WO2024047821A1 - 確認方法、確認装置、蓄電装置、確認システム、プログラム及びコンピュータ可読記憶媒体 - Google Patents

確認方法、確認装置、蓄電装置、確認システム、プログラム及びコンピュータ可読記憶媒体 Download PDF

Info

Publication number
WO2024047821A1
WO2024047821A1 PCT/JP2022/032875 JP2022032875W WO2024047821A1 WO 2024047821 A1 WO2024047821 A1 WO 2024047821A1 JP 2022032875 W JP2022032875 W JP 2022032875W WO 2024047821 A1 WO2024047821 A1 WO 2024047821A1
Authority
WO
WIPO (PCT)
Prior art keywords
verification information
battery
authentication
verification
unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2022/032875
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
裕考 原田
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Honda Motor Co Ltd
Original Assignee
Honda Motor Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Honda Motor Co Ltd filed Critical Honda Motor Co Ltd
Priority to CN202280099418.5A priority Critical patent/CN119856446A/zh
Priority to EP22957418.1A priority patent/EP4583454A1/en
Priority to JP2024543714A priority patent/JPWO2024047821A1/ja
Priority to PCT/JP2022/032875 priority patent/WO2024047821A1/ja
Priority to AU2022476511A priority patent/AU2022476511A1/en
Priority to KR1020257005805A priority patent/KR20250059397A/ko
Publication of WO2024047821A1 publication Critical patent/WO2024047821A1/ja
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60LPROPULSION OF ELECTRICALLY-PROPELLED VEHICLES; SUPPLYING ELECTRIC POWER FOR AUXILIARY EQUIPMENT OF ELECTRICALLY-PROPELLED VEHICLES; ELECTRODYNAMIC BRAKE SYSTEMS FOR VEHICLES IN GENERAL; MAGNETIC SUSPENSION OR LEVITATION FOR VEHICLES; MONITORING OPERATING VARIABLES OF ELECTRICALLY-PROPELLED VEHICLES; ELECTRIC SAFETY DEVICES FOR ELECTRICALLY-PROPELLED VEHICLES
    • B60L53/00Methods of charging batteries, specially adapted for electric vehicles; Charging stations or on-board charging equipment therefor; Exchange of energy storage elements in electric vehicles
    • B60L53/60Monitoring or controlling charging stations
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60LPROPULSION OF ELECTRICALLY-PROPELLED VEHICLES; SUPPLYING ELECTRIC POWER FOR AUXILIARY EQUIPMENT OF ELECTRICALLY-PROPELLED VEHICLES; ELECTRODYNAMIC BRAKE SYSTEMS FOR VEHICLES IN GENERAL; MAGNETIC SUSPENSION OR LEVITATION FOR VEHICLES; MONITORING OPERATING VARIABLES OF ELECTRICALLY-PROPELLED VEHICLES; ELECTRIC SAFETY DEVICES FOR ELECTRICALLY-PROPELLED VEHICLES
    • B60L53/00Methods of charging batteries, specially adapted for electric vehicles; Charging stations or on-board charging equipment therefor; Exchange of energy storage elements in electric vehicles
    • B60L53/60Monitoring or controlling charging stations
    • B60L53/65Monitoring or controlling charging stations involving identification of vehicles or their battery types
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60LPROPULSION OF ELECTRICALLY-PROPELLED VEHICLES; SUPPLYING ELECTRIC POWER FOR AUXILIARY EQUIPMENT OF ELECTRICALLY-PROPELLED VEHICLES; ELECTRODYNAMIC BRAKE SYSTEMS FOR VEHICLES IN GENERAL; MAGNETIC SUSPENSION OR LEVITATION FOR VEHICLES; MONITORING OPERATING VARIABLES OF ELECTRICALLY-PROPELLED VEHICLES; ELECTRIC SAFETY DEVICES FOR ELECTRICALLY-PROPELLED VEHICLES
    • B60L53/00Methods of charging batteries, specially adapted for electric vehicles; Charging stations or on-board charging equipment therefor; Exchange of energy storage elements in electric vehicles
    • B60L53/80Exchanging energy storage elements, e.g. removable batteries
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/26Special purpose or proprietary protocols or architectures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/08Randomization, e.g. dummy operations or using noise
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Definitions

  • the present invention relates to a confirmation method, a confirmation device, a power storage device, a confirmation system, a program, and a computer-readable storage medium.
  • Patent Document 1 discloses a management device that authenticates a battery by comparing an authentication key stored in a battery returned to a battery station with an authentication key stored in the battery station.
  • Patent Document 2 discloses a battery station that uses a whitelist method to determine whether or not a battery can be accepted.
  • a confirmation method is provided.
  • the above confirmation method is, for example, a confirmation method for the confirmation device to confirm whether or not the device to be confirmed is a regular device.
  • the above verification method includes, for example, the step of transmitting first verification information to the device to be verified.
  • the above verification method includes, for example, converting first verification information based on second verification information to generate third verification information.
  • the above verification method includes, for example, (i) the verified device converting the first verification information based on the second verification information and fourth verification information that satisfies the first mathematical relationship; or (ii) the verified device determines a second mathematical relationship that the third verification information and the fifth verification information should satisfy when the verified device is a regular device.
  • the above confirmation method includes, for example, a step of determining whether the device to be confirmed is a regular device based on the third verification information and the fifth verification information or the sixth verification information.
  • the step of determining includes (a) determining whether or not the third verification information and the fifth verification information satisfy the second mathematical relationship when the fifth verification information is received. including the step of determining.
  • the determining step includes, for example, (b) determining whether the third verification information and the sixth verification information match when the sixth verification information is received.
  • the second mathematical relationship is determined based on the first mathematical relationship, for example.
  • the step of determining whether or not the third verification information and the fifth verification information satisfy the second mathematical relationship includes converting the third verification information and the fifth verification information to the first verification
  • the method may include a step of processing information according to an algorithm to generate seventh verification information.
  • the above determining step includes transmitting information from the device to be confirmed to the third verification information and the fifth verification information when the second verification information and the fourth verification information satisfy the first mathematical relationship.
  • the method may include the step of obtaining eighth verification information indicating a calculation result that would have been obtained if the information was processed according to the first verification algorithm.
  • the above determining step may include a step of determining whether the seventh verification information and the eighth verification information match.
  • the method may include a step of confirming that the device to be confirmed is not a legitimate device or that the device to be confirmed is a non-genuine device. Any of the above confirmation methods is performed when it is determined that the third verification information and the fifth verification information satisfy the second mathematical relationship, or when it is determined that the third verification information and the sixth verification information match. If the confirmed device is authenticated, the method may include a step of confirming that the confirmed device is a legitimate device or that the confirmed device is not an unauthorized device.
  • Any of the above confirmation methods includes (i) acquiring the second verification information from the manufacturer or transferor of the verification device, or the issuer of the second verification information and the fourth verification information, or (ii) The method may include a step of acquiring second verification information from a first external device that is configured to be able to communicate wirelessly with the verification device and that has confirmed that the verification device is an authorized device. Any of the above verification methods may include a step of storing the second verification information acquired in the step of acquiring the second verification information in a first storage device disposed in the verification device.
  • Any of the above confirmation methods includes (i) acquiring the fourth verification information from the manufacturer or transferor of the device to be verified, or the issuer of the second verification information and the fourth verification information, or (ii) )
  • the method may include the step of acquiring fourth verification information from a second external device that is configured to be able to communicate wirelessly with the device to be verified and that has confirmed that the device to be verified is a legitimate device.
  • Any of the above confirmation methods may include the step of storing the fourth verification information acquired in the step of acquiring the fourth verification information in a second storage device disposed in the device to be verified.
  • Any of the above verification methods may include the step of receiving second verification information encrypted using the first private key from the device to be verified. Any of the above verification methods may include the step of decrypting the encrypted second verification information using a first public key corresponding to the first private key. Any of the above verification methods may include the step of receiving unencrypted second verification information from the device to be verified. Any of the above confirmation methods may include a step of determining whether the unencrypted second verification information and the decrypted second verification information match. The step of generating the third verification information includes generating the first verification information based on the second verification information when it is determined in the determining step that the unencrypted second verification information and the decrypted second verification information match. The method may include converting the verification information to generate third verification information.
  • Any of the above verification methods may include the step of obtaining second verification information signed using the first private key from the device to be verified. Any of the above verification methods may include the step of verifying the signature using a first public key corresponding to the first private key. In any of the above verification methods, the step of obtaining signed second verification information includes the step of acquiring the second verification information encrypted using the first private key and the unencrypted second verification information. It may include a step of obtaining. In any of the above verification methods, the step of verifying the signature may include the step of decrypting the encrypted second verification information using the first public key. In any of the above verification methods, the step of verifying the signature may include the step of determining whether the unencrypted second verification information and the decrypted second verification information match.
  • the step of generating the third verification information includes, in the determining step, when it is determined that the unencrypted second verification information and the decrypted second verification information match;
  • the method may include converting the first verification information based on the second verification information to generate third verification information.
  • the second verification information may be a public key.
  • the fourth verification information may be a private key corresponding to the public key.
  • Any of the above confirmation methods may include the step of generating random numbers.
  • Any of the above verification methods may include the step of generating first verification information based on random numbers.
  • Any of the above verification methods may include a step in which the verified device receives first verification information from the verification device. Any of the above verification methods may include a step in which the verified device generates fifth verification information based on the first verification information and the fourth verification information. Any of the above verification methods may include a step in which the verified device transmits the generated fifth verification information to the verification device.
  • the device to be confirmed may include a power storage device.
  • the confirmation device may be configured to be detachably attached to the power storage device of the device to be verified, and may include a charging/discharging device that charges and/or discharges the power storage device.
  • the verification device may be a first power device having a first terminal.
  • the device to be confirmed may be a second power device having a second terminal configured to be attachable to the first terminal. Any of the above confirmation methods is used when it is determined that the third verification information and the fifth verification information do not satisfy the second mathematical relationship, or when the third verification information and the sixth verification information do not match.
  • the method may further include the step of determining to prohibit or suppress power input/output between the first power device and the second power device.
  • the confirmation device may be a storage device that stores the device to be confirmed as a device to be stored.
  • the storage device may include a mounting section to which the stored device is mounted. Any of the above confirmation methods can be used (a) if it is determined that the third verification information and the fifth verification information do not satisfy the second mathematical relationship, or if the third verification information and the sixth verification information If it is determined that they do not match, deciding not to continue attaching the stored device to the attachment part or storing the stored device in a manner different from that of the regular device; and/or (b) ) When it is determined that the third verification information and the fifth verification information satisfy the second mathematical relationship, or when it is determined that the third verification information and the sixth verification information match, the stored device
  • the storage device may include a step of determining whether to continue mounting the stored device on the mounting portion or storing the stored device as a regular device.
  • the storage device may be configured to be able to store at least one of the plurality of storage devices.
  • Any of the above confirmation methods may include the step of acquiring shared use identification information for identifying a storage device that can be jointly used by a plurality of users, among a plurality of storage devices. Any of the above confirmation methods is performed when it is determined that the third verification information and the fifth verification information satisfy the second mathematical relationship, or when it is determined that the third verification information and the sixth verification information match. If the confirmed device is a stored device that can be used jointly by a plurality of users, the method may include a step of determining whether the confirmed device is a stored device that can be used jointly by a plurality of users, based on the shared use identification information.
  • the method may include a step of deciding to continue mounting the stored device in the mounting section or to store the stored device as a regular device.
  • a verification device in a second aspect of the invention, confirms whether the device to be confirmed is a legitimate device.
  • the confirmation device described above includes, for example, a first verification information transmitter that transmits first verification information to the device to be verified.
  • the above verification device includes, for example, a third verification information generation unit that converts the first verification information based on the second verification information and generates the third verification information.
  • the above-mentioned verification device may, for example, transmit from the verified device (i) the verified device converts the first verification information based on the second verification information and fourth verification information that satisfies the first mathematical relationship; or (ii) the verified device uses the second mathematical relationship that the third verification information and the fifth verification information should satisfy when the verified device is a regular device,
  • the present invention includes a response receiving unit that receives the first verification information and the sixth verification information derived from the fourth verification information or the fifth verification information.
  • the confirmation device described above includes a determination unit that determines whether the device to be verified is a regular device based on, for example, the third verification information and the fifth verification information or the sixth verification information.
  • the determination unit determines whether or not the third verification information and the fifth verification information satisfy the second mathematical relationship, for example, when (a) the fifth verification information is received. do. In the above verification device, the determination unit determines whether the third verification information and the sixth verification information match, for example, when (b) the sixth verification information is received.
  • a power storage device in a third aspect of the present invention, includes, for example, a power storage unit that stores electrical energy.
  • the power storage device described above includes, for example, an electric terminal for transmitting and receiving power to and from the first power device.
  • the first power device charges the power storage unit, for example.
  • the first power device uses, for example, the power discharged by the power storage unit.
  • the above power storage device includes, for example, a storage section that stores fourth verification information.
  • the above power storage device includes, for example, a first verification information acquisition unit that acquires first verification information from the first power device.
  • the power storage device generates the fifth verification information by converting the first verification information acquired by the first verification information acquisition unit based on the fourth verification information stored in the storage unit, or
  • the apparatus includes a response unit that generates sixth verification information obtained by converting the first verification information based on the fourth verification information and second verification information that satisfies the first mathematical relationship.
  • the response unit may transmit the fifth verification information or the sixth verification information to the first power device.
  • a verification system includes, for example, a power device.
  • the power device includes, for example, any confirmation device according to the second aspect.
  • the above confirmation system includes, for example, any of the power storage devices according to the third aspect.
  • the confirmation device confirms, for example, that the power storage device as the confirmed device that is the confirmation target of the confirmation device is a regular device.
  • a program is provided.
  • the above program may be a program for causing a computer to execute any of the confirmation methods according to the above first aspect.
  • the above program may be a program for causing a computer to function as the confirmation device according to the second aspect.
  • the above program may be a program for causing a computer to function as the power storage device according to the third aspect.
  • a computer readable storage medium stores, for example, any program according to the above fifth aspect.
  • the computer readable storage medium described above may be a non-transitory computer readable medium.
  • FIG. 1 schematically shows an example of a system configuration of a battery management system 100.
  • An example of the internal configuration of the mobile battery 20 is schematically shown.
  • An example of the internal configuration of the battery exchanger 120 is schematically shown.
  • An example of an authentication procedure for the mobile battery 20 is schematically shown.
  • An example of the internal configuration of the battery authentication section 378 is schematically shown.
  • An example of the internal configuration of the authentication support unit 232 is schematically shown.
  • An example of the internal configuration of the onboard device 330 is schematically shown.
  • An example of the internal configuration of onboard equipment 370 is schematically shown.
  • An example of the internal configuration of a mobile battery 920 is schematically shown.
  • An example of the procedure for acquiring the authentication public key 74 will be schematically shown.
  • An example of the procedure for acquiring the authentication public key 74 will be schematically shown. Another example of the authentication procedure of the mobile battery 20 is schematically shown. An example of the relationship between a response code and a verification code is schematically shown. An example of a procedure for verifying a response code and a verification code is schematically shown. Another example of the response code and verification code verification procedure will be schematically shown. An example of the internal configuration of a computer 5000 is schematically shown.
  • FIG. 1 schematically shows an example of a system configuration of a battery management system 100.
  • the battery management system 100 includes one or more (sometimes simply referred to as one or more) battery exchangers 120 and a management server 140.
  • the battery exchanger 120 includes one or more storage units 122 and a communication unit 126.
  • storage unit 122 includes one or more slots 124.
  • communication unit 126 includes a communication interface 128 .
  • Battery exchanger 120 may be referred to as a battery station.
  • each part of the battery management system 100 operates by consuming power received from the power grid 12. Further, each part of the battery management system 100 can send and receive information to and from each other via the communication network 14. One or more storage units 122 and communication unit 126 can exchange information with each other via a wired or wireless communication line (not shown).
  • the battery management system 100 manages one or more (sometimes referred to as one or more) mobile batteries 20.
  • the battery management system 100 provides a mobile battery 20 sharing service to the user 40 of the electric motorcycle 30 as an example. Details will be explained.
  • each of the one or more slots 124 arranged in the storage unit 122 of the battery exchanger 120 can store one or more mobile batteries 20. Further, each of the one or more slots 124 arranged in the storage unit 122 of the battery exchanger 120 can charge one or more mobile batteries 20.
  • a user 40 who has subscribed to the mobile battery 20 sharing service uses, for example, the communication terminal 42 to access the battery management system 100 and requests to rent the mobile battery 20.
  • the user 40 may reserve the rental of the mobile battery 20 by specifying the date, time and place at which the user wishes to rent the mobile battery 20 and the number of mobile batteries 20 desired to be rented.
  • Communication terminal 42 may access battery management system 100 via communication network 14 and may access battery management system 100 via battery exchanger 120 . Note that the user 40 may request the rental of the mobile battery 20 by operating the battery exchange machine 120.
  • the user 40 can take out the mobile battery 20 housed in the battery exchanger 120 (this may be referred to as taking out the mobile battery 20). Thereby, the user 40 can exchange the mobile battery 20 attached to the electric motorcycle 30 with the mobile battery 20 housed in the battery exchanger 120.
  • the user 40 removes the mobile battery 20 attached to the electric motorcycle 30 from the electric motorcycle 30.
  • the user 40 returns the mobile battery 20 removed from the electric motorcycle 30 to the battery exchange machine 120.
  • the battery exchange machine 120 dispenses the charged mobile battery 20 housed in the battery exchange machine 120.
  • the user 40 receives the charged mobile battery 20 from the battery exchanger 120 and attaches the charged mobile battery 20 to the electric motorcycle 30. Thereby, the mobile battery 20 is exchanged between the electric motorcycle 30 and the battery exchanger 120.
  • the battery exchanger 120 may be placed in a lockable building or on the premises, or may be placed outdoors in an unlocked state. Considering the convenience of the users 40, it is preferable that the battery exchanger 120 is placed in an environment where a large number of users 40 can freely use it. On the other hand, if the battery exchanger 120 is placed in an environment where a large number of users 40 can freely use the mobile battery 20 that is not under the management of the battery management system 100 (sometimes referred to as a non-regular mobile battery 20). ) may be inserted into slot 124 of battery exchanger 120.
  • the non-regular mobile battery 20 When a non-regular mobile battery 20 with different specifications from the regular mobile battery 20 is inserted into the slot 124, and the electrical terminal of the non-regular mobile battery 20 and the electrical terminal of the slot 124 are connected, the non-regular mobile battery 20 is inserted into the slot 124. There is a possibility that the usage conditions of the battery 20 deviate from the appropriate range. Further, since the battery exchanger 120 is used by a large number of users 40, the above-mentioned non-regular mobile battery 20 is dispensed to a user 40 different from the user 40 who inserted the non-regular mobile battery 20 into the slot 124. There is a possibility.
  • the non-genuine mobile battery 20 is not limited to a mobile battery 20 having specifications different from the mobile battery 20 (sometimes referred to as a regular mobile battery 20) under the management of the battery management system 100.
  • the non-genuine mobile battery 20 may have the same specifications as the regular mobile battery 20, or may have specifications based on the regular mobile battery 20.
  • the battery management system 100 manages the deterioration state of the regular mobile battery 20 and performs maintenance or replacement of the mobile battery 20 at an appropriate timing. Thereby, the user 40 can safely use the mobile battery 20. Moreover, since the mobile battery 20 with little deterioration is provided, the usage experience of the user 40 is improved.
  • the battery management system 100 cannot grasp the maintenance management status of the non-regular mobile battery 20. Therefore, if a poorly maintained mobile battery 20 is mixed into the mobile batteries 20 stored in the battery exchanger 120, the usage experience of the user 40 may deteriorate. Therefore, according to the present embodiment, when the mobile battery 20 is installed in the slot 124, the battery exchanger 120 executes the authentication process for the mobile battery 20.
  • the electric motorcycle 30 or the battery exchanger 120 acquires identification information (sometimes referred to as a battery ID) of the mobile battery 20 to be authenticated, and identifies the mobile battery 20 as the authentication target.
  • identification information sometimes referred to as a battery ID
  • a possible method is that the electric motorcycle 30 or the battery exchanger 120 authenticates the mobile battery 20 by doing so.
  • the battery management system 100 authenticates the mobile battery 20 using public key cryptography. Thereby, the battery management system 100 can confirm whether or not the mobile battery 20 installed in the slot 124 is a regular mobile battery 20 while solving the above problem.
  • the battery exchanger 120 authenticates the mobile battery 20 using public key cryptography.
  • a publicly known method may be adopted as the public key cryptosystem. Examples of public key cryptography include RSA cryptography and elliptic curve cryptography.
  • the battery exchanger 120 can be equipped with a processor that has better computing power than the processor installed in the mobile battery 20 or the electric motorcycle 30.
  • Public key cryptography has a larger computational load than common key cryptography. Therefore, when authenticating the mobile battery 20 using public key cryptography, the processor that executes the authentication process is required to execute complex calculations at high speed.
  • battery exchanger 120 may utilize a high-performance processor to authenticate mobile battery 20 using public key cryptography.
  • the key issuer 50 issues a pair of authentication private key 72 and authentication public key 74 for each of one or more mobile batteries 20.
  • the key issuer 50 may be the manufacturer or transferor of the mobile battery 20, the manufacturer or transferor of the battery exchanger 120, or the administrator or operator of the battery management system 100. good.
  • the key issuer 50 may be a natural person, a corporation, an organization, or an employee or staff member of the corporation or organization.
  • the key issuer 50 may issue a pair of authentication private key 72 and authentication public key 74 using the communication terminal 52 .
  • the key issuer 50 stores the authentication private key 72 of each of the one or more mobile batteries 20 in the storage device (not shown) of each of the one or more mobile batteries 20.
  • the key issuer 50 communicably connects the communication terminal 52 and the mobile battery 20, and transmits the authentication private key 72 corresponding to the mobile battery 20 connected to the communication terminal 52 from the communication terminal 52.
  • the mobile battery 20 is made to transmit.
  • the communication terminal 52 and the mobile battery 20 may send and receive information through wired communication, or may send and receive information through wireless communication.
  • the key issuer 50 may input the authentication private key 72 into an input device provided on the mobile battery 20, and may input the authentication private key 72 into the mobile battery 20 by providing a storage device storing the authentication private key 72. May be worn.
  • the key issuer 50 stores the authentication public key 74 of each of the one or more mobile batteries 20 in the storage device (not shown) of each of the one or more battery exchangers 120. In one embodiment, the key issuer 50 makes the authentication public key 74 of each of the one or more mobile batteries 20 available for acquisition by each of the one or more battery exchangers 120 .
  • the key issuer 50 operates the communication terminal 52 to create a database in which each of the one or more battery exchangers 120 stores the battery ID and authentication public key 74 for each of the one or more mobile batteries 20 in association with each other. Set it up so that you can access it.
  • the above database may be stored in the communication terminal 52 or the management server 140.
  • the key issuer 50 communicatively connects the communication terminal 52 and the battery exchanger 120 and causes the communication terminal 52 to transmit the above database to the battery exchanger 120.
  • the communication terminal 52 and the battery exchanger 120 may send and receive information through wired communication, or may send and receive information through wireless communication.
  • the key issuer 50 may input the above database from an input device disposed on the battery exchanger 120, or may attach a storage device storing the above database to the battery exchanger 120. good.
  • the above database is stored in the storage device of the battery exchanger 120 when the battery exchanger 120 is manufactured, shipped, transferred, or installed. Further, the above database may be updated as appropriate.
  • the battery exchanger 120 first inserts the mobile battery 20 into the slot 124. Get the battery ID.
  • the battery exchanger 120 may obtain the battery ID of the mobile battery 20 from the mobile battery 20, or may obtain the battery ID of the mobile battery 20 from the communication terminal 42.
  • the battery exchanger 120 obtains the authentication public key 74 of the mobile battery 20 installed in the slot 124 based on the above battery ID.
  • the battery exchanger 120 uses the battery ID as a key to refer to the database stored in the storage device of the battery exchanger 120, and uses the public key for authentication of the mobile battery 20 installed in the slot 124. Get 74.
  • the battery exchanger 120 accesses the communication terminal 52 or the management server 140, uses the above battery ID as a key, refers to the above database stored in the communication terminal 52 or the management server 140, and The authentication public key 74 of the mobile battery 20 attached to the mobile battery 124 is obtained.
  • the battery exchanger 120 prepares a code (sometimes referred to as an authentication code) for authenticating the mobile battery 20 installed in the slot 124.
  • the authentication code may be a combination of numbers, letters and symbols.
  • the authentication code may be image data or audio data.
  • the authentication code may be generated each time authentication is performed, or may be generated each time a predetermined validity period elapses.
  • the authentication code may be a code predetermined for each mobile battery 20. For example, the battery exchanger 120 generates a random number every time an authentication process is executed, and uses the random number as an authentication code.
  • the battery exchanger 120 converts the authentication code based on the authentication public key 74 of the mobile battery 20 installed in the slot 124. Specifically, the battery exchanger 120 uses the authentication public key 74 of the mobile battery 20 installed in the slot 124 to encrypt the authentication code. This generates a challenge code that includes an encrypted authentication code.
  • the battery exchanger 120 transmits the generated challenge code to the mobile battery 20 and requests it to respond to the challenge code.
  • An example of a response to the challenge code is to transmit a response code that includes information indicating that the mobile battery 20 has successfully decrypted the authentication code encrypted with the authentication public key 74.
  • the information indicating that the mobile battery 20 has successfully decrypted the authentication code encrypted with the authentication public key 74 includes (i) the decrypted authentication code, and (ii) the decrypted authentication code that is determined in advance.
  • Examples include information generated by processing information according to an algorithm (sometimes referred to as a first algorithm).
  • Examples of the first algorithm include an algorithm related to arithmetic processing using a predetermined function (sometimes referred to as a first function), an algorithm related to encryption processing using predetermined information, etc. .
  • An example of the above function is a hash function.
  • the above encryption process may be a common key encryption process using a common key, or a public key encryption process using a public key and a private key.
  • Examples of public key encryption processing include the above-mentioned RSA encryption and elliptic curve encryption.
  • the mobile battery 20 When the mobile battery 20 receives the challenge code and a response request to the challenge code (sometimes referred to as an authentication response request), the mobile battery 20 uses the authentication private key 72 of the mobile battery 20 to input the authentication public key 74. Decrypt the encrypted authentication code. When the mobile battery 20 successfully decrypts the authentication code encrypted with the authentication public key 74, the decrypted authentication code is obtained. Thereby, the mobile battery 20 uses the challenge code or the authentication code encrypted with the authentication public key 74 included in the challenge code, and the authentication private key 72 of the mobile battery 20 to decrypt the authentication code. can be generated.
  • the mobile battery 20 generates a response code according to predetermined rules.
  • the above rule may be information indicating the type or generation procedure of information indicating that the mobile battery 20 has successfully decrypted the authentication code encrypted with the authentication public key 74. Furthermore, the mobile battery 20 transmits the generated response code to the battery exchanger 120 as a response to the authentication response request.
  • the above rule indicates that the mobile battery 20 uses the decrypted authentication code as information indicating that the authentication code encrypted with the authentication public key 74 has been successfully decrypted. In this case, the mobile battery 20 generates a response code that includes the decrypted authentication code.
  • the above rule processes the decrypted authentication code according to the first algorithm as information indicating that the mobile battery 20 has successfully decrypted the authentication code encrypted with the authentication public key 74. This indicates that the information generated by doing this (sometimes referred to as the first processing value of the decrypted authentication code) is used.
  • the mobile battery 20 generates the above first processed value by processing the decrypted authentication code according to the first algorithm. Furthermore, the mobile battery 20 generates a response code including the above first processed value. By using the response code including the above-mentioned first processing value, leakage of the authentication code due to eavesdropping, repeat attacks, etc., reverse analysis of the authentication algorithm, etc. can be suppressed.
  • the mobile battery 20 For example, if the first algorithm is an algorithm related to arithmetic processing using a hash function, the mobile battery 20 generates a response code that includes a hash value of the decrypted authentication code.
  • the mobile battery 20 When the first algorithm is a common key encryption process using a common key, the mobile battery 20 generates a response code that includes a ciphertext obtained by encrypting the decrypted authentication code using the common key.
  • the first algorithm is a public key encryption process using a public key and a private key
  • the mobile battery 20 receives a response that includes a ciphertext obtained by encrypting the decrypted authentication code using the private key or the public key. Generate code.
  • the battery exchanger 120 receives the response code from the mobile battery 20. Based on the above response code, the battery exchanger 120 confirms that the mobile battery 20 has successfully decrypted the authentication code encrypted with the authentication public key 74.
  • the battery exchanger 120 compares the authentication code generated by the battery exchanger 120 with the authentication code included in the response code. For example, the battery exchanger 120 determines whether the authentication code generated by the battery exchanger 120 matches the authentication code included in the response code. Furthermore, the battery exchanger 120 checks whether the mobile battery 20 has successfully decrypted the authentication code encrypted with the authentication public key 74 based on the comparison result. Thereby, the battery exchanger 120 can confirm whether the mobile battery 20 installed in the slot 124 is a regular mobile battery 20 or not.
  • the battery exchanger 120 determines that the mobile battery 20 installed in the slot 124 is a regular mobile battery 20. Make sure that.
  • the battery exchanger 120 determines that the mobile battery 20 installed in the slot 124 is not a regular mobile battery 20. Alternatively, confirm that the mobile battery 20 installed in the slot 124 is a non-regular mobile battery 20.
  • the battery exchanger 120 when the response code includes the first processed value of the decrypted authentication code, the battery exchanger 120 generates the authentication code by processing the authentication code generated by the battery exchanger 120 according to the first algorithm.
  • the information (sometimes referred to as the first processed value of the authentication code generated by the battery exchanger 120) is compared with the first processed value of the decrypted authentication code included in the response code.
  • the battery exchanger 120 determines whether the first processed value of the authentication code generated by the battery exchanger 120 matches the first processed value of the decrypted authentication code.
  • the battery exchanger 120 checks whether the mobile battery 20 has successfully decrypted the authentication code encrypted with the authentication public key 74 based on the comparison result. Thereby, the battery exchanger 120 can confirm whether the mobile battery 20 installed in the slot 124 is a regular mobile battery 20 or not.
  • the battery exchanger 120 Confirm that the battery 20 is a regular mobile battery 20.
  • the battery exchanger 120 It is confirmed that the battery 20 is not a regular mobile battery 20 or that the mobile battery 20 installed in the slot 124 is a non-regular mobile battery 20.
  • the battery exchanger 120 when the response code includes a first processed value of a decrypted authentication code, the battery exchanger 120 combines the authentication code generated by the battery exchanger 120 with the decrypted authentication code included in the response code.
  • the first processed value of the code is compared with information generated by processing the information according to the second algorithm (sometimes referred to as the second processed value of the restored authentication code).
  • the battery exchanger 120 determines whether the authentication code generated by the battery exchanger 120 matches the second processed value of the decrypted authentication code.
  • the battery exchanger 120 checks whether the mobile battery 20 has successfully decrypted the authentication code encrypted with the authentication public key 74 based on the comparison result. Thereby, the battery exchanger 120 can confirm whether the mobile battery 20 installed in the slot 124 is a regular mobile battery 20 or not.
  • the second algorithm is an algorithm related to arithmetic processing using a second function that is an inverse function of the first function, or an algorithm related to decryption processing for decrypting information encrypted by the encryption processing of the first algorithm. It's fine.
  • the above decryption process may be a decryption process using the key information used for encryption of the first algorithm or the key information paired with the key information.
  • the battery exchanger 120 determines that the mobile battery 20 installed in the slot 124 is authentic. Confirm that it is the mobile battery 20.
  • the battery exchanger 120 determines that the mobile battery 20 installed in the slot 124 is authentic. Confirm that the mobile battery 20 is not the mobile battery 20, or that the mobile battery 20 installed in the slot 124 is a non-regular mobile battery 20.
  • the battery exchanger 120 can confirm that the mobile battery 20 is a regular mobile battery 20 while effectively suppressing leakage of the authentication code.
  • the battery exchanger 120 can be installed in the slot 124 while effectively suppressing the leakage of information (sometimes referred to as authentication information) used for authenticating an authorized device such as an authentication code. It can be confirmed that the mobile battery 20 is not a regular mobile battery 20 or that the mobile battery 20 installed in the slot 124 is a non-regular mobile battery 20.
  • the battery exchanger 120 is configured to be able to exchange the mobile battery 20. Therefore, the battery exchanger 120 may determine whether or not to exchange the mobile battery 20 based on the above confirmation result.
  • the battery exchanger 120 identifies mobile batteries 20 among the plurality of mobile batteries 20 that can be jointly used by the plurality of mobile batteries 20 (sometimes referred to as a white list). It may also be determined whether or not to replace the battery 20.
  • the battery exchanger 120 may determine whether or not to exchange the mobile battery 20 based on the above-mentioned confirmation result and the white list.
  • the battery exchanger 120 is configured to be able to charge or discharge the mobile battery 20. Therefore, the battery exchanger 120 may determine whether to charge or discharge the mobile battery 20 based on the above confirmation result. The battery exchanger 120 may determine whether to charge or discharge the mobile battery 20 based on the white list. The battery exchanger 120 may determine whether or not to charge or discharge the mobile battery 20 based on the above confirmation result and the white list.
  • communication network 14 conveys information.
  • the communication network 14 may be a wired communication transmission path, a wireless communication transmission path, or a combination of a wireless communication transmission path and a wired communication transmission path.
  • Communication network 14 may include a wireless packet communication network, the Internet, a P2P network, a leased line, a VPN, a power line communication line, and the like.
  • the communication network 14 may include (i) a mobile communication network such as a mobile phone line network, (ii) a wireless MAN (e.g., WiMAX (registered trademark)), a wireless LAN (e.g., WiFi (registered trademark) ), Bluetooth (registered trademark), Zigbee (registered trademark), NFC (Near Field Communication), and other wireless communication networks.
  • a wireless MAN e.g., WiMAX (registered trademark)
  • a wireless LAN e.g., WiFi (registered trademark)
  • Bluetooth registered trademark
  • Zigbee registered trademark
  • NFC Near Field Communication
  • the mobile battery 20 stores electrical energy.
  • the mobile battery 20 may be configured to be detachable (sometimes referred to as detachable) from the electric motorcycle 30.
  • the mobile battery 20 may be configured to be detachable from the battery exchanger 120. Thereby, the user 40 can exchange the mobile battery 20 attached to the electric motorcycle 30 with the mobile battery 20 housed in the battery exchanger 120.
  • the mobile battery 20 is attached to the electric motorcycle 30 and supplies power to the electric motorcycle 30. As described above, the mobile battery 20 can be detachably attached to the electric motorcycle 30. In other embodiments, mobile battery 20 is charged by battery exchanger 120 while housed in battery exchanger 120 .
  • the mobile battery 20 may supply power to the battery exchanger 120 while being housed in the battery exchanger 120.
  • the battery exchanger 120 can utilize a part of the mobile battery 20 housed in the battery exchanger 120 as, for example, an uninterruptible power supply (sometimes referred to as a UPS).
  • UPS uninterruptible power supply
  • the mobile battery 20 stores an authentication private key 72.
  • the authentication private key 72 may be stored in any type of storage device (not shown) provided in the mobile battery 20.
  • the mobile battery 20 may store various keys used for various encryption processes and/or decryption processes performed with the battery exchanger 120. Examples of the above-mentioned keys include a private key for electronic signatures, a public key for electronic signatures, and the like.
  • the electric motorcycle 30 is equipped with a mobile battery 20.
  • the electric motorcycle 30 may be equipped with a plurality of mobile batteries 20.
  • the electric motorcycle 30 uses electric power stored in the mobile battery 20.
  • the electric motorcycle 30 consumes power supplied from the mobile battery 20 to run.
  • the communication terminal 42 sends and receives information to and from each part of the battery management system 100 via the communication network 14.
  • the communication terminal 42 may function as a user interface when the user 40 accesses the battery management system 100.
  • the communication terminal 42 may be used for user authentication processing by the battery management system 100.
  • Examples of the communication terminal 42 include a personal computer, a mobile terminal, and the like.
  • Examples of mobile terminals include mobile phones, smart phones, PDAs, tablets, notebook computers or laptop computers, wearable computers, and the like.
  • the communication terminal 52 sends and receives information to and from each part of the battery management system 100 via the communication network 14.
  • the communication terminal 52 may function as a user interface when the key issuer 50 accesses the battery management system 100.
  • the communication terminal 52 may be used to generate various keys such as the authentication private key 72 and the authentication public key 74.
  • the communication terminal 52 may store the generated authentication private key 72 in the storage device of the mobile battery 20 corresponding to the key. After the authentication private key 72 is stored in the mobile battery 20, the communication terminal 52 may delete the authentication private key 72 from the storage device of the communication terminal 52.
  • the communication terminal 52 may store the generated authentication public key 74 in the storage device of one or more battery exchangers 120.
  • the communication terminal 52 may have a database that stores the battery ID and the various public keys described above in association with each other for each of the one or more mobile batteries 20. The above database may store each battery ID of one or more mobile batteries 20 and each authentication public key 74 of one or more mobile batteries 20 in association with each other.
  • the communication terminal 52 may be configured to be capable of wireless communication with one or more battery exchangers 120.
  • the communication terminal 52 may be an information processing device that has confirmed that at least one of the one or more battery exchangers 120 is legitimate.
  • Communication terminal 52 may be a reliable information processing device for one or more battery exchangers 120.
  • the communication terminal 52 may be configured to be able to communicate wirelessly with one or more mobile batteries 20.
  • the communication terminal 52 may be an information processing device that has confirmed that at least one of the one or more mobile batteries 20 is legitimate.
  • Communication terminal 52 may be a reliable information processing device for one or more mobile batteries 20 .
  • Examples of the communication terminal 52 include a personal computer, a mobile terminal, and the like.
  • Examples of mobile terminals include mobile phones, smart phones, PDAs, tablets, notebook computers or laptop computers, wearable computers, and the like.
  • the battery exchanger 120 accommodates the mobile battery 20.
  • Battery exchanger 120 may accommodate multiple mobile batteries 20. Thereby, the battery exchanger 120 can store one or more mobile batteries 20.
  • the battery exchanger 120 charges at least one of the one or more mobile batteries 20. The battery exchanger 120 may charge the mobile battery 20 until the charging rate or voltage of the mobile battery 20 reaches a predetermined setting value.
  • the battery exchanger 120 makes the fully charged mobile battery 20 ready for removal (sometimes referred to as dispensing).
  • the battery exchanger 120 may issue a mobile battery 20 that meets the request.
  • the battery exchange machine 120 acquires information indicating payout conditions, which are conditions regarding the mobile batteries 20 to be paid out, from the management server 140, and determines the mobile batteries 20 to be actually paid out from among the mobile batteries 20 that match the payout conditions. You may.
  • the battery exchanger 120 may discharge at least a portion of the plurality of mobile batteries 20.
  • the battery exchanger 120 may utilize the power output by discharging the mobile battery 20.
  • the battery exchanger 120 operates by consuming power output by discharging the mobile battery 20.
  • the battery exchanger 120 may stop or interrupt the charging operation of the other mobile batteries 20. Even in this case, the battery exchanger 120 may continue the operation of dispensing the mobile battery 20.
  • the battery exchanger 120 can use a part of the mobile battery 20 housed in the battery exchanger 120 as an uninterruptible power supply.
  • the battery exchanger 120 even if, for example, an abnormality occurs in the power supply from the power system 12 to the battery exchanger 120, the power supply to the control device can be continued.
  • the battery exchanger 120 may continue dispensing the mobile battery 20. Therefore, even if the battery exchanger 120 is installed, for example, in an area where power outages occur relatively frequently, an environment in which batteries can be exchanged stably can be provided.
  • the storage unit 122 holds a plurality of slots 124.
  • the storage unit 122 is formed separately and independently from the communication unit 126.
  • the storage unit 122 may be installed apart from the communication unit 126 or may be installed in contact with the communication unit 126.
  • the storage unit 122 also provides a processing flow including one or more processes for controlling the operation of at least one of the plurality of slots 124 based on the first command transmitted from the communication unit 126. generate.
  • the storage unit 122 determines whether each of the one or more processes can be executed. For a process determined to be executable, the storage unit 122 generates a second command for controlling the slot 124 targeted by the process.
  • the storage unit 122 controls the operation of the slot 124 based on the generated second command. As a result, execution of part of the instruction indicated by the first instruction may be restricted.
  • the storage unit 122 stores the operation related to the safety. Determine whether the conditions for permitting execution are met. If it is determined that the above conditions are satisfied, the storage unit 122 determines that the process is executable. This controls the operation of the slot 124 based on the second command regarding the process described above. On the other hand, if it is determined that the above conditions are not satisfied, the storage unit 122 determines that the process is not executable. In this case, no second command for the above process is sent to slot 124.
  • the communication unit 126 is outputting the first command based on a request from the management server 140, the safety of the mobile battery 20, the user 40, or the above-mentioned maintenance personnel can be ensured.
  • the management server 140 will not send the above request. Can be canceled.
  • the management server 140 may take some time for the management server 140 to cancel the above request.
  • the storage unit 122 determines whether or not to execute the second command according to the state of the battery exchanger 120, so the battery exchanger 120 can perform the first command without waiting for a cancellation request from the management server 140.
  • the execution of the processing of the section can be stopped or interrupted.
  • each of the plurality of slots 124 is configured to be able to store at least one of the one or more mobile batteries 20. At least one of the one or more mobile batteries 20 is installed in each of the plurality of slots 124. Further, each of the plurality of slots 124 includes an electrical terminal (not shown) that is electrically connected to an electrical terminal (not shown) of one or more mobile batteries 20. Thereby, each of the plurality of slots 124 can charge or discharge the mobile battery 20 stored in each slot.
  • to be electrically connected is not limited to the case where two elements are physically directly connected.
  • a third element may be interposed between the above two elements.
  • the above two elements are not limited to being physically connected.
  • the input and output windings of a transformer are not physically connected, but are electrically connected. Thereby, in the slot 124, not only wired charging and discharging of the mobile battery 20 but also wireless charging and discharging of the mobile battery 20 can be supported.
  • Each of the plurality of slots 124 may include a communication terminal that is communicatively connected to the communication terminal of one or more mobile batteries 20.
  • the communication method between the communication terminal of the slot 124 and the communication terminal of the mobile battery 20 may be a wired communication method or a wireless communication method.
  • each of the plurality of slots 124 can read information from or write information to the storage device (not shown) of the mobile battery 20 stored in each slot.
  • the communication unit 126 is in charge of information processing in the battery exchanger 120 that involves at least one of the user 40 and the management server 140. For example, the communication unit 126 receives a request from at least one of the user 40 and the management server 140, and responds to the request. When the communication unit 126 determines that the storage unit 122 is necessary to process a request from at least one of the user 40 and the management server 140, the communication unit 126 issues an instruction (sometimes referred to as a command) to the storage unit 122. ) to send.
  • the first command described above may be an example of a command.
  • the communication unit 126 If the communication unit 126 is capable of processing requests from at least one of the user 40 and the management server 140 without cooperating with the storage unit 122, the communication unit 126 sends a command to the storage unit 122. You don't have to. This simplifies information processing in the storage unit 122.
  • the communication unit 126 can execute, for example, communication control processing with the outside of the battery exchanger 120, authentication processing of the user 40, selection processing of the slot 124, etc., without cooperating with the storage unit 122.
  • the communication unit 126 is formed separately and independently from the storage unit 122.
  • the storage unit 122 may be installed apart from the communication unit 126 or may be installed in contact with the communication unit 126.
  • the communication interface 128 is configured to be able to communicate with an information processing device external to the battery exchanger 120.
  • the communication interface 128 may be compatible with multiple communication methods.
  • the communication interface 128 may be compatible with a wired communication method or a wireless communication method.
  • communication interface 128 sends and receives information to and from communication terminal 42 utilized by user 40 .
  • communication interface 128 sends and receives information to and from management server 140 .
  • the management server 140 is placed outside the battery exchanger 120. Furthermore, the management server 140 can send and receive information to and from the communication unit 126 of the battery exchanger 120 via the communication network 14 .
  • the management server 140 manages one or more mobile batteries 20.
  • the management server 140 manages the status of each of one or more mobile batteries 20.
  • the management server 140 may manage the return and payout of one or more mobile batteries 20.
  • the management server 140 may transmit various requests for managing the mobile battery 20 to at least one of the one or more battery exchangers 120.
  • the management server 140 may manage one or more battery exchangers 120.
  • Management server 140 may manage the status of each of one or more battery exchangers 120.
  • the status of the battery exchanger 120 includes the external power supply status, the number of mobile batteries 20 that can be accepted, the number of mobile batteries 20 that can be discharged, the presence or absence of mobile batteries 20 that can be used as an uninterruptible power supply, the number of mobile batteries 20, or the number of mobile batteries 20 that can be used as an uninterruptible power supply. Examples include identification information and the charging state of the mobile battery 20 described above.
  • the management server 140 may transmit various requests for managing the battery exchanger 120 to at least one of the one or more battery exchangers 120.
  • the management server 140 may determine payout conditions, which are conditions regarding the mobile batteries 20 to be paid out, for at least some of the one or more battery exchange machines 120.
  • the dispensing conditions include the priority order for dispensing each of the plurality of mobile batteries 20 housed in the battery exchange machine 120, the identification information of the mobile battery 20 to be dispensed with priority, the characteristics of the mobile battery 20 to be dispensed with priority, etc. Illustrated.
  • the management server 140 may be used to distribute various keys such as the authentication public key 74.
  • the management server 140 may have a database that stores battery IDs and the various keys described above in association with each other for each of the one or more mobile batteries 20.
  • the above database may store each battery ID of one or more mobile batteries 20 and each authentication public key 74 of one or more mobile batteries 20 in association with each other.
  • the management server 140 extracts the authentication public key 74 of the mobile battery 20 indicated by the request, and transmits the extracted authentication public key 74. good.
  • the management server 140 may be configured to be able to communicate wirelessly with one or more battery exchangers 120.
  • the management server 140 may be an information processing device that has confirmed that at least one of the one or more battery exchangers 120 is legitimate.
  • Management server 140 may be an information processing device trusted by one or more battery exchangers 120.
  • Management server 140 may be configured to be able to communicate wirelessly with one or more mobile batteries 20.
  • the management server 140 may be an information processing device that has confirmed that at least one of the one or more mobile batteries 20 is legitimate.
  • Management server 140 may be a reliable information processing device for one or more mobile batteries 20.
  • the mobile battery 20 may be an example of a device to be confirmed, a second power device, or a power storage device.
  • the key issuer 50 may be an example of the manufacturer or assignor of the verification device, the manufacturer or assignor of the verified device, or the issuer of the second information and the fourth information.
  • the communication terminal 52 may be an example of a first external device or a second external device.
  • Battery management system 100 may be an example of a verification device or system.
  • the battery exchanger 120 may be an example of a verification device, a first power device, or a storage device.
  • Storage unit 122 may be an example of a first power device or a storage device.
  • Slot 124 may be an example of a first power device, storage device, or attachment.
  • Management server 140 may be an example of a first external device or a second external device.
  • the authentication code may be an example of the first information.
  • the authentication public key 74 may be an example of second information.
  • the authentication code encrypted with the authentication public key 74 may be an example of the third information.
  • the challenge code may be an example of third information.
  • the authentication private key 72 may be an example of fourth information.
  • the decrypted authentication code may be an example of the fifth information.
  • the first processing value of the decrypted authentication code may be an example of the sixth information.
  • the first processing value of the authentication code generated by the battery exchanger 120 may be an example of the seventh information.
  • the second processed value of the restored authentication code may be an example of the eighth information.
  • the information used for the encryption process of the first algorithm may be an example of the ninth information.
  • the information used in the decoding process of the second algorithm may be an example of the ninth information or the tenth information.
  • Encryption may be an example of information conversion.
  • Decoding may be an example of inverse transformation of information.
  • the authorized mobile battery 20 may be an example of an authorized device.
  • the non-regular mobile battery 20 may be an example of a non-regular device.
  • the whitelist may be an example of shared identification information.
  • the method for authenticating the mobile battery 20 may be an example of a method for confirming the mobile battery 20.
  • the authentication code may be an example of first verification information.
  • the authentication public key 74 may be an example of second verification information.
  • the authentication code encrypted with the authentication public key 74 may be an example of the third verification information.
  • the authentication private key 72 may be an example of fourth verification information.
  • the authentication private key 72 may be an example of a first private key.
  • the authentication public key 74 may be an example of a first public key corresponding to the first private key.
  • the details of the battery management system 100 have been described using an example in which the battery management system 100 provides a sharing service for the mobile battery 20.
  • the services provided by the battery management system 100 are not limited to this embodiment.
  • the battery management system 100 may provide a charging service for the mobile battery 20 to the user 40 of the mobile battery 20.
  • the details of the battery exchanger 120 have been described using an example in which the battery exchanger 120 operates using electric power received from the power grid 12.
  • the battery exchanger 120 is not limited to this embodiment.
  • the battery exchanger 120 is stored in the battery exchanger 120, for example, when at least one of the one or more slots 124 located in the battery exchanger 120 includes a bidirectional DC/DC converter. At least one of the one or more mobile batteries 20 may operate using discharged power.
  • the details of the battery management system 100 have been described using an example in which the battery exchanger 120 includes one or more storage units 122 and a single communication unit 126.
  • the battery exchanger 120 is not limited to this embodiment.
  • battery exchanger 120 may include multiple storage units 122 and multiple communication units 126. In this case, the number of storage units 122 may be greater than the number of communication units 126.
  • each of the one or more battery exchangers 120 acquires the authentication public key 74 of the one or more mobile batteries 20 from the key issuer 50, the communication terminal 52, or the management server 140 is taken as an example.
  • the details of battery management system 100 have been described.
  • the method for acquiring the authentication public key 74 in the battery exchanger 120 is not limited to this embodiment.
  • each of the one or more battery exchangers 120 may obtain the mobile battery's authentication public key 74 from the mobile battery 20 installed in the slot 124.
  • the battery exchanger 120 generates an authentication code
  • the battery exchanger 120 encrypts the generated authentication code with the authentication public key 74 to generate a challenge code
  • An example of a method for authenticating the mobile battery 20 taking as an example a case where the mobile battery 20 decrypts the encrypted authentication code included in the challenge code using the authentication private key 72 to generate a response code. was explained.
  • the method of authenticating the mobile battery 20 is not limited to this embodiment.
  • the mobile battery 20 is authenticated using a digital signature or a digital certificate.
  • An example of an authentication procedure using an electronic signature is as follows.
  • the mobile battery 20 For example, first, the mobile battery 20 generates an authentication code. Next, the mobile battery 20 signs the authentication code using the private key. Specifically, mobile battery 20 encrypts the authentication code using the private key. At this time, the mobile battery 20 transmits data (referred to as a message) including the authentication code and information and/or temporary information (for example, time information indicating the time of signing) transmitted from the battery exchanger 120. ) may be encrypted using a private key. This suppresses damage caused by repeat attacks.
  • data referred to as a message
  • temporary information for example, time information indicating the time of signing
  • the mobile battery 20 associates the battery ID, the generated authentication code (plaintext), and encrypted information (sometimes referred to as ciphertext) and transmits them to the battery exchanger 120.
  • the ciphertext may be data in which the above authentication code is encrypted.
  • the ciphertext may be data obtained by encrypting the above message.
  • the battery exchanger 120 executes processing to obtain the public key of the mobile battery 20.
  • the battery exchanger 120 accesses a public key database stored in an arbitrary storage device and obtains the public key associated with the battery ID of the mobile battery 20.
  • the battery exchanger 120 uses the public key of the mobile battery 20 to decrypt the ciphertext of the authentication code included in the data received from the mobile battery 20.
  • the battery exchanger 120 compares the decrypted authentication code described above with the authentication code (plaintext) received from the mobile battery 20. For example, the battery exchanger 120 determines whether the decrypted authentication code and the authentication code (plaintext) received from the mobile battery 20 match. If the two match, the battery exchanger 120 confirms that the mobile battery 20 is genuine.
  • the verification device to authenticate the device to be verified has been described, taking as an example a case where a challenge code including an encrypted authentication code is generated.
  • the challenge code is not limited to this embodiment.
  • the challenge code may include an unencrypted authentication code.
  • the verification device can be verified by following the same procedure as the procedure for the battery exchanger 120 to verify the mobile battery 20. It can be understood that the confirmation device can be confirmed. For example, if the verification device is the mobile battery 20 and the device to be verified is the battery exchanger 120, the mobile battery 20 can be verified as a regular device by the battery exchanger 120 using a procedure similar to the procedure in which the battery exchanger 120 verifies the mobile battery 20. You can check whether it is.
  • the verification device is not limited to the battery exchanger 120.
  • the entity that authenticates the mobile battery 20 is (i) a device configured to be electrically connectable to the mobile battery 20, (ii) a device configured to be able to supply power to the mobile battery 20, or (iii) the mobile battery 20. (These devices may be referred to as power devices.)
  • the device to be confirmed is not limited to the mobile battery 20.
  • the target to be authenticated by the mobile battery 20 is (i) a device configured to be electrically connectable to the mobile battery 20, and (ii) a device that supplies power to the mobile battery 20. or (iii) a device configured to be able to receive power from the mobile battery 20 (these devices may be referred to as power devices).
  • Examples of the power device include an electric motorcycle 30, a battery exchanger 120, and the like.
  • Other examples of power devices include (a) a charger that has a function of charging the mobile battery 20 but does not have a function of supplying power to the outside, and (b) a charger that has one or more mobile batteries 20 attached and one or more A power supply device that supplies the power stored in the mobile battery 20 to the outside, (c) both the charging function of the mobile battery 20 (or the function of receiving power from the outside) and the discharging function of the mobile battery 20 (or the function of supplying power to the outside)
  • An example is a device having the following functions.
  • the checking device may be the mobile battery 20, and the device to be checked may be the electric motorcycle 30, the communication terminal 52, or the battery exchanger 120.
  • the confirmation device may be the electric motorcycle 30 and the device to be confirmed may be the mobile battery 20.
  • the verification device may be the battery exchanger 120 and the device to be verified may be the communication terminal 52 or the management server 140.
  • the verification device may be the communication terminal 52, and the device to be verified may be the mobile battery 20, the battery exchanger 120, or the management server 140.
  • the verification device may be the management server 140 and the device to be verified may be the communication terminal 52 or the battery exchanger 120.
  • the verification device may be the mobile battery 20 and the verified device may be the management server 140.
  • the confirmation device may be the management server 140 and the device to be confirmed may be the mobile battery 20.
  • the mobile battery 20 may be an example of a confirmation device.
  • the battery exchanger 120 may be an example of a device to be verified.
  • the electric motorcycle 30 may be an example of a confirmation device or a device to be confirmed.
  • the authorized battery exchanger 120 may be an example of an authorized device.
  • the authorized electric motorcycle 30 may be an example of an authorized device.
  • An authentication method for one device to authenticate another device may be an example of a verification method.
  • the battery exchanger 120 that is not a regular device (sometimes referred to as a non-regular battery exchanger 120) may be an example of a non-regular device.
  • the electric motorcycle 30 that is not a regular device (sometimes referred to as a non-regular electric motorcycle 30) may be an example of a non-regular device.
  • the confirmation device may be an example of one of the first device and the second device, and the confirmed device may be an example of the other of the first device and the second device.
  • the confirmation device may be an example of one of the information processing device and another information processing device, and the confirmed device may be an example of the other of the information processing device and the other information processing device.
  • a power device may be an example of a device.
  • the storage device of mobile battery 20 may be an example of a storage section.
  • FIG. 2 schematically shows an example of the internal configuration of the mobile battery 20.
  • the mobile battery 20 includes a power connector 212, a communication connector 214, a power storage unit 220, a control unit 230, an authentication support unit 232, a sense unit 240, and a storage unit 250.
  • the storage section 250 includes a battery ID storage section 252 and an authentication secret key storage section 254.
  • the power connector 212 includes an electrical terminal for transmitting and receiving power to and from the slot 124 or the electric motorcycle 30.
  • the communication connector 214 includes a communication terminal for transmitting and receiving information to and from the slot 124 or the electric motorcycle 30.
  • power storage unit 220 includes a power storage cell that stores electrical energy.
  • control unit 230 controls the operation of the mobile battery 20.
  • the control unit 230 may send and receive information to and from the storage unit 122 when the mobile battery 20 is stored in the slot 124.
  • the authentication response unit 232 responds to an authentication response request from the battery exchanger 120.
  • the authentication support unit 232 receives a challenge code and an authentication response request from the battery exchanger 120.
  • the authentication support unit 232 transmits a response code to the battery exchanger 120 in response to the authentication response request. Details of the authentication support unit 232 will be described later.
  • the sense unit 240 acquires information indicating the state of the mobile battery 20.
  • the sense unit 240 may include multiple types of sensors. Examples of sensors included in the sense section 240 include a temperature sensor, a voltage sensor, and a current sensor.
  • the storage unit 250 stores various information regarding the mobile battery 20.
  • the storage unit 250 stores identification information of the mobile battery 20.
  • the storage unit 250 may store identification information of the electric motorcycle 30, the battery exchanger 120, or the slot 124 electrically connected to the mobile battery 20.
  • the storage unit 250 may store the operation history of the mobile battery 20.
  • the storage unit 250 stores the time and the measurement result of the sense unit 240 in association with each other as the operation history of the mobile battery 20.
  • the battery ID storage section 252 stores the battery ID of the mobile battery 20.
  • the authentication private key storage unit 254 stores the authentication private key 72 of the mobile battery 20.
  • the power connector 212 may be an example of an electrical terminal or a second terminal.
  • Power storage unit 220 may be an example of a power storage device.
  • the authentication private key storage section 254 may be an example of a storage section.
  • the authentication support unit 232 may be an example of a third information acquisition unit, a fifth information generation unit, or a response unit.
  • the storage unit 250 may be an example of a storage unit. Storing information may be an example of storing information.
  • FIG. 3 schematically shows an example of the internal configuration of the battery exchanger 120.
  • the battery exchanger 120 includes one or more storage units 122, a communication unit 126, a communication line 310, an uninterruptible power supply 312, and a router 314.
  • each of the one or more storage units 122 includes a housing 320 and a mounted device 330.
  • the mounted device 330 includes one or more slots 124, a sense section 332, a setting storage section 334, and a control section 336.
  • the communication unit 126 includes a housing 360 and a mounted device 370.
  • the onboard device 370 includes a communication interface 128, a user interface 372, a user identification section 374, a control section 376, and a battery authentication section 378.
  • each of the one or more slots 124 is configured to be detachable from the mobile battery 20. Further, each of the one or more slots 124 supplies power to the mobile battery 20 to charge the power storage unit 220 of the mobile battery 20. Each of the one or more slots 124 may receive power output by the mobile battery 20.
  • the communication line 310 connects each of the one or more storage units 122 and the communication unit 126 to each other.
  • the uninterruptible power supply 312 is arranged between the power system 12 and the communication unit 126.
  • the uninterruptible power supply 312 supplies power to the communication unit 126, for example, when an abnormality occurs in the power supply from the power system 12.
  • the router 314 relays or forwards communications between the communication unit 126 and the communication network 14.
  • the housing 320 holds the mounted equipment 330.
  • the shape and material of the housing 320 are not particularly limited.
  • the housing 320 may have a box-like shape, a plate-like shape, or a frame-like shape.
  • the mounted equipment 330 is mounted on the housing 320.
  • the manner in which the mounted equipment 330 is mounted is not particularly limited.
  • the mounted equipment 330 may be housed inside the housing 320 or may be mounted on the surface of the housing 320.
  • the sense unit 332 acquires information indicating the state of the slot 124 or the mobile battery 20 stored in the slot 124.
  • the sense unit 332 may include multiple types of sensors. Examples of sensors included in the sense section 240 include a temperature sensor, a voltage sensor, and a current sensor.
  • the settings storage section 334 stores various settings regarding the storage unit 122.
  • the settings storage unit 334 may include a physical switch and may include any type of storage medium such as a memory or a hard disk.
  • the above settings may be indicated by (i) ON/OFF of a physical switch, or (ii) may be stored in a storage medium as electronic data. Examples of the above settings include settings regarding the ID of the storage unit 122, settings regarding the installation position of the storage unit 122, settings regarding whether or not various operations can be executed in the storage unit 122, and the like.
  • control unit 336 controls the operation of the storage unit 122. Examples of the above operations include mounting or removing the mobile battery 20 from the slot 124, charging or discharging the mobile battery 20, and the like.
  • control unit 336 controls attachment or detachment of the mobile battery 20 to or from the slot 124.
  • the above control includes lock control of a shutter (not shown) arranged in the slot 124, control of a removal prevention member (not shown) arranged in the slot 124, and control of a mobile device arranged in the slot 124. Examples include control of a mechanism (not shown) for restraining the battery 20 and control of a movable connector (not shown) disposed in the slot 124.
  • the movable connector may be a mechanical connector or an electric connector.
  • control unit 336 controls charging or discharging of the mobile battery 20 stored in the slot 124.
  • Examples of the above control include checking the connection of electrical terminals, adjusting the charging voltage, adjusting the charging current, adjusting the discharging voltage, and adjusting the discharging current. Thereby, charging or discharging of the mobile battery 20 via the electrical terminal can be controlled.
  • the control unit 336 may control the operation of the storage unit 122 based on instructions received from the control unit 376. For example, the control unit 336 generates a processing flow including one or more processes for controlling the operation of at least one of the plurality of slots 124 based on the command received from the control unit 376. The control unit 336 determines whether each of the one or more processes can be executed. The control unit 336 generates a command for the process determined to be executable, and transmits the command to the slot 124 to be controlled. On the other hand, the above-mentioned command is not generated or transmitted for a process determined to be unexecutable.
  • the control unit 336 may transmit information indicating the execution result of the operation based on the command received from the control unit 376 to the control unit 376. For example, the control section 336 transmits to the control section 376 information indicating whether or not the storage unit 122 has executed the operation according to the command received from the control section 376.
  • the housing 360 holds the mounted equipment 370.
  • the shape and material of the housing 360 are not particularly limited.
  • the housing 360 may have a box-like shape, a plate-like shape, or a frame-like shape.
  • the mounted equipment 370 is mounted on the housing 360.
  • the manner in which the mounted equipment 370 is mounted is not particularly limited.
  • the mounted equipment 370 may be housed inside the housing 360 or may be mounted on the surface of the housing 360.
  • the user interface 372 provides various information to the user 40 who uses the battery exchanger 120. Further, the user interface 372 receives input from the user 40 who uses the battery exchanger 120. Examples of the user interface 372 include a display, speaker, keyboard, pointing device, touch panel, microphone, camera, voice input system, gesture input system, and the like.
  • the user identification unit 374 identifies the user 40 who uses the battery exchanger 120.
  • a known method may be used to identify the user 40.
  • the user identification unit 374 identifies the user 40 by analyzing an image of the user 40 and performing authentication processing for the user 40.
  • the user identification unit 374 may identify the user 40 by performing authentication processing for the user 40 using an ID card that the user 40 possesses.
  • the user identification unit 374 may identify the user 40 by performing authentication processing for the user 40 using the communication terminal 42 that the user 40 owns.
  • the control unit 376 is in charge of information processing in the battery exchanger 120 that involves at least one of the user 40 and the management server 140. For example, the control unit 376 receives a request from at least one of the user 40 and the management server 140, and responds to the request. When the control unit 376 determines that the storage unit 122 is necessary to process a request from at least one of the user 40 and the management server 140, the control unit 376 issues a command (for example, the first command described above) to the storage unit 122. ).
  • a command for example, the first command described above
  • control unit 376 When the control unit 376 can process a request from at least one of the user 40 and the management server 140 without cooperating with the storage unit 122, the control unit 376 sends a command to the storage unit 122. You don't have to.
  • the control unit 376 can execute, for example, communication control processing with the outside of the battery exchanger 120, authentication processing of the user 40, selection processing of the slot 124, etc., without cooperating with the storage unit 122.
  • control unit 376 when the control unit 376 receives a request from at least one of the user 40 and the management server 140, the control unit 376 first executes a processing flow including one or more processes for processing the request. generate. Next, the control unit 376 extracts a process that includes processing in the storage unit 122 from among the one or more processes described above. The control unit 376 generates a command indicating the content of processing in the storage unit 122 for each of the extracted processes.
  • the above command may include information indicating the storage unit 122 (sometimes referred to as a target unit) to be controlled.
  • the above command may include information indicating the slot 124 to be controlled (sometimes referred to as a target slot).
  • the above command may include identification information of the target slot and information indicating the content of the operation in the target slot.
  • control unit 376 transmits the above command to the storage unit 122 that is the target of the command.
  • the control unit 376 may acquire information indicating the execution result of the above command from the storage unit 122 that received the above command.
  • the control unit 376 may determine the storage mode of the mobile battery 20 based on the output of the battery authentication unit 378.
  • the control unit 376 may determine the charging mode of the mobile battery 20 based on the authentication result of the battery authentication unit 378.
  • the control unit 376 may determine the discharge mode of the mobile battery 20 based on the authentication result of the battery authentication unit 378.
  • the battery authentication unit 378 outputs, for example, information indicating whether the specific mobile battery 20 is an authorized device.
  • the battery authentication unit 378 outputs, for example, information indicating whether or not the particular mobile battery 20 continues to be inserted into the slot 124.
  • the battery authentication unit 378 outputs, for example, information indicating whether a specific mobile battery 20 is stored in a manner different from that of a regular device.
  • the battery authentication unit 378 outputs, for example, information indicating whether or not a specific mobile battery 20 is stored as an authorized device.
  • the battery authentication unit 378 outputs information indicating whether or not a specific mobile battery 20 is to be charged and/or discharged.
  • the battery authentication unit 378 outputs information indicating that the authentication process for a specific mobile battery 20 has failed.
  • the control unit 376 may prohibit charging of the specific mobile battery 20, and may not permit the charging. Good too.
  • the control unit 376 controls the specific mobile battery 20 so that the allowable value of charging current or charging power is smaller than when the specific mobile battery 20 is a regular device. charging can be controlled.
  • the control unit 376 may permit the discharging of the specific mobile battery 20, and does not need to prohibit the discharging.
  • the control unit 376 controls the specific mobile battery 20 so that the allowable value of discharge current or discharge power is smaller than when the specific mobile battery 20 is a regular device. may control the discharge of
  • the computer of the electric motorcycle 30 may function as the control unit 376 and the battery authentication unit 378.
  • the mobile battery 20 may be charged using regenerated power.
  • the control unit 376 executes the same process as when the mobile battery 20 is not determined to be an authorized device. You may do so. If the control unit 376 acquires information indicating that the authentication process for a specific mobile battery 20 has failed, the battery authentication unit 378 may decide to store the mobile battery 20 in a manner different from that of a regular device. good. For example, the battery authentication unit 378 stores the mobile battery 20 only during a period when special conditions are met. Examples of the above-mentioned period include a period until the administrator of the mobile battery 20 collects the mobile battery 20, for example, a period when the conditions for dispensing the mobile battery 20 are relaxed due to an emergency situation or an emergency situation.
  • the control unit 376 When the control unit 376 acquires information indicating that the authentication process for a specific mobile battery 20 has failed, the control unit 376 may prohibit charging of the specific mobile battery 20, or may prohibit charging of the specific mobile battery 20. You don't have to.
  • the control unit 376 controls the specific mobile battery 20 so that the allowable value of the charging current or charging power is smaller than when the authentication process for the specific mobile battery 20 is successful. The charging of the mobile battery 20 may be controlled.
  • the control unit 376 acquires information indicating that the authentication process of a specific mobile battery 20 has failed, the control unit 376 may prohibit discharging of the specific mobile battery 20, or may prohibit discharging of the specific mobile battery 20. You don't have to.
  • control unit 376 controls the specific mobile battery 20 so that the allowable value of the discharge current or discharge power is smaller than when the authentication process for the specific mobile battery 20 is successful.
  • the discharging of the mobile battery 20 may be controlled.
  • the control unit 376 accesses the storage unit 250 of the specific mobile battery 20 and stores information in the storage unit 250. You may obtain certain information about For example, the control unit 376 accesses the storage unit 250 of a specific mobile battery 20 and controls the battery exchanger 120 to which the specific mobile battery 20 was attached before being attached to the current battery exchanger 120 (the previous battery may be referred to as the exchange 120). For example, the control unit 376 accesses the storage unit 250 of a specific mobile battery 20 and controls the power device (other than the battery exchanger 120) that was attached to the particular mobile battery 20 before it was attached to the current battery exchanger 120. (e.g., an electric motorcycle 30).
  • the control unit 376 accesses the storage unit 250 of a specific mobile battery 20 and stores information in the storage unit 250. You may obtain certain information about For example, the control unit 376 accesses the storage unit 250 of a specific mobile battery 20 and controls the battery exchanger 120 to which the specific mobile battery 20 was attached before being attached to the current battery exchanger 120 (the previous battery may be
  • the control unit 376 may transmit the identification information of the immediately preceding battery exchanger 120 and/or the identification information of the power device described above to the management server 140. Thereby, the management server 140 can detect a failure or abnormality in the immediately preceding battery exchanger 120 described above. The management server 140 may identify the immediately preceding battery exchanger 120 based on the identification information of the power device and the movement history or battery replacement history of the power device.
  • the battery authentication unit 378 executes authentication processing for the mobile battery 20. For example, the battery authentication unit 378 confirms whether the mobile battery 20 installed in the slot 124 is a regular mobile battery 20. If the authentication process for a specific mobile battery 20 fails, the battery authentication unit 378 may re-execute the authentication process for the specific mobile battery 20. The number of times of re-execution may be determined in advance. The mode of re-execution is not particularly limited, and the authentication process may be restarted from the generation of the authentication code, or the authentication process may be restarted using the previously generated authentication code. Details of the battery authentication section 378 will be described later.
  • the battery authentication unit 378 may be an example of a verification device.
  • Slot 124 may be an example of a charging device.
  • the slot 124 may be an example of a charging/discharging device.
  • FIG. 4 schematically shows an example of an authentication procedure for the mobile battery 20.
  • FIG. 5 schematically shows an example of the internal configuration of the battery authentication unit 378 for implementing the authentication procedure described in relation to FIG. 4.
  • FIG. 6 schematically shows an example of the internal configuration of the authentication support unit 232 for implementing the authentication procedure described in relation to FIG. 4. Note that the authentication processing of the mobile battery 20 in the battery exchanger 120, the authentication support unit 232, and the battery authentication unit 378 are not limited to this embodiment.
  • the step in which the mobile battery 20 acquires the authentication private key 72 of the mobile battery 20 from the key issuer 50, the communication terminal 52, or the management server 140 has already been completed.
  • An example of the authentication process of the mobile battery 20 will be explained using a case where the authentication process is performed as an example.
  • the mobile battery 20 stores the authentication private key 72 in the authentication private key storage unit 254, for example.
  • the battery exchanger 120 receives the authentication public key 74 of the one or more mobile batteries 20 from the key issuer 50, the communication terminal 52, or the management server 140.
  • An example of the authentication process for the mobile battery 20 will be explained by taking as an example a case where the step of acquiring a database related to the mobile battery 20 has already been completed.
  • the battery exchanger 120 stores a database regarding the authentication public key 74 of one or more mobile batteries 20 in, for example, the battery authentication unit 378 or the storage device provided in the onboard device 370.
  • the authentication secret key 72 of the mobile battery 20 is stored in the authentication secret key storage unit 254 at the stage when the authentication process for the mobile battery 20 is started.
  • the battery authentication unit 378 of the battery exchanger 120 includes a database regarding the authentication public keys 74 of one or more mobile batteries 20 .
  • step 420 step may be abbreviated as S
  • the battery authentication unit 378 of the battery exchanger 120 detects that the mobile battery 20 is in the slot 124. Detects that it is attached.
  • the battery authentication unit 378 of the battery exchanger 120 detects that the mobile battery 20 is installed in the slot 124, the battery authentication unit 378 of the battery exchanger 120 transmits an activation signal to the mobile battery 20.
  • control unit 230 of the mobile battery 20 when the control unit 230 of the mobile battery 20 receives the activation signal, the control unit 230 and the authentication support unit 232 are activated, for example. At this time, the control unit 230 may transmit an activation confirmation signal to the battery exchanger 120 indicating that the authentication support unit 232 has activated.
  • the battery authentication unit 378 transmits a signal requesting transmission of the battery ID (sometimes referred to as an ID transmission request) to the mobile battery 20.
  • the control unit 230 of the mobile battery 20 receives the ID transmission request signal, the control unit 230 transmits the battery ID stored in the battery ID storage unit 252 to the battery exchanger 120.
  • the battery authentication unit 378 uses the battery ID as a key to refer to the database regarding the authentication public key 74 described above, and uses the battery ID as a key to The authentication public key 74 that matches the ID is extracted. If the authentication public key 74 that matches the battery ID is not extracted, the battery authentication unit 378 accesses the communication terminal 52 or the management server 140 and acquires the authentication public key 74 that matches the battery ID. Good too.
  • the battery authentication unit 378 prepares an authentication code. For example, the battery authentication unit 378 generates a random number and determines to use the random number as an authentication code.
  • the battery authentication unit 378 converts the authentication code based on the authentication public key 74 of the mobile battery 20 and generates a challenge code including the converted authentication code. For example, the battery authentication unit 378 uses the authentication public key 74 of the mobile battery 20 to encrypt the authentication code. Furthermore, the battery authentication unit 378 generates a challenge code that includes an encrypted authentication code.
  • the battery authentication unit 378 prepares a verification code. For example, the battery authentication unit 378 performs arithmetic processing using a hash function to generate a hash value of the authentication code. The battery authentication unit 378 decides to use the generated hash value as a verification code.
  • the battery authentication unit 378 transmits the challenge code to the mobile battery 20.
  • the battery authentication unit 378 may transmit the challenge code and the authentication response request to the mobile battery 20.
  • the authentication support unit 232 uses the encrypted code included in the challenge code based on the authentication private key 72 stored in the authentication private key storage unit 254. Convert the authentication code back. Specifically, the authentication support unit 232 uses the authentication private key 72 stored in the authentication private key storage unit 254 to decrypt the encrypted authentication code included in the challenge code. Since the authentication private key 72 is paired with the authentication public key 74, if the mobile battery 20 is a regular mobile battery 20, the authentication support unit 232 succeeds in decoding the encrypted authentication code.
  • the authentication support unit 232 generates a response code that includes information indicating that the mobile battery 20 has successfully decrypted the authentication code encrypted with the authentication public key 74.
  • the authentication handling unit 232 executes arithmetic processing using a hash function to generate a hash value of the decrypted authentication code.
  • the authentication support unit 232 generates a response code that includes a hash value of the decrypted authentication code. Additionally, the authentication support unit 232 transmits the response code to the battery exchanger 120.
  • the battery authentication unit 378 compares the hash value included in the response code with the hash value generated as the verification code. For example, the battery authentication unit 378 determines whether the hash value included in the response code matches the hash value generated as the verification code. Further, in S440, based on the above comparison result, the battery authentication unit 378 determines whether the mobile battery 20 is a regular mobile battery 20 (sometimes referred to as a regular device).
  • the battery authentication unit 378 may determine whether or not to replace the mobile battery 20 based on the determination result in S440. For example, if the mobile battery 20 is not determined to be an authorized device, the battery authentication unit 378 determines not to install the mobile battery 20 into the slot 124.
  • the above attachment does not need to include temporary attachment for authentication processing.
  • the mobile battery 20 may be temporarily attached to the battery exchanger 120 in order for the battery authentication unit 378 to authenticate the mobile battery 20 .
  • the above attachment means, for example, that the mobile battery 20 is continuously attached to the battery exchanger 120.
  • the above attachment may mean that the mobile battery 20 is stored as a regular device.
  • the battery authentication unit 378 may decide not to continue installing the mobile battery 20 into the slot 124. If the mobile battery 20 is not determined to be a regular mobile battery 20, the battery authentication unit 378 may decide to store the mobile battery 20 in a manner different from that of a regular device. For example, the battery authentication unit 378 stores the mobile battery 20 only during a period when special conditions are met. Examples of the above-mentioned period include a period until the administrator of the mobile battery 20 collects the mobile battery 20, for example, a period when the conditions for dispensing the mobile battery 20 are relaxed due to an emergency situation or an emergency situation.
  • the battery authentication unit 378 determines to install the mobile battery 20 into the slot 124. If it is determined that the mobile battery 20 is an authorized device, the battery authentication unit 378 may decide to continue mounting the mobile battery 20 into the slot 124. If it is determined that the mobile battery 20 is an authorized device, the battery authentication unit 378 may decide to store the mobile battery 20 as an authorized device.
  • the battery authentication unit 378 may determine whether or not to replace the mobile battery 20 based on the determination result in S440 and the white list described above. For example, if it is determined that the mobile battery 20 is a regular mobile battery 20, the battery authentication unit 378 determines whether the mobile battery 20 is a mobile battery 20 that can be used by a plurality of users 40.
  • the battery authentication unit 378 checks whether the battery ID of the mobile battery 20 described above is listed on the white list. If the battery ID of the mobile battery 20 described above is listed on the whitelist, the battery authentication unit 378 determines that the mobile battery 20 is a mobile battery 20 that can be used by a plurality of users 40. On the other hand, if the battery ID of the mobile battery 20 is not listed on the whitelist, the battery authentication unit 378 determines that the mobile battery 20 is not a mobile battery 20 that can be used by a plurality of users 40.
  • the battery authentication unit 378 may decide not to install the mobile battery 20 into the slot 124. As a result, for example, even if the mobile battery 20 is a regular mobile battery 20, if the user 40 of the mobile battery 20 has not subscribed to the mobile battery 20 charging service or the mobile battery 20 replacement service by the battery management system 100. In addition, the mobile battery 20 described above is prevented from being stored in the battery exchanger 120.
  • the battery exchanger 120 will not install the mobile battery 20 in the slot 124, even if the mobile battery 20 is installed in the slot 124, in order to perform the authentication process for the mobile battery 20.
  • the battery 20 may be removed and the mobile battery 20 may be returned to the user 40.
  • the manner in which the mobile battery 20 is attached to the slot 124 is not particularly limited.
  • the mobile battery 20 may be housed inside the slot 124, or the mobile battery 20 may be placed on the slot 124.
  • the same information processing as when it is determined not to install the mobile battery 20 into the slot 124 may be performed. If it is determined to store the mobile battery 20 in a manner different from that of the regular device, the same information processing as in the case where it is determined not to attach the mobile battery 20 to the slot 124 may be performed.
  • the battery authentication unit 378 may determine whether charging and/or discharging the mobile battery 20 is appropriate based on the determination in S440. For example, if the mobile battery 20 is not determined to be a regular mobile battery 20, it is determined not to charge and/or discharge the mobile battery 20. Thereby, input/output of power between the slot 124 and the mobile battery 20 can be prohibited or suppressed.
  • the battery authentication unit 378 may determine whether or not to charge and/or discharge the mobile battery 20 based on the determination result in S440 and the white list described above, using a procedure similar to the procedure described above.
  • processing in the mobile battery 20 may be executed by a single processor, or may be executed by multiple processors working together.
  • the processing in battery exchanger 120 may be performed by a single processor or by multiple processors working together. This further improves security.
  • the mobile battery 20 includes a control CPU for controlling various operations of the mobile battery 20, and a secure IC that performs encryption processing and decryption processing.
  • S422 and S426 are executed by the control CPU described above.
  • the control CPU receives the challenge code
  • the control CPU transfers the challenge code to the secure IC.
  • the secure IC decrypts the challenge code in S434 and generates a response code in S436.
  • the secure IC outputs the generated response code to the control CPU.
  • the control CPU transmits the response code generated by the secure IC to the battery exchanger 120.
  • the case where it is determined or confirmed that the mobile battery 20 is not an authorized device may be an example of a case where the mobile battery 20 is not determined to be an authorized device.
  • the case where the mobile battery 20 is determined or confirmed to be a non-regular mobile battery 20 may be an example of the case where the mobile battery 20 is not determined to be a regular device.
  • the mobile battery 20 is not determined to be a regular device, if it is determined that the third verification information and the fifth verification information do not satisfy the second mathematical relationship, or if the third verification information and the fifth verification information This may be an example of a case where the 6 verification information does not match.
  • the mobile battery 20 is a regular device, when it is determined that the third verification information and the fifth verification information satisfy the second mathematical relationship, or when the third verification information and the sixth verification information are determined to satisfy the second mathematical relationship, This may be an example of a case where the verification information matches.
  • the battery authentication section 378 includes a storage section 520, a battery ID acquisition section 530, an authentication code generation section 540, a verification code generation section 550, and a challenge code generation section 560. , a challenge code transmission section 562 , a response code acquisition section 570 , a comparison section 582 , and a determination section 584 .
  • the storage unit 520 includes a public key database 522 and a whitelist 524.
  • the storage unit 520 stores various information.
  • the public key database 522 corresponds to each battery ID of one or more mobile batteries 20 managed by the battery management system 100 and each authentication public key 74 of the one or more mobile batteries 20 described above. and store it.
  • the white list 524 stores battery IDs of one or more mobile batteries 20 managed by the battery management system 100. Note that in other embodiments, the public key database 522 may be used as the whitelist 524.
  • battery authenticator 378 obtains public key database 522 from key issuer 50.
  • the battery authentication unit 378 stores the public key database 522 acquired from the key issuer 50 in the storage unit 520.
  • battery authentication unit 378 obtains public key database 522 from communication terminal 52 or management server 140.
  • the battery authentication unit 378 stores the public key database 522 acquired from the communication terminal 52 or the management server 140 in the storage unit 520.
  • the battery ID acquisition unit 530 acquires the battery ID of the mobile battery 20 accommodated in the slot 124 or the battery ID of the mobile battery 20 accommodated in the slot 124.
  • the battery ID acquisition unit 530 may acquire the battery ID of the mobile battery 20 installed in the slot 124.
  • the battery ID acquisition unit 530 may acquire the battery ID of the mobile battery 20 described above from the communication terminal 42 or the mobile battery 20.
  • the authentication code generation unit 540 generates the authentication code 502.
  • the authentication code generation unit 540 may generate the authentication code 502 by generating random numbers.
  • the verification code generation unit 550 generates a verification code.
  • the verification code generation unit 550 generates a verification code according to the rule by which the mobile battery 20 generates a response code.
  • the verification code generation unit 550 does not need to generate the verification code and decides to use the authentication code as the verification code. You may.
  • the verification code generation unit 550 executes arithmetic processing using a hash function 552 to generate a hash value 504 of the authentication code 502.
  • the verification code generation unit 550 determines to use the generated hash value 504 as a verification code.
  • the verification code generation unit 550 outputs the hash value 504 described above to the comparison unit 582 as a verification code.
  • the challenge code generation unit 560 generates the challenge code 512.
  • the challenge code generation unit 560 encrypts the authentication code 502 using the authentication public key 74 of the mobile battery 20.
  • the battery authentication unit 378 can generate the challenge code 512 including the encrypted authentication code 502.
  • the challenge code transmitter 562 transmits the challenge code 512 generated by the challenge code transmitter 562 to the mobile battery 20.
  • the challenge code transmitter 562 may transmit the challenge code 512 and the authentication response request to the mobile battery 20.
  • the response code acquisition unit 570 acquires the response code 516 corresponding to the challenge code 512 from the mobile battery 20.
  • the response code 516 includes the hash value 506 of the authentication code 502 restored in the mobile battery 20 .
  • the response code acquisition unit 570 outputs the hash value 506 of the restored authentication code 502 to the comparison unit 582.
  • the comparison unit 582 obtains the hash value 504 as the verification code from the verification code generation unit 550. Furthermore, the comparison unit 582 acquires the hash value 506 included in the response code 516 from the response code acquisition unit 570. The comparison unit 582 compares the hash value 504 as the verification code with the hash value 506 included in the response code 516. For example, the comparison unit 582 determines whether the hash value 504 as the verification code and the hash value 506 included in the response code 516 match. The comparison unit 582 outputs information indicating the comparison result to the determination unit 584.
  • the determination unit 584 acquires information indicating the comparison result of the comparison unit 582.
  • the determining unit 584 determines whether the mobile battery 20 is a regular mobile battery 20 based on the comparison result of the comparing unit 582.
  • the determination unit 584 may determine whether or not to replace the mobile battery 20 based on the determination result of whether the mobile battery 20 is a regular mobile battery 20.
  • the determining unit 584 may determine whether or not to replace the mobile battery 20 based on the white list 524 and the determination result as to whether the mobile battery 20 is a regular mobile battery 20 .
  • the determination unit 584 may determine whether or not to charge and/or discharge the mobile battery 20 based on the determination result of whether the mobile battery 20 is a regular mobile battery 20. Thereby, input/output of power between the slot 124 and the mobile battery 20 can be prohibited or suppressed. The determination unit 584 may determine whether to charge and/or discharge the mobile battery 20 based on the determination result of whether the mobile battery 20 is a regular mobile battery 20 and the white list 524 .
  • the storage unit 520 may be an example of a first storage device.
  • Challenge code generation section 560 may be an example of a third information generation section.
  • Challenge code transmitter 562 may be an example of a third information transmitter.
  • the response code acquisition unit 570 may be an example of a response reception unit.
  • the comparison section 582 may be an example of a comparison section.
  • the authentication support unit 232 includes a request reception unit 620, an ID transmission unit 630, a challenge code acquisition unit 640, a challenge code decryption unit 650, and a response code generation unit 660. , and a response code transmitter 670.
  • the request receiving unit 620 receives various requests from the battery exchanger 120. Examples of the above request include an ID transmission request and an authentication response request.
  • the ID transmitter 630 transmits the battery ID of the mobile battery 20 to the battery exchanger 120 when the request receiver 620 receives an ID transmission request from the battery exchanger 120 .
  • the challenge code acquisition unit 640 acquires the challenge code 512 sent by the battery exchanger 120 when the request reception unit 620 receives an authentication response request from the battery exchanger 120.
  • the challenge code decryption unit 650 uses the authentication private key 72 to decrypt the encrypted authentication code 502 included in the challenge code 512. Further, the challenge code decryption unit 650 outputs the decrypted authentication code 502 to the response code generation unit 660.
  • the response code generation unit 660 generates the response code 516 based on the decrypted authentication code 502.
  • Response code generator 660 may generate response code 516 in any format according to the rules described above.
  • the response code generation unit 660 executes arithmetic processing using a hash function 662 to generate a hash value 506 of the restored authentication code 502.
  • the response code generation unit 660 generates a response code 516 that includes the hash value 506 of the restored authentication code 502.
  • the response code transmitter 670 transmits the response code 516 to the battery exchanger 120.
  • the challenge code acquisition unit 640 may be an example of a third information acquisition unit.
  • Challenge code decoding section 650 may be an example of a fifth information generating section.
  • the response code transmission section 670 may be an example of a response section.
  • the battery authentication unit 378 An example of information processing in the battery exchanger 120 has been described, taking as an example a case in which it is determined not to install the mobile battery 20 into the slot 124 or to not charge or discharge the mobile battery 20. However, information processing when it is determined that the mobile battery 20 is not usable by a plurality of users 40 is not limited to this embodiment.
  • the battery authentication unit 378 performs the installation process of the mobile battery 20 into the slot 124 according to a predetermined first rule.
  • the charging process or discharging process of the mobile battery 20 may be performed according to a predetermined second rule.
  • the first rule is that the mobile battery 20 is allowed to be installed in the slot 124, but users 40 other than the user 40 who installed the mobile battery 20 in the slot 124 are not allowed to take out the mobile battery 20. Rules are illustrated.
  • the second rule is that charging or discharging of the mobile battery 20 is permitted until the number of times the mobile battery 20 is installed in the slot 124 reaches a predetermined number or frequency;
  • An example of the rule is that charging or discharging of the mobile battery 20 is not permitted if the number of times exceeds the above number or frequency.
  • the battery exchanger 120 acquires the public key 74 for authentication of the mobile battery 20 from the key issuer 50, the communication terminal 52, or the management server 140.
  • the method for acquiring the authentication public key 74 in the battery exchanger 120 is not limited to this embodiment. In other embodiments, battery exchanger 120 may obtain authentication public key 74 from mobile battery 20 .
  • the authentication process for the mobile battery 20 is exemplified in a case where the verification code generated from the authentication code and the response code are compared to perform the process of comparing the authentication code and the response code.
  • An example was explained.
  • the process of comparing authentication codes and response codes is not limited to this embodiment.
  • the authentication code and response code may be compared by various methods described in connection with FIG. 1 .
  • FIG. 7 schematically shows an example of the internal configuration of the onboard equipment 330.
  • the details of the mounted device 330 will be explained using an example in which the slot 124 does not have a function of discharging the mobile battery 20.
  • the slot 124 can be changed to a configuration that allows the mobile battery 20 to be charged and discharged.
  • the onboard equipment 330 includes one or more slots 124, a breaker 710, a power line 712, an AC/DC power supply 714, a distributor 716, a power line 718, a main control board 730, and a communication hub 732. , a communication line 734 , a temperature adjustment section 742 , a buzzer 744 , a sense section 746 , and a maintenance door 748 .
  • the slot 124 includes an AC/DC charger 760, a power connector 762, a slot control board 770, a communication connector 772, a drive section 774, a shutter 776, a lock section 778, and a temperature adjustment section. 782, a status display section 784, and a sense section 786.
  • the breaker 710 receives power from the power grid 12.
  • Breaker 710 provides power received from power system 12 via power line 712 to each AC/DC charger 760 of one or more slots 124 .
  • Breaker 710 supplies power received from power system 12 to AC/DC power supply 714 .
  • Examples of the breaker 710 include a circuit breaker, a residual current circuit breaker with overcurrent protection, and the like.
  • the AC/DC power supply 714 functions as a power supply that supplies control power.
  • AC/DC power supply 714 converts alternating current power received from breaker 710 to direct current power having an appropriate voltage.
  • AC/DC power supply 714 provides converted DC power to each slot control board 770 of one or more slots 124 via distributor 716 and power line 718 . Additionally, AC/DC power supply 714 supplies converted DC power to main control board 730 .
  • main control board 730 controls the operation of each part of the storage unit 122.
  • Main control board 730 is connected to CPU board 820 via communication line 310.
  • Main control board 730 may function as control section 336.
  • Main control board 730 may function as controller 336 in cooperation with slot control board 770 .
  • the main control board 730 sends and receives information to and from each slot control board 770 of one or more slots 124 via a communication hub 732 and a communication line 734.
  • the main control board 730 may control the operation of the temperature adjustment section 742, the buzzer 744, the sense section 746, and the maintenance door 748.
  • the main control board 730 may acquire information indicating the states of the temperature adjustment section 742, the buzzer 744, the sense section 746, and the maintenance door 748.
  • the main control board 730 acquires information indicating the measurement results of the sensing unit 746 from the sensing unit 746.
  • the main control board 730 also acquires information indicating the open/closed state of the maintenance door 748 from the maintenance door 748.
  • the temperature adjustment section 742 adjusts the temperature inside the housing 320 of the storage unit 122.
  • Examples of the temperature adjustment section 742 include a fan, a water-cooled cooler, and the like.
  • the buzzer 744 notifies the user 40 of the status of the storage unit 122.
  • Buzzer 744 may output a warning sound.
  • the buzzer 744 may output a warning specified by the main control board 730 from among a plurality of warning sounds with different warning patterns.
  • the sense unit 746 acquires information indicating the state of the storage unit 122.
  • Sense unit 746 may include multiple types of sensors. Examples of sensors included in the sense section 746 include a temperature sensor, a vibration sensor, and a leakage sensor. The sense section 746 may constitute at least a part of the sense section 332.
  • the maintenance door 748 is disposed in an opening (not shown) of the housing 320 and is used by maintenance personnel of the battery exchanger 120 for maintenance management of the battery exchanger 120.
  • the maintenance door 748 may output information indicating the open/closed state to the main control board 730. For example, when maintenance door 748 is opened, maintenance door 748 outputs a signal indicating that maintenance door 748 has been opened.
  • the AC/DC charger 760 charges the mobile battery 20 electrically connected to the power connector 762.
  • the AC/DC charger 760 adjusts at least one of the voltage and current applied to the mobile battery 20 electrically connected to the power connector 762 according to instructions from the slot control board 770.
  • the power connector 762 includes an electrical terminal that is electrically connected to the power connector 212 of the mobile battery 20 when the mobile battery 20 is accommodated in the slot 124.
  • the power connector 762 is configured to be movable by a drive section 774. Note that in other embodiments, power connector 762 may be secured within slot 124.
  • the slot control board 770 controls the operation of each part of the slot 124.
  • Slot control board 770 may control the operation of slot 124 according to instructions from master control board 730.
  • the slot control board 770 may function as the control unit 336.
  • Slot control board 770 may function as controller 336 in cooperation with main control board 730 .
  • the slot control board 770 may send and receive information to and from the control unit 230 of the mobile battery 20 stored in the slot 124 via the communication connector 772.
  • the slot control board 770 can read information stored in the storage section 250 of the mobile battery 20. Further, the slot control board 770 can write information to the storage section 250 of the mobile battery 20.
  • the communication connector 772 includes a communication terminal that is communicatively connected to the communication connector 214 of the mobile battery 20 when the mobile battery 20 is accommodated in the slot 124.
  • the communication connector 772 is configured to be movable by a drive section 774. Note that in other embodiments, the communication connector 772 may be fixed inside the slot 124.
  • the drive unit 774 drives various movable members arranged in the slot 124.
  • the drive unit 774 may drive the above movable member according to instructions from the slot control board 770.
  • Examples of the movable members include the power connector 762, the communication connector 772, the shutter 776, the lock portion 778, a removal prevention member disposed in the slot 124, and a mechanism for restraining the mobile battery 20 disposed in the slot 124.
  • the shutter 776 is disposed at the opening of the slot 124 (not shown) and controls whether the user 40 can use the mobile battery 20 or not.
  • the opening and closing of the shutter 776 may be controlled according to instructions from the slot control board 770.
  • the user 40 can insert the mobile battery 20 into the slot 124 or take out the mobile battery 20 from the slot 124.
  • the shutter 776 is in the closed state, the mobile battery 20 cannot be inserted into the slot 124 or taken out from the slot 124.
  • the lock portion 778 switches the shutter 776 between a locked state and an unlocked state.
  • the lock unit 778 may switch the shutter 776 between a locked state and an unlocked state according to instructions from the slot control board 770.
  • the temperature adjustment section 782 adjusts the temperature inside the slot 124.
  • the temperature adjustment unit 782 may adjust the temperature inside the slot 124 according to instructions from the slot control board 770.
  • Examples of the temperature adjustment section 782 include a fan, a water-cooled cooler, and the like.
  • the status display unit 784 notifies the user 40 of the status of the slot 124.
  • the status of the slot 124 include the presence or absence of the mobile battery 20 and the presence or absence of an abnormality.
  • the status display unit 784 notifies the user 40 of the status of the slot 124 using, for example, a lighting pattern, blinking pattern, or display pattern specified by the slot control board 770 among a plurality of lighting patterns, blinking patterns, or display patterns. good.
  • Examples of the status display section 784 include an LED, a display, and the like.
  • the sense unit 786 acquires information indicating the state of the slot 124.
  • Sense unit 786 may include multiple types of sensors. Examples of sensors included in the sense section 786 include a temperature sensor, a voltage sensor, and a current sensor.
  • the sense unit 786 includes (i) a temperature sensor that measures the temperature inside the slot 124, the mobile battery 20, or the vicinity of the mobile battery 20, (ii) a voltage sensor that measures the voltage of the power connector 762, and (iii) ) includes at least one current sensor that measures the current flowing through the power connector 762.
  • the sense section 786 may constitute at least a portion of the sense section 332.
  • the main control board 730 may be an example of a confirmation device.
  • Power connector 762 may be an example of a first terminal.
  • Slot control board 770 may be an example of a verification device.
  • FIG. 8 schematically shows an example of the internal configuration of the onboard equipment 370.
  • the installed equipment 370 includes an AC/DC power supply 814, a service outlet 816, a CPU board 820, an Ethernet interface 830 that is an Ethernet (registered trademark) communication interface, an NFC reader 842, and a camera 844. , a touch panel 852, a display 854, and a speaker 856.
  • the AC/DC power supply 814 and the AC/DC power supply 714 function as power supplies that supply control power.
  • AC/DC power supply 814 receives power from power grid 12, for example, via uninterruptible power supply 312.
  • AC/DC power supply 814 converts alternating current power received from power system 12 into direct current power having an appropriate voltage.
  • AC/DC power supply 814 supplies converted DC power to CPU board 820.
  • the service outlet 816 supplies power to equipment external to the communication unit 126.
  • a router 314 is exemplified as the external device.
  • the service outlet 816 receives power from the power grid 12 via the uninterruptible power supply 312, for example.
  • the service outlet 816 may control the supply of power to external equipment according to instructions from the CPU board 820.
  • Service outlet 816 may send information regarding power supplied to external equipment to CPU board 820.
  • the CPU board 820 controls the operation of each part of the communication unit 126.
  • CPU board 820 is connected to main control board 730 via communication line 310.
  • the CPU board 820 may function as the control unit 376.
  • Ethernet interface 830 is connected to the communication network 14 via the router 314.
  • Ethernet interface 830 may function as communication interface 128.
  • the NFC reader 842 sends and receives information to and from the communication terminal 42 via near field communication.
  • NFC reader 842 may function as communication interface 128.
  • NFC reader 842 may function as user identification unit 374.
  • the camera 844 images the user 40.
  • Camera 844 may function as user interface 372.
  • Camera 844 may function as user identification unit 374.
  • the touch panel 852 accepts touch input from the user 40.
  • Touch panel 852 may function as user interface 372.
  • display 854 presents information to user 40 by outputting images.
  • Display 854 may function as user interface 372.
  • the speaker 856 presents information to the user 40 by outputting audio. Speaker 856 may function as user interface 372.
  • the CPU board 820 may be an example of a confirmation device.
  • Touch panel 852 may be an example of the input device described above.
  • FIG. 9 schematically shows an example of the internal configuration of mobile battery 920.
  • FIG. 10 schematically shows an example of the procedure for acquiring the authentication public key 74.
  • FIG. 11 schematically shows an example of the procedure for acquiring the authentication public key 74.
  • the battery exchanger 120 stores authentication public keys 74 for one or more mobile batteries 20 from the key issuer 50, the communication terminal 52, or the management server 140.
  • the details of the battery management system 100 have been explained by taking as an example a case where a database is acquired.
  • the battery exchanger 120 obtains the public key 74 for authentication of the mobile battery 20 from the mobile battery 20 installed in the slot 124.
  • the embodiment described in connection with FIGS. 9, 10 and 11 has a similar configuration to the embodiment described in connection with FIGS. 1 to 6. good.
  • the mobile battery 920 includes a storage section 250, a battery ID storage section 252, an authentication private key storage section 254, an authentication public key storage section 955, and a signature secret. It differs from the mobile battery 20 in that it includes a key storage section 956 and a public key storage section 957 for signature verification. Regarding features other than the above-mentioned differences, mobile battery 920 may have a similar configuration to mobile battery 20.
  • the mobile battery 920 does not need to include the signature verification public key 84 and the signature verification public key storage section 957.
  • the battery exchanger 120 stores the signature verification public key 84 of the mobile battery 920, or if the battery exchanger 120 can acquire the signature verification public key 84 of the mobile battery 920, the mobile battery 920 , it is not necessary to provide the signature verification public key 84 and the signature verification public key storage section 957.
  • the mobile battery 920 does not need to include the signature private key 82 and the signature private key storage section 956.
  • the mobile battery 920 stores, for example, (i) the authentication public key 74 encrypted with the signature private key 82, and (ii) the authentication public key 74 in an arbitrary storage device arranged in the mobile battery 920. At least one of (iii) an electronic certificate of the authentication public key 74 may be stored.
  • the authentication public key 74 encrypted with the signature private key 82 and the information obtained by encrypting the authentication public key 74 and any information with the signature private key 82 are sometimes referred to as electronic signatures.
  • electronic signatures a series of steps in which an electronic signature is created using elliptic curve cryptography is called an elliptic curve electronic signature algorithm.
  • the electronic certificate of the authentication public key 74 includes, for example, the authentication public key 74 and the authentication public key 74 encrypted with the signature private key 82.
  • the electronic certificate of the authentication public key 74 is, for example, the authentication public key 74 (or the authentication public key 74 and any information), and the authentication public key 74 and the arbitrary information encrypted with the signature private key 82. Contains digitized information.
  • the mobile battery 920 includes the signature private key 82 and the signature private key storage section 956, as well as the signature verification public key 84 and the signature verification public key 82. This embodiment differs from the embodiment described in connection with FIG. 9 in that it does not include a key storage unit 957.
  • the authentication public key storage unit 955 stores the authentication public key 74.
  • the signature private key storage section 956 stores the signature private key 82 used by the mobile battery 20 to attach an electronic signature.
  • the signature verification public key storage unit 957 allows the battery exchanger 120 to verify the authenticity of information including the electronic signature of the mobile battery 20 (for example, the electronic certificate acquired by the battery exchanger 120 from the mobile battery 20).
  • a signature verification public key 84 used for this purpose is stored.
  • the signature verification public key 84 is used to decrypt information encrypted using the signature private key 82.
  • the electronic signature of the mobile battery 20 is generated by encrypting arbitrary information using the signature private key 82.
  • the electronic certificate includes a plain text of arbitrary information and a cipher text in which the arbitrary information is encrypted using the private key 82 for signature.
  • the signature verification public key 84 is used to decrypt information encrypted using the signature private key 82. By comparing the plaintext information included in the digital certificate with the information decrypted using the signature verification public key 84, the authenticity of the plaintext information included in the digital certificate can be verified.
  • FIG. 10 schematically shows an example of the procedure for acquiring the authentication public key 74.
  • the battery authentication unit 378 has already acquired the signature verification public key 84 of the mobile battery 20 from the key issuer 50, the communication terminal 52, or the management server 140, for example.
  • a database that stores battery IDs of one or more mobile batteries 20 and signature verification public keys 84 of one or more mobile batteries 20 in correspondence is stored in the storage unit 520.
  • the signature verification public keys 84 of a plurality of mobile batteries 20 may be the same, or the signature verification public keys 84 of all mobile batteries 20 may be the same.
  • the authentication support section 232 further includes a public key transmission section 1012. Furthermore, the battery authentication section 378 further includes a public key acquisition section 1014.
  • the public key acquisition unit 1014 of the battery exchanger 120 detects that the mobile battery 20 is installed in the slot 124.
  • the public key acquisition unit 1014 detects that the mobile battery 20 is attached to the slot 124, the public key acquisition unit 1014 transmits an activation signal to the mobile battery 20.
  • the public key transmission unit 1012 of the mobile battery 20 receives the activation signal, the control unit 230 and the authentication support unit 232 are activated, for example.
  • the public key transmitter 1012 may transmit an activation confirmation signal to the battery exchanger 120 indicating that the authentication support unit 232 has activated.
  • the public key acquisition unit 1014 sends a signal (sometimes referred to as a public key transmission request) requesting the mobile battery 20 to transmit the battery ID and the authentication public key 74.
  • a signal (sometimes referred to as a public key transmission request) requesting the mobile battery 20 to transmit the battery ID and the authentication public key 74.
  • the public key transmission unit 1012 encrypts the authentication public key 74 using the signature private key 82.
  • the public key transmitting unit 1012 sends the battery ID stored in the battery ID storage unit 252, the unencrypted authentication public key 74, and the authentication public key 74 encrypted with the signature private key 82. and is sent to the battery exchanger 120.
  • the process of encrypting the authentication public key 74 using the signature private key 82 is the same as the process of signing the authentication public key 74 using the signature private key 82 (sometimes referred to as signature processing).
  • signature processing various public key cryptosystems or public key cryptography infrastructures (PKI) may be used.
  • signature processing methods include an RSA encryption method, a DSA signature method, an ECDAS signature method, and an EdDSA signature method.
  • ECDAS signature method an encryption method using an elliptic curve is used.
  • the procedure of converting plaintext into ciphertext using the public key of public key cryptography is sometimes referred to as encryption.
  • the procedure of converting ciphertext into plaintext using a private key paired with the public key used for encryption is sometimes called decryption.
  • the procedure of processing plaintext with a private key of public key cryptography is sometimes called a signature.
  • the procedure of converting a signature into original information using the public key of public key cryptography is sometimes referred to as verification.
  • the public key acquisition unit 1014 receives the battery ID, the unencrypted authentication public key 74, and the authentication public key 74 encrypted with the signature private key 82 from the public key transmission unit 1012.
  • the public key acquisition unit 1014 refers to a database that stores the battery ID of one or more mobile batteries 20 and the signature verification public key 84 of one or more mobile batteries 20 in correspondence.
  • the signature verification public key 84 corresponding to the battery ID transmitted by the transmitter 1012 is extracted. Further, the public key acquisition unit 1014 uses the extracted signature verification public key 84 to decrypt the authentication public key 74 encrypted with the signature private key 82. Note that if the signature verification public keys 84 of all mobile batteries 20 are the same, the step in which the public key acquisition unit 1014 refers to the above database and extracts the signature verification public key 84 may be omitted.
  • the public key acquisition unit 1014 compares the unencrypted authentication public key 74 transmitted by the public key transmission unit 1012 with the authentication public key 74 decrypted in S1040. For example, the public key acquisition unit 1014 determines whether the unencrypted authentication public key 74 transmitted by the public key transmission unit 1012 and the authentication public key 74 decrypted in S1040 match. If the unencrypted authentication public key 74 transmitted by the public key transmitter 1012 and the authentication public key 74 decrypted in S1040 match, in S1044 the public key acquisition unit 1014 transmits the public key to the public key transmitter 1012.
  • the authentication public key 74 transmitted by the mobile battery 20 is stored in the storage unit 520 or the public key database 522 as the authentic authentication public key 74 of the mobile battery 20 .
  • the above comparison process may be an example of a process for verifying the signature of the authentication public key 74 (sometimes referred to as a verification process).
  • the authentication public key 74 may be an example of the eleventh information.
  • the signature private key 82 may be an example of the twelfth information.
  • the authentication public key 74 encrypted using the signature private key 82 may be an example of the thirteenth information.
  • the signature verification public key 84 may be an example of the fourteenth information.
  • the authentication public key 74 decrypted using the signature verification public key 84 may be an example of the fifteenth information.
  • Signature processing may be an example of information conversion.
  • the verification process may be an example of transformation or inverse transformation of information.
  • the details of the procedure for the battery exchanger 120 to acquire the authentication public key 74 of the mobile battery 20 have been described using the case where the mobile battery 20 is attached to the battery exchanger 120 as an example.
  • the entity that acquires the authentication public key 74 of the mobile battery 20 is not limited to the battery exchanger 120. In other embodiments, the entity that acquires the authentication public key 74 of the mobile battery 20 may be the power device described above.
  • the verification device is not limited to the battery exchanger 120. Any verification device may acquire the authentication public key of any verification target device using the same procedure as in this embodiment. For example, when the mobile battery 20 authenticates the battery exchanger 120, the mobile battery 20 acquires the public key for authentication of the battery exchanger 120 using the same procedure as in this embodiment.
  • the authentication public key 74 is encrypted using the signature private key 82
  • the battery ID stored in the battery ID storage section 252 and the unencrypted authentication public key 74 are encrypted using the signature private key 82.
  • the public key 74 and the authentication public key 74 encrypted with the private signature key 82 are transmitted from the mobile battery 20 to the battery exchanger 120.
  • the details of the procedure for obtaining the public key 74 were explained.
  • the procedure by which the battery exchanger 120 acquires the authentication public key 74 of the mobile battery 20 is not limited to this embodiment.
  • the information encrypted using the signature private key 82 in S1030 is not limited to the authentication public key 74.
  • the arbitrary code is encrypted using the private signing key 82.
  • the code described above may have a similar configuration to the authentication code described above.
  • the above code may be a battery ID.
  • the battery ID stored in the battery ID storage section 252, the unencrypted authentication public key 74, the unencrypted code mentioned above, and the signature private key 82 are used to encrypt
  • the above-mentioned code is sent from the mobile battery 20 to the battery exchanger 120.
  • the public key acquisition unit 1014 extracts the signature verification public key 84 corresponding to the battery ID transmitted by the public key transmission unit 1012, and uses the extracted signature verification public key 84 to create a signature.
  • the code encrypted with the private key 82 is decrypted.
  • the public key acquisition unit 1014 compares the unencrypted code sent by the public key sending unit 1012 with the code decrypted in S1040. For example, the public key acquisition unit 1014 determines whether the unencrypted code transmitted by the public key transmission unit 1012 and the code decrypted in S1040 match.
  • the public key acquisition unit 1014 stores the authentication public key 74 transmitted by the public key transmission unit 1012 in the storage unit 520 or the public key database 522 as the authentic authentication public key 74 of the mobile battery 20.
  • the battery exchanger 120 can confirm that the authentication public key 74 received from the mobile battery 20 is a regular authentication public key.
  • the hash value of any of the codes described above is encrypted using the signature private key 82 at S1030. Then, in S1032, the battery ID stored in the battery ID storage unit 252, the unencrypted authentication public key 74, the unencrypted hash value of the above code, and the signature private key 82 are used to encrypt the battery ID.
  • the hash value of the above-mentioned code is transmitted from the mobile battery 20 to the battery exchanger 120.
  • the public key acquisition unit 1014 derives a hash value of the code decrypted in S1040, which is different from the other embodiments described above.
  • the public key acquisition unit 1014 compares the hash value of the unencrypted code transmitted by the public key transmission unit 1012 with the hash value of the code decrypted in S1040. It differs from the form.
  • the authentication public key 74 of the mobile battery 20 is transmitted from the mobile battery 20 to the battery exchanger 120 using any electronic signature method or electronic certificate method. Thereby, the battery exchanger 120 can confirm that the authentication public key 74 received from the mobile battery 20 is a regular authentication public key.
  • the authentication public key 74 is encrypted using the signature private key 82 in S1030.
  • the battery ID stored in the battery ID storage unit 252, the unencrypted authentication public key 74, and the authentication public key 74 encrypted with the signature private key 82 are transferred from the mobile battery 20.
  • the details of the procedure by which the battery exchanger 120 acquires the public key 74 for authentication of the mobile battery 20 have been explained using the case where the authentication public key 74 is transmitted to the battery exchanger 120 as an example. However, the procedure by which the battery exchanger 120 acquires the authentication public key 74 of the mobile battery 20 is not limited to this embodiment.
  • the storage unit 250 of the mobile battery 20 stores the electronic certificate of the authentication public key 74.
  • the electronic certificate of the authentication public key 74 includes, for example, an unencrypted authentication public key 74 and an authentication public key 74 encrypted with the signature private key 82 .
  • the electronic certificate of the authentication public key 74 includes, for example, an unencrypted battery ID and authentication public key 74, and a battery ID and authentication public key 74 encrypted with the signature private key 82.
  • the public key acquisition unit 1014 refers to a database that stores signature verification public keys 84 of one or more mobile batteries 20 in correspondence with each other, and enters the battery ID transmitted by the public key transmission unit 1012.
  • the details of the procedure by which the battery exchanger 120 acquires the authentication public key 74 of the mobile battery 20 have been explained using the case of extracting the corresponding signature verification public key 84 as an example.
  • the procedure by which the battery exchanger 120 acquires the authentication public key 74 of the mobile battery 20 is not limited to this embodiment.
  • the storage unit 250 of the mobile battery 20 stores the electronic certificate of the signature verification public key 84.
  • the electronic certificate of the signature verification public key 84 includes, for example, an unencrypted signature verification public key 84 and a signature verification public key 84 encrypted with the certificate authority's private key.
  • the electronic certificate of the signature verification public key 84 includes, for example, an unencrypted ID and signature verification public key 84 and an ID and signature verification public key 84 encrypted with the signature private key 82.
  • the above ID may be a battery ID, an ID of the manufacturer of the mobile battery 20, or an ID of the manufacturer of the control CPU or secure IC of the mobile battery 20.
  • the public key transmission unit 1012 of the mobile battery 20 transmits the electronic certificate of the signature verification public key 84 to the public key acquisition unit 1014.
  • the public key transmitting unit 1012 obtains the public key corresponding to the private key of the certificate authority.
  • the public key corresponding to the private key of the certificate authority may be stored in the battery exchanger 120, and may be transmitted from the server of the certificate authority to the battery exchanger 120 in response to a request from the battery exchanger 120.
  • FIG. 11 schematically shows an example of the procedure for acquiring the authentication public key 74.
  • S1132 is performed instead of S1032 after S1030 is performed, and S1134 is performed after S1132 is performed, as explained with reference to FIG.
  • This is different from the procedure for obtaining the public key 74 for authentication.
  • the procedure for acquiring the public key for authentication 74 explained in relation to FIG. 11 has the same configuration as the procedure for acquiring the public key for authentication 74 explained in relation to FIG. may have.
  • the public key transmitting unit 1012 encrypts the battery ID stored in the battery ID storage unit 252, the unencrypted authentication public key 74, and the signature private key 82.
  • the authentication public key 74 and the signature verification public key 84 are sent to the battery exchanger 120.
  • the public key transmitting unit 1012 may transmit the signature verification public key 84 to the battery exchanger 120 by transmitting an electronic certificate including the signature verification public key 84 to the battery exchanger 120.
  • the public key transmission unit 1012 in response to a request from the public key acquisition unit 1014, the public key transmission unit 1012 sends the battery ID stored in the battery ID storage unit 252, the electronic certificate of the authentication public key 74, and the signature verification.
  • the public key 84 and the electronic certificate may be sent to the battery exchanger 120.
  • the public key acquisition unit 1014 may request transmission of an electronic certificate instead of requesting the public key, or in addition to requesting the public key.
  • the electronic certificate of the authentication public key 74 includes, for example, the unencrypted battery ID and authentication public key 74, and the battery ID and authentication public key encrypted with the signature private key 82. 74.
  • the public key transmitting unit 1012 transmits the electronic certificate of the public key for authentication 74 and the electronic certificate of the public key for signature verification 84 to the battery exchanger 120 in response to a request from the public key acquiring unit 1014. You may do so.
  • the public key acquisition unit 1014 requests a reliable certification authority (not shown) to confirm the validity or authenticity of the signature verification public key 84.
  • the public key acquisition unit 1014 executes S1040, S1042, and S1044.
  • the signature verification public key 84 is issued, for example, by the manufacturer or seller of the control CPU or secure IC described in relation to FIG. Therefore, according to another embodiment, the public key acquisition unit 1014 can acquire the signature verification public key 84 from the manufacturer or seller of the control CPU or secure IC, for example.
  • the above-mentioned reliable certificate authority may be the management server 140 or a server different from the management server 140.
  • the above-mentioned reliable certification authority may be a server managed or operated by the manufacturer or seller of the control CPU or secure IC.
  • the signature verification public key 84 may be provided with an expiration date.
  • the above-mentioned trusted certificate authority may manage the expiration date of the signature verification public key 84. For example, when the certification authority receives a request to confirm the validity or authenticity of the signature verification public key 84 from the public key transmission unit 1012, the certification authority receives a request to confirm the validity or authenticity of the signature verification public key 84.
  • the certification authority transmits information indicating that the signature verification public key 84 is not valid to the public key transmitting unit 1012 as a response to the above request. . On the other hand, if the validity period of the signature verification public key 84 has not expired, the certification authority sends information indicating that the signature verification public key 84 is valid to the public key transmitting unit 1012 in response to the above request. Send to.
  • the details of the procedure for the battery exchanger 120 to acquire the authentication public key 74 of the mobile battery 20 have been described using the case where the mobile battery 20 is attached to the battery exchanger 120 as an example.
  • the entity that acquires the authentication public key 74 of the mobile battery 20 is not limited to the battery exchanger 120. In other embodiments, the entity that acquires the authentication public key 74 of the mobile battery 20 may be the power device described above.
  • the verification device is not limited to the battery exchanger 120. Any verification device may acquire the authentication public key of any verification target device using the same procedure as in this embodiment. For example, when the mobile battery 20 authenticates the battery exchanger 120, the mobile battery 20 acquires the public key for authentication of the battery exchanger 120 using the same procedure as in this embodiment.
  • the authentication public key 74 is encrypted using the signature private key 82 in S1030.
  • the battery ID stored in the battery ID storage unit 252 the unencrypted authentication public key 74, the authentication public key 74 encrypted with the signature private key 82, and the signature verification public key 84 is transmitted from the mobile battery 20 to the battery exchanger 120, details of the procedure for the battery exchanger 120 to acquire the public key 74 for authentication of the mobile battery 20 have been explained.
  • the procedure by which the battery exchanger 120 acquires the authentication public key 74 of the mobile battery 20 is not limited to this embodiment.
  • the information encrypted using the signature private key 82 in S1030 is not limited to the authentication public key 74.
  • the arbitrary code is encrypted using the private signing key 82.
  • the code described above may have a similar configuration to the authentication code described above.
  • the above code may be a battery ID.
  • the battery ID stored in the battery ID storage section 252 the unencrypted authentication public key 74, the unencrypted code mentioned above, and the signature private key 82 are used to encrypt
  • the above encoded code and the signature verification public key 84 are transmitted from the mobile battery 20 to the battery exchanger 120.
  • the public key acquisition unit 1014 decrypts the code encrypted with the signature private key 82 using the signature verification public key 84 whose validity or authenticity was confirmed in S1134. Further, in S1042, the public key acquisition unit 1014 compares the unencrypted code sent by the public key sending unit 1012 with the code decrypted in S1040. For example, the public key acquisition unit 1014 determines whether the unencrypted code transmitted by the public key transmission unit 1012 and the code decrypted in S1040 match. If the two match, the public key acquisition unit 1014 stores the authentication public key 74 transmitted by the public key transmission unit 1012 in the storage unit 520 or the public key database 522 as the authentic authentication public key 74 of the mobile battery 20. Store. According to the above embodiment, similarly to the present embodiment, the battery exchanger 120 can confirm that the authentication public key 74 received from the mobile battery 20 is a regular authentication public key.
  • the hash value of any of the codes described above is encrypted using the signature private key 82 at S1030. Thereafter, a procedure similar to that described in connection with the alternative embodiment of FIG. 10 is performed.
  • the authentication public key 74 of the mobile battery 20 is transmitted from the mobile battery 20 to the battery exchanger 120 using any electronic signature method or any electronic certification method. Thereby, the battery exchanger 120 can confirm that the authentication public key 74 received from the mobile battery 20 is a regular authentication public key.
  • the storage unit 250 of the mobile battery 20 may store the electronic certificate of the authentication public key 74.
  • the public key transmission unit 1012 of the mobile battery 20 sends the public key to the storage unit 250 without creating a new electronic certificate for the authentication public key 74.
  • the electronic certificate stored in the public key acquisition unit 1014 may be sent to the public key acquisition unit 1014.
  • the process in which the mobile battery 20 encrypts the authentication public key 74 using the signature private key 82 is omitted. In this case, the mobile battery 20 does not need to store the signature private key 82. Similar changes may be made in any of the embodiments described below.
  • FIG. 12 schematically shows another example of the authentication procedure for the mobile battery 20.
  • FIG. 13 schematically shows an example of the relationship between the response code and the verification code.
  • FIG. 14 schematically shows an example of a procedure for verifying a response code and a verification code.
  • FIG. 15 schematically shows another example of the response code and verification code verification procedure.
  • the authentication procedure described in connection with FIG. 12 differs from the authentication procedure described in connection with FIG. 4 in that a plaintext authentication code is transmitted as a challenge code.
  • Procedures that are the same as or similar to the authentication procedure described in connection with FIG. 4 are given the same reference numerals as in FIG. 4, and the description of the procedures may be omitted.
  • a procedure that is the same as or similar to the authentication procedure described in connection with FIG. 4 may have a similar configuration to the authentication procedure described in connection with FIG. 4.
  • the verification device to verify whether or not the device to be verified is an authorized device
  • the battery exchanger 120 authenticates the mobile battery 20 as an example.
  • the above information processing is not limited to this embodiment.
  • the mobile battery 20 can authenticate the battery exchanger 120 using a procedure similar to this embodiment.
  • the battery authentication unit 378 when the battery authentication unit 378 acquires the battery ID of the mobile battery 20 in S3130, the battery authentication unit 378 uses the battery ID as a key to perform the authentication described above in S3130.
  • the public key 74 for authentication that matches the battery ID is extracted by referring to the database regarding the public key 74. If the authentication public key 74 that matches the battery ID is not extracted, the battery authentication unit 378 accesses the communication terminal 52 or the management server 140 and acquires the authentication public key 74 that matches the battery ID. good.
  • the battery authentication unit 378 acquires the battery ID of the mobile battery 20 in S3130, the battery authentication unit 378 generates a challenge code and transmits the challenge code to the mobile battery 20 in S3130.
  • the challenge code is generated and transmitted, for example, by the following procedure.
  • the battery authentication unit 378 first prepares an authentication code. For example, the battery authentication unit 378 generates a random number and determines to use the random number as an authentication code. The battery authentication unit 378 may generate an authentication code using the above random number. The battery authentication unit 378 may generate an authentication code based on the above random number and arbitrary parameters used in public key cryptography. Parameters used in public key cryptography are shared between the verifying device and the verified device, and are exemplified by common parameters. Examples of common parameters include an elliptic curve E of elliptic curve cryptography, a generator P of the elliptic curve E, and the like.
  • the battery authentication unit 378 transmits the above authentication code to the mobile battery 20 as a challenge code.
  • the battery authentication unit 378 transmits the authentication code that is not encrypted using the authentication public key 74 to the mobile battery 20 as a challenge code.
  • the battery authentication unit 378 transmits a plaintext authentication code to the mobile battery 20 as a challenge code.
  • the battery authentication unit 378 In S3132, the battery authentication unit 378 generates a verification code using the above authentication code and the authentication public key 74 of the mobile battery 20. If the authentication code is generated based on a random number and a common parameter, the battery authentication unit 378 uses the random number used to generate the authentication code and the authentication public key 74 of the mobile battery 20 to perform the same process as above. You may also generate verification code. Details of the verification code generation procedure will be described later.
  • control unit 230 of the mobile battery 20 when the control unit 230 of the mobile battery 20 receives the challenge code, the control unit 230 generates a response code using the authentication code included in the challenge code and the authentication secret key 72 of the mobile battery 20. . Details of the response code generation procedure will be described later. Further, in S3136, the control unit 230 transmits the response code to the battery exchanger 120. Thereby, the control unit 230 ends the process for responding to the authentication process of the battery exchanger 120 (sometimes referred to as authentication support process).
  • the battery authentication unit 378 when the battery authentication unit 378 receives the response code, the battery authentication unit 378 verifies whether the response code and the verification code have a predetermined mathematical relationship. Details of the above verification procedure will be described later. Thereafter, in S440, the battery authentication unit 378 determines or confirms whether the mobile battery 20 is an authorized device based on the above verification result.
  • FIG. 13 schematically shows an example of the relationship between the response code and the verification code.
  • a response code and a verification code are generated using an authentication public key and an authentication private key of the device to be verified.
  • the device to be verified is the mobile battery 20
  • a response code and a verification code are generated using the authentication public key 74 and the authentication private key 72.
  • the authentication private key 72 is stored in the storage unit 250, for example. Even when the device to be confirmed is the battery exchanger 120, the response code and the verification code can be generated using the same procedure as when the device to be confirmed is the mobile battery 20.
  • the authentication public key and authentication private key of the verified device are generated so as to satisfy the mathematical relationship 3212.
  • An example of the mathematical relationship 3212 is a relationship used in encryption using elliptic curves (sometimes referred to as elliptic curve cryptography or ECC).
  • ECC elliptic curve cryptography
  • nG(x,y ) is located on the elliptic curve expressed by Equation 1. At this time, a sufficiently large order n is used as a private key, and nG(x, y) is used as a public key.
  • the response code and the verification code are generated so that the response code and the verification code satisfy the mathematical relationship 3214 when the device to be verified is a regular device.
  • Mathematical relationship 3214 is defined based on mathematical relationship 3212.
  • the response code and verification code may be the same.
  • the response code and verification code may be different.
  • the above calculation result 1 may be an example of a predetermined value.
  • the battery authentication section 378 includes an authentication code generation section 3220, a verification code generation section 3230, and a verification section 3250.
  • the control unit 230 includes a response code generation unit 3240.
  • the authentication code generation unit 3220 generates an authentication code 3222.
  • the authentication code generation unit 3220 generates a random number using a random number generator, and generates the authentication code 3222 based on the random number.
  • the authentication code generation unit 3220 may output the above random number as the authentication code 3222.
  • the authentication code generation unit 3220 outputs, for example, a plaintext authentication code 3222 to the response code generation unit 3240 and the verification code generation unit 3230.
  • the verification code generation unit 3230 obtains the authentication code 3222.
  • the verification code generation unit 3230 obtains the authentication public key.
  • the verification code generation unit 3230 derives the verification code 3232 using the authentication code 3222.
  • the verification code generation unit 3230 generates the verification code 3232 by converting the authentication code 3222 based on the authentication public key, for example.
  • Verification code generation section 3230 outputs verification code 3232 to verification section 3250. Details of the verification code generation unit 3230 will be described later.
  • the response code generation unit 3240 obtains the authentication code 3222.
  • the response code generation unit 3240 obtains the authentication private key.
  • the response code generation unit 3240 generates a response code 3242 based on the authentication code 3222 and the authentication private key.
  • the response code generation unit 3240 generates the response code 3242 by converting the authentication code 3222 based on the authentication private key, for example.
  • the response code generation unit 3240 may generate the same information as the information obtained by converting the authentication code 3222 based on the authentication public key (that is, the verification code 3232).
  • the response code generation unit 3240 generates the same information as the verification code 3232 based on the authentication code 3222, the authentication private key, and the mathematical relationship 3212 and/or the mathematical relationship 3214, for example.
  • the response code generation unit 3240 outputs the response code 3242 to the verification unit 3250. Details of the response code generation unit 3240 will be described later.
  • the verification unit 3250 obtains the verification code 3232 from the verification code generation unit 3230.
  • the verification unit 3250 obtains the response code 3242 from the response code generation unit 3240.
  • the verification unit 3250 determines whether the verified device is a legitimate device based on the verification code 3232 and the response code 3242.
  • the verification unit 3250 converts the verification code 3232 and the response code 3242 into mathematical expressions. It may be determined whether the relationship 3214 is satisfied. If the response code generation unit 3240 outputs the same information as the verification code 3232 as the response code 3242, the verification unit 3250 may compare the verification code 3232 and the response code 3242. Details of the verification unit 3250 will be described later.
  • the mathematical relationship 3212 may be an example of a first mathematical relationship.
  • Mathematical relationship 3214 may be an example of a second mathematical relationship.
  • the authentication code generation section 3220 may be an example of a first verification information generation section.
  • the authentication code 3222 may be an example of first verification information.
  • the verification code generation section 3230 may be an example of a third verification information generation section.
  • the verification code 3232 may be an example of third verification information.
  • the response code generation unit 3240 may be an example of a first verification information acquisition unit or a response unit.
  • the response code 3242 may be an example of the fifth verification information or the sixth verification information.
  • Verification section 3250 may be an example of a response reception section or a determination section.
  • the output of the authentication code 3222 may be an example of transmitting the first verification information.
  • the procedure in which the response code generation unit 3240 acquires the authentication code 3222 is an example of a step in which the verified device receives the first verification information from the verification device, or a step in which the verified device acquires the first verification information from the first power device. It's fine.
  • the procedure in which the response code generation unit 3240 outputs the response code 3242 to the verification unit 3250 may be an example of a step in which the verified device generates the fifth verification information based on the first verification information and the fourth verification information.
  • the public key used to generate the verification code 3232 may be an example of second verification information.
  • the private key used to generate the response code 3242 may be an example of the fourth verification information.
  • FIG. 14 schematically shows an example of a procedure for verifying a response code and a verification code.
  • the response code generation unit 3240 converts the authentication code 3222 based on the authentication private key and outputs the information obtained as the response code 3242 as an example. The details of the verification procedure are explained.
  • the verification code generation section 3230 includes, for example, a first calculation section 3310.
  • the response code generation unit 3240 includes, for example, a first calculation unit 3310, a second calculation unit 3320, and a third calculation unit 3330.
  • the verification unit 3250 includes, for example, a third calculation unit 3330 and a determination unit 3350.
  • the first calculation unit 3310 obtains the authentication code 3222 and the authentication public key 74.
  • the first calculation unit 3310 converts the authentication code 3222 based on the authentication public key 74 and generates the verification code 3232, for example.
  • the first calculation unit 3310 may generate the verification code 3232 by encrypting the authentication code 3222 using the authentication public key 74.
  • the first calculation unit 3310 outputs the verification code 3232 to the third calculation unit 3330.
  • the second calculation unit 3320 obtains the authentication code 3222 and the authentication private key 72.
  • the second calculation unit 3320 converts the authentication code 3222 based on the authentication private key 72, and generates the response code 3242, for example.
  • the first calculation unit 3310 may generate the response code 3242 by encrypting the authentication code 3222 using the authentication private key 72.
  • the second calculation unit 3320 outputs the response code 3242 to the third calculation unit 3330.
  • the third calculation unit 3330 obtains a verification code 3232 and a response code 3242.
  • the third calculation unit 3330 performs information processing on the verification code 3232 and response code 3242 according to the first verification algorithm, and outputs the calculation result of the information processing.
  • the first verification algorithm may be an algorithm for verifying whether the verification code 3232 and the response code 3242 satisfy the mathematical relationship 3214.
  • the first verification algorithm may include a procedure for deriving the parameter p of the elliptic curve described above.
  • the first verification algorithm may include a procedure of inputting the verification code 3232 and the response code 3242 and outputting a value determined according to the mathematical relationship 3214 if the device to be verified is a regular device.
  • the third calculation unit 3330 of the response code generation unit 3240 uses the verification code 3232 output by the first calculation unit 3310 of the response code generation unit 3240 and the response code 3242 output by the second calculation unit 3320 of the response code generation unit 3240. and performs information processing according to the first verification algorithm.
  • the third calculation unit 3330 of the response code generation unit 3240 outputs the calculation result 3332 to the determination unit 3350.
  • the calculation result 3332 indicates that when the authentication private key 72 and the authentication public key 74 satisfy the mathematical relationship 3212, the verification code 3232 and the response code 3242 are information according to the first verification algorithm. Shows the result of the calculation that would be obtained if the process were performed. As described above, when the verified device is a regular device, the verification code 3232 and the response code 3242 satisfy the mathematical relationship 3212.
  • the third calculation unit 3330 of the verification unit 3250 uses the verification code 3232 output by the first calculation unit 3310 of the verification code generation unit 3230 and the response code 3242 output by the second calculation unit 3320 of the response code generation unit 3240. information processing is performed according to the first verification algorithm.
  • the third calculation unit 3330 of the verification unit 3250 outputs the calculation result to the determination unit 3350.
  • the determination unit 3350 determines whether the verification code 3232 output by the verification code generation unit 3230 and the response code 3242 output by the response code generation unit 3240 satisfy the mathematical relationship 3214. judge. For example, the determination unit 3350 compares the calculation result 3332 of the third calculation unit 3330 of the response code generation unit 3240 with the calculation result of the third calculation unit 3330 of the verification unit 3250. The determination unit 3350 may determine whether the calculation result 3332 of the third calculation unit 3330 of the response code generation unit 3240 and the calculation result of the third calculation unit 3330 of the verification unit 3250 match. The determination unit 3350 may determine whether the mobile battery 20 is genuine based on the comparison result.
  • the determination unit 3350 determines that the verification code 3232 output by the verification code generation unit 3230 and the response code 3242 output by the response code generation unit 3240 satisfy the mathematical relationship 3214. You may do so. In this case, the determination unit 3350 may determine that the mobile battery 20 is genuine. If the two do not match, the determination unit 3350 determines that the verification code 3232 output by the verification code generation unit 3230 and the response code 3242 output by the response code generation unit 3240 do not satisfy the mathematical relationship 3214. You may do so. In this case, the determination unit 3350 may determine that the mobile battery 20 is not authorized or that the mobile battery 20 is unauthorized.
  • the information indicating the calculation result of the third calculation unit 3330 of the response code generation unit 3240 may be an example of the eighth verification information.
  • the information indicating the calculation result of the third calculation unit 3330 of the verification unit 3250 may be an example of seventh verification information.
  • FIG. 15 schematically shows another example of the response code and verification code verification procedure.
  • the device to be verified is the mobile battery 20.
  • the response code and the verification code can be verified using the same procedure as in this embodiment. I can understand.
  • the response code generation unit 3240 outputs the same information as the verification code 3232 as the response code 3242.
  • the verification code generation section 3230 includes, for example, a first calculation section 3310.
  • the response code generation unit 3240 includes, for example, a fourth calculation unit 3440.
  • the verification unit 3250 includes, for example, a determination unit 3350.
  • the fourth calculation unit 3440 derives the same information as the verification code 3232 from the authentication code 3222 and the authentication private key 72.
  • the response code generation unit 3240 may output the same information as the verification code 3232 to the determination unit 3350 as the response code 3242.
  • the fourth calculation unit 3440 generates the same information as the verification code 3232, for example, based on the authentication code 3222, the authentication private key 72, and the mathematical relationship 3212 and/or the mathematical relationship 3214.
  • the fourth calculation unit 3440 may generate the same information as the verification code 3232 from the authentication code 3222 and the authentication secret key 72 using the mathematical relationship 3214.
  • the fourth calculation unit 3440 may generate the same information as the verification code 3232 from the information obtained by converting the authentication code 3222 based on the authentication private key 72 using the mathematical relationship 3214.
  • the fourth calculation unit 3440 may have the same configuration as the response code generation unit 3240 described in relation to FIG.
  • the fourth calculation unit 3440 may generate the same information as the verification code 3232 based on the response code 3242 output by the second calculation unit 3320 and the calculation result 3332 output by the third calculation unit 3330.
  • the determination unit 3350 compares the verification code 3232 output by the verification code generation unit 3230 and the response code 3242 output by the response code generation unit 3240. For example, the determination unit 3350 determines whether the verification code 3232 output by the verification code generation unit 3230 and the response code 3242 output by the response code generation unit 3240 match. The determination unit 3350 may determine whether the mobile battery 20 is genuine based on the comparison result.
  • the determination unit 3350 may determine that the mobile battery 20 is genuine. If the two do not match, the determination unit 3350 may determine that the mobile battery 20 is not genuine or that the mobile battery 20 is non-genuine.
  • FIG. 16 illustrates an example computer 5000 in which aspects of the present invention may be implemented, in whole or in part. At least a portion of battery management system 100 may be implemented by computer 5000.
  • the control unit 230 or a portion thereof is realized by the computer 5000.
  • the control unit 336 or a portion thereof may be implemented by the computer 5000.
  • the control unit 376 or a portion thereof may be implemented by the computer 5000.
  • the program installed on the computer 5000 causes the computer 5000 to function as an operation associated with a device according to an embodiment of the present invention or as one or more “parts” of the device, or to perform the operation or the one or more “parts” of the device. and/or the computer 5000 may be caused to perform a process or a step of a process according to an embodiment of the invention.
  • Such programs may be executed by CPU 5012 to cause computer 5000 to perform certain operations associated with some or all of the blocks in the flowcharts and block diagrams described herein.
  • a computer 5000 includes a CPU 5012, a RAM 5014, a GPU 5016, and a display device 5018, which are interconnected by a host controller 5010.
  • the computer 5000 also includes input/output units such as a communication interface 5022, a hard disk drive 5024, a DVD-ROM drive 5026, and an IC card drive, which are connected to the host controller 5010 via an input/output controller 5020.
  • the computer also includes legacy input/output units such as ROM 5030 and keyboard 5042, which are connected to input/output controller 5020 via input/output chip 5040.
  • the CPU 5012 operates according to programs stored in the ROM 5030 and RAM 5014, thereby controlling each unit.
  • GPU 5016 obtains the image data generated by CPU 5012, such as in a frame buffer provided in RAM 5014 or within itself, and causes the image data to be displayed on display device 5018.
  • the communication interface 5022 communicates with other electronic devices via the network.
  • Hard disk drive 5024 stores programs and data used by CPU 5012 within computer 5000.
  • the DVD-ROM drive 5026 reads programs or data from the DVD-ROM 5001 and provides the programs or data to the hard disk drive 5024 via the RAM 5014.
  • the IC card drive reads programs and data from and/or writes programs and data to the IC card.
  • ROM 5030 stores therein, such as a boot program executed by computer 5000 upon activation, and/or programs dependent on the computer 5000 hardware.
  • I/O chip 5040 may also connect various I/O units to I/O controller 5020 via parallel ports, serial ports, keyboard ports, mouse ports, etc.
  • a program is provided by a computer readable storage medium such as a DVD-ROM 5001 or an IC card.
  • the program is read from a computer-readable storage medium, installed on hard disk drive 5024, RAM 5014, or ROM 5030, which are also examples of computer-readable storage medium, and executed by CPU 5012.
  • the information processing described in these programs is read by the computer 5000 and provides coordination between the programs and the various types of hardware resources mentioned above.
  • An apparatus or method may be constructed by implementing the operation or processing of information according to the use of computer 5000.
  • the CPU 5012 executes a communication program loaded into the RAM 5014 and sends communication processing to the communication interface 5022 based on the processing written in the communication program. You may give orders.
  • the communication interface 5022 reads transmission data stored in a transmission buffer area provided in a recording medium such as a RAM 5014, a hard disk drive 5024, a DVD-ROM 5001, or an IC card under the control of the CPU 5012, and transmits the read transmission data. Data is transmitted to the network, or received data received from the network is written to a reception buffer area provided on the recording medium.
  • the CPU 5012 causes the RAM 5014 to read all or a necessary part of files or databases stored in external recording media such as a hard disk drive 5024, a DVD-ROM drive 5026 (DVD-ROM 5001), an IC card, etc. Various types of processing may be performed on data on RAM 5014. CPU 5012 may then write the processed data back to an external storage medium.
  • external recording media such as a hard disk drive 5024, a DVD-ROM drive 5026 (DVD-ROM 5001), an IC card, etc.
  • Various types of processing may be performed on data on RAM 5014.
  • CPU 5012 may then write the processed data back to an external storage medium.
  • CPU 5012 performs various types of operations, information processing, conditional determination, conditional branching, unconditional branching, and information retrieval on data read from RAM 5014 as described elsewhere in this disclosure and specified by the instruction sequence of the program. Various types of processing may be performed, including /substitutions, etc., and the results are written back to RAM 5014. Further, the CPU 5012 may search for information in a file in a recording medium, a database, or the like.
  • the CPU 5012 selects the first entry from among the plurality of entries. Search for an entry whose attribute value matches the specified condition, read the attribute value of the second attribute stored in the entry, and then set the attribute value to the first attribute that satisfies the predetermined condition. An attribute value of the associated second attribute may be obtained.
  • the programs or software modules described above may be stored in a computer-readable storage medium on or near computer 5000.
  • a storage medium such as a hard disk or RAM provided in a server system connected to a dedicated communication network or the Internet can be used as a computer-readable storage medium, thereby allowing the above-mentioned program to be transmitted over the network.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Transportation (AREA)
  • Power Engineering (AREA)
  • Mechanical Engineering (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Charge And Discharge Circuits For Batteries Or The Like (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
PCT/JP2022/032875 2022-08-31 2022-08-31 確認方法、確認装置、蓄電装置、確認システム、プログラム及びコンピュータ可読記憶媒体 Ceased WO2024047821A1 (ja)

Priority Applications (6)

Application Number Priority Date Filing Date Title
CN202280099418.5A CN119856446A (zh) 2022-08-31 2022-08-31 确认方法、确认装置、蓄电装置、确认系统、程序以及计算机可读存储介质
EP22957418.1A EP4583454A1 (en) 2022-08-31 2022-08-31 Confirmation method, confirmation device, power storage device, confirmation system, program and computer readable medium
JP2024543714A JPWO2024047821A1 (https=) 2022-08-31 2022-08-31
PCT/JP2022/032875 WO2024047821A1 (ja) 2022-08-31 2022-08-31 確認方法、確認装置、蓄電装置、確認システム、プログラム及びコンピュータ可読記憶媒体
AU2022476511A AU2022476511A1 (en) 2022-08-31 2022-08-31 Confirmation method, confirmation device, power storage device, confirmation system, program and computer readable medium
KR1020257005805A KR20250059397A (ko) 2022-08-31 2022-08-31 확인 방법, 확인 장치, 축전 장치, 확인 시스템, 프로그램 및 컴퓨터 판독가능 기억 매체

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/032875 WO2024047821A1 (ja) 2022-08-31 2022-08-31 確認方法、確認装置、蓄電装置、確認システム、プログラム及びコンピュータ可読記憶媒体

Publications (1)

Publication Number Publication Date
WO2024047821A1 true WO2024047821A1 (ja) 2024-03-07

Family

ID=90098983

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/032875 Ceased WO2024047821A1 (ja) 2022-08-31 2022-08-31 確認方法、確認装置、蓄電装置、確認システム、プログラム及びコンピュータ可読記憶媒体

Country Status (6)

Country Link
EP (1) EP4583454A1 (https=)
JP (1) JPWO2024047821A1 (https=)
KR (1) KR20250059397A (https=)
CN (1) CN119856446A (https=)
AU (1) AU2022476511A1 (https=)
WO (1) WO2024047821A1 (https=)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119682573A (zh) * 2025-01-20 2025-03-25 奇瑞汽车股份有限公司 一种电动车充电口盖自动控制方法及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150002162A1 (en) * 2011-09-16 2015-01-01 Blackberry Limited Diagnostic use of physical and electrical battery parameters and storing relative condition data
JP2016192840A (ja) * 2015-03-31 2016-11-10 ルネサスエレクトロニクス株式会社 バッテリ制御ic、バッテリパック及びその認証方法
WO2019181661A1 (ja) 2018-03-20 2019-09-26 本田技研工業株式会社 管理装置、バッテリ、車両および管理システム
WO2020059833A1 (ja) 2018-09-20 2020-03-26 本田技研工業株式会社 蓄電装置管理システム、保管装置、サーバー装置、蓄電装置管理方法、プログラム、および記憶媒体
WO2022181673A1 (ja) * 2021-02-25 2022-09-01 本田技研工業株式会社 確認方法、確認装置、確認システム、プログラム及びコンピュータ可読記憶媒体

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP7028702B2 (ja) 2018-04-17 2022-03-02 Ckd株式会社 アーム型助力装置
JP6850779B2 (ja) 2018-10-12 2021-03-31 大電株式会社 赤色蛍光体、発光素子、発電素子、および発光装置

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150002162A1 (en) * 2011-09-16 2015-01-01 Blackberry Limited Diagnostic use of physical and electrical battery parameters and storing relative condition data
JP2016192840A (ja) * 2015-03-31 2016-11-10 ルネサスエレクトロニクス株式会社 バッテリ制御ic、バッテリパック及びその認証方法
WO2019181661A1 (ja) 2018-03-20 2019-09-26 本田技研工業株式会社 管理装置、バッテリ、車両および管理システム
WO2020059833A1 (ja) 2018-09-20 2020-03-26 本田技研工業株式会社 蓄電装置管理システム、保管装置、サーバー装置、蓄電装置管理方法、プログラム、および記憶媒体
WO2022181673A1 (ja) * 2021-02-25 2022-09-01 本田技研工業株式会社 確認方法、確認装置、確認システム、プログラム及びコンピュータ可読記憶媒体

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SHIRAHASHI, AKIHIRO: "Proxy in the network, certification and encryption technology Chapter 2. Protocol technology for security", INTERFACE, vol. 23, no. 9, 1 June 1997 (1997-06-01), JP , pages 109 - 115, XP009539318, ISSN: 0387-9569 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119682573A (zh) * 2025-01-20 2025-03-25 奇瑞汽车股份有限公司 一种电动车充电口盖自动控制方法及系统

Also Published As

Publication number Publication date
JPWO2024047821A1 (https=) 2024-03-07
EP4583454A1 (en) 2025-07-09
KR20250059397A (ko) 2025-05-02
CN119856446A (zh) 2025-04-18
AU2022476511A1 (en) 2025-03-13

Similar Documents

Publication Publication Date Title
WO2022181673A1 (ja) 確認方法、確認装置、確認システム、プログラム及びコンピュータ可読記憶媒体
EP2221742B1 (en) Authenticated communication between security devices
TWI536285B (zh) 用於公共事業應用程式之實體安全授權的控制方法,及用於公共事業網路的認證系統
US11050570B1 (en) Interface authenticator
JP5136012B2 (ja) データ送付方法
CN105634720B (zh) 一种加密安全配置文件的方法、终端设备和系统
US20130305053A1 (en) Systems, methods, and apparatus to authenticate communications modules
CN109041021A (zh) 一种基于蓝牙的文件传输方法、终端设备及存储介质
CN115801232B (zh) 一种私钥保护方法、装置、设备及存储介质
CN112822021B (zh) 一种密钥管理方法和相关装置
WO2024047821A1 (ja) 確認方法、確認装置、蓄電装置、確認システム、プログラム及びコンピュータ可読記憶媒体
WO2023249120A1 (ja) 情報処理方法、情報処理システム、情報処理装置、蓄電装置、プログラム及びコンピュータ可読記憶媒体
JPWO2024047821A5 (https=)
US20070242822A1 (en) System, device, method, and program for communication
TW201032606A (en) Spectrum authorization and related communications methods and apparatus
KR20230160744A (ko) 계산적 스토리지 다운로드 프로그램을 위한 인증 메커니즘
US8355508B2 (en) Information processing apparatus, information processing method, and computer readable recording medium
JP2014022920A (ja) 電子署名システム、電子署名方法および電子署名プログラム
CN110166240B (zh) 一种网络隔离密码板卡
CN117093969A (zh) 调试授权方法及系统
KR20230092747A (ko) 전자 장치 및 암호화 방법
JP4840575B2 (ja) 端末装置、証明書発行装置、証明書発行システム、証明書取得方法および証明書発行方法
JP2004135195A (ja) 情報機器登録方法、その方法をコンピュータに実行させるプログラム、情報機器
JP5082767B2 (ja) 制御機器
Fujita et al. Formal Verification of Wireless Charging Standard Qi

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22957418

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 202517014950

Country of ref document: IN

Ref document number: AU2022476511

Country of ref document: AU

Ref document number: 202280099418.5

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2024543714

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 2501001249

Country of ref document: TH

ENP Entry into the national phase

Ref document number: 2022476511

Country of ref document: AU

Date of ref document: 20220831

Kind code of ref document: A

WWP Wipo information: published in national office

Ref document number: 202517014950

Country of ref document: IN

WWE Wipo information: entry into national phase

Ref document number: 2022957418

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2022957418

Country of ref document: EP

Effective date: 20250331

WWP Wipo information: published in national office

Ref document number: 202280099418.5

Country of ref document: CN

WWP Wipo information: published in national office

Ref document number: 2022957418

Country of ref document: EP