Authenticator, authenticatee and authentication method
First Claim
1. A system having a controller and a memory controlled by the controller, comprising:
- a first storage area being used to store a first key and unique secret identification information, the first storage area being restricted from being read and written from outside;
a second storage area being used to store encrypted secret identification information generated by encrypting the secret identification information, the second storage area being read-only; and
a third storage area being readable and writable;
wherein the system is configured to;
generate a second key by using the first key;
generate a session key by using the second key;
generate first authentication information by processing the secret identification information with a session key in one-way function operation; and
generate second authentication information and transmit the second authentication information after generating the session key.
3 Assignments
0 Petitions
Accused Products
Abstract
According to one embodiment, an authenticator which authenticates an authenticatee, which stores first key information (NKey) that is hidden, includes a memory configured to store second key information (HKey) which is hidden, a random number generation module configured to generate random number information, and a data generation module configured to generate a session key (SKey) by using the second key information (HKey) and the random number information. The authenticator is configured such that the second key information (HKey) is generated from the first key information (NKey) but the first key information (NKey) is not generated from the second key information (HKey).
136 Citations
6 Claims
-
1. A system having a controller and a memory controlled by the controller, comprising:
-
a first storage area being used to store a first key and unique secret identification information, the first storage area being restricted from being read and written from outside; a second storage area being used to store encrypted secret identification information generated by encrypting the secret identification information, the second storage area being read-only; and a third storage area being readable and writable; wherein the system is configured to; generate a second key by using the first key; generate a session key by using the second key; generate first authentication information by processing the secret identification information with a session key in one-way function operation; and generate second authentication information and transmit the second authentication information after generating the session key. - View Dependent Claims (2)
-
-
3. A system having a controller and a memory comprising:
-
a storage area being used to store a first key, unique secret identification information, and encrypted secret identification information, the encrypted secret identification information being generated by encrypting the secret identification information, the first key and the secret identification information being prohibited from being read from outside, the encrypted secret identification information being readable from outside; a data generator configured to generate a session key by using a second key, the second key being generated based on the first key; and a one-way function processor configured to generate authentication information by processing the secret identification information with the session key in a one-way function operation as follows;
the authentication information=AES E (the session key, the secret identification information)+the secret identification information, where AES stands for advanced encryption standard. - View Dependent Claims (4)
-
-
5. A system having a controller and a memory device controlled by the controller, comprising
a first area which stores first key data and unique first data, and is prohibited from being read from outside; - and
a second area which stores encrypted first data generated by encrypting the first data, and is readable, and wherein the system is configured to; perform an AES (Advanced Encryption Standard) encryption process using the first key data and externally-provided second data to generate second key data, perform an AES encryption process using the second key data and externally-provided third data to generate third key data, the third data being externally received, and perform a one-way conversion process using the third key data and the first data to generate fourth data used for authentication with an external device. - View Dependent Claims (6)
- and
Specification