system |
US11514153B2 (en) | 2017-07-10 | 2022-11-29 | Shayype Global Limited | Method of registering and authenticating a user of an online system |
WO2019012268A1 (en) * | 2017-07-10 | 2019-01-17 | Cloud-pin Limited | METHOD FOR RECORDING AND AUTHENTICATING A USER OF AN ONLINE SYSTEM |
CN111133719B (zh) * | 2017-09-29 | 2024-01-26 | 罗伯特·博世有限公司 | 用于利用spdz的更快速的安全多方内积计算的方法 |
CN111133719A (zh) * | 2017-09-29 | 2020-05-08 | 罗伯特·博世有限公司 | 用于利用spdz的更快速的安全多方内积计算的方法 |
WO2019115697A1 (en) * | 2017-12-14 | 2019-06-20 | Robert Bosch Gmbh | Method for faster secure multiparty inner product with spdz |
CN111512589B (zh) * | 2017-12-14 | 2023-11-07 | 罗伯特·博世有限公司 | 用于利用spdz的快速安全多方内积的方法 |
CN111512589A (zh) * | 2017-12-14 | 2020-08-07 | 罗伯特·博世有限公司 | 用于利用spdz的快速安全多方内积的方法 |
US11606203B2 (en) | 2017-12-14 | 2023-03-14 | Robert Bosch Gmbh | Method for faster secure multiparty inner product with SPDZ |
EP3782352A4 (en) * | 2018-04-16 | 2021-08-18 | Xage Security, Inc. | DECENTRALIZED INFORMATION PROTECTION ENABLING CONFIDENTIALITY AND INVIOLABILITY ON A DISTRIBUTED DATABASE |
WO2019204366A1 (en) | 2018-04-16 | 2019-10-24 | Xage Security, Inc. | Decentralized information protection for confidentiality and tamper-proofing on distributed database |
KR102146088B1 (ko) * | 2018-09-13 | 2020-08-19 | 삼육대학교산학협력단 | 광학 문자 인식을 이용한 사용자 인증 시스템 |
KR20200030885A (ko) * | 2018-09-13 | 2020-03-23 | 삼육대학교산학협력단 | 광학 문자 인식을 이용한 사용자 인증 시스템 |
JP7555349B2 (ja) | 2019-03-25 | 2024-09-24 | アイデンティーク プロトコル リミテッド | ネットワーク上の複数のノード間でクエリの匿名検証を提供するシステムおよび方法 |
CN112769742A (zh) * | 2019-11-06 | 2021-05-07 | 电科云(北京)科技有限公司 | Spdz系列协议中的消息验证方法、装置及存储介质 |
KR20230046107A (ko) * | 2021-09-29 | 2023-04-05 | 한국전자통신연구원 | 분산 아이디 기반 서비스에서의 위임 크리덴셜 발급 장치 및 방법 |
KR102569132B1 (ko) | 2021-09-29 | 2023-08-24 | 한국전자통신연구원 | 분산 아이디 기반 서비스에서의 위임 크리덴셜 발급 장치 및 방법 |
Also Published As
Publication number | Publication date |
---|---|
US11050745B2 (en) | 2021-06-29 |
JP6753403B2 (ja) | 2020-09-09 |
JPWO2017033442A1 (ja) | 2018-07-05 |
US20180241747A1 (en) | 2018-08-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP6753403B2 (ja) | 情報処理装置、認証システム、認証方法、並びにコンピュータ・プログラム | |
JP6547079B1 (ja) | 登録・認可方法、装置及びシステム | |
WO2021073170A1 (zh) | 数据提供和融合的方法及装置 | |
RU2718689C2 (ru) | Управление конфиденциальной связью | |
US20170244687A1 (en) | Techniques for confidential delivery of random data over a network | |
WO2022199290A1 (zh) | 多方安全计算 | |
JP7454564B2 (ja) | 鍵管理のための方法、ユーザ・デバイス、管理デバイス、記憶媒体及びコンピュータ・プログラム製品 | |
CN111130757A (zh) | 一种基于区块链的多云cp-abe访问控制方法 | |
US20110276490A1 (en) | Security service level agreements with publicly verifiable proofs of compliance | |
US20080069341A1 (en) | Methods and systems for strong encryption | |
TW202015378A (zh) | 密碼運算、創建工作密鑰的方法、密碼服務平台及設備 | |
JP6950745B2 (ja) | 鍵交換装置、鍵交換システム、鍵交換方法、及び鍵交換プログラム | |
CN110557248B (zh) | 基于无证书密码学的签密的密钥更新方法和系统 | |
CN111294349B (zh) | 用于物联网设备数据共享的方法及装置 | |
CN110417547B (zh) | 基于无证书密码学的保密通信的密钥更新方法和系统 | |
CN110557367B (zh) | 基于证书密码学的抗量子计算保密通信的密钥更新方法和系统 | |
Bao et al. | An auditable and secure model for permissioned blockchain | |
CN107104804A (zh) | 一种平台完整性验证方法和装置 | |
Hussien et al. | Public auditing for secure data storage in cloud through a third party auditor using modern ciphertext | |
JP2014022920A (ja) | 電子署名システム、電子署名方法および電子署名プログラム | |
Tiwari et al. | A novel secure cloud storage architecture combining proof of retrievability and revocation | |
Reedy et al. | A Secure Framework for Ensuring EHR's Integrity Using Fine-Grained Auditing and CP-ABE | |
Malarvizhi et al. | Secure file sharing using cryptographic techniques in cloud | |
Akshay et al. | Dynamic list based data integrity verification in cloud environment | |
Hahn et al. | Verifiable outsourced decryption of encrypted data from heterogeneous trust networks |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 16838793 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2017536609 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 15753053 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 16838793 Country of ref document: EP Kind code of ref document: A1 |