WO2017126471A1 - Système d'authentification, dispositif de demande d'authentification, dispositif électronique embarqué, programme d'ordinateur et procédé de traitement d'authentification - Google Patents

Système d'authentification, dispositif de demande d'authentification, dispositif électronique embarqué, programme d'ordinateur et procédé de traitement d'authentification Download PDF

Info

Publication number
WO2017126471A1
WO2017126471A1 PCT/JP2017/001239 JP2017001239W WO2017126471A1 WO 2017126471 A1 WO2017126471 A1 WO 2017126471A1 JP 2017001239 W JP2017001239 W JP 2017001239W WO 2017126471 A1 WO2017126471 A1 WO 2017126471A1
Authority
WO
WIPO (PCT)
Prior art keywords
authenticator
authentication
unit
electronic signature
expiration date
Prior art date
Application number
PCT/JP2017/001239
Other languages
English (en)
Japanese (ja)
Inventor
友洋 水谷
透 左近
Original Assignee
株式会社オートネットワーク技術研究所
住友電装株式会社
住友電気工業株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 株式会社オートネットワーク技術研究所, 住友電装株式会社, 住友電気工業株式会社 filed Critical 株式会社オートネットワーク技術研究所
Publication of WO2017126471A1 publication Critical patent/WO2017126471A1/fr

Links

Images

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R16/00Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for
    • B60R16/02Electric or fluid circuits specially adapted for vehicles and not otherwise provided for; Arrangement of elements of electric or fluid circuits specially adapted for vehicles and not otherwise provided for electric constitutive elements
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to an authentication system in which an electronic device mounted on a vehicle authenticates other devices inside and outside the vehicle, and an authentication requesting device, an in-vehicle electronic device, a computer program, and an authentication processing method according to this system.
  • Patent Document 1 proposes an in-vehicle device for the purpose of realizing authentication with high security.
  • This in-vehicle device stores a PIN code and an in-vehicle device ID, performs first authentication for determining whether or not the mobile terminal can be connected by collating the PIN code, and sets the in-vehicle device ID to the mobile terminal connected through the first authentication.
  • the second authentication is performed by authenticating the request by comparing the vehicle-mounted device ID sent from the portable terminal in response to the request with the registered vehicle-mounted device ID.
  • predetermined vehicle data representing the vehicle state is transmitted.
  • the present invention has been made in view of such circumstances, and an object of the present invention is to provide an authentication system, an authentication request apparatus, an in-vehicle electronic device, and a computer program that can be expected to perform authentication processing more safely and reliably. And providing an authentication processing method.
  • An authentication system includes an in-vehicle electronic device and an authentication requesting device that makes an authentication request to the in-vehicle electronic device, and performs authentication between the in-vehicle electronic device and the authentication requesting device in response to the authentication request.
  • an authenticator generation unit that generates an authenticator including expiration date information, a key information storage unit that stores key information, and the authenticator generation using key information stored in the key information storage unit
  • An authenticator generating device having a signature attaching unit that performs processing for assigning an electronic signature to the authenticator generated by the authentication unit, and an authenticator transmitting unit that transmits the authenticator to which the signature attaching unit has attached the electronic signature to the authentication requesting device
  • the authentication requesting device further includes an authenticator receiving unit that receives the authenticator from the authenticator generating device, and transmits the authenticator received by the authenticator receiving unit to the in-vehicle electronic device.
  • the in-vehicle electronic device receives the authenticator from the authentication requesting device, and determines whether the electronic signature attached to the authenticator received by the authenticator receiver is correct.
  • An electronic signature determination unit for determining, an expiration date determination unit for determining whether the authenticator is within the expiration date based on the expiration date information included in the authenticator, and the electronic signature determination unit
  • an authentication processing unit that performs an authentication process with the authentication requesting apparatus when it is determined that the signature is correct and the expiration date determination unit determines that the signature is within the expiration date.
  • the key information storage unit of the authenticator generation device stores a secret key
  • the in-vehicle electronic device stores a public key corresponding to the secret key.
  • the electronic signature determination unit of the in-vehicle electronic device performs determination using the public key stored in the key information storage unit.
  • the authentication requesting apparatus includes an authenticator generation request transmitting unit that transmits an authenticator generation request for generating an authenticator to the authenticator generation apparatus, and the authenticator generation The request includes first predetermined information, and the authenticator generation device receives an authenticator generation request receiver that receives the authenticator generation request from the authentication request device, and the authenticator generation request receiver receives the authenticator generation request.
  • An information generation unit that generates second predetermined information based on the first predetermined information included in the authenticator generation request, and the authenticator generation unit of the authenticator generation device includes the expiration date.
  • An authenticator including information and second predetermined information generated by the information generation unit is generated.
  • the authentication system is characterized in that the information generation unit uses a hash value calculated based on the first predetermined information as the second predetermined information.
  • the authenticator transmission unit of the authentication requesting device attaches the first predetermined information to the authenticator and transmits it to the in-vehicle electronic device, An information determination unit that determines whether the second predetermined information included in the authenticator is correct based on the first predetermined information attached to the authenticator received by the authenticator;
  • the authentication processing unit of the in-vehicle electronic device determines that the electronic signature determination unit determines that the electronic signature is correct, determines that the expiration date determination unit is within the expiration date, and the information determination unit determines When the predetermined information is determined to be correct, authentication processing with the authentication requesting device is performed.
  • the authentication requesting device uses a key information storage unit that stores key information, and an authentication received by the authenticator reception unit using the key information stored in the key information storage unit.
  • a second signature assigning unit that assigns a second electronic signature to a child, and the authenticator transmitting unit of the authentication requesting device includes the authenticator to which the second signature assigning unit assigns the second electronic signature. It transmits to the said vehicle-mounted electronic device, It is characterized by the above-mentioned.
  • the authentication system further includes a second electronic signature determination unit that determines whether the second electronic signature attached to the authenticator received by the authenticator receiving unit is correct.
  • the authentication processing unit of the in-vehicle electronic device determines that the electronic signature determination unit determines that the electronic signature is correct, determines that the expiration date determination unit is within the expiration date, and determines the second electronic signature When the unit determines that the second electronic signature is correct, the authentication process with the authentication requesting device is performed.
  • the authentication requesting device is an authentication requesting device that sends an authentication request to an in-vehicle electronic device, and transmits an authenticator generation request for transmitting an authenticator generation request for generating an authenticator to the authenticator generating device.
  • An authenticator receiving unit that receives the authenticator transmitted in response to the authenticator generation request from the authenticator generating device, and the authenticator received by the authenticator receiving unit to the in-vehicle electronic device And an authenticator transmission unit for transmission.
  • An in-vehicle electronic device includes an authenticator receiving unit that receives an authenticator having expiration date information and an electronic signature from the authentication requesting device in the in-vehicle electronic device that performs authentication processing with the authentication requesting device.
  • An electronic signature determination unit that determines whether the electronic signature attached to the authenticator received by the authenticator receiving unit is correct, and the authenticator is within the expiration date based on the expiration date information included in the authenticator.
  • An authentication request when an expiration date determination unit that determines whether or not the electronic signature determination unit determines that the electronic signature is correct and the expiration date determination unit determines that the expiration date is within the expiration date; And an authentication processing unit that performs an authentication process with the apparatus.
  • the computer program according to the present invention includes an authentication request generation request transmission unit that transmits an authentication request generation request for generating an authenticator to an authentication request generation apparatus that requests an authentication request generation to an in-vehicle electronic device.
  • An authenticator receiving unit that receives the authenticator transmitted in response to the authenticator generation request from the authenticator generating device, and transmits the authenticator received by the authenticator receiving unit to the in-vehicle electronic device It is made to operate
  • the computer program according to the present invention includes an in-vehicle electronic device that performs authentication processing with an authentication requesting device, an authenticator receiving unit that receives an authenticator having expiration date information and an electronic signature from the authentication requesting device, Based on the electronic signature determination unit that determines whether the electronic signature attached to the authenticator received by the authenticator receiving unit is correct and the expiration date information included in the authenticator, the authenticator is within the expiration date
  • the authentication requesting device when the expiration date determination unit determines whether or not the electronic signature determination unit determines that the electronic signature is correct and the expiration date determination unit determines that the expiration date is within the expiration date. It is characterized by operating as an authentication processing unit that performs authentication processing.
  • the authentication processing method is an authentication processing method in which authentication processing is performed between an in-vehicle electronic device and an authentication requesting device that issues an authentication request to the in-vehicle electronic device.
  • An authenticator including time limit information is generated, and the authenticator generation device assigns an electronic signature using key information to the generated authenticator, and the authenticator generation device adds the authenticator to which the electronic signature is attached.
  • the authentication requesting device transmits the received authenticator to the in-vehicle electronic device, and the in-vehicle electronic device determines whether the electronic signature attached to the received authenticator is correct or not.
  • the authentication system is configured such that an authentication requesting device inside and outside the vehicle makes an authentication request to the in-vehicle electronic device, and an authentication process is performed in response to this request.
  • the authenticator generated by the authenticator generating device needs to be acquired and transmitted to the in-vehicle electronic device.
  • the authenticator generation device generates an authenticator including expiration date information, assigns an electronic signature to the generated authenticator using key information stored by itself, and requests authentication of the authenticator with the electronic signature.
  • the authentication requesting device transmits the authenticator with the electronic signature received from the authenticator generating device to the in-vehicle electronic device that requests authentication.
  • the in-vehicle electronic device that has received the authenticator from the authentication requesting device determines whether the electronic signature attached to the authenticator is correct and, based on the expiration date information included in the authenticator, It is determined whether or not. If the electronic signature is correct and the authenticator is within the validity period, the in-vehicle electronic device performs an authentication process with the authentication requesting device. Note that the authentication process performed thereafter may be the same as the conventional authentication process, such as sending and receiving an ID and a password.
  • the authentication requesting device transmits the authenticator acquired from the third device, that is, the authenticator generating device, to the in-vehicle electronic device and receives it. It is determined whether or not the in-vehicle electronic device that has been subjected to the authentication process is based on information included in the authenticator.
  • the authentication requesting device that can perform the authentication process with the in-vehicle electronic device is limited to a device that can acquire the correct authenticator from the authenticator generating device, and thus the reliability of the device that performs the authentication process can be improved.
  • by setting an expiration date for the authenticator it is possible to limit the period during which the authenticator transmitted by the authenticator generation device can be used.
  • the authenticator generation device stores a secret key and generates an electronic signature using the secret key.
  • the in-vehicle electronic device stores the public key corresponding to the secret key used by the authenticator generation device, and determines whether the electronic signature attached to the authenticator given from the authentication requesting device is correct or not by using the stored public key. . That is, public key cryptosystem information is exchanged between the authenticator generation device and the in-vehicle electronic device. As compared with an encryption method in which the in-vehicle electronic device stores the secret key, acquisition and management of key information by the in-vehicle electronic device can be facilitated.
  • the authentication requesting device transmits an authenticator generation request including first predetermined information such as a random number to the authenticator generating device.
  • the authenticator generation device that has received the authenticator generation request generates second predetermined information based on the first predetermined information included in the authenticator generation request.
  • the authenticator generation device generates an authenticator including the expiration date information and the second predetermined information and transmits it to the authentication requesting device.
  • the authentication requesting device that has received the authenticator from the authenticator generating device attaches the first predetermined information to the authenticator and transmits it to the in-vehicle electronic device.
  • the in-vehicle electronic device that has received this generates second predetermined information based on the first predetermined information attached to the authenticator, and compares it with the second predetermined information included in the authenticator, Whether the second predetermined information is correct or not is determined.
  • the in-vehicle electronic device performs an authentication process with the authentication requesting device when the electronic signature is correct, the authenticator is within the expiration date, and the second predetermined information is correct.
  • the authenticator generation device can embed information (second predetermined information) for specifying the authentication requesting device in the authenticator.
  • the authentication requesting device needs to transmit the first predetermined information together with the authenticator to the in-vehicle electronic device, it prevents the malicious third party who has illegally acquired only the authenticator from performing the authentication process with the in-vehicle electronic device. it can.
  • the second predetermined information a hash value calculated based on the first predetermined information can be used.
  • the authentication requesting device stores the key information
  • the authenticator received from the authenticator generating device is attached with the second electronic signature using its own key information to the in-vehicle electronic device.
  • the in-vehicle electronic device stores key information corresponding to the key information stored in the authentication requesting device, and determines whether the second electronic signature attached to the authenticator received from the authentication requesting device is correct.
  • the in-vehicle electronic device authenticates when the electronic signature attached by the authenticator generation device is correct, the authenticator is within the validity period, and the second electronic signature attached by the authentication requesting device is correct. Performs authentication processing with the requesting device. By attaching two electronic signatures to the authenticator, it is possible to improve the reliability of the authenticator received by the in-vehicle electronic device.
  • the authenticator generating device transmits the authenticator including the expiration date information to which the electronic signature is attached to the authentication requesting device, and the authenticator received by the authentication requesting device is transmitted to the in-vehicle electronic device.
  • the authentication processing with the authentication requesting device is performed, so that the authentication processing can be performed more safely and reliably.
  • FIG. 1 is a schematic diagram illustrating a configuration example of an authentication system according to Embodiment 1.
  • FIG. It is a block diagram which shows the structure of an inspection apparatus. It is a block diagram which shows the structure of a server apparatus. It is a block diagram which shows the structure of a gateway. 3 is a timing chart for explaining processing performed by the authentication system according to Embodiment 1; It is a flowchart which shows the procedure of the process which an inspection apparatus performs. It is a flowchart which shows the procedure of the process which a server apparatus performs. It is a flowchart which shows the procedure of the process which a gateway performs. It is a schematic diagram which shows the structural example of the authentication system which concerns on the modification 1.
  • FIG. 6 is a block diagram illustrating a configuration of an inspection apparatus according to Embodiment 2.
  • FIG. 6 is a block diagram illustrating a configuration of a server device according to a second embodiment.
  • 6 is a block diagram illustrating a configuration of a gateway according to Embodiment 2.
  • FIG. 10 is a timing chart for explaining processing performed by the authentication system according to the second embodiment.
  • FIG. 1 is a schematic diagram illustrating a configuration example of an authentication system according to the first embodiment.
  • the authentication system according to the first embodiment includes a gateway 3 mounted on the vehicle 1, and an inspection device 5 and a server device 7 provided outside the vehicle 1.
  • a plurality of ECUs (Electronic Control Units) 2 are mounted on the vehicle 1, and these are appropriately connected via a plurality of communication lines, and messages are transmitted and received via the communication lines.
  • the gateway 3 is a device that performs processing for relaying messages between communication lines by connecting a plurality of communication lines of the vehicle 1.
  • the inspection device 5 is a portable device provided in a dealer of the vehicle 1 or a maintenance factory, for example.
  • the inspection device 5 is detachably connected to the gateway 3 of the vehicle 1 via a communication cable or the like.
  • the inspection device 5 can perform processing such as acquisition of a self-diagnosis result of the connected vehicle 1, software update of the gateway 3, or acquisition and rewriting of various data.
  • the inspection device 5 needs to perform an authentication process with the gateway 3 before performing these processes. When the authentication process is successful (when authenticated by the gateway 3), the inspection device 5 can perform these processes.
  • the server device 7 is a device operated by a manufacturer of the vehicle 1, for example, and can communicate with the inspection device 5 via the Internet or a dedicated line. In the present embodiment, the server device 7 performs a process of transmitting an authenticator to the inspection device 5.
  • the inspection device 5 before the inspection device 5 and the gateway 3 perform the authentication process, the inspection device 5 needs to acquire an authenticator from the server device 7 and transmit it to the gateway 3.
  • the gateway 3 determines whether or not the authenticator received from the inspection device 5 is valid, and performs authentication processing with the inspection device 5 only when it is determined that the authenticator is valid.
  • FIG. 2 is a block diagram showing the configuration of the inspection device 5.
  • the inspection device 5 includes a processing unit 51, a storage unit 52, a first communication unit 53, a second communication unit 54, and the like.
  • the processing unit 51 is configured using an arithmetic processing device such as a CPU (Central Processing Unit) or an MPU (Micro-Processing Unit).
  • the processing unit 51 reads out and executes the program 52 a stored in the storage unit 52, thereby performing various control processes and arithmetic processes necessary for the inspection of the vehicle 1.
  • the storage unit 52 is configured using a storage device such as a flash memory or a hard disk.
  • the storage unit 52 stores a program 52a executed by the processing unit 51 and authentication information 52b including information such as an ID and a password used for the authentication process.
  • the authentication information 52 b includes information for authentication processing performed with the server device 7 and information for authentication processing performed with the gateway 3 of the vehicle 1.
  • the first communication unit 53 communicates with the gateway 3 via the communication cable when the inspection device 5 is connected to a connector or the like provided on the vehicle 1 via a dedicated communication cable, for example.
  • the first communication unit 53 transmits the message given from the processing unit 51 to the gateway 3 via the communication cable, and gives the message received from the gateway 3 to the processing unit 51.
  • the first communication unit 53 may be configured to perform wireless communication with the gateway 3.
  • the second communication unit 54 communicates with the server device 7.
  • the communication performed between the second communication unit 54 and the server device 7 may be performed via a network such as the Internet or a cellular phone communication network, and may be either wired communication or wireless communication. . Further, for example, when the inspection device 5 and the server device 7 are arranged at a short distance, a configuration in which both devices are connected by a communication cable to perform communication may be employed. Communication performed between the second communication unit 54 and the server device 7 may be performed by any method.
  • the processing unit 51 of the inspection apparatus 5 executes the program 52a stored in the storage unit 52, thereby generating an authenticator generation request transmission processing unit 61, an authenticator reception processing unit 62, and an authenticator transmission.
  • the processing unit 63 and the authentication processing unit 64 are realized as software functional blocks.
  • the authenticator generation request transmission processing unit 61 transmits a request for generating an authenticator to the server device 7 by the second communication unit 54 in response to an operation of an operator who inspects the vehicle 1 using the inspection device 5, for example. Process.
  • the authenticator generation request includes authentication information such as an ID and password used for authentication with the server device 7 and random number information.
  • the authentication information included in the authenticator generation request is included in the authentication information 52b stored in the storage unit 52.
  • the random number information included in the authenticator generation request is a random number generated by the processing unit 51 using a predetermined random number generation algorithm.
  • the authenticator reception processing unit 62 performs a process of receiving, in the second communication unit 54, an authenticator transmitted from the server device 7 in response to the authenticator generation request.
  • the authenticator transmission processing unit 63 performs processing for transmitting the authenticator received from the server device 7 to the gateway 3 by the first communication unit 53.
  • the authenticator transmission processing unit 63 attaches the ID and random number information included in the authenticator generation request transmitted to the server device 7 to the authenticator received from the server 7, and the gateway as the authenticator determination request 3 to send.
  • the authentication processing unit 64 performs authentication processing with the gateway 3 when a determination result indicating that the transmitted authenticator is valid is received from the gateway 3. For example, the authentication processing unit 64 performs processing for transmitting information such as an ID and a password included in the authentication information 52 b stored in the storage unit 52 to the gateway 3.
  • FIG. 3 is a block diagram showing the configuration of the server device 7.
  • the server device 7 includes a processing unit 71, a storage unit 72, a communication unit 73, and the like.
  • the processing unit 71 is configured using an arithmetic processing device such as a CPU or MPU.
  • the processing unit 71 reads out and executes the program 72a stored in the storage unit 72, thereby performing various arithmetic processes necessary for generating an authenticator.
  • the storage unit 72 is configured using a storage device such as a hard disk. In the present embodiment, the storage unit 72 performs authentication processing performed between the program 72 a executed by the processing unit 71, private key information 72 b used for creating an electronic signature attached to the authenticator, and the inspection device 5.
  • Authentication information 72c including information such as an ID and a password to be used is stored.
  • the communication unit 73 communicates with the inspection device 5 via a network such as the Internet or a mobile phone communication network, or a communication cable.
  • the communication unit 73 transmits the message given from the processing unit 71 to the inspection device 5 and gives the message received from the inspection device 5 to the processing unit 71.
  • the processing unit 71 of the server device 7 executes the program 72a stored in the storage unit 72, thereby executing an authenticator generation request reception processing unit 81, a hash value calculation processing unit 82, and an authenticator generation.
  • the processing unit 83, the signature addition processing unit 84, the authenticator transmission processing unit 85, and the like are realized as software functional blocks.
  • the authenticator generation request reception processing unit 81 performs a process of receiving, in the communication unit 73, an authenticator generation request transmitted from the inspection device 5.
  • the authenticator generation request reception processing unit 81 determines whether or not information such as an ID and a password included in the received authenticator generation request is valid in the authentication information 72c stored in the storage unit 72. Based on.
  • the authentication information 72c for example, a plurality of combinations of information such as IDs and passwords given to the legitimate inspection device 5 that is to be transmitted as an authenticator are stored.
  • the hash value calculation processing unit 82 uses a predetermined hash function to hash based on information such as an ID and a random number included in the authenticator generation request. Processing to calculate a value is performed.
  • the authenticator generation processing unit 83 performs a process of generating an authenticator including the expiration date information and the hash value calculated by the hash value calculation processing unit 82.
  • the signature assignment processing unit 84 performs processing for assigning an electronic signature to the authenticator generated by the authenticator generation processing unit 83, using the secret key information 72b stored in the storage unit 72.
  • the authenticator transmission processing unit 85 performs processing for transmitting the authenticator provided with the electronic signature by the signature addition processing unit 84 to the inspection device 5 by the communication unit 73.
  • FIG. 4 is a block diagram showing the configuration of the gateway 3.
  • the gateway 3 includes a processing unit 31, a storage unit 32, two in-vehicle communication units 33, an out-vehicle communication unit 34, and the like.
  • the processing unit 31 reads and executes the program 32a stored in the storage unit 32, thereby relaying a message between communication lines arranged in the vehicle 1, communication processing with a device outside the vehicle 1, And various processes, such as the authenticity determination process of the authenticator received from the test
  • the storage unit 32 is configured using a nonvolatile memory element such as a flash memory or an EEPROM (ElectricallyrErasable Programmable Read Only Memory). In the present embodiment, the storage unit 32 performs authentication between the program 32 a executed by the processing unit 31, public key information 32 b for determining whether the electronic signature attached to the authenticator is correct, and the inspection device 5. Authentication information 32c used for processing is stored.
  • the communication lines arranged in the vehicle 1 are connected to the two in-vehicle communication units 33, respectively.
  • the in-vehicle communication unit 33 communicates with the ECU 2 mounted on the vehicle 1 via the connected communication line.
  • the in-vehicle communication unit 33 transmits and receives a message in accordance with, for example, a CAN (Controller Area Network) communication standard.
  • the in-vehicle communication unit 33 converts the message given from the processing unit 31 into an electric signal and outputs it to the communication line to transmit to the ECU 2 and also samples and acquires the signal on the communication line from the ECU 2 Is received and given to the processing unit 31.
  • the outside-vehicle communication unit 34 communicates with the inspection device 5 via this communication cable.
  • the outside communication unit 34 transmits the message given from the processing unit 31 to the inspection device 5 via the communication cable, and gives the message received from the inspection device 5 to the processing unit 31.
  • the processing unit 31 of the gateway 3 executes the program 32a stored in the storage unit 32, thereby performing an authenticator reception processing unit 41, an electronic signature determination processing unit 42, and an expiration date determination processing unit 43.
  • the hash value determination processing unit 44, the authentication processing unit 45, and the like are realized as software functional blocks.
  • the authenticator reception processing unit 41 performs a process of receiving an authenticator transmitted from the inspection device 5 and information such as an ID and a random number transmitted together with the authenticator.
  • the electronic signature determination processing unit 42 performs processing to determine whether the electronic signature attached to the received authenticator is correct or not using the public key information 32 b stored in the storage unit 32.
  • the expiration date determination processing unit 43 compares the expiration date information included in the received authenticator with the date and time when the authenticator is received to determine whether the authenticator is within the expiration date. I do.
  • the hash value determination processing unit 44 performs hashing using a predetermined hash function (the same hash function used by the hash value calculation processing unit 82 of the server device 7) based on information such as an ID and a random number received together with the authenticator. A process of determining whether the received hash value is correct is performed by calculating a value and determining whether or not it matches the hash value included in the received authenticator.
  • the authentication processing unit 45 determines that the electronic signature is correct by the electronic signature determination processing unit 42, determines that the authenticator is within the expiration date by the expiration date determination processing unit 43, and performs hashing by the hash value determination processing unit 44. If it is determined that the value is correct, authentication processing is performed with the inspection device 5.
  • the authentication processing unit 45 compares the information such as the ID and password transmitted from the inspection device 5 with the information such as the ID and password stored as the authentication information 32c in its own storage unit 32, and the information matches. Authentication processing is performed by determining whether or not to do so.
  • FIG. 5 is a timing chart for explaining processing performed by the authentication system according to the first embodiment.
  • the worker first connects the inspection device 5 to the server device 7 (the inspection device 5 is wired or wireless). Communication with the server device 7 is possible).
  • the operator operates the inspection device 5 and gives an instruction to make a request for generating an authenticator to the server device 7.
  • the authenticator generation request transmission processing unit 61 of the inspection device 5 acquires the ID and password (abbreviated as PW in FIG. 5) included in the authentication information 52b of the storage unit 52 and generates a predetermined random number.
  • a random number is generated by an algorithm.
  • the random number is stored in the storage unit 52, for example.
  • the authenticator generation request transmission processing unit 61 transmits an authenticator generation request including information on an ID, a password, and a random number to the server device 7 by the second communication unit 54.
  • the authenticator generation request reception processing unit 81 of the server device 7 receives the authenticator generation request from the inspection device 5 and acquires the ID, password, and random number included in the received authenticator generation request.
  • the authenticator generation request reception processing unit 81 compares the acquired ID and password with the ID and password stored in the authentication information 72c of the storage unit 72, so that the received authenticator generation request is valid. It is determined whether or not. If the authenticator generation request is not valid, the authenticator generation request reception processing unit 81 notifies the sender of the authenticator generation request of an error.
  • the authenticator generation processing unit 83 of the server device 7 If the authenticator generation request is valid, the authenticator generation processing unit 83 of the server device 7 generates an authenticator. At this time, the authenticator generation processing unit 83 generates validator expiration date information (for example, information specifying year / month / day / hour / minute / second). The expiration date information can be set as the expiration date, for example, one hour after receiving the authenticator generation request.
  • the hash value calculation processing unit 82 of the server device 7 combines the ID and random number included in the authenticator generation request into one data, and calculates the hash value by inputting this data to a predetermined hash function. The authenticator generation processing unit 83 combines the expiration date information and the hash value into one data as an authenticator.
  • the signature addition processing unit 84 of the server device 7 performs an encryption process using the secret key information 72b stored in the storage unit 72 on the generated authenticator, and uses the encrypted data as an electronic signature to authenticate the authenticator. To grant.
  • the authenticator transmission processing unit 85 of the server device 7 transmits the authenticator with the electronic signature to the inspection device using the communication unit 73.
  • the authenticator reception processing unit 62 of the inspection device 5 receives the authenticator with the electronic signature transmitted from the server device 7 by the second communication unit 54 and stores it in the storage unit 52, for example. After receiving the authenticator from the server device 7, the worker may cancel the connection between the inspection device 5 and the server device 7. Next, the worker connects the inspection device 5 to, for example, a connector provided on the vehicle 5 via a communication cable so that the inspection device 5 and the gateway 3 can communicate with each other. The operator operates the inspection device 5 to give an instruction to make an authentication code determination request to the gateway 3.
  • the authenticator transmission processing unit 63 of the inspection device 5 reads the authenticator with the electronic signature received from the inspection device 5 and stored, and reads the ID included in the authentication information 52b of the storage unit 52. Reads and reads the random number that was generated and stored when the authentication code generation request was made.
  • the authenticator transmission processing unit 63 transmits the authenticator determination request including the read authenticator with the electronic signature, the ID, and the random number to the gateway 3 by the first communication unit 53.
  • the authenticator reception processing unit 41 of the gateway 3 receives the authenticator determination request transmitted from the inspection device 5, and acquires the authenticator with the electronic signature, the ID, and the random number included therein.
  • the electronic signature determination processing unit 42 performs decryption processing using the public key information 32b stored in the storage unit 32 on the electronic signature attached to the received authenticator, thereby obtaining the encrypted electronic signature. Decrypt into the original authenticator (expiration date information and hash value).
  • the electronic signature determination processing unit 42 determines whether the electronic signature attached to the authenticator is correct according to whether or not the received authenticator matches the decrypted authenticator.
  • the public key information 32b stored in the storage unit 32 of the gateway 3 is paired with the secret key information 72b stored in the storage unit 72 of the server device 7.
  • the public key information 32b may be stored in the storage unit 32 in the manufacturing process of the gateway 3 or the vehicle 1, for example, or may be acquired by the gateway 3 through communication inside and outside the vehicle, or may be stored in the storage unit 32 by a method other than these. It may be stored.
  • the expiration date determination processing unit 43 of the gateway 3 acquires current time information (information such as year / month / day / hour / minute / second), and the acquired expiration date indicated in the expiration date information included in the authenticator received. It is determined whether it is in.
  • the hash value determination processing unit 44 combines the ID and random number received together with the authenticator into one data, and uses this data as a predetermined hash function (the same hash used by the hash value calculation processing unit 82 of the server device 7). The hash value is calculated by inputting to the function).
  • the hash value determination processing unit 44 determines whether or not the hash value is correct depending on whether or not the hash value included in the authenticator matches the hash value calculated by itself.
  • the processing unit 31 of the gateway 3 determines that the electronic signature attached to the received authenticator is correct, the electronic signature determination processing unit 42 determines that the authenticator is within the expiration date, and the expiration date determination processing unit 43 determines, In addition, when the hash value determination processing unit 44 determines that the hash value included in the authenticator is correct, the authenticator determination result indicating that the authenticator is determined to be correct to the inspection device 5 is transmitted to the outside communication. This is transmitted by the unit 34. When the processing unit 31 determines that the electronic signature is not correct, the authenticator is not within the expiration date, or the hash value is not correct, the authenticator determination indicates that the authenticator is determined to be invalid. The result is transmitted to the inspection device 5.
  • an authentication process is started between the inspection device 5 and the gateway 3.
  • the authentication processing unit 64 of the inspection device 5 transmits the ID and password included in the authentication information 52 b stored in the storage unit 52 to the gateway 3 and requests the gateway 3 for authentication.
  • the authentication processing unit 45 of the gateway 3 requested to authenticate depends on whether the ID and password transmitted from the inspection device 5 match the ID and password stored in the authentication information 32 c of the storage unit 32. It is determined whether or not the inspection device 5 is authenticated.
  • the ID and password used for the authentication process performed between the inspection device 5 and the gateway 3 are different from the ID and password that the inspection device 5 transmits to the server device 7 as an authenticator generation request (however, the same one is used). May be).
  • FIG. 6 is a flowchart showing a procedure of processing performed by the inspection apparatus 5.
  • the authenticator generation request transmission processing unit 61 of the inspection apparatus 5 connected to the server device 7 by an operator and given an instruction to generate an authenticator generation request for the server device 7 is the authentication information stored in the storage unit 52.
  • the ID and password included in 52b are read (step S1).
  • the authenticator generation request transmission processing unit 61 generates a random number using a predetermined random number generation algorithm, and stores the generated random number in the storage unit 52 or the like (step S2).
  • the authenticator generation request transmission processing unit 61 transmits the authenticator generation request including the ID and password read in step S1 and the random number generated in step S2 to the server device 7 in the second communication unit 54. (Step S3).
  • the authenticator reception processing unit 62 of the inspection device 5 determines whether or not the authenticator transmitted from the server device 7 is received in response to the authenticator generation request transmitted in step S3 (step S4).
  • the authenticator reception processing unit 62 waits until the authenticator from the server device 7 is received.
  • the authenticator reception processing unit 62 stores the received authenticator in the storage unit 52 or the like.
  • the authenticator transmission processing unit 63 of the inspection device 5 is stored in the storage unit 52.
  • the ID included in the stored authentication information 52b and the random number stored in step S2 are read (step S5).
  • the authenticator transmission processing unit 63 sends an authenticator determination request including the authenticator received from the server device 7 in step S4 and the ID and random number read in step S5 to the gateway 3 in the first communication unit 53. Transmit (step S6).
  • the processing unit 51 of the inspection apparatus 5 determines whether or not the determination result transmitted from the gateway 3 has been received in response to the authenticator determination request transmitted in Step S6 (Step S7). When the determination result from the gateway 3 is not received (S7: NO), the processing unit 51 waits until the determination result is received. When the determination result is received (S7: YES), the processing unit 51 determines whether or not the received determination result is a determination result that the authenticator is correct (step S8). When the authenticator is a correct determination result (S8: YES), the authentication processing unit 64 of the inspection device 5 performs an authentication process with the gateway 3 (step S9) and ends the process.
  • the authentication processing unit 64 transmits a concession such as an ID and a password included in the authentication information 52 b stored in the storage unit 52 to the gateway 3 and requests the gateway 3 for authentication. If the determination result indicates that the authenticator is incorrect (S8: NO), the processing unit 51 ends the process without performing the authentication process with the gateway 3.
  • FIG. 7 is a flowchart showing a procedure of processing performed by the server device 7.
  • the authenticator generation request reception processing unit 81 of the server device 7 determines whether or not the authentication unit generation request from the inspection device 5 has been received by the communication unit 73 (step S21). When an authenticator generation request has not been received (S21: NO), the authenticator generation request reception processing unit 81 waits until an authenticator generation request is received. When the authentication code generation request is received S (S21: YES), the processing unit 71 of the server device 7 registers the ID and password included in the received authentication code generation request and the authentication information 72c stored in the storage unit 72. The obtained ID and password are compared (step S22).
  • the processing unit 71 determines whether the ID and password included in the received authenticator generation request are correct (step S23). If the ID and password are not correct (S23: NO), the processing unit 71 notifies the requesting inspection device 5 of an error (step S28), and ends the process.
  • the authenticator generation processing unit 83 of the server device 7 If the ID and password are correct (S23: YES), the authenticator generation processing unit 83 of the server device 7 generates, for example, expiration date information indicating a predetermined period after the current time (step S24).
  • the hash value calculation processing unit 82 of the server device 7 combines the ID and random number included in the authenticator generation request received in step S21 into one data, and inputs this data to a predetermined hash function to generate a hash. A value is calculated (step S25).
  • the signature addition processing unit 84 of the server device 7 uses the secret key information 72b stored in the storage unit 72 based on the expiration date information generated in step S24 and the hash value calculated in step S25.
  • An electronic signature is generated by the encryption algorithm (step S26).
  • the authenticator transmission processing unit 85 of the server device 7 adds the electronic signature generated in step S26 to the authenticator including the expiration date information generated in step S24 and the hash value calculated in step S25. It transmits to the inspection apparatus 5 by the communication part 73 (step S27), and complete
  • FIG. 8 is a flowchart showing a procedure of processing performed by the gateway 3.
  • the authentication code reception processing unit 41 of the gateway 3 determines whether or not the authentication code determination request is received from the inspection device 5 by the outside communication unit 34 (step S41).
  • the authenticator reception processing unit 41 waits until the authenticator determination request is received.
  • the authenticator reception processing unit 41 stores information such as an authenticator with an electronic signature, an ID, and a random number included in the received authenticator determination request in the storage unit 32 or the like.
  • the electronic signature determination processing unit 42 of the gateway 3 decrypts the electronic signature attached to the received authenticator using the public key information 32b stored in the storage unit 32, and receives the received authenticator and the decrypted authenticator. Are compared with each other (step S42).
  • the electronic signature determination processing unit 42 determines whether or not the received electronic signature is correct according to whether or not the two authenticators match by the electronic signature determination (step S43).
  • the processing unit 31 of the gateway 3 transmits the determination result that the received authenticator is incorrect to the inspection device 5 by the outside communication unit 34 (step S50). The process is terminated.
  • the hash value determination processing unit 44 of the gateway 3 combines the ID and random number received together with the authenticator into one data, and this data is converted into a predetermined hash function. A hash value is calculated by inputting, and a hash value determination is performed for comparison with a hash value included in the received authenticator (step S44). The hash value determination processing unit 44 determines whether or not the received hash value is correct depending on whether or not the hash value included in the authenticator matches the hash value calculated by itself ( Step S45). When the hash value is not correct (S45: NO), the processing unit 31 transmits a determination result indicating that the received authenticator is incorrect to the inspection device 5 by the in-vehicle communication unit 34 (step S50), and performs processing. finish.
  • the expiration date determination processing unit 43 of the gateway 3 performs an expiration date determination that compares the current time information with the expiration date information included in the received authenticator. (Step S46).
  • the expiration date determination processing unit 43 determines whether or not the received authenticator is within the expiration date by determining whether or not the current time information is within the expiration date indicated in the expiration date information included in the received authenticator. It is determined whether or not there is (step S47).
  • the processing unit 31 transmits the determination result that the received authenticator is not correct to the inspection device 5 by the out-of-vehicle communication unit 34 (step S50). Exit.
  • the processing unit 31 transmits a determination result indicating that the received authenticator is correct to the inspection device 5 by the outside communication unit 34 (step S48). Thereafter, the authentication processing unit 45 of the gateway 3 performs authentication processing with the inspection device 5 (step S49), and ends the processing. At this time, in response to the authentication request given from the inspection device 5, the authentication processing unit 45 determines whether the information such as the ID and password given together with the authentication request is correct or not based on the authentication information 32c stored in the storage unit 32. judge.
  • the authentication system according to Embodiment 1 having the above configuration is a configuration in which the inspection device 5 outside the vehicle 1 makes an authentication request to the gateway 3 and an authentication process is performed in response to this request. Needs to acquire the authenticator generated by the server device 7 and transmit it to the gateway 3 prior to the authentication process with the gateway 3.
  • the server device 7 generates an authenticator including expiration date information, assigns an electronic signature to the generated authenticator using the private key information 72b stored in the storage unit 72, and authenticates the electronic signature.
  • the child is transmitted to the inspection device 5.
  • the inspection device 5 transmits the authenticator with the electronic signature received from the server device 7 to the gateway 3 that requests authentication.
  • the gateway 3 that has received the authenticator from the inspection device 5 determines whether the electronic signature attached to the authenticator is correct or not, and the authenticator is within the valid period based on the valid period information included in the authenticator. It is determined whether or not there is. When the electronic signature is correct and the authenticator is within the validity period, the gateway 3 performs an authentication process with the inspection device 5. Note that the authentication process performed thereafter may be the same as the conventional authentication process, for example, transmitting and receiving information such as an ID and a password.
  • the inspection device 5 transmits the authenticator acquired from the third device, that is, the server device 7, to the gateway 3,
  • the gateway 3 that has received this determines whether or not to perform authentication processing based on information included in the authenticator.
  • the apparatus which can perform an authentication process with the gateway 3 is restricted to the apparatus which can acquire a correct authenticator from the server apparatus 7, the reliability of the apparatus which performs an authentication process can be improved.
  • an expiration date for the authenticator it is possible to limit the period during which the authenticator transmitted by the server device 7 can be used, so that safer and more reliable authentication processing can be performed.
  • the server device 7 stores the secret key information 72b in the storage unit 72, and generates an electronic signature using the secret key information 72b.
  • the gateway 3 stores the public key information 32b corresponding to the secret key information 72b used by the server device 7 in the storage unit 32, and stores the publicity of the electronic signature attached to the authenticator given from the inspection device 5 The determination is made using the key information 32b. In other words, information on the public key cryptosystem is exchanged between the server device 7 and the gateway 3. As compared with the encryption method in which the gateway 3 stores the secret key information, the acquisition and management of the key information by the gateway 3 can be facilitated.
  • the inspection device 5 transmits an authenticator generation request including information such as an ID, a password, and a random number to the server device 7.
  • the server device 7 calculates a hash value based on the ID and random number included in the authenticator generation request.
  • the server device 7 generates an authenticator including the expiration date information and the hash value and transmits it to the inspection device 5.
  • the inspection device 5 that has received the authentication code from the server device 7 attaches the ID and random number information to the authentication code and transmits it to the gateway 3.
  • the gateway 3 calculates a hash value based on the ID and random number information attached to the authenticator, and compares the hash value included in the authenticator to determine whether the hash value is correct.
  • the gateway 3 performs an authentication process with the inspection device 5 when the electronic signature is correct, the authenticator is within the expiration date, and the hash value is correct. Accordingly, the server device 7 can embed information (ID and hash value of random number) for specifying the inspection device 5 in the authenticator. Since the inspection device 5 needs to transmit an ID and a random number together with the authenticator to the gateway 3, it is possible to prevent a malicious third party who has illegally acquired only the authenticator from performing authentication processing with the gateway 3.
  • the authentication process performed by the inspection device 5 and the gateway 3 is performed by exchanging information such as an ID and a password.
  • the server device 7 stores the private key information 72b
  • the gateway 3 stores the public key information 32b
  • the electronic signature is determined by the public key cryptosystem.
  • the present invention is not limited to this.
  • the gateway 3 may store the secret key information and determine the electronic signature by the secret key encryption method.
  • the server device 7 is configured to calculate a hash value based on the ID and the random number, and to transmit an authenticator including the hash value to the inspection device 5, but the configuration is not limited thereto.
  • the server device 7 may be configured to calculate a value other than the hash value based on the ID and the random number and transmit an authenticator including the calculated value.
  • the authentication system according to the present embodiment is configured such that the server device 7, the inspection device 5, and the gateway 3 perform processing by sending and receiving the authenticator.
  • these devices are examples, and It is not limited to. That is, the authentication system according to the present embodiment has a configuration in which the server device 7 is an authenticator generation device, the inspection device 5 is an authentication request device, and the gateway 3 is an in-vehicle electronic device, but is not limited thereto.
  • the three devices, that is, the authenticator generating device, the authentication requesting device, and the in-vehicle electronic device that constitute the authentication system may be any device, for example, the configuration shown in the following modification may be adopted.
  • the configuration of the apparatus is not limited to the following modifications.
  • FIG. 9 is a schematic diagram illustrating a configuration example of an authentication system according to the first modification.
  • the authentication system according to the modified example 1 is configured to use the smartphone 105 as an authentication requesting device instead of the inspection device 5 of the authentication system shown in FIG.
  • the smartphone 105 can perform wireless communication between the gateway 3 of the vehicle 1 and the server device 7 via a wireless network such as a mobile phone communication network or a wireless local area network (LAN).
  • a wireless network such as a mobile phone communication network or a wireless local area network (LAN).
  • the process performed by the smartphone 105 regarding the authentication process is the same as the process performed by the inspection apparatus 5 described above, and the authentication application (application program for authentication process) downloaded to the smartphone 105 performs the process illustrated in FIG.
  • FIG. 10 is a schematic diagram illustrating a configuration example of an authentication system according to the second modification.
  • the authentication system according to the modified example 2 is configured such that the gateway 103 mounted on the vehicle 1 requests the ECU 102 for authentication.
  • the gateway 3 according to the modified example 2 can perform communication with the ECU 102 via the network in the vehicle 1 and wireless communication with the server device 7 via the wireless network.
  • the gateway 103 transmits the authenticator received from the server device 7 to the ECU 102, and the ECU 102 performs authentication processing with the gateway 3 when it is determined that the received authenticator is correct.
  • the authentication system according to Modification 2 has a configuration in which the server device 7 is an authenticator generating device, the gateway 103 is an authentication requesting device, and the ECU 102 is an in-vehicle electronic device.
  • the authentication requesting device may be any device inside or outside the vehicle 1.
  • the authentication system according to the second embodiment does not perform the hash value calculation and determination processing performed by the authentication system according to the first embodiment, but instead performs the second electronic signature assignment and determination processing. It is.
  • the apparatus configuration of the authentication system according to Embodiment 2 is the same as that of the authentication system according to Embodiment 1 shown in FIG.
  • FIG. 11 is a block diagram illustrating a configuration of the inspection apparatus 205 according to the second embodiment.
  • the inspection apparatus 205 according to the second embodiment adds a second signature addition processing unit 265 to the processing unit 51 and adds the second signature to the information stored in the storage unit 52 with respect to the inspection apparatus 5 according to the first embodiment.
  • secret key information 252c is added.
  • the second signature assignment processing unit 265 is stored in the storage unit 52 based on the authenticator and the electronic signature (first electronic signature) received from the server device 207 (described in FIG. 12) according to the second embodiment.
  • a process of generating a second electronic signature by performing an encryption process using the second secret key information 252c and assigning it to the authenticator is performed.
  • FIG. 12 is a block diagram illustrating a configuration of the server device 207 according to the second embodiment.
  • the server device 207 according to the second embodiment has a configuration in which the hash value calculation processing unit 82 is deleted from the server device 7 according to the first embodiment.
  • the signature addition processing unit 84 provided in the processing unit 71 in the server apparatus 207 according to the second embodiment is , A first signature assignment processing unit 284.
  • the secret key information 72b stored in the storage unit 72 is the first secret key information 272b.
  • FIG. 13 is a block diagram illustrating a configuration of the gateway 203 according to the second embodiment.
  • the gateway 203 according to the second embodiment is provided with a second electronic signature determination processing unit 246 in the processing unit 31 instead of the hash value determination processing unit 44 included in the gateway 3 according to the first embodiment, and in the storage unit 32.
  • the second public key information 232d is added to the information to be stored.
  • the electronic signature determination processing unit 42 provided in the processing unit 31 in the gateway 203 according to the second embodiment is a first electronic signature determination processing unit 242, and is stored in the storage unit 72.
  • the public key information 32b is first public key information 232b.
  • the second electronic signature determination processing unit 246 performs processing for determining whether the second electronic signature attached to the authenticator is correct or not based on the second public key information 232 d stored in the storage unit 72.
  • FIG. 14 is a timing chart for explaining processing performed by the authentication system according to the second embodiment.
  • the authenticator generation request transmission processing unit 61 of the inspection apparatus 205 to which an instruction to generate an authenticator is given by an operator at a dealer or the like acquires the ID and password included in the authentication information 52b of the storage unit 52, A request for generating an authenticator including this ID and password is transmitted to the server device 7 by the second communication unit 54.
  • the authenticator generation request reception processing unit 81 of the server device 207 receives the authenticator generation request from the inspection device 205, and acquires the ID and password included in the received authenticator generation request.
  • the authenticator generation request reception processing unit 81 compares the acquired ID and password with the ID and password stored in the authentication information 72c of the storage unit 72, so that the received authenticator generation request is valid. It is determined whether or not. If the authenticator generation request is not valid, the authenticator generation request reception processing unit 81 notifies the sender of the authenticator generation request of an error.
  • the authenticator generation processing unit 83 of the server device 207 If the authenticator generation request is valid, the authenticator generation processing unit 83 of the server device 207 generates an authenticator. At this time, the authenticator generation processing unit 83 generates the expiration date information of the authenticator, and uses this expiration date information as the authenticator.
  • the first signature assignment processing unit 284 of the server device 207 performs an encryption process using the first secret key information 272b stored in the storage unit 72 on the generated authenticator, and the encrypted data is stored in the first data. It is given to the authenticator as one electronic signature.
  • the authenticator transmission processing unit 85 of the server device 207 transmits the authenticator attached with the first electronic signature to the inspection device 205 using the communication unit 73.
  • the authenticator reception processing unit 62 of the inspection device 205 receives the authenticator with the first electronic signature transmitted from the server device 207 by the second communication unit 54 and stores it in the storage unit 52, for example.
  • the second signature addition processing unit 265 of the inspection apparatus 205 combines the received authenticator and the first electronic signature into one data, and uses the second secret key information 252c stored in the storage unit 52 for this data.
  • the encryption process used is performed, and the encrypted data is assigned to the authenticator as the second electronic signature.
  • the authentication code transmission processing unit 63 of the inspection device 205 includes an authentication code to which the first electronic signature and the second electronic signature are attached.
  • the authenticator determination request is transmitted to the gateway 203 by the first communication unit 53.
  • the authenticator reception processing unit 41 of the gateway 203 receives the authenticator determination request transmitted from the inspection device 205, and acquires the authenticator, the first electronic signature, and the second electronic signature included therein.
  • the first electronic signature determination processing unit 242 performs encryption processing on the first electronic signature attached to the received authenticator by performing decryption processing using the first public key information 232b stored in the storage unit 32.
  • the converted first electronic signature is decrypted into the original authenticator (expiration date information).
  • the first electronic signature determination processing unit 242 determines whether the first electronic signature attached to the authenticator is correct according to whether or not the received authenticator matches the decrypted authenticator.
  • the first public key information 232b stored in the storage unit 32 of the gateway 203 is paired with the first secret key information 272b stored in the storage unit 72 of the server device 207.
  • the second electronic signature determination processing unit 246 performs encryption processing on the second electronic signature attached to the received authenticator by performing decryption processing using the second public key information 232d stored in the storage unit 32.
  • the converted second electronic signature is decrypted into the original authenticator (expiration date information + first electronic signature).
  • the second electronic signature determination processing unit 246 selects the second electronic signature attached to the authenticator depending on whether the received authenticator and the first electronic signature match the decrypted authenticator and the first electronic signature. Whether or not is correct is determined.
  • the second public key information 232d stored in the storage unit 32 of the gateway 203 is paired with the second secret key information 252c stored in the storage unit 52 of the inspection device 205.
  • the expiration date determination processing unit 43 of the gateway 203 acquires the current time information, and determines whether or not the acquired time information is within the expiration date indicated in the expiration date information included in the received authenticator.
  • the processing unit 31 of the gateway 203 determines that the first electronic signature determination processing unit 242 determines that the first electronic signature attached to the received authenticator is correct, and determines that the second electronic signature attached to the authenticator is correct.
  • the electronic signature determination processing unit 246 determines and the expiration date determination processing unit 43 determines that the authentication code is within the expiration date, it is determined that the authentication code is correct for the inspection device 205. Is transmitted by the outside communication unit 34. If the processing unit 31 determines that the first electronic signature is not correct, the second electronic signature is incorrect, or the authenticator is not within the validity period, it indicates that the authenticator is determined to be invalid.
  • the authenticator determination result shown is transmitted to the inspection device 205.
  • an authentication process is started between the inspection device 205 and the gateway 203.
  • the authentication processing unit 64 of the inspection apparatus 205 transmits the ID and password included in the authentication information 52 b stored in the storage unit 52 to the gateway 203 and requests the gateway 203 for authentication.
  • the authentication processing unit 45 of the gateway 203 requested to authenticate depends on whether the ID and password transmitted from the inspection device 205 match the ID and password stored in the authentication information 32 c of the storage unit 32. It is determined whether or not the inspection device 205 is authenticated.
  • the inspection device 205 stores the second secret key information 252c in the storage unit 52, and the authentication device with the first electronic signature received from the server device 207 is used.
  • the second electronic signature is attached using the second secret key information 252c and transmitted to the gateway 203.
  • the gateway 203 stores the second public key information 232d corresponding to the second secret key information 252c stored in the inspection device 205 in the storage unit 32, and the second electronic information attached to the authenticator received from the inspection device 205. Determine whether the signature is correct.
  • the gateway 203 checks if the first electronic signature attached by the server device 207 is correct, the authenticator is within the validity period, and the second electronic signature attached by the inspection device 205 is correct. Authentication processing with the device 205 is performed. By attaching two electronic signatures to the authenticator in this way, the reliability of the authenticator received by the gateway 203 can be improved.
  • the authentication system according to the second embodiment is configured not to perform the authenticator determination process based on the hash value
  • the present invention is not limited to this, and may be configured to further perform the authenticator determination process based on the hash value. Good.
  • the gateway The authentication process may be performed.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mechanical Engineering (AREA)
  • Lock And Its Accessories (AREA)

Abstract

L'invention concerne un système d'authentification, un dispositif de demande d'authentification, un dispositif électronique embarqué, un programme d'ordinateur et un procédé de traitement d'authentification desquels peut être attendue la réalisation d'un traitement d'authentification de manière plus sécurisée et plus fiable. Un dispositif d'inspection transmet, à un dispositif de serveur, une requête pour générer un élément d'authentification. Le dispositif de serveur, ayant reçu la requête de génération d'élément d'authentification, génère un élément d'authentification qui comprend des informations de période de validité, joint une signature électronique à l'élément d'authentification généré, et transmet l'élément d'authentification de cette dernière au dispositif d'inspection. Le dispositif d'inspection, ayant reçu l'élément d'authentification à partir du dispositif de serveur, transmet, à une passerelle, l'élément d'authentification auquel la signature électronique a été ajoutée. Si la signature électronique jointe à l'élément d'authentification est correcte, et que l'élément d'authentification tombe dans la période de validité comprenant, la passerelle, qui a reçu l'élément d'authentification à partir du dispositif d'inspection, réalise un traitement d'authentification par rapport au dispositif d'inspection.
PCT/JP2017/001239 2016-01-21 2017-01-16 Système d'authentification, dispositif de demande d'authentification, dispositif électronique embarqué, programme d'ordinateur et procédé de traitement d'authentification WO2017126471A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2016-010032 2016-01-21
JP2016010032A JP2017130845A (ja) 2016-01-21 2016-01-21 認証システム、認証要求装置、車載電子機器、コンピュータプログラム及び認証処理方法

Publications (1)

Publication Number Publication Date
WO2017126471A1 true WO2017126471A1 (fr) 2017-07-27

Family

ID=59362315

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2017/001239 WO2017126471A1 (fr) 2016-01-21 2017-01-16 Système d'authentification, dispositif de demande d'authentification, dispositif électronique embarqué, programme d'ordinateur et procédé de traitement d'authentification

Country Status (2)

Country Link
JP (1) JP2017130845A (fr)
WO (1) WO2017126471A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113759756A (zh) * 2020-06-04 2021-12-07 株式会社东海理化电机制作所 处理装置、系统、计算机可读存储介质以及对照装置
CN113853766A (zh) * 2019-07-05 2021-12-28 住友电气工业株式会社 中继装置和车辆通信方法

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6977635B2 (ja) * 2018-03-15 2021-12-08 大日本印刷株式会社 車両鍵配信システムおよび汎用スキャンツール
CN114244747B (zh) * 2021-11-12 2023-11-17 潍柴动力股份有限公司 一种报文健康监控方法、装置及ecu

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002207426A (ja) * 2001-01-10 2002-07-26 Sony Corp 公開鍵証明書発行システム、公開鍵証明書発行方法、および電子認証装置、並びにプログラム記憶媒体
JP2004080174A (ja) * 2002-08-13 2004-03-11 Ntt Data Corp Ic、データ処理システム及びコンピュータプログラム
JP2013171378A (ja) * 2012-02-20 2013-09-02 Denso Corp 車両用データ通信認証システム及び車両用ゲートウェイ装置
US20150100197A1 (en) * 2013-10-04 2015-04-09 GM Global Technology Operations LLC Securing vehicle service tool data communications
JP2015076018A (ja) * 2013-10-10 2015-04-20 株式会社オートネットワーク技術研究所 通信システム及び照合方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2002207426A (ja) * 2001-01-10 2002-07-26 Sony Corp 公開鍵証明書発行システム、公開鍵証明書発行方法、および電子認証装置、並びにプログラム記憶媒体
JP2004080174A (ja) * 2002-08-13 2004-03-11 Ntt Data Corp Ic、データ処理システム及びコンピュータプログラム
JP2013171378A (ja) * 2012-02-20 2013-09-02 Denso Corp 車両用データ通信認証システム及び車両用ゲートウェイ装置
US20150100197A1 (en) * 2013-10-04 2015-04-09 GM Global Technology Operations LLC Securing vehicle service tool data communications
JP2015076018A (ja) * 2013-10-10 2015-04-20 株式会社オートネットワーク技術研究所 通信システム及び照合方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
REIICHIRO IMOTO ET AL.: "Jidosha to Smartphone no Renkei Service ni Okeru Security Taisaku no Ichi Kosatsu", NEN SYMPOSIUM ON CRYPTOGRAPHY AND INFORMATION SECURITY (SCIS2016, 19 January 2016 (2016-01-19) *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113853766A (zh) * 2019-07-05 2021-12-28 住友电气工业株式会社 中继装置和车辆通信方法
CN113853766B (zh) * 2019-07-05 2024-03-05 住友电气工业株式会社 中继装置和车辆通信方法
CN113759756A (zh) * 2020-06-04 2021-12-07 株式会社东海理化电机制作所 处理装置、系统、计算机可读存储介质以及对照装置

Also Published As

Publication number Publication date
JP2017130845A (ja) 2017-07-27

Similar Documents

Publication Publication Date Title
CN110785961B (zh) 车载认证系统、通信装置、车载认证装置、记录介质、通信装置的认证方法及制造方法
CN109076078B (zh) 用以建立和更新用于安全的车载网络通信的密钥的方法
CN111131313B (zh) 智能网联汽车更换ecu的安全保障方法及系统
CN107784223B (zh) 用于将证书传输到设备中的仪器的计算机装置
US9577997B2 (en) Authentication system and authentication method
CN109479000B (zh) 再利用系统、密钥生成装置、数据安全装置、车载计算机、再利用方法以及存储介质
CN110099037B (zh) 基于证书的控制单元遥控钥匙配对
JP5950225B2 (ja) サーバ装置、車載端末、情報通信方法および情報配信システム
CN112019340B (zh) 认证系统
WO2017126471A1 (fr) Système d'authentification, dispositif de demande d'authentification, dispositif électronique embarqué, programme d'ordinateur et procédé de traitement d'authentification
CN110572418A (zh) 车辆身份认证的方法、装置、计算机设备及存储介质
JP5772692B2 (ja) 車載制御装置の認証システム及び車載制御装置の認証方法
JP2015014910A (ja) 情報配信システムおよびそれに用いるサーバ、車載端末、通信端末
CN111565182B (zh) 一种车辆诊断方法、装置及存储介质
JP2013015884A (ja) 認証システムおよび認証方法
CN109218025A (zh) 方法、安全装置和安全系统
CN115396121A (zh) 安全芯片ota数据包的安全认证方法及安全芯片装置
KR20170045134A (ko) 비대칭 키 유도를 위한 방법 및 시스템
JP2018121220A (ja) 車載ネットワークシステム
CN109743283B (zh) 一种信息传输方法及设备
JP2016134834A (ja) 車載ゲートウェイ装置及び車載ネットワークシステム
JP2020088836A (ja) 車両メンテナンスシステム、メンテナンスサーバ装置、管理サーバ装置、車載装置、メンテナンスツール、コンピュータプログラム及び車両メンテナンス方法
CN112347481A (zh) 安全启动方法、控制器和控制系统
JP2020088417A (ja) 車両メンテナンスシステム、メンテナンスサーバ装置、認証装置、メンテナンスツール、コンピュータプログラム及び車両メンテナンス方法
JP2019149707A (ja) 検証装置および検証システム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17741349

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17741349

Country of ref document: EP

Kind code of ref document: A1